Sony BMG issued a joint announcement with the EFF yesterday that a new security vulnerability had been identified in Sony BMG’s other DRM software, MediaMax, and that a patch was available. The vulnerability has been known for a while but not publicly disclosed until SunnComm was able to create the patch, which can be downloaded […]
An additional lawsuit since I last wrote about the topic. In addition to the DC lawsuit announced earlier this week, a class action suit was filed in Oklahoma on Monday on behalf of Oklahoma residents who purchased a CD infected with either XCP or MediaMax or who were infected with either XCP or MediaMax.
Freedom to Tinker revisits MediaMax (Sony BMG’s other DRM scheme for audio discs, the one that comes from SunnComm and doesn’t contain a rootkit) and finds that its surreptitious installer behavior is even more user hostile than previously documented. Previously it was documented that code is always placed on your machine prior to acceptance of […]
According to News.com, Sunncomm has issued a patch for its MediaMax uninstaller. The uninstaller left a user’s computer vulnerable to being exploited by web sites containing malicious code, according to research by the folks at Freedom to Tinker. No word from Felten or Halderman whether the new patch is truly safe, though they do make […]
Brilliant: a chart that compares the “features” (don’t call them bugs!) of the two DRM schemes used by Sony BMG, XCP (aka the rootkit DRM) and MediaMax. Not what I’d call a neutral view, but certainly the description “inadvertently(?) grossly insecure” sums up what we’ve seen from both these schemes.
In the “you have to be kidding” department: Freedom to Tinker reports that the uninstaller for Sony’s other DRM scheme, MediaMax from Sony, also compromises the security of the user’s system. The authors also post a detector to see if the control is on your system and a tool that both cures the infection and […]