Digital Rights Management Gone Too Far

A friend just pointed me to a blog article by Mark Russinovich: Sony, Rootkits and Digital Rights Management Gone Too Far. Mark has purchased a copy controlled CD and as a result, Sony had taken the liberty to install cloaked software on his computer.

The security implications of the story is obvious. Not only does Sony install software on the computer without the permission and knowledge of the machine's rightful owner, their software is poorly written, consumes significant system resources and provides no means for uninstall. The fact that Sony's DRM software uses techniques commonly used by malware to mask its presence blurs the line between legitimate and malicious software. Or maybe not. This is malicious software that is capable of crippling a computer if the user carry out the obvious step of just deleting the cloaked files.

The paralegal website Groklaw has an interesting article where Pamela Jones discusses Microsoft's and some big antivirus companies position with respect to this type of malware.