Quantcast
HITS Daily Double
Normally, a technical issue involving 223 consumer complaints over a period of more than two years wouldn’t even register in the mainstream media. But these are not normal times.

THE OTHER ANTI-PIRACY SOFTWARE GETS ITS DAY IN THE SUNN

Before There Was XCP, There Was MediaMax
The Texas Attorney General wasn’t the only one to file suit on Monday against Sony BMG. In a class-action filing yesterday with the California state court, the Electronic Frontier Foundation gave SBMG props for admitting that its XCP software was problem-ridden but criticized the company’s failure to address concerns about SunnComm’s MediaMax anti-piracy software, which has been used on the BMG side for more than a year. "Music fans shouldn't have to install potentially dangerous, privacy intrusive software on their computers just to listen to the music they've legitimately purchased," EFF Legal Director Cindy Cohn told Washington Post tech columnist Brian Krebs, who’s been on the rootkit story like a cheap suit.

SunnComm had made its own acknowledgment two days before the EFF suit, although the company’s statement didn’t address any issues associated with the MediaMax software itself. Instead, the release revealed that the company was issuing a security patch as a fix to flaws that had been discovered not in the MediaMax software but in an uninstaller that SunnComm had created to remove it. The flaw had been identified by Princeton professor J. Alex Halderman, who had previously exposed the XCP security issues (we’re guessing Halderman’s name won’t be found on Andy Lack or Michael Smellie’s Christmas card list).

The Nov. 19 statement quotes Kevin M. Clement, who’s identified as the “incoming president and CEO of MediaMax Technology” (the term “incoming” seeming to absolve him of any culpability) as explaining that “the SunnComm and MediaMax teams responded immediately upon notification of a potential security issue associated with an uninstaller tool used to remove MediaMax from users’ computers. Notification has been sent to 223 individuals who have requested a removal tool over the past two-plus years. All of those users have been notified of the situation and provided instructions for removing the affected software along with any potential security risk. We sincerely apologize for any inconvenience this may have caused. We also want to thank Professor Edward W. Felten, J. Alex Halderman and the Princeton team of computer experts.”

The text of the SunnComm release provided further explication: “Shortly after becoming aware of the problem,” it read, “SunnComm had patched the downloadable software. After completing the patch, testing was conducted by Professor Felten’s team at Princeton. Immediately upon notification of successful testing, the updated program was made available to those CD buyers who requested it. This security issue existed on the downloadable MediaMax uninstaller and removal program only—not on the CDs themselves.”

Now, normally, a technical issue involving 223 consumer complaints over a period of more than two years wouldn’t even register in the mainstream media. (Indeed, the frustrating glitchiness thousands of PCs owners have experienced with MediaMax-enabled CDs has barely registered up to now.) But it’s becoming more apparent by the day, especially within the hierarchy of troubled Sony BMG, that these are not normal times.