Let us assume first that someone is clever enough to insert x86 platform-specific code into MP3 files, a very big "if". There was a buffer overflow condition in a version of Winamp many months ago that could allow this kind of thing, though the space was limited. Let us also assume that this genius is so clever as to make the code self-propagating.

Would the RIAA sue antivirus vendors for DMCA violations if they reverse-engineer the virus and/or add its signature to their antivirus signatures? If the thing spirals out of control, generates a huge flux of traffic that knocks legitimate systems off the wire, is the RIAA (or its henchmen) liable? Could the RIAA sue the makers of Winamp (ironically, RIAA-member AOL-TimeWarner) under the terms of the DMCA if they patch the bug that theoretically allows this to happen?

I think things are really getting out of hand if a small clique of inefficient scapegoat-seeking US companies are allowed to hold the world's computer users hostage to their own petty claims and US Congress-mandated rights to cause untold digital mayhem.

At the end of the day, the RIAA should realise that it is infuriating and scaring those very consumers it hopes to senselessley exploit. Unfortunately, they have not kept the pace with technology, because it goes against their fundamental corporate instinct: to want things done their way and threaten other people into compliance with lawsuits that the average Joe could never hope to stave off, even if they are innocent of wrongdoing.

I honestly doubt that the RIAA is going to able to pull off a stunt like this, but the simple fact that they are considering these kinds of "options" infuriates me. I'm truly disgusted. I'm not allowed to torch a library that contains a photocopy of a book I've written, so why should "they" be allowed to come poking through my machine and hinder my operations, even if I am guilty of copyright infringement?

They should stop being so greedy and come back down to earth. Maybe the iTunes Store idea will bring them to their senses.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/160/19987#19987