Sony Vs the People
By: Mike • Research Paper • 3,712 Words • November 18, 2009 • 816 Views
Essay title: Sony Vs the People
Introduction
“Corporation, n. An ingenious device for obtaining individual profit, without individual responsibility. “ Ambrose Bierce.
In this study, we will attempt to evaluate some of the approaches that Sony employ to protect its intellectual property. We will also review some of Sony’s history and try to judge whether their approaches / tactics are ethical / legal and then offer some suggestions.
DRM Scandal
Son identified that to protect its intellectual property it would ensure that certain purchasers of Sony’s CD’s did make any copies, Sony saw fit to include what is essentially spyware on it’s CD’s.
This malware that that is a form of DRM (Digital Rights Management) was XCP and MediaMax. It was first uncovered by Mark Russinovich, a software engineer for Microsoft of all people [1]. These rootkits are designed to not only hide on users systems, but always gather information on the user and send it home. It connects to �connected.sonymusic.com’ and sends the users IP, date, album and other information back to Sony [2].
This is installed on the user’s computer without their consent which is illegal under the Computer Fraud and Abuse Act (CFAA) and anti-spyware laws [3] [4]. This software is also not mentioned in the EULA. Especially in the case of MediaMax, this piece of software is installed before the EULA is even displayed and remained installed even if the user declines the agreement [5]. This raises troubling ethical and legal issues. Users don’t normally associate installing software while placing a music CD into their computers.
Also, the code used had serious flaws in it and created several security holes in the user’s computer. This flaw has already been targeted by two Trojan viruses [6] [7].
When the news hit the public Sony agreed to recall the infected CD’s and issue uninstallers for XCP. These uninstallers (XCP) were at first very hard to get and users had to fill in forms, including filling in personal information. Then in a few days an email would be sent to the user involving them filling out another form. Afterwards another email was sent with yet another form and some software that the user had to install.
Finally, a last email was sent with a link to the uninstaller. This was merely a tactic to deter users from uninstalling their dangerous program. The uninstaller itself was very difficult to use and expired after a short time. Forcing the user to repeat the process to get a new version of the uninstaller. However, it was also discovered that these uninstallers put more malware on the user’s computer and created even more security holes. The uninstaller uses methods that are kept on the computer after its required and hackers can use hacks or scripts to call these methods to their own ends [8] [9].
Law suits where filled and government investigations launched. Under pressure from both the public and Government bodies, Sony finally paid out on the DRM scandals. On November 2005, Sony recalled all infected CD and offered clean copies to all buyers. On top of that, customers who exchanged infected CD’s could either choose between downloading three online albums or a cash payment of $7.50 and a free album download [10].
Sony’s shame doesn’t end there. It turns out that the code used in the XCP also infringes on copyrights. This was discovered by Sam Hocevar [11]. It was found that some of XCP program copied code from a program called DRMS [12]. It also takes code from LAME project, mpglib and VideoLan [13]. It should also be noted that Sony is suing Amergence Group, one of the developers behind their DRM software because it didn’t perform as it was meant to. It is unclear what they mean by this, but what is certain is that Sony didn’t want the software to become known to the user and the general public. The lawsuit accuses it of negligence and “unfair business practices” [14].
The ethical issues that arise from this are that such a malicious program is backed and used by Sony. Taking control of its customer’s computer without their consent and the copyright infringement issues that arose from the software’s creation. It also undermined Sony’s reputation especially as one of its biggest rival’s publicly announced that it will do all it can to protect its own customers by helping to remove the spyware that Sony installed [15] because it seemed if you tried to remove the software yourself, it would damage your computer including files being deleted and your CD-ROM being disabled [16]. With the various different kinds of DRM software used by Sony, it was estimated that up 4.7 million CD’s were effected [17].