Extended Copy Protection
Encyclopedia
Extended Copy Protection (XCP) is a software
Computer software
Computer software, or just software, is a collection of computer programs and related data that provide the instructions for telling a computer what to do and how to do it....

 package developed by the British company First 4 Internet, (which on 20 November 2006, changed its name to Fortium Technologies Ltd,) and sold as a copy protection
Copy protection
Copy protection, also known as content protection, copy obstruction, copy prevention and copy restriction, refer to techniques used for preventing the reproduction of software, films, music, and other media, usually for copyright reasons.- Terminology :Media corporations have always used the term...

 or digital rights management
Digital rights management
Digital rights management is a class of access control technologies that are used by hardware manufacturers, publishers, copyright holders and individuals with the intent to limit the use of digital content and devices after sale. DRM is any technology that inhibits uses of digital content that...

 (DRM) scheme for Compact Disc
Compact Disc
The Compact Disc is an optical disc used to store digital data. It was originally developed to store and playback sound recordings exclusively, but later expanded to encompass data storage , write-once audio and data storage , rewritable media , Video Compact Discs , Super Video Compact Discs ,...

s. It was used on some CDs distributed by Sony BMG
Sony BMG Music Entertainment
Sony BMG Music Entertainment was a recorded music company, which was a 50–50 joint venture between the Sony Corporation of America and Bertelsmann AG...

 and sparked the 2005 Sony BMG CD copy protection scandal
2005 Sony BMG CD copy protection scandal
The Sony BMG CD copy protection rootkit scandal concerns the copy protection measures included by Sony BMG on Compact Discs in 2005. Sony BMG included the Extended Copy Protection and MediaMax CD-3 software on music CDs. XCP was put on 52 titles and MediaMax was put on 50 titles...

; in that context it is also known as the Sony rootkit.

Security researchers beginning with Mark Russinovich
Mark Russinovich
Mark E. Russinovich is a Technical Fellow in the Platform and Services Division at Microsoft. He was a cofounder of software producers Winternals before it was acquired by Microsoft in 2006.-Early life and education:...

 in October 2005 have described the program as functionally identical to a rootkit
Rootkit
A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications...

: a software program used by computer hackers to conceal unauthorised activities on a computer system. Russinovich broke the story on his Sysinternals blog, where it gained attention from the media and other researchers. This ultimately led to a civil lawsuit and criminal investigations, which forced Sony to discontinue use of the system.

While Sony eventually recalled the CDs that contained the XCP system, the web-based uninstaller was investigated by noted security researchers Ed Felten and J. Alex Halderman, who discovered that the ActiveX
ActiveX
ActiveX is a framework for defining reusable software components in a programming language-independent way. Software applications can then be composed from one or more of these components in order to provide their functionality....

 component used for removing the software exposed users to far more significant security risks, including arbitrary code execution from any site on the internet.

Description

The version of this software used in Sony CDs is the one marketed as "XCP-Aurora". The first time a user attempts to play such a CD on a Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...

 system, the user is presented with a EULA, if they refuse to accept it the CD is ejected, if they accept it the software is installed. The EULA did not mention that it installed hidden software. The software will then remain resident in the user's system, intercepting all accesses of the CD drive to prevent any media player or ripper software other than the one included with XCP-Aurora from accessing the music tracks of the Sony CD. No obvious way to uninstall the program is provided. Attempting to remove the software by deleting the associated files manually will render the CD drive inoperable due to registry settings that the program has altered.

If the user was aware of the hidden software, he could disable AutoPlay
AutoPlay
AutoPlay, a feature introduced in Windows XP, examines newly discovered removable media and devices and, based on content such as pictures, music or video files, launches an appropriate application to play or display the content. It is closely related to the AutoRun operating system feature...

 on his computer and by doing so circumvent the entire DRM system.

The included player software will play the songs and allow only a limited degree of other actions such as burning the music onto a certain number of other CDs or loading it onto certain DRM-protected devices such as a few portable music players. The popular iPod
IPod
iPod is a line of portable media players created and marketed by Apple Inc. The product line-up currently consists of the hard drive-based iPod Classic, the touchscreen iPod Touch, the compact iPod Nano, and the ultra-compact iPod Shuffle...

, sold by Sony competitor Apple Computer
Apple Computer
Apple Inc. is an American multinational corporation that designs and markets consumer electronics, computer software, and personal computers. The company's best-known hardware products include the Macintosh line of computers, the iPod, the iPhone and the iPad...

