Sony faces customer rebellion after rootkit blunder

Powered by SC Magazine

Sony-BMG Music Entertainment's use of spyware techniques for copyright protection is only the latest example of a trend that will likely promote a “consumer backlash," industry experts have warned.

According to a new advisory from Gartner, Sony-BMG's decision to install anti-piracy rootkit software on some music CDs that cloaks its presence and alters the functioning of the user's machine could lead to music fans boycotting the firm.

"In the name of protecting intellectual property, Sony has essentially borrowed a technique used by hackers and spyware/adware distributors. The software in question was designed to limit the user's flexibility in consuming the CD's content, but could have other effects on the user's computer, including creating possible security vulnerabilities and transferring some information back to Sony," the report authored by Gartner analysts Ray Wagner, Mike McGuire, Jay Heiser and Peter Firstbrook noted.

Many of the techniques Sony has used in connection with this software "meet both formal and informal definitions of spyware," Gartner claimed. These techniques include stealth download, information buried in the end-user licensing agreement, hidden files and processes, a missing uninstall utility, system or personal information being sent to a web server without notification or consent and email information required in return for an uninstall utility.

"Gartner believes that the use of spyware techniques, however benign in purpose, constitutes bad business practice and should be discouraged. Any attempt to sneak software onto a customer's computer or gather any information without consent is unacceptable," the analyst firm stated.

Although Sony has now issued a patch that "decloaks" the software, the process for completely removing the software from the user's computer is complex, requires the user to interact with Sony and is not included with the CD, Gartner observed.

Just as they had to develop formal privacy and spam guidelines, software developers must now familiarize now themselves with the criteria by which spyware is defined, Gartner advised. The analyst firm went on to recommend that providers and vendors use proper coding and consent practices or risk losing customer loyalty and jeopardizing their brands.

Copyright © SC Magazine, US edition

Top Stories
Toll Group to go Google
Poaches Woolworths project manager.
How News Corp's CIO tackled skills in his race to the cloud
What to do when your team’s talents are no longer needed.
Photos: How Thodey transformed Telstra
From turbulent Trujillo to Australia's leading telco.
Sign up to receive iTnews email bulletins
Latest Comments
Who do you trust most to protect your private data?

   |   View results
Your bank
Your insurance company
A technology company (Google, Facebook et al)
Your telco, ISP or utility
A retailer (Coles, Woolworths et al)
A Federal Government agency (ATO, Centrelink etc)
An Australian law enforcement agency (AFP, ASIO et al)
A State Government agency (Health dept, etc)

Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
I DON'T support shutting the OAIC.