I recently purchased Imogen Heap's new CD (Speak for Yourself), an RCA Victor release, but with distribution credited to Sony/BMG. Reading recent reports of a Sony rootkit, I decided to poke around. In addition to the standard volume for AIFF files, there's a smaller extra partition for "enhanced" content. I was surprised to find a "Start.app" Mac application in addition to the expected Windows-related files. Running this app brings up a long legal agreement, clicking Continue prompts you for your username/password (uh-oh!), and then promptly exits. Digging around a bit, I find that Start.app actually installs 2 files: PhoenixNub1.kext and PhoenixNub12.kext.Please note, in order to install this DRM, you have to (1) enter your username and password and (2) click YES to a EULA. If you get a new CD and it tries to make you enter your username/password, DO NOT. It should still allow you to rip to iTunes. If not, I recommend returning it to the store with a very nasty note to the manager.
Personally, I'm not a big fan of anyone installing kernel extensions on my Mac. In Sony's defense, upon closer reading of the EULA, they essentially tell you that they will be installing software. Also, this is apparently not the same technology used in the recent Windows rootkits (made by XCP), but rather a DRM codebase developed by SunnComm, who promotes their Mac-aware DRM technology on their site.
How long can Sony get away with this? They are already facing lawsuits from the Attorney General or Consumer Advocates in New York and California. And already one virus has appeared which uses these backdoors that Sony installs to attack customer computers. Chalk this up under "Most likely to alienate consumers just before the Christmas buying season."
Hiç yorum yok:
Yorum Gönder