, does not support their DRM format and they could not use Apple's FairPlay.

XCP conceals itself from the user by installing a patch to the Windows operating system. This patch stops ordinary system tools from displaying processes, registry entries, or files whose names begin with $sys$. Other XCP components include "Plug and Play Device Manager", which continuously monitors all other programs being run on the computer.

Security research

In the period that XCP has been publicly known, security researchers have been quick to analyze it and publish their findings. Many of these findings have been highly critical of Sony and First 4 Internet. Specifically, the software has been found to conceal its activity in the manner of a rootkit
Rootkit
A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications...

 (a common computer criminal's toolkit for hiding their malicious activities); and moreover has been found to expose users to follow-on harm from viruses and trojans.

XCP's cloaking technique, which makes all processes with names starting with $sys$ invisible, can be used by other malware "piggybacking
Piggybacking (security)
In security, piggybacking refers to when a person tags along with another person who is authorized to gain entry into a restricted area, or pass a certain checkpoint. The act may be legal or illegal, authorized or unauthorized, depending on the circumstances...

" on it to ensure that it, too, is hidden from the user's view. The first malicious trojan to hide via XCP was discovered on 10 November 2005 according to a report by the BitDefender
BitDefender
BitDefender is an antivirus software suite developed by Romania-based software company Softwin. It was launched in November 2001, and is currently in its 15 build version...

 antivirus company.

Follow-up research by Edward Felten
Edward Felten
Edward William Felten is a professor of computer science and public affairs at Princeton University. On November 4, 2010 he was named the Chief Technologist for the United States Federal Trade Commission, a position he officially assumed January 3, 2011.Felten has done a variety of computer...

 and J. Alex Halderman has shown that the Web-based uninstaller
Uninstaller
An uninstaller, also called a deinstaller, is a utility software designed to remove other software or parts of it from a computer. It is the opposite of an installer.-Components:...

 Sony later offered for the software contains its own critical security problems. The software installs an ActiveX
ActiveX
ActiveX is a framework for defining reusable software components in a programming language-independent way. Software applications can then be composed from one or more of these components in order to provide their functionality....

 component which allows any Web site to run software on the user's computer without restriction. This component is used by First 4 Internet's Web site to download and run the uninstaller, but it remains active afterward allowing any Web site the user visits to take over the computer.

Since it is specific to Microsoft Windows, XCP has no effect on all other operating systems such as Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...

, BSD, OS/2
OS/2
OS/2 is a computer operating system, initially created by Microsoft and IBM, then later developed by IBM exclusively. The name stands for "Operating System/2," because it was introduced as part of the same generation change release as IBM's "Personal System/2 " line of second-generation personal...

, Solaris
Solaris Operating System
Solaris is a Unix operating system originally developed by Sun Microsystems. It superseded their earlier SunOS in 1993. Oracle Solaris, as it is now known, has been owned by Oracle Corporation since Oracle's acquisition of Sun in January 2010....

, or Mac OS X
Mac OS X
Mac OS X is a series of Unix-based operating systems and graphical user interfaces developed, marketed, and sold by Apple Inc. Since 2002, has been included with all new Macintosh computer systems...

, meaning that users of those systems do not suffer the potential harm of this software, and they also are not impeded from "ripping
Ripping
Ripping is the process of copying audio or video content to a hard disk, typically from removable media. The word is used to refer to all forms of media. Despite the name, neither the media nor the data is damaged after extraction....

" (or copying) the normal music tracks on the CD. (Some discs involved in the Sony scandal contained a competing technology, MediaMax
MediaMax CD-3
MediaMax CD-3 is a software package created by SunnComm and was sold as a form of copy protection for compact discs. It was used by the record label RCA Records/BMG, and targets both Microsoft Windows and Mac OS X. Some users regard the software as a form of malware since its purpose is to...

 from SunnComm
SunnComm
SunnComm International Inc. was the company that developed and owned the MediaMax technology software package, which was sold as a form of copy protection for compact discs...

, which attempts to install a kernel extension on Mac OS X. However, due to the permissions of Mac OS X, there were no widespread infections among Mac users.)

