Texas Files New Spyware Claim Against Sony BMG

[David Farber <dave () farber net>]

Begin forwarded message:

From: Bruce Hayden <bhayden () IEEE ORG>
Date: December 23, 2005 12:23:47 AM EST
To: CYBERIA-L () LISTSERV AOL COM
Subject: Re: [CYBERIA] Texas Files New Spyware Claim Against Sony BMG
Reply-To: Law & Policy of Computer Communications <CYBERIA- 
L () LISTSERV AOL COM>

Randall wrote:

> http://htdaw.blogsource.com/post.mhtml?post_id=119253
>
> Texas Files New Spyware Claim Against Sony BMG
> December 22, 2005
>
> By  Reuters
> HOUSTON—The Texas attorney general said on Wednesday he added a new
> claim to a lawsuit against Sony BMG Music Entertainment accusing it of
> violating the state's laws on deceptive trade practices by hiding
> "spyware" on its compact discs.
The SunnComm / MediaMax DRM code that Sony has included on a number
of its music CDs appears to be a bit different than the original  
First 4 XCP DRM
software. While it does appear to provide some vulnerability for  
hacking, etc.,
it does not appear to be anywhere near as bad in that respect as XCP  
was,
or, indeed, the various fixes and removals that Sony provided for XCP.

However, it does still appear to "call home" to a Sony site in order  
to download
advertising corresponding to the tune being played. This concept is  
called
"Perfect Placement" by SunnComm / Media Max, but spyware/adware by  
others.

Also, software is apparently run even if the Sony EULA is declined.
SunnComm personnel claim that this is because there is a "gray area"  
between
when the CD is loaded and when the EULA is declined, and that what they
are essentially doing is running a TSR (terminate and stay resident)  
program.
In other (not their, by my) words, they are installing the software  
and letting
it run until next reboot. But it only becomes scheduled for automatic  
starting
as a service when the EULA is accepted.

My view is that this distinction is fallacious, and will be lost on  
the courts.
Yes, at one time, you could load software into memory without having to
write it to disk. But as far as I know, not with the present  
incarnation of Windows.
So, Sony / SunnComm / Media Max are essentially claiming that even  
though
they write the software to disk to run it, it isn't really installing  
it without
permission because it isn't making it a service to run at subsequent  
boots.

I also see the writing of the software to disk to run it, regardless of
acceptance of the Sony EULA as essentially negating the EULA.
At a minimum, the EULA shouldn't protect them from installation
of the DRM software when it is declined.

For more information than you ever wanted on this subject:
http://sonyrootkit.blogspot.com/
http://www.sysinternals.com/blog/
http://www.eff.org/IP/DRM/
http://www.freedom-to-tinker.com/
http://www.boycottsony.us/

--
--------------------------------------------------------------------
The preceding was not a legal opinion, and is not my employer's.
Original portions Copyright 2005 Bruce E. Hayden,all rights reserved
My work may be copied in whole or part, with proper attribution,
as long as the copying is not for commercial gain.
--------------------------------------------------------------------
Bruce E. Hayden                      bhayden () ieee org
Dillon, Colorado                     bhayden () softpats com
Phoenix, Arizona                     bhayden () highdown com


**********************************************************************
For Listserv Instructions, see http://www.lawlists.net/cyberia
Off-Topic threads: http://www.lawlists.net/mailman/listinfo/cyberia-ot
Need more help? Send mail to: Cyberia-L-Request () listserv aol com
**********************************************************************



-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/