By now, I would bet that most readers are familiar with the recent controversy over Sony BMG's notorious rootkit included on many of its CDs.
When reports of other interesting software showing up on Sony music CDs, such as SunnComm Technologies MediaMax, began to trickle in as well, I sat back and watched.
It's not that I didn't consider the recent Sony DRM fiasco to be worthy of writing about, but it's important to remember that there's a far larger security issue at stake.
Commercial media and software companies seem to believe that they can do whatever they want with DRM technologies — and that users must accept it if they intend to use their products. These vendors apparently feel that protecting their digital assets is more important than consumers' rights to use their computers — or to keep them secure.
Many companies install software on users' computers without either their knowledge or consent. While only a few of these incidents make the headlines, the problem is far more common than you might think.
The irony of the Sony situation is that few mainstream users are intentional music thieves — most just want to listen to CDs on their computers. Sony were likely to have paid millions to license this DRM technology, installing it to prevent ordinary users from stealing, who probably weren't interested in copying the music anyway.
But let's not forget the larger issue at hand. Sony apparently felt entitled to subvert users' rights in favour of its own. The average user doesn't know what installs or runs on his or her computer, and companies like Sony know it.
Personally, I didn't encounter any of the Sony copy-restricted CDs, but they wouldn't have affected me even if I had. I disabled the ability of Windows to automatically run software from a CD shortly after I bought my laptop. By doing so, I prevented Sony and other like-minded companies from getting their hooks into my system.
Incidentally, DRM software wouldn't work on my Linux workstation either, since it's not a Windows or Mac and I can play music CDs all I want. In addition, you can also disable the feature known as Autostart on Apple systems and achieve similar results.
And some reports claim that a black marker or tape is also effective for stopping such copy restriction. Of course, I may have just violated the DMCA, by explaining how to circumvent the Sony DRM system.
So, in my opinion, the Sony debacle itself wasn't clearly an Internet security issue — until news surfaced of the botched rootkit-remover program that opened up Windows systems to other exploits.
The key point to remember is that this issue is larger than Sony. It's the fact that many companies feel free, even entitled, to change how computers work because they know few people will realise it.
Sony's fiasco aside, hidden software presents a huge amount of Internet security risks. Vendors that use these practices are taking advantage of the fact that most users believe companies wouldn't install software on their systems without prior consent — a very naïve assumption.
But the Sony rootkit is unfortunately just the tip of the iceberg. How much software on your system decides to automatically run at startup and take it upon itself to "phone home"?
While many of these programs are innocuous, they can still represent quite a risk. How much longer until some black hat decides to hijack one of these programs and subvert it for his or her own nefarious use?
Talkback
It does becom ironic and quite amusing that with increases in DRM and other such tactics by "legitimit" industry, its becoming safer and safer to turn to illegal downloading for you entertainment wants and needs. For so long one of the major trumpeting point of anti-piracy campaigns was the danger inherent in downloading software and music, that of virii. Now you're more likely to find products that have been cleaned of virus-like drm and copy-protection, rendered safe by tech-savvy crackers, than you are to find safe products on store shelves.
It seems to me that a simple solution for Sony would be to make their CD unplayable on a PC or Mac. That way they can make sure (they would think) that no one can rip "their" music to some other device. Simple and clean. They have total control over the nasty people who buy Sony CDs. After all, they're criminals because they buy Sony products., Right?