Antivirus industry response

Shortly after independent researchers broke the story, security software vendors followed up, releasing detailed descriptions of the components of XCP — as well as software to remove the $sys$* cloaking component of it. On the other hand, no software has yet been released to remove the CD-ROM filter driver component. Computer Associates, makers of the PestPatrol
PestPatrol
CA Anti-Spyware is a spyware detection program distributed by CA, Inc. Until 2007, it was known as PestPatrol.-History:PestPatrol, Inc. was a Carlisle, PA based software company, which developed PestPatrol and released its first version in 2000....

 anti-spyware software, characterize the XCP software as both a trojan horse
Trojan horse (computing)
A Trojan horse, or Trojan, is software that appears to perform a desirable function for the user prior to run or install, but steals information or harms the system. The term is derived from the Trojan Horse story in Greek mythology.-Malware:A destructive program that masquerades as a benign...

 and a
rootkit
Rootkit
A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications...

:


XCP.Sony.Rootkit installs a DRM executable as a Windows service, but misleadingly names this service "Plug and Play Device Manager", employing a technique commonly used by malware authors to fool everyday users into believing this is a part of Windows. Approximately every 1.5 seconds this service queries the primary executables associated with all processes running on the machine, resulting in nearly continuous read attempts on the hard drive. This has been shown to shorten the drive's lifespan.


Furthermore, XCP.Sony.Rootkit installs a device driver, specifically a CD-ROM filter driver, which intercepts calls to the CD-ROM drive. If any process other than the included Music Player (player.exe) attempts to read the audio section of the CD, the filter driver inserts seemingly random noise into the returned data making the music unlistenable.


XCP.Sony.Rootkit loads a system filter driver which intercepts all calls for process, directory or registry listings, even those unrelated to the Sony BMG application. This rootkit driver modifies what information is visible to the operating system in order to cloak the Sony BMG software. This is commonly referred to as rootkit technology. Furthermore, the rootkit does not only affect XCP.Sony. Rootkit's files. This rootkit hides every file, process, or registry key beginning with $sys$. This represents a vulnerability, which has already been exploited to hide World of Warcraft

World of Warcraft
World of Warcraft is a massively multiplayer online role-playing game by Blizzard Entertainment. It is the fourth released game set in the fantasy Warcraft universe, which was first introduced by Warcraft: Orcs & Humans in 1994...

 RING0 hacks as of the time of this writing, and could potentially hide an attacker's files and processes once access to an infected system had been gained.


Computer Associates announced, on November 2005, that its anti-spyware product, PestPatrol
PestPatrol
CA Anti-Spyware is a spyware detection program distributed by CA, Inc. Until 2007, it was known as PestPatrol.-History:PestPatrol, Inc. was a Carlisle, PA based software company, which developed PestPatrol and released its first version in 2000....

, would be able to remove Sony's software. One month later Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...

 released an update for its Windows Malicious Software Removal Tool
Windows Malicious Software Removal Tool
Microsoft Windows Malicious Software Removal Tool is a freely-distributed virus removal tool developed by Microsoft for the Microsoft Windows operating system. First released on January 13, 2005, it is an on-demand anti-virus tool that scans the computer for specific widespread malware and tries to...

 which could clean the F4IRootkit malware.

The somewhat slow and incomplete response of some antivirus companies has, however, been questioned by Bruce Schneier
Bruce Schneier
Bruce Schneier is an American cryptographer, computer security specialist, and writer. He is the author of several books on general security topics, computer security and cryptography, and is the founder and chief technology officer of BT Managed Security Solutions, formerly Counterpane Internet...

, information security expert and author of security articles and texts, including Secrets and Lies. In an article for Wired News
Wired News
Wired News is an online technology news website, formerly known as HotWired, that split off from Wired magazine when the magazine was purchased by Condé Nast Publishing in the 1990s. Wired News was owned by Lycos not long after the split, until Condé Nast purchased Wired News on July 11, 2006...

, Mr. Schneier asks, "What happens when the creators of malware collude with the very companies we hire to protect us from that malware?" His answer is that "users lose... A dangerous and damaging rootkit gets introduced into the wild, and half a million computers get infected before anyone does anything."

