, SecurityFocus 2005-11-16
Sony BMG Music Entertainment announced plans on Wednesday to pull from store shelves nearly 2.6 million CDs that include a controversial copy-protection program, offer consumers an opportunity to return the discs, and create a more secure program to help remove the software from people's computers.
The announcement preceded a congressional hearing held that day where Republican and Democrats alike criticized the overly broad digital protections used by some media companies to guard their content. Underscoring the impact such protections can have on consumers, a Princeton University professor's asserted on Tuesday that the software utility created by the media giant to remove its copy-protection program from consumers' computers actually opens up the systems to attack.
The revelations had Sony BMG reversing course on its copy protected CDs. The company had already ceased to manufacture the CDs that included the troublesome technology, known as Extended Copy Protection (XCP) software, created by U.K.-based First 4 Internet.
"We share the concerns of consumers regarding discs with XCP content-protected software, and, for this reason, we are instituting a consumer exchange program and removing all unsold CDs with this software from retail outlets," Sony BMG said in a statement sent to the media on Tuesday and posted on its Web site on Wednesday. "We will shortly provide a simplified and secure procedure to uninstall the XCP software if it resides on your computer."
The announcements further highlight the security problems created by the copy protection used by Sony BMG to guard its music CDs. Two weeks ago, two security groups--SysInternals.com and antivirus firm F-Secure--revealed that the XCP software essentially takes control of PCs in the same way as a rootkit. Since the publication of their findings, consumer and security complaints against the content company have gained legal backing, with at least five cases filed or ready to be filed against the music giant.
Earlier this week, the digital-rights advocacy group Electronic Frontier Foundation published a list of steps that its staff believed Sony BMG should take to repair the situation. The open letter to Sony BMG called for many steps that media giant has now taken, such as recalling the CDs and offering to exchange the discs. However, the letter also requested that Sony BMG reimburse consumers for any damage to their PCs, a step that has not yet been taken by the media giant. Sony BMG did not respond to request for comment on the EFF letter.
Further spotlighting Sony BMG's response to recent events, a congressional subcommittee held hearings on Wednesday regarding fair use and copyright protections. In statements, Republicans that head both the Committee on Energy and Commerce and its Subcommittee on Commerce, Trade and Consumer Protection voiced support for fair use and stated that current copyright legislation, especially the Digital Millennium Copyright Act (DMCA), has gone too far in limiting consumer use of media.