|98% of sysadmins said that Sony's copy-protection code posed a security threat.|
A class action suit against Sony BMG has been granted final approval for a settlement by the federal court, allowing music fans to claim refunds and free music downloads. The case was brought against the music giant after it included potentially dangerous copy protection software on an estimated 15 million music CDs.
Sony's controversial digital rights management software, included on CDs from the likes of Neil Diamond, Alicia Keys and Dido, introduced a rootkit-style "cloaking" vulnerability onto PCs. The vulnerability was exploited by malware such as the Stinx-E Trojan horse in an attempt to evade detection by anti-virus software, leading to a public relations disaster for Sony.
A poll of more than 1500 business PC users, conducted by Sophos, revealed that 98% believed that Sony BMG's controversial digital rights management software was a security threat.
District Court Judge Naomi Reice Buchwald approved the settlement, which means that CD purchasers can apply for a $7.50 refund plus a free music download, or three album download, whichever they prefer.
"Despite its good intentions in stopping music piracy, Sony's DRM copy protection was inept in its implementation and caused the company a PR nightmare," said Graham Cluley, senior technology consultant for Sophos. "Other entertainment companies interested in protecting their music and movies from pirates will hopefully have learned not to borrow techniques from malicious hackers."
Sony has published information about the settlement, and details on how to claim, on the website www.sonybmgcdtechsettlement.com. The full list of CDs carrying the software can be found here.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.