Impact of XCP

Beginning as early as August 2005, Windows users reported crashes related to a program called aries.sys, while inexplicably being unable to find the file on their computers.
This file is now known to be part of XCP. Call for Help
Call for Help (TV series)
Call for Help, also known as CFH, was a computer-themed television program that first aired exclusively on TechTV , a cable and satellite television network focused on technology, and then aired on G4techTV Canada and the HOW TO Channel in Australia...

 host Leo Laporte
Leo Laporte
Léo Gordon Laporte is an Emmy Award winning, American technology broadcaster, author, and entrepreneur. A former resident of Providence, Rhode Island, he now lives in Petaluma, California with his wife Jennifer and two children, Abby and Henry....

 said that he had experienced a rise in reports of "missing" CD-ROM drives, a symptom of unsuccessful attempts to remove XCP.
Security researcher Dan Kaminsky
Dan Kaminsky
Dan Kaminsky is an American security researcher. He formerly worked for Cisco, Avaya, and IOActive, where he was the Director of Penetration Testing...

 used DNS
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...

 cache analysis to determine that 568,000 networks worldwide may contain at least one XCP-infected computer. Kaminsky's technique uses the fact that DNS nameservers cache recently-fetched results, and that XCP phones home
Phoning home
Phoning home, in computing, refers to an act of client to server communication where a client device or client application software reports its location on a network, the currently logged on user, or any other information to a server computer...

 to a specific hostname
Hostname
A hostname is a label that is assigned to a device connected to a computer network and that is used to identify the device in various forms of electronic communication such as the World Wide Web, e-mail or Usenet...

. By finding DNS servers that carry that hostname in cache, Kaminsky was able to approximate the number of networks affected. http://www.doxpara.com/?q=sony After the release of the data, Kaminsky learned that an as-yet undetermined number of "Enhanced CDs" without the rootkit also phone home to the same address that rootkit-affected discs use, so infection rates are still under active investigation.

XCP flaw

According to analyst firm Gartner
Gartner
Gartner, Inc. is an information technology research and advisory firm headquartered in Stamford, Connecticut, United States. It was known as GartnerGroup until 2001....

, XCP suffers from the same flaw in implementing DRM as any DRM technology current or future that tries to apply DRM to audio CDs designed to be played on stand-alone CD players. According to Gartner, because the installation of XCP or any DRM software relies on the CD being multi-session, the application of a piece of opaque tape to the outer edge of the disk renders the data track of the CD unreadable, causing the PC to treat the disc as an ordinary single-session music CD.

Slysoft
SlySoft
SlySoft Inc. is a software company located in St. John's, Antigua and Barbuda. Its products consist of software to back up and convert digital media, including CDs, DVDs, HD DVDs, and Blu-ray Discs, as well as copy and back up optical media and render PC-based games playable without the...

's AnyDVD
AnyDVD
AnyDVD is a Microsoft Windows driver allowing decryption of DVDs on-the-fly, as well as targeted removal of copy preventions and user operation prohibitions . With an upgrade, it will also do the same for HD DVD and Blu-ray. The AnyDVD program runs in the background, making discs unrestricted and...

 program, which removes copy protections from both standard and hi-definition video discs, also defeats DRM on audio CDs. When active and an audio CD is inserted, AnyDVD
AnyDVD
AnyDVD is a Microsoft Windows driver allowing decryption of DVDs on-the-fly, as well as targeted removal of copy preventions and user operation prohibitions . With an upgrade, it will also do the same for HD DVD and Blu-ray. The AnyDVD program runs in the background, making discs unrestricted and...

 blocks the PC from accessing any session but the audio; rendering data sessions unreadable and preventing the installation of malware such as XCP.

Legal concerns

There is much speculation to what extent the actions taken by this software are a violation of various laws against unauthorized tampering with computers, or laws regarding invasion of privacy by "spyware
Spyware
Spyware is a type of malware that can be installed on computers, and which collects small pieces of information about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware is secretly installed on the user's...

", and how they subject Sony and First 4 Internet to legal liability. The States of California, New York, and Texas, as well as Italy, have already taken legal action against both companies and more class action lawsuits are likely. However, the mere act of attempting to view or remove this software in order to determine or prevent its alteration of Windows would theoretically constitute a civil or criminal offense under certain anti-circumvention legislation such as the controversial Digital Millennium Copyright Act
Digital Millennium Copyright Act
The Digital Millennium Copyright Act is a United States copyright law that implements two 1996 treaties of the World Intellectual Property Organization . It criminalizes production and dissemination of technology, devices, or services intended to circumvent measures that control access to...

 in the USA.
The Electronic Frontier Foundation
Electronic Frontier Foundation
The Electronic Frontier Foundation is an international non-profit digital rights advocacy and legal organization based in the United States...

's Fred von Lohmann also heavily criticised the XCP EULA, calling it the "legalese rootkit."

