Any comments on Sony/BMG's new hidden virus on the


SonyBMG has apparently hidden DRM (Digital Rights Management) software on some of their recent CD releases. The software acts like a virus and loads itself onto your computer if the CD is played in the CD drive. It acts to limit the number of times the CD tracks can be used and may also relay the computer user's activities to Sony. See:
http://www.betanews.com/article/Sony_to_Help_Remove_its_DRM_Rootkit/1130965475 or search/google "sony + virus"
tubelvr
This is from today's 'SiliconValley.com' newsletter, 'Good Morning, Silicon Valley' by John Paczkowski:

"Sony BMG's digital rights management fiasco has snowballed into a backlash certain to give the company's PR team nightmares for years to come.

Early this morning, security outfit Sophos said it had discovered a new Trojan that exploits Sony's controversial copy protection technology. "Despite its good intentions in stopping music piracy, Sony's DRM copy protection has opened up a vulnerability which hackers and virus writers are now exploiting," said Graham Cluley, senior technology consultant for Sophos. "We wouldn't be surprised if more malware authors try and take advantage of this security hole, and consumers and businesses alike would be sensible to protect themselves at the earliest opportunity."

An unfortunate turn of events for Sony, which really should have know better than to install rootkits on consumer PCs -- regardless of whether the customers know what they are or not. Now the company is reaping the whirlwind, facing a potential criminal investigation abroad, class action lawsuits in California and New York, and the ire of the Electronic Frontier Foundation, which, while considering its own legal action against Sony, has been having quite a bit of fun pointing out the idiocies in the 3,000 word end-user license agreement that accompanies Sony's rootkit CDs. Among the stipulations:

If your house gets burgled, you have to delete all your music from your laptop when you get home. That's because the EULA says that your rights to any copies terminate as soon as you no longer possess the original CD.

If you move out of the country, you have to delete all your music. The EULA specifically forbids "export" outside the country where you reside.
and my personal favorite:

If you file for bankruptcy, you have to delete all the music on your computer. Seriously."
I think Sony owns Santana's new disc. At any rate I declined to accept the EULA and allow Sony to establish a free presence on my PC. Just seems extremely uncool...
I considered returning the CD to the retailer and I will write to the socially conscious Carlos Santana. I own way too much of his recorded output to be treated like this.
Sony backed down. Here's the Associated Press story, with links at the bottom that detail how to detect and remove the Sony software.