After the firestorm kicked off by Sony's use of rootkit cloaking technology in CDs to prevent piracy, you might think other media firms would never consider such intrusive methods. But some observers believe the controversy may just lead studios to push for anticopying measures that are hard-wired into your system.
This conflict between users who want to control what goes on inside their PCs and media companies that want to protect their content is not likely to abate so long as the companies try to control CD copying, says Gartner research director Mike McGuire.
Since studios are unlikely to give up copy protection, he believes music firms may now redouble their efforts to get companies like Microsoft and Intel to build copy protection right into computers.
Meanwhile, if studios persist in using technology like XCP, then PC and device makers may turn hostile toward such media firms' interests--especially if PC vendors end up fielding more support calls due to buggy copy-protection software, McGuire says.
Sony is reviewing its copy-protection tactics (the company declined to comment for this story). But "there will be copy protection," says Helene Blue, president of Helene Blue Musique, an independent music publisher. Sony's big mistake was bringing out XCP without sufficient testing, Blue says, a mistake the firm seems unlikely to repeat after its embarrassment over XCP.
Mark Russinovich, chief software architect with Winternals Software LP, took a hard look at XPC (created by First 4 Internet, a British firm) after playing a Sony XPC CD on his machine and encountering problems. He found that Sony's digital rights management scheme not only used technology typically employed by hackers, but it was designed in such a way that virus writers could hide their software with it, he says; he drew attention to the matter on his blog. His prediction came true--Trojan horse programs exploiting XCP began appearing on the Net soon after the problem was revealed.
Several security programs now treat Sony's XCP as a threat, and the firm has recalled all XCP CDs. MediaMax, another CD copy protection program used by Sony, has its own security problems. It can create a hole through which malicious agents can access affected Windows PCs. To protect themselves, Sony advises users to patch the software. Sony also faces both a lawsuit brought by the Texas Attorney General and another filed by the Electronic Frontier Foundation over XCP.
Russinovich worries that we will still end up with invasive copy protection that runs roughshod over PCs, bogging down performance. "What I'm afraid of is that, after this is all said and done, the software is going to still be aggressive, and they'll just cover themselves by putting disclosure in the EULA [end user license agreement]," he says.
________________
Is XCP Running on Your System?
To find out if Sony's invasive DRM software is in your PC, Mark Russinovich advises users to choose Run from the Start menu, then type the following into the box that appears: cmd /k sc query $sys$aries. If the response is 'STATE: 4 RUNNING', you have the software. If you see, instead, 'The specified service does not exist as an installed service,' then you're clean. (Note that only Windows systems are vulnerable.)
This conflict between users who want to control what goes on inside their PCs and media companies that want to protect their content is not likely to abate so long as the companies try to control CD copying, says Gartner research director Mike McGuire.
Since studios are unlikely to give up copy protection, he believes music firms may now redouble their efforts to get companies like Microsoft and Intel to build copy protection right into computers.
Meanwhile, if studios persist in using technology like XCP, then PC and device makers may turn hostile toward such media firms' interests--especially if PC vendors end up fielding more support calls due to buggy copy-protection software, McGuire says.
Sony is reviewing its copy-protection tactics (the company declined to comment for this story). But "there will be copy protection," says Helene Blue, president of Helene Blue Musique, an independent music publisher. Sony's big mistake was bringing out XCP without sufficient testing, Blue says, a mistake the firm seems unlikely to repeat after its embarrassment over XCP.
Mark Russinovich, chief software architect with Winternals Software LP, took a hard look at XPC (created by First 4 Internet, a British firm) after playing a Sony XPC CD on his machine and encountering problems. He found that Sony's digital rights management scheme not only used technology typically employed by hackers, but it was designed in such a way that virus writers could hide their software with it, he says; he drew attention to the matter on his blog. His prediction came true--Trojan horse programs exploiting XCP began appearing on the Net soon after the problem was revealed.
Several security programs now treat Sony's XCP as a threat, and the firm has recalled all XCP CDs. MediaMax, another CD copy protection program used by Sony, has its own security problems. It can create a hole through which malicious agents can access affected Windows PCs. To protect themselves, Sony advises users to patch the software. Sony also faces both a lawsuit brought by the Texas Attorney General and another filed by the Electronic Frontier Foundation over XCP.
Russinovich worries that we will still end up with invasive copy protection that runs roughshod over PCs, bogging down performance. "What I'm afraid of is that, after this is all said and done, the software is going to still be aggressive, and they'll just cover themselves by putting disclosure in the EULA [end user license agreement]," he says.
________________
Is XCP Running on Your System?
To find out if Sony's invasive DRM software is in your PC, Mark Russinovich advises users to choose Run from the Start menu, then type the following into the box that appears: cmd /k sc query $sys$aries. If the response is 'STATE: 4 RUNNING', you have the software. If you see, instead, 'The specified service does not exist as an installed service,' then you're clean. (Note that only Windows systems are vulnerable.)