One of the primary reasons for the XCP experiment lies in the issue of adding on DRM to a legacy standard. These problems are explored by Professor Randal Picker, Professor of Law for the University of Chicago
University of Chicago
The University of Chicago is a private research university in Chicago, Illinois, USA. It was founded by the American Baptist Education Society with a donation from oil magnate and philanthropist John D. Rockefeller and incorporated in 1890...

 School of Law, in his article, "Mistrust-Based Digital Rights Management", published in Volume 5 of the Journal on Telecommunications and High Technology Law. CDs by themselves are incapable of updating legacy hardware such as stand-alone CD players, and lack the ability to change or upgrade the firmware in order to read DRM. (Note that the term "update" as used here merely refers to converting to a later dated version, which, as always, may be an upgrade or a downgrade.) Thus the DRM must be added on so as not to interfere with the function of the legacy players but still work when the same CD is placed in a computer. Professor Picker analyzes the four main issues with add-on DRM.

The first problem, as demonstrated in the XCP example, is that capable consumers can simply by-pass the DRM. Turning off autorun prevented the rootkit installation and thus invalidated the DRM scheme.

The second problem is consumer reaction. Adding DRM to a legacy product like music CDs, which traditionally had no rights management scheme, will infuriate consumers. Professor Picker points out that in the wake of the negative publicity surrounding the Sony add-on DRM, Amazon.com
Amazon.com
Amazon.com, Inc. is a multinational electronic commerce company headquartered in Seattle, Washington, United States. It is the world's largest online retailer. Amazon has separate websites for the following countries: United States, Canada, United Kingdom, Germany, France, Italy, Spain, Japan, and...

 began alerting customers as to which Sony CDs contained XCP. Customers could avoid the DRM entirely, negating the effectiveness.

The third problem lies in the legal response. The EFF, as well as state attorneys general, investigated and brought suit against Sony for the XCP program. Professor Picker does not analyze the legal merits of such suits, but the cost of litigation potentially outweighs the benefit of attempting to add-on DRM.

The fourth and final problem lies in the End User License Agreement attempted to be enforced by the add-on DRM. The ability to actually enforce these agreements on add-on DRM is limited by the mere fact that without active registration and tracking of the CDs, the company will have no one to enforce against. Thus, the benefit, enforcing the EULA against violators, is non-existent; the costs, however, of implementing the add-on DRM scheme, in the form of state and federal investigations, private lawsuits, negative publicity, consumer backlash and the technical limitations, far outweighs the benefits.

Copyright violations

Researcher Sebastian Porst, Matti Nikki and a number of software experts have published evidence that the XCP software infringes on the copyright of the LAME
LAME
LAME is a free software codec used to encode/compress audio into the lossy MP3 file format.-History:The name LAME is a recursive acronym for "LAME Ain't an MP3 Encoder". Around mid-1998, Mike Cheng created LAME 1.0 as a set of modifications against the "8Hz-MP3" encoder source code...

 mp3
MP3
MPEG-1 or MPEG-2 Audio Layer III, more commonly referred to as MP3, is a patented digital audio encoding format using a form of lossy data compression...

 encoder, mpglib,
FAAC
FAAC
FAAC or Freeware Advanced Audio Coder is a software project which includes the AAC encoder FAAC and decoder FAAD2. It supports MPEG-2 AAC as well as MPEG-4 AAC. It supports several MPEG-4 Audio object types , file formats , multichannel and gapless encoding/decoding and MP4 metadata tags...


id3lib (ID3
ID3
ID3 is a metadata container most often used in conjunction with the MP3 audio file format. It allows information such as the title, artist, album, track number, and other information about the file to be stored in the file itself....

 tag reading and writing), mpg123
Mpg123
mpg123 is a fast, free and console MPEG audio player software program for UNIX and Linux operating systems. mpg123 was ported to the Windows platform using Cygwin and MinGW. It supports MPEG-1 and -2, layers 1, 2 and 3. Its most common use is to play MP3 files...

 and the VLC media player
VLC media player
VLC media player is a free and open source media player and multimedia framework written by the VideoLAN project.VLC is a portable multimedia player, encoder, and streamer supporting many audio and video codecs and file formats as well as DVDs, VCDs, and various streaming protocols. It is able to...

.

