Latest Update
11-16-2005 Sony Recalls Copy-Protected CDs under pressure
After two weeks of relentless criticism over its XCP copy protection software, Sony BMG Music Entertainment is pulling CDs that contain the software from store shelves. The company is also planning to offer customers a way to exchange CDs that contain the flawed copy-protection software.
We share the concerns of consumers regarding discs with the XCP software, and we are instituting a program that will allow customers to exchange any CD with XCP software for the same CD without copy protection," Sony said in a statement posted on Tuesday.
'Sneaky' Software
XCP, which stands for Extended Copy Protection, is Windows software designed to limit the number of copies a PC user can make of a CD, but it uses controversial cloaking techniques to hide itself on the computer. Critics had warned that these techniques could gum up a computer's performance or possibly even be used by attackers to attack the machine.
Late last week, the first examples of malicious software that exploited the XCP cloaking mechanism began surfacing, prompting Sony to temporarily cease production of XCP-enabled CDs.
Sony had originally defended its use of XCP, and had downplayed the security and privacy risks associated with the software. With Tuesday's recall, however, the company finally appeared to acknowledge the seriousness of the matter. "We deeply regret any inconvenience this may cause our customers," Sony's statement said.
Still, Sony has some important questions to answer, according to the computer expert who first discovered the problems with XCP.
The biggest problem Sony now faces is helping customers who have installed the nearly undetectable software to remove it from their machines, said Mark Russinovich, chief software architect with Winternals Software LP, who originally identified the potential problem. Users who want to take XCP off their computers had been forced to send an e-mail to Sony and then download an ActiveX control that exposes them to further security risks, he said.
11-16-2005 Sony Recalls Copy-Protected CDs under pressure
After two weeks of relentless criticism over its XCP copy protection software, Sony BMG Music Entertainment is pulling CDs that contain the software from store shelves. The company is also planning to offer customers a way to exchange CDs that contain the flawed copy-protection software.
We share the concerns of consumers regarding discs with the XCP software, and we are instituting a program that will allow customers to exchange any CD with XCP software for the same CD without copy protection," Sony said in a statement posted on Tuesday.
'Sneaky' Software
XCP, which stands for Extended Copy Protection, is Windows software designed to limit the number of copies a PC user can make of a CD, but it uses controversial cloaking techniques to hide itself on the computer. Critics had warned that these techniques could gum up a computer's performance or possibly even be used by attackers to attack the machine.
Late last week, the first examples of malicious software that exploited the XCP cloaking mechanism began surfacing, prompting Sony to temporarily cease production of XCP-enabled CDs.
Sony had originally defended its use of XCP, and had downplayed the security and privacy risks associated with the software. With Tuesday's recall, however, the company finally appeared to acknowledge the seriousness of the matter. "We deeply regret any inconvenience this may cause our customers," Sony's statement said.
Still, Sony has some important questions to answer, according to the computer expert who first discovered the problems with XCP.
The biggest problem Sony now faces is helping customers who have installed the nearly undetectable software to remove it from their machines, said Mark Russinovich, chief software architect with Winternals Software LP, who originally identified the potential problem. Users who want to take XCP off their computers had been forced to send an e-mail to Sony and then download an ActiveX control that exposes them to further security risks, he said.