The furor over the rootkit software on Sony/BMG audio CDs has really hit the fan. The mainstream media have picked up on it, which not only illustrates the power of the online world’s blogosphere, but may be the only hope for getting something done about it.
Dr. Jerry Pournell, a prominent scientist, presidential advisor, Science Fiction Author and Byte Magazine columnist, picked up on the issue and has this warning to say about it.
There still is no sure fire way to remove this malicious software, other than a complete wipe of the hard drive and Windows reinstall. Sony’s patch that you have to jump throough hoops to get only reveals the offending code. It doesn’t actually remove it. Step-by-step procedures may or may not work – you risk a crippled computer if they don’t.
Furthermore, removing the software or even giving instructions or a program to do it automatically, would put you in violation of the Digital Millenium Copyright Act, because you are technically removing a copy-protection scheme.
Yet, the software itself, did not tell you it was installing a program that will “phone home” and pass information back to Sony. It disguises it’s intent by saying it will install a program needed to play the CD. The only choice you get is Yes or No. Pick no and you’re out the money you just spent on the CD. Most trusting people will simply click Yes and go on their merry way with a vulnerable computer.
The rootkit has already been exploited by gamers who have used it to beat World of Warcraft cheat detection. This proves two things. Sony and First4Internet’s claims that the program is harmless are not true and that the gaming industry is just as crazy as the music industry.
Unless you remove the Sony software, you leave you computer vulnerable against yet undeveloped malicious programs that could turn your computer into a Zombie machine, under someone else’s control. If you do remove it, you are a criminal for violating the DMCA. Tough choices. Hopefully, this will spur some governmental action and maybe Congress will realise what a can of worms they started with the DMCA in the first place.