Princeton researcher Alex Halderman discovered that on nearly every XCP CD, code which uses a modified version from Jon Johansen's DRMS
Digital rights management
Digital rights management is a class of access control technologies that are used by hardware manufacturers, publishers, copyright holders and individuals with the intent to limit the use of digital content and devices after sale. DRM is any technology that inhibits uses of digital content that...

 software which allows to open Apple Computer
Apple Computer
Apple Inc. is an American multinational corporation that designs and markets consumer electronics, computer software, and personal computers. The company's best-known hardware products include the Macintosh line of computers, the iPod, the iPhone and the iPad...

's FairPlay
FairPlay
FairPlay is a digital rights management technology created by Apple Inc., based on technology created by the company Veridisc. FairPlay is built into the QuickTime multimedia software and used by the iPhone, iPod, iPad, Apple TV, iTunes, and iTunes Store and the App Store. Formerly, all songs in...

 DRM is included. He found the code to be inactive, but fully functional as he could use it to insert songs into Fairplay. DRMS, mpg123 and VLC are licensed under the GNU General Public License
GNU General Public License
The GNU General Public License is the most widely used free software license, originally written by Richard Stallman for the GNU Project....

 (GPL). The other software found, like LAME is licensed under the terms of the GNU Lesser General Public License
GNU Lesser General Public License
The GNU Lesser General Public License or LGPL is a free software license published by the Free Software Foundation . It was designed as a compromise between the strong-copyleft GNU General Public License or GPL and permissive licenses such as the BSD licenses and the MIT License...

 (LGPL), also as free software
Free software
Free software, software libre or libre software is software that can be used, studied, and modified without restriction, and which can be copied and redistributed in modified or unmodified form either without restriction, or with restrictions that only ensure that further recipients can also do...

. If the claims are correct, then Sony/BMG was distributing copyrighted material illegally.

Jon Johansen wrote in his blog that after talking with a lawyer, he thinks that he cannot sue; however, there are opinions that the advice he was given is wrong.
The LAME developers have put an open letter to Sony/BMG online.

Copyright violations which Sony could be accused of include:
  • No "prominent notices" for including of GPL and LGPL software.
  • Statically linking GPL code into the program but not providing the source code of the whole program under GPL.
  • Statically linking LGPL code but not providing the source of the LGPL parts and the binary code of the non-LGPL parts to allow relinking with updated LGPL code.
  • Placing restrictions on the use of the code outside of what GPL/LGPL allow, e.g. not “licensing at no charge to all third parties” under the LGPL and GPL.


Sony already provides a version of id3lib's source code on its web site, but unrelated to XCP.

Sony's response

On a National Public Radio program, Thomas Hesse
Thomas Hesse
Thomas Hesse is President of Sony Music Entertainment's Global Digital Business, US Sales, and Corporate Strategy. He reports to Doug Morris, Chief Executive Officer for Sony Music Entertainment...

, President of Sony BMG's global digital business division asked, "Most people, I think, don't even know what a rootkit is, so why should they care about it?" He explained that "The software is designed to protect our CDs from unauthorized copying and ripping
Ripping
Ripping is the process of copying audio or video content to a hard disk, typically from removable media. The word is used to refer to all forms of media. Despite the name, neither the media nor the data is damaged after extraction....

 and Rootkit technology is one of the best ways to do just that."

Sony also contends that the "component is not malicious and does not compromise security," but "to alleviate any concerns that users may have about the program posing potential security vulnerabilities, this update has been released to enable users to remove the rootkit
Rootkit
A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications...

 component from their computers."

An uninstaller for XCP-Aurora is available from the Sony-BMG web site.

The original uninstaller was different. An analysis of this uninstaller has been published by Mark Russinovich — who initially uncovered XCP — titled "More on Sony: Dangerous Decloaking Patch, EULAs and Phoning Home". Obtaining the original uninstaller requires one to use a specific browser (Microsoft Internet Explorer
Internet Explorer
Windows Internet Explorer is a series of graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating systems, starting in 1995. It was first released as part of the add-on package Plus! for Windows 95 that year...

) and to fill out an online form with their email address, receive an email, install the patch, fill out a second online form, and then they will receive a link to the uninstaller. The link is personalized, and will not work for multiple uninstalls. Furthermore, Sony's Privacy Policy states that this address can be used for promotions, or given to affiliates or "reputable third-parties who may contact you directly".

