Tuesday, November 29, 2005

SONY-BMG VIRUS REMOVER HAD SECURITY FLAWS ITSELF

A couple of weeks ago we sent a request to Sony to be sent their uninstalling information to rid machines of their malignant spyware, to test what their response would be. Now we get an email from Sony suggesting their uninstaller was actually broken itself:

Our records indicate that you recently sent us an email in connection with the purchase of a content protected CD, requesting a program to uninstall the XCP content protection software. We are sending you this email because we have been notified of a potential security issue that may arise in connection with the uninstaller program previously provided.

They've finally got round to sending something out to deal with this latest screw-up. But they're still lying to their customers in it:

To be clear, the security issue is not raised by the presence of XCP content protection technology on the music CD you purchased. The security issue may arise when a user downloads the program to uninstall the XCP software files from a computer.

To be clear? But what Sony-BMG are doing here is deliberately trying to confuse two issues. The security risk they've exposed computer owners to that they're talking about in this email doesn't have anything to do with the XCP profit protection software on a CD - but XCP does open up a security risk for computer owners; and more to the point, there wouldn't have been a need for anyone to try to get rid of the nasty XCP if it hadn't been on the CDs in the first place. This is like someone kicking in your front door, and then when somebody else walks in and shits on your carpet saying "well, it's not my fault there's a turd in your living room; I didn't poop."

The best gag of all, though, bearing in mind that Sony is lobbing the EU parliament for the rights to have access to details of any electronic communications anyone in the EU might have made, is when they get to the guff at the end of the email:

Your privacy is important to us.

Clearly it is. That's why they're attempting to take it from us.


2 comments:

chu said...

boing boing has a lot more on this saga of commercial suicide. It now turns out that the other copy protection system Sony uses installs itself even if you disagree when you pop the cd in.

Anthony said...

...As a matter of fact, your privacy is SO important to us, our software will log each time you listen to our CD in your computer and this information will be stored indefinitely to ensure its safety against natural disasters and restrictive privacy legislation.

Good people.

Post a Comment

As a general rule, posts will only be deleted if they reek of spam.