Microsoft to Remove Sony Spyware

I thought I was through with this story, but I have to add one more nugget. I and others previously wondered if Microsoft might add the Sony BMG spyware to the list of bugs removed by Microsoft’s Malicious Software Removal Tool. Well it seems it will.

According to this post on the Anti-Malware Engineering Team blog:

We are concerned about any malware and its impact on our customers’ machines. Rootkits have a clearly negative impact on not only the security, but also the reliability and performance of their systems.

The post goes on to say that removal of the Sony software will be included in the upcoming editions of the Microsoft programs.

Good job Microsoft.

Technorati Tags:
digital music, drm, microsoft

More Holes in Sony’s Foot

Mark Russinovich has another post on the Sony BMG spyware debacle. The folks that make the spyware for Sony responded and challenged four points Mark has made about this unwanted software that installs itself on your computer when you play a copy-protected Sony CD.

Mark responds point for point and concludes:

By not coming clean they are making clear to any potential customers that they are a not only technically incompetent, but also dishonest.

I doubt that Sony is being dishonest. I think it is simply trying in vain to stuff the cat back into the bag and using a questionable approach to do it.

It’s time for someone important at Sony to step up and end this mess. Tell the truth. Say that the cat running around makes you nervous. Say you made a mistake by doing this. Say you’re sorry and fix it. Then, but only then, will everything be OK.

Technorati Tags:
drm, digital music

Will Microsoft Exterminate the Sony Bug?

Ed Bott has called for Microsoft to include the removal of Sony BMG’s spyware in the next update of its Malicious Software Removal Tool, which is updated every month. He admits it’s a longshot, but this is a rare chance for Microsoft to be viewed by all as the good guy.

Mark Russinovich, the guy who discovered Sony’s spyware, has analyzed Sony’s so called patch for this spyware and reports that the patch is more menace than medicine.

Whoever is the decision maker for Sony on this issue is a walking bad decision.

Technorati Tags:
digital music, drm

What Ed Said

rootkit After I posted the update below, I read Ed Bott’s excellent takes on the Sony spyware issue here, here and here.

I think Ed nailed it, although I don’t think Sony’s lame attempt at placating consumers by issuing the patch that isn’t really a patch is much of a step in any positive direction.

Sony is going to continue to get slammed about this until they do the right thing. This will be an interesting litmus test of the power of bloggers to generate a policy changing buzz. I hope we succeed.

Technorati Tags:
digital music, drm

Sony Tries But Not Hard Enough

Update to my earlier post about Sony BMG installing spyware on computers.

It seems that Sony has noticed the wave of bad press it is deservedly getting over this mess. In response, Sony has issued a patch to antivirus software makers. The problem, however, is that the patch does not delete the wrongfully installed software- it simply reveals the previously hidden files, allegedly making them less likely to be exploited by viruses.

Consumers who want the software removed? They are forced to “contact [Sony’s] customer support service for instructions.”

Not good enough. My boycott remains in effect.

Technorati Tags:
digital music, drm

No More Sony CDs

I love Sony products. Other than my plasma TVs, both of which are Panasonic, I generally buy Sony electronics. My DVD players, my tube TVs, my digital camera- all Sonys.

But I will not buy another Sony BMG CD as long as they continue to put spyware-like DRM on their CDs. If that means forever, then forever it will be.

As Dwight Silverman and Download Squad reported today, Mark Russinovich at software developer Sysinternals discovered that a Sony CD installed a rootkit on his computer. A rootkit is way for someone to hide files and even programs on someone’s computer without their knowledge. It is a way for malicious spyware and other unwanted programs to hide on a computer.

The bottom line is that the Sony BMG CD appears to have installed a rootkit on Mark’s computer without his permission or knowledge, all in the name of limiting his ability to play (these CDs can only be played on a computer using the program that comes on the CD itself, not with Windows Media Player, etc.) and copy the music he paid for. A rootkit can be used by virus writers and other unauthorized interlopers to control a remote computer or steal or destroy the data on the computer. In other words, this is bad mojo that should have never been installed on his computer without his knowledge and informed consent.

To make bad matters worse, the software was difficult to uninstall- there was no uninstall utility (the “uninstall” option that usually appears either in Control Panel/Add or Remove Programs, or as an option in the program’s Start Menu folder. When Mark removed the software manually, it disabled his CD drive- making it totally unusable.