It has also been reported that the original uninstaller might have security problems which would allow remote code execution. Sony's uninstall page would attempt to install an ActiveX control when it is displayed in Internet Explorer. This ActiveX control was marked "Safe for scripting," which means that any web page can utilize the control and its methods. Some of the methods provided by this control were dangerous, as they may have allowed an attacker to upload and execute arbitrary code.

On 11 November 2005, Sony announced they would suspend manufacturing CDs using the XCP system:



"As a precautionary measure, Sony BMG is temporarily suspending the manufacture of CDs containing XCP technology," it said in a statement.




"We also intend to re-examine all aspects of our content protection initiative to be sure that it continues to meet our goals of security and ease of consumer use," Sony BMG added.




This followed comments by Stewart Baker
Stewart baker
Stewart Abercrombie Baker was the first Assistant Secretary for Policy at the United States Department of Homeland Security under the Presidency of George W...

, the Department of Homeland Security's assistant secretary for policy, in which he took DRM manufacturers to task, as reported in the Washington Post:


In a remark clearly aimed directly at Sony and other labels, Stewart continued: "It's very important to remember that it's your intellectual property — it's not your computer. And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days."




According to the New York Times, Sony BMG said "about 4.7 million CDs containing the software had been shipped, and about 2.1 million had been sold." 52 albums were distributed by Sony-BMG that contained XCP.

On 14 November 2005, Sony announced it was recalling the affected
CDs and plans to offer exchanges to consumers who purchased the discs.

Albums with XCP

Full article: List of Compact Discs sold with XCP

See also: http://web.archive.org/web/20071017025108/http://cp.sonybmg.com/xcp/english/updates.html


The Electronic Frontier Foundation
Electronic Frontier Foundation
The Electronic Frontier Foundation is an international non-profit digital rights advocacy and legal organization based in the United States...

 published its original list of 19 titles on
9 November 2005.
On 15 November 2005 The Register
The Register
The Register is a British technology news and opinion website. It was founded by John Lettice, Mike Magee and Ross Alderson in 1994 as a newsletter called "Chip Connection", initially as an email service...

 published an article saying there may be as many as 47 titles.
Sony BMG says there are 52 XCP CDs.

Amazon says it's treating the XCP CDs as defective merchandise and will offer a refund with shipping, as long as the customer specifies the request.
The various adverse side-effects of XCP can rationally be viewed as defects, as they are not part of the (apparent) intended function of XCP; this view skirts the more substantive issue of whether Sony transgressed against computer owners by intentionally modifying their computer systems without consent.

See also

  • MediaMax
  • Digital Rights Management
    Digital rights management
    Digital rights management is a class of access control technologies that are used by hardware manufacturers, publishers, copyright holders and individuals with the intent to limit the use of digital content and devices after sale. DRM is any technology that inhibits uses of digital content that...

  • Copy protection
    Copy protection
    Copy protection, also known as content protection, copy obstruction, copy prevention and copy restriction, refer to techniques used for preventing the reproduction of software, films, music, and other media, usually for copyright reasons.- Terminology :Media corporations have always used the term...

  • OpenMG
    OpenMG
    OpenMG is a SDMI-compliant digital rights management system by Sony. It is designed for audio files in ATRAC3 format. The compliant software, eg. Sony SonicStage, is usually capable of transcoding MP3 and wav files to OpenMG/ATRAC3...

    , Sony DRM used by Sony Connect
    Sony Connect
    The CONNECT Music Store was Sony's music store built within the SonicStage music management application for Microsoft Windows-based personal computers. It was one of the world’s largest online music download stores with over 2.5 million tracks to preview and purchase, with over 10,000 new songs...

  • 2005 Sony BMG CD copy prevention scandal
  • StarForce copy protection
    StarForce
    StarForce is a software copy protection mechanism developed by Protection Technology, which claims that products protected with StarForce are difficult to reverse engineer.- Product families :Currently known official versions of StarForce include:...

  • Apple FairPlay DRM
    FairPlay
    FairPlay is a digital rights management technology created by Apple Inc., based on technology created by the company Veridisc. FairPlay is built into the QuickTime multimedia software and used by the iPhone, iPod, iPad, Apple TV, iTunes, and iTunes Store and the App Store. Formerly, all songs in...

  • Janus (DRM)
    Janus (DRM)
    Janus is the codename for portable version of Windows Media DRM for portable devices, whose marketing name is Windows Media DRM for Portable Devices introduced by Microsoft in 2004 for use on portable media devices which store and access content offline. Napster To Go was the first online music...


External links

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK