After taking a drubbing from computer enthusiasts, Sony BMG Music Entertainment has released a software patch that removes controversial cloaking technology found in copy protection software the company has been shipping with some of its CDs. Critics had slammed the software for being invasive and extremely difficult to remove because it uses some of the same "rootkit" cloaking techniques normally found in spyware or viruses.
Rootkit software uses a variety of techniques to gain access to a system and then cover up any traces of its existence so that it cannot be detected by system tools or antivirus software.
The patch, which was posted to Sony's Web site on Wednesday, was posted to "alleviate any concerns that users may have about the program posing potential security vulnerabilities," Sony said in a statement on its Web site. By installing the patch, users will not remove the copy protection software, called XPC, but they will make it visible to system tools and antivirus software.
XCP has been shipping on some Sony music CDs since early 2005. Licensed by Sony from a Banbury, U.K., company called First 4 Internet Ltd., XCP prevents users from making more than three backup copies of any XCP-protected CD. Sony will not say how many of its CDs use the software.
Critics had complained that because the software was virtually impossible to detect, hackers might somehow take advantage of it in order to hide their own malicious code from antivirus software. They had also slammed Sony for not adequately informing users of how it worked and for making it extremely difficult to remove XCP.
First 4 has described such concerns as "unnecessary."
In addition to writing the patch posted to Sony's Web site, First 4 has given software to antivirus vendors so that their products can now detect the XCP software, said First 4's CEO Mathew Gilliat-Smith.
First 4 is also in the process of developing a new version of XCP that will not use the controversial cloaking techniques, he added. "We feel it's sensible to allay any unnecessary fears," Gilliat-Smith said in a Thursday interview.
Gilliat-Smith said that the cloaking techniques were used in order to keep one step ahead of illegal copiers. "This is content protection software. One of the additional measures is to try and dissuade someone who is aggressively trying to circumvent the protections."
In this case, however, First 4 and Sony went too far, according to Mark Russinovich, the computer expert who first revealed how XCP works. "Not only had Sony put software on my system that uses techniques commonly used by malware to mask its presence, the software is poorly written," he wrote in a Web log posting. "Worse, most users that stumble across the cloaked files... will cripple their computer if they attempt the obvious step of deleting the cloaked files."
Sony's patch can be found here: http://cp.sonybmg.com/xcp/english/updates.html
A list of Sony CDs using the XCP software is being compiled here: http://slashdot.org/~xtracto/journal/121088
Russinovich's blog posting can be found here: http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-right...