Feeds

Mac anti-rip code surfaces on Sony BMG CD

Kernel extensions installed

Sony BMG's controversial DRM code controversy may have now spread to Macs.

According to long-running Mac user website MacInTouch, at least one CD distributed by the major label includes a Mac OS X application that purportedly installs a pair of extensions to the operating system's microkernel.

MacInTouch correspondent Darren Dittrich claims a recently purchased copy of Imogen Heap's Speak for Yourself CD contains an extra disc partition for "enhanced content". Within it sits Start.app, a Mac application that sits alongside the usual Windows files. The CD ships on the RCA label, part of of Sony BMG.

Darren reports that running Start.app presents the user with a licence agreement. Pressing the Continue button pops up a dialogue asking for an administrator's username and password - a warning that something is about to be installed somewhere - to allow the program to copy over two kernel extensions: PhoenixNub1.kext and PhoenixNub12.kext.

The licence agreement states that proceeding will install software on the host machine.

It is not believed that the two extensions incorporate the rootkit that is causing such controversy because of its effect on Windows machines. It's a Mac version of SunnComm's DRM software, MediaMax, which Sony BMG uses to copy-protect a range of CDs. ®

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.