Press Releases

Browse our press release archive

14 Nov 2005

98% of business PC users say Sony DRM copy protection is a security threat

Only 2% say it is a fair way to fight music pirates

Music CD
98% of sysadmins said that Sony's copy-protection code posed a security threat.

A web poll of more than 1500 business PC users, conducted by Sophos*, has revealed that 98% believe that Sony BMG's controversial digital rights management software, which can introduce a "cloaking" vulnerability onto PCs which play some of its music CDs, is a security threat.

The news comes as Sony announces in the media that it is suspending production of any further CDs which contain the controversial technology. Only 2% of sysadmins polled on the Sophos website felt that it was a fair way to fight music pirates.

Sony's technology caused concern after Trojan horses were discovered that exploited its functionality in an attempt to hide themselves from anti-virus products. Any file with $sys$ in its name is automatically cloaked by Sony's copy-protection code, making it invisible on computers which have used CDs carrying Sony's software.

"In taking aim at the music pirates, Sony succeeded only in shooting itself in the foot," said Graham Cluley, senior technology consultant at Sophos. "System administrators have a very low opinion of any code which endangers the safety of their networks, and they have sent a loud and clear message to Sony and other companies that this kind of code is unacceptable to them."

Sophos has issued a tool which will detect the existence of Sony's DRM copy-protection on Windows computers, disable its "cloaking" function, and prevent that functionality from re-installing. The tool also detects versions of the Troj/Stinx Trojan horse which exploit the Sony vulnerability.

Sophos recommends that businesses ensure their computers are kept automatically up-to-date with the very latest anti-virus software.

Survey results

Is Sony's DRM copy protection

a security threat?
98%
a fair way to fight music pirates?
2%

* Sophos online survey, 1,501 respondents, 11-14 November 2005

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.