Compromised security just for playing a CD

08.11.2005
If you need convincing that digital rights management (DRM) is a bad idea, look no further than the latest music CD you just bought from Sony-BMG. If you are running a Windows machine, and have been unlucky enough to try to play any title which has additional 'content protection', you are now running an almost invisible trojan horse on your box that allows virus writers to take over your machine.

Do not bother trying to uninstall it. If you do, it will render your CD drive completely inoperable. Even if you boot in Safe Mode, the trojan will still be there. Still worse, it hides all processes that start with a certain prefix, meaning malware writers can piggyback on top of this if they want.

This is not just theoretical. Fans of the multiplayer online game, World of Warcraft, have used the technique to successfully bypass cheat protection. Clearly Sony believes it can compromise the security of your computer without asking your permission.

The developers of this 'rootkit' are a small company in Banbury, UK. I have some developer friends in that town (yes it is the one of Banbury Cross fame) who I am tempted to ask to ride a cock horse down to their offices and epoxy a key in their front door. Just in case they use their computers for illegal stuff, you know. If you do not have friends in Banbury, you could always not buy from Sony, or not run Windows or both - but I know that is not an option for some.

In case you had not noticed, Internet performance and reliability overall in this country has been quite poor over the past few months. My own ISP (no names, no pack drill) has had its fair share of problems with international connectivity, which I have found crippling, because my mail and DNS servers sit in the US.

To her and the company's credit, my account manager has been completely honest about the reasons why, and has offered a refund for the downtime. But the local problems are not their fault. Whose problem is it? Take a wild guess.