Tuesday, November 29, 2005

SONY-BMG VIRUS REMOVER HAD SECURITY FLAWS ITSELF

A couple of weeks ago we sent a request to Sony to be sent their uninstalling information to rid machines of their malignant spyware, to test what their response would be. Now we get an email from Sony suggesting their uninstaller was actually broken itself:

Our records indicate that you recently sent us an email in connection with the purchase of a content protected CD, requesting a program to uninstall the XCP content protection software. We are sending you this email because we have been notified of a potential security issue that may arise in connection with the uninstaller program previously provided.

They've finally got round to sending something out to deal with this latest screw-up. But they're still lying to their customers in it:

To be clear, the security issue is not raised by the presence of XCP content protection technology on the music CD you purchased. The security issue may arise when a user downloads the program to uninstall the XCP software files from a computer.

To be clear? But what Sony-BMG are doing here is deliberately trying to confuse two issues. The security risk they've exposed computer owners to that they're talking about in this email doesn't have anything to do with the XCP profit protection software on a CD - but XCP does open up a security risk for computer owners; and more to the point, there wouldn't have been a need for anyone to try to get rid of the nasty XCP if it hadn't been on the CDs in the first place. This is like someone kicking in your front door, and then when somebody else walks in and shits on your carpet saying "well, it's not my fault there's a turd in your living room; I didn't poop."

The best gag of all, though, bearing in mind that Sony is lobbing the EU parliament for the rights to have access to details of any electronic communications anyone in the EU might have made, is when they get to the guff at the end of the email:

Your privacy is important to us.

Clearly it is. That's why they're attempting to take it from us.


3 comments:

Post a comment

As a general rule, posts will only be deleted if they reek of spam.