Howard Hoy, one of the readers of Dwight’s post, contacted Sony and asked for instructions on how to remove the wrongfully installed software. He was told to install a program made by the same company who created the rootkit for Sony- a program that could potentially do even more damage to his computer (Howard has a photo of the install screen here).

Here are my suggestions:

1) Boycott all copy protected music CDs. Most of them have a notice stating that the disc is sopy-protected. Amazon has started identifying CDs that are copy protected (as pointed out by Howard in a comment to Dwight’s post).

2) Disable autoplay on your computer.

The way to solve this growing problem is to create enough media buzz to perhaps get Congress involved and to vote with our pocketbooks. My pocketbook votes no.

Technorati Tags:
digital music, drm

Mossberg on DRM

Walt Mossberg of the Wall Street Journal has spoken out on DRM and its effect on the listener’s ability to use and enjoy the music he or she has supposedly purchased. Almost everything in The Wall Street Journal bores me to tears, but Walt’s technology columns are always well written and interesting.

He takes on objective, even-handed view of the issue, recognizing that both sides have legitimate issues. He concludes with this excellent suggestion:

I believe Congress should rewrite the copyright laws to carve out a broad exemption for personal, noncommercial use by consumers, including sharing small numbers of copies among families.

Because of Walt’s reputation and reach, perhaps the priority challenged RIAA will actually listen and reward its customers with some logical and fair proposals. If not, perhaps Congress will.

Technorati Tags:
digital music, drm

Stuffing the Cat Back into the Bag

I have never seen a more aggressive attempt to stuff a cat bag in the bag than the idiotic one currently being waged by the record label cartel against anything the doesn’t involve paying $15 for a CD that costs about a buck to produce. Now they’re after satellite radio.

I guess if I’d been riding the backs of artists and their fans for as long as the record labels have, I’d try to stuff that cat too. The problem is that it won’t work. The digital age is upon us record label friends and all you’re going to accomplish over the long run is to alienate people like me who used to buy a lot of your product.

Here’s what needs to happen. Some smart person needs to creat a company that duplicates CDs and creates and duplicates the associated packaging the way Qoop produces photo books. The same company could distribute the music on CD either by itelf or via Amazon and other online stores. The same company, or even the artist himself or herself, could distribute the songs electronically via MusicMatch, Yahoo Music, etc.

That would show the record labels that they don’t control the game anymore. Let’s put the power and the money back in the pockets of the artist.

Technorati Tags:
digital music, music industry

A Songwriter’s Take on the RIAA

riaa If we didn’t already have enough reasons to hate the RIAA, now it seems that priority-challenged organization is trying to get the FCC to impose copy-protection standards on digital radio. Could there be a more anti-consumer organization in the world? The most irritating thing is that this is an organization that claims to be protecting me.

As a songwriter with numerous songs on commercial records, I actually make a little money in performance royalties. Both I and Err Bear Music, my publishing company, are affiliated with BMI. BMI collects royalties (in this case royalties from radio stations, as opposed to royalties from record sales which are collected by a different agency) and distributes them to songwriters and publishing companies. Every quarter, BMI sends me a little money and a statement showing which of my songs are earning royalties. I’m all for royalties, I just don’t think pissing off the entire world is going to increase my royalties.

As people who make and sell music, we should be more consumer-friendly. Instead, the RIAA makes us look like greedy, paranoid luddites. People have been recording songs off the radio for decades. I did it when I was a kid. I didn’t turn into a song stealing music thief. What I did turn into is a music fan who has bought thousands of CDs, not to mention hundreds of LPs, 8-tracks and cassettes, many of which were bought again on CD.

Copy protection won’t stop a criminal from making copies of a CD any more than gun control will stop violence. It may be harder to copy songs with DRM restrictions, but it can, is and will be done. If someone wants to make and sell illegal copies of a CD, he or she is always going to be able to figure out how to do it- there will always be technology to defeat technology. Heck, I personally know of several album reissues that were done by “needle drop” (i.e., making a second generation master from an ordinary copy of an LP). The people who will be frustrated by these ridiculous limitations are the honest kids who would otherwise grow up to buy thousands of records, just like I did.

