More stolen code in the XCP DRM

Slashdot: DVD Jon’s code in Sony’s Rootkit? This just keeps getting better. The previous stories that portions of the LGPL’d LAME code appeared in the XCP software from First4Internet, which Sony BMG has been forced to publicly disown and apologize for, appear to be the tip of the iceberg. There is new evidence (via Muzzy and Sebastian Porst) that the XCP software appears to include portions of LAME, mpglib, and VLC’s drms.c. The latter project is code written by DVD Jon Johansen (of DeCSS fame) designed to circumvent Apple’s DRM.

At this point, I think some folks might want to start saving some of their class action lawsuit energy and start directing it at First4Internet.

7 Responses to “More stolen code in the XCP DRM”

  1. Damian Says:

    This is a helluva saga, isn’t it?

    The latest from Ed Felten and Alex Haldermann:

    “Not Again! Uninstaller for Other Sony DRM Also Opens Huge Security Hole”

  2. Steve U.K. Says:

    First 4 internet have just removed the names & contact details of the major staff from their website but the advert for the product are still there!…I just sent them an e-mail saying…Right, just how STUPID can a programmer be!?…I would run if I were you & hide behind a large bunch of lawyers!!!!….I’m amazed it’s taken them this long to realize they’re in DEEP trouble!…My my they are clever!

  3. Nuudelisoppa » More stolen code in the XCP DRM Says:

    […] The Sony Boycott Blog […]

  4. bernhard Says:

    It’s not the fault of the programmer to use lgpl or even gpl code.
    No problem for the management to ask “did you us GPL,LGPL,…”
    Compare that to “did you use PATENT 342343,PATENT 454345, PATENT 847636, PATENT 52246,….”
    The term “Novemer 2005″ will be a ’search string’ like “Sep. 11″ - the web will give you the right answer to a turing point in history.
    We have to and we will contol them!
    Don’t give the power to firms like SONY. It is our planet and it is our future.
    We choose the language they understand and thats money.
    We - the internet comunity and geeks - we have the power to bring them down if nessessary. Now it’s time to do that.
    We respect law but we don’t fear SONY’s lawyers.
    This must be a disaster for SONY managment and SONY shareholders. If not the future of this planet will be dark, cold und a matrix like place.
    People make mistakes but companies endangers the hole mankind.
    This was no mistake of SONY. They tried to take over “information”.
    They entered our habitate. They entered the heart of your communication - the computer. This is not like downloading music from internet. This was a coordinated, well planed attempt the control our private utilities.
    The music lobby tries to enforce a law that makes it illegal to remove DRM software like XCP. The answer to this mafia like behavior must be a massive damage for SONY. I don’t declate war to the eval like Mr. Bush.
    But the customers have the power and we will inform the customer.

  5. Lorin Olsen Says:

    Thanks for keeping the subject in the public’s eye. I bought a Sony CD one month ago and have had to deal with this (and other problems) for quite a while. So I’m doing a favor for Sony. I’ve started a Frappr map of people affected by the Sony XCP rootkit. If you or your readers want to join, check out the map at


  6. Tom S Says:

    They (Sony and first 4) are their own punishment. The disappointing thing is that a majority of consumers won’t really realize what sort of violation this has been. Being an active Infosec professional, I am appauled.

  7. The Sony Boycott Blog » Blog Archive » Sunncomm uninstaller vulnerabilities Says:

    […] Thanks to Damian for the link. […]

Leave a Reply

You must be logged in to post a comment.