One of the challenges the computer industry faces is convincing Joe and Josephine Enduser to care about the security, reliability and manageability of their machines.
It seems no amount of education will help them understand that as their lives become more defined by the use of PCs and the Internet, protecting their computers is absolutely critical.
Part of the problem is the paltry legislation that surrounds PC protection, but perhaps a recent discovery may lead to the necessary changes in consumer awareness and the toothless laws.
Sony not only has been installing software on people’s PCs to enforce digital rights management (DRM) without telling them, but also has installed software to hide the fact that they did so.
But wait, it gets better. The code Sony uses has been found to be poorly engineered. It has a high possibility of crashing any PC it is installed on and soaks up processor cycles because of inefficient coding.
Mark Russinovich of Winternals Software was testing the latest version of Winternals’ RootkitRevealer, which can find malware called a rootkit that can give an attacker full control over a PC and attempts to hide itself from detection. Russinovich noticed that his system apparently had a rootkit installed. This surprised him because he is really careful when it comes to avoiding risks such as malware.
So he dug deep using a variety of tools. Turns out that he had played a Sony BMG music CD that can be played only on a computer using the media player on the CD and which restricts the number of times you can burn CD copies.
Russinovich says if users attempt the obvious solution of deleting the malware, they could find that their CD drive is disabled.
The software’s licence agreement does say “this CD will automatically install a small proprietary software program … onto your computer,” but the description of the software’s purpose — “The software is intended to protect the audio files embodied on the CD, and it may also facilitate your use of the digital content” — is misleading.
The agreement’s claim that, “Once installed, the software will reside on your computer until removed or deleted,” is disingenuous: the rootkit software makes uninstalling as difficult as possible.
Sony has gone beyond the bounds of reasonable behaviour with this DRM system and deserves to be ridiculed, prosecuted and pilloried for such arrogant foolishness.
The negative press following Russinovich’s findings will, I hope, help consumers understand that malware and devious, naive and self-serving business practices that compromise the integrity of their PCs cannot be ignored.
Sony should be made to pay for this with a massive consumer backlash, a hefty fine and a class-action lawsuit. Write to your representatives today and make sure they know we need to stop unprincipled corporations from compromising our PCs for the sake of their profits.
Express your outrage tobackspin@ gibbs.com.