Feeds

Sony unsinged by rootkit CD fiasco

Expect more exploits

Top three mobile application threats

Analysis What next for CD buyers?

For all the lawsuits, over-the fold-coverage in mainstream print and on primetime TV, and howls of anguish from the blogosphere, Sony Music has sailed through the rootkit CD fiasco largely unharmed.

The only figure that matters - the bottom line - appears to be unaffected by the fiasco. CNet's John Borland reports, and as retailers confirmed to The Register, that Sony hasn't lost sales from popular titles infected with the notorious XCP copy-restriction technology.

The poorly written software leaves a PC wide open to hackers, and attempts to remove it can disable the CD drive. Sony Music reluctantly announced a recall and exchange program for XCP-infected CDs last week.

But the CD buying public doesn't seem to care. One large retail store, Amoeba Records in tech savvy Berkeley hasn't seen a single infected CD returned to the store. Chart rankings and Gracenote lookups don't reflect a fall off in sales for the affected CDs.

Far from being a historic turning point in the public's perception of nefarious DRM tactics, that many hoped, it's proof that the CD buying public is impervious to technology warnings, or at least extremely slow to cotton on.

We may have feared as much. One in four PCs connected to the internet in the UK is "owned", in other words, fatally compromised by malware. And yet good technology advice isn't hard to find: news stand magazines and part-works offer lucid explanations, most newspapers feature weekly PC advice columns, and much more information is only two clicks away on the internet.

So more information in itself isn't the answer.

Will the lawsuits succeed where education has failed? Yesterday the Electronic Frontier Foundation and the state of Texas duly filed suit against Sony.

Don't hold your breath.

For all the angst in the US about 'tort reform' and the prominence given to excessive damages won by 'ambulance chasing' lawyers, the effect is negligable. If the Microsoft trial taught corporate America a lesson, it's that litigation can be considered a minor operational expense. Business treats it like a spot fine for littering.

Sony Music can also take heed from the limitations of internet based activism. The New York Times reports that over 700 Amazon.com reviews pointed out the dangers of XCP DRM, and that "... snarky Internet shoppers have quickly turned Amazon.com's tagging system into digital graffiti" - attaching the 'rootkit' warning tag to Sony XCP CD titles.

Why, then, has the saturation and uniformly negative coverage of Sony's DRM failed to harm sales?

Your guesses are as good as ours, but it's hard not to conclude that the WiReD myth of a 'Rip Mix and Burn' population has been somewhat overstated. Only a third of CD purchasers actually play music on a PC. And a vanishingly small number of them appear to want to take their music anywhere other than where it's directed to go by the manufacturer. If a CD plays in the home stereo and the car, then that's quite enough digital freedom already for most people.

This may have less to do with a public acceptance of artificial restrictions such as DRM than the fact that music tends to stay in hardware 'silos', and digital music tends to stay where it's bought, largely through apathy and forgetfulness.

And given an atomized tech savvy population, tagging and bleating in the safety and comfort of their own PCs, Sony's nefarious tactics have failed to harm the business.

Ultimately, there's little to change our view that DRM restrictions are an expensive and economically inefficient stop-gap, an absurd attempt to replicate the inconvenience of physical product in a digital form. But equally, the 'Chicken Little' scenario of DRM as the means of introducing a vast lock down is a paranoid fantasy. Sony now knows it only need keep the CDs playing in home and car stereos, and it can swat away the digital rights lobby like flies.

A better analogy, and one we've made many times, is that we're in a Prohibition era: this is a transitional age, one where the inconveniences of DRM are borne by a minority of the population. That happens to be us.

Ominously the Recording Industry Ass. of America president Cary Sherman congratulated Sony Music for its ethical behaviour, comparing it favorably to software companies.

"The problem with the SonyBMG situation is that the technology they used contained a security vulnerability of which they were unaware," Sherman told a forum of student journalists.

"They have apologized for their mistake, ceased manufacture of CDs with that technology,and pulled CDs with that technology from store shelves. Seems very responsible to me. How many times that software applications created the same problem? Lots. I wonder whether they've taken as aggressive steps as SonyBMG has when those vulnerabilities were discovered, or did they just post a patch on the Internet?"

Note the semantic redefinition of XCP as bad coding, simply a bad implementation of a good idea.

Expect more XCPs. You only have to follow the money. ®

The Essential Guide to IT Transformation

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple ran off to IBM
But never fear fanbois, you're still lapping up iPhones, Macs
Nadella: Apps must run on ALL WINDOWS – PCs, slabs and mobes
Phone egg, meet desktop chicken - your mother
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
Samsung threatens to cut ties with supplier over child labour allegations
Vows to uphold 'zero tolerance' policy on underage workers
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.