Fortunately the EFF is rising to the challenge of bashing the RIAA for this idiocy. The EFF’s comments make good and logical reading. Dwight Silverman reports that even Steve Jobs is calling the RIAA greedy. The more people that call out the RIAA on this sort of thing, the better chance reason has of prevailing.

The RIAA tries to act like it’s looking out for songwriters and performers, but the only group the RIAA is truly interested in is the record label cartel which thinks it can stuff the cat back in the bag and bring people back to the record stores to buy CDs for $15 that cost a dollar or less to produce. That, my friends, is the real agenda. It’s not about my rights or those of any other songwriter or performer.

Technorati Tags:
riaa, drm

Digital Music: Less Than Meets the Eye

The EEF, the Electronic Frontier Foundation, an organization that works to protect individual and consumer rights relating to technology, has published a very interesting and useful Guide to DRM in Online Music.

DRM, or Digital Rights Management, is an umbrella term referring to any of several technical methods used to control or restrict the use of digital media content on electronic devices with such technologies installed. Stated another way, DRM is what prevents us from freely using the music we legally purchase from online music stores like iTunes, Rhapsody, MusicMatch, etc.

In its guide, the EEF examines the licenses and marketing language used by various online music stores to decipher what it means- to determine if you truly own the music you have purchased. The conclusion: not really. You have the right to use it, but you don’t own it in the traditional sense of the word and even your right to use the music can be further restricted after you buy it.

The guide analyzes iTunes, Microsoft, RealNetworks (makers of that bloatware and computer hogging Real Player program), Napster (the new establishment-supported and DRM restricted version, not the old version the RIAA killed).

Some lowlights:

iTunes can add additional restrictions to your ability to use a song, ever after you buy the song. iTunes also makes it hard to give away or sell a song you have bought (meaning sell without keeping a copy, much like if you sold a CD you own on eBay). It also limits your ability to convert the song to another format, which may be necessary to listen to the song on certain non-Apple MP3 players.

RealNetworks promises “freedom of choice” to use the songs on the music player of your choice, but the songs you buy are not compatible with all music players and can only be burned to a CD a limited number of times.

Napster charges extra for the right to put your songs on a portable player.

I decided to see how the music services I use stack up. I use MusicMatch, owned by Yahoo, and Rhapsody, sadly owned now by RealNetworks (I signed up when it was independent).

MusicMatch. I had to dig around the web site and within the MusicMatch Jukebox to find anything about DRM. But I am persistent and I found a few things. The downloaded tracks are encoded in secure WMA format. The cannot be transferred to an iPod, since the only secure format supported by the iPod is the AAC file format. MusicMatch has the Microsoft “playsforsure” logo, so I assume the restrictions are the same as the Microsoft downloads. I know only one thing for sure- and it’s a big thing. I just bought a copy of Delbert McClinton’s Down in Mexico and at no time did the system tell me that the music file I bought was restricted or the nature of such extensions. As mentioned above, looking around the site uncovered no summary of the restrictions. DRM should be invisible, but not in this way.

Rhapsody. Unlike most online music stores that sell downloadable song files, Rhapsody traditionally sold songs that you would burn to a CD from within the Rhapsody software itself. Not all songs could be burned onto a CD, but the ones that could burned to a CD ended up on a CD that, like regular music CDs could be ripped (i.e., transferred to your computer in digital format). The foregoing applies to Rhapsody version 2.1, which is the one on my computer. Apparently, there is now a version 3.0 that lets you buy digital copies of songs, but is full of DRM restrictions. I am going to cancel my Rhapsody subscription as soon as I finish this post.

The bottom line is that DRM protected song files are restricted, some less than others. The problem is that the casual buyer likely has no idea if and to what degree the songs he or she buys are restricted. As I’ve said before, I don’t pirate or share music, but I also don’t purchase songs that are crippled by DRM.

EFF Trivia: John Perry Barlow is one of the co-founders of the EFF. He also co-wrote the song that Cassidy is named after. Shortly after Cassidy was born, I emailed him a photo and short note, letting him know how much I love that song and telling him about Cassidy. He emailed Cassidy and welcomed her to the world, and he has emailed her a few times since then, just to check in. How absolutely cool is that? When Cassidy is older, that will mean a great deal to her.

Technorati Tags:
drm, digital music