Sony and Spyware

When I was going to high school in the late 70’s, required reading for all English students was George Orwell’s 1984. I still remember reading about the overly structured life created by a highly bureaucratic government dubbed Big Brother. The book is essentially an anecdote for many of today’s problems related to governmental power versus the privacy and self determination of citizens such as ourselves.

I bring this up because this book reminds me of why I hate spyware so much. Spyware companies have found a way to legally sneak software onto our PC’s without our permission. Through this legal trap door, known as a click through license agreement, these companies believe that they have the right to make choices in our stead.

But today’s article is about the most serious threat to our choice as citizens since Orwell penned his book in the 1940’s. It was discovered by Mark Russinovich, a noted Windows guru, that if a person purchased certain Sony/BMG music CD’s and later placed that CD in a Windows based PC, the CD would also install a heavy payload of spyware. Russinovich further discovered that Sony’s spyware was much worse than your ordinary spyware. It made extra effort to make itself invisible to the user, and even for a guru, it was damn hard to uninstall. But it gets worse. The software opened up a security hole on the PC, enabling, not only Sony, but other hackers to enter your PC without your permission. Shortly after this discovery, some clever hacker actually wrote such a virus, and this virus is currently in the wild. (See our article for more details.)

What a mess! Being the good corporate citizen, and always cognizant of their impeccable brand, Sony had to react in a clear and consistent manner. Well, they haven’t. As of this writing, they have announced that they are pulling the CD’s off the shelf, and offering replacement CD’s to the many unsuspecting music lovers. But the problem is the following quote from Sony:

“We stand by content protection technology as an important tool to protect our intellectual property rights and those of our artists.”

Sony is reacting to the security problem. They don’t care about the privacy or rights or its users. Reading between the lines, if it were not for the security hole, they would still be trying to sneak software onto our PC’s through the distribution of music CD’s. In fact, they still are shipping CDs that have SunnComm content protection, which exhibits much of the bad behavior of the rootkit CDs Sony recalled. Both of them can analyze your music playing habits and send it back to Sony for analysis.
God forbid if you do something that they don’t agree with!

At PC Pitstop, this is our definition of spyware. It installs without user knowledge and then runs in background in as surreptitious manner as possible to escape detection. Note: In Sony’s case, they also cleverly put in many restrictions on how you can even listen to your CD! We find Sony’s attitude and business activities deplorable. What is clear, is that Sony is not going to give up their dream of sneaking software onto our PCs. And this my friends, is the next battleground for spyware.

We have no choice but to fight this fight. Left unfettered, Sony will ultimately have their spyware on all of our PC’s. Worse yet, this opens the door for all the other music labels to sneak even more spyware onto our PC’s. Just as in 1984, we will have lost all control of our PC’s, as these uninvited software programs consume our CPU cycles, and available memory making our PCs slower and unstable.

As part of our free PC checkups–the full tests, deep spyware scan, and quick spyware scan–we already detect and recommend the removal of Sony’s software. But we are not going to end the fight there, we promise to be the natty fly that won’t let the giant sleep. When we see an angle, we will jump on it. But we cannot do this alone. If this battle is to be won, we will need help.

We call on all the antispyware companies to begin detecting and cleaning all software related to this new breed of spyware propogated by the music labels. We call on the musical artists to challenge their contracts with labels that use this practice. We call on Microsoft to plug the security hole that allows software to be installed without user consent.

Lastly, we call on everyone to unite on this issue. Punish the companies that deal in spyware. All of them. Be vigilant on the software installed on your system. And if you have not purchased an anti spyware package, do so now. We need to let Sony and the other music labels watching, that they are in for a fight.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles