PC users are at risk
Sony BMG have come under fire over their anti-piracy software.
The music giants were warned by digital rights groups about vulnerabilities its MediaMax copy protection system created on users’ PCs and the same groups have now discovered that a program Sony produced to rectify the problem is itself insecure.
This leaves users open to a separate attack and the MediaMax system has now been used on more than 5.7 million CDs spread across 50 titles sold in the US and Canada.
The MediaMax copy protection system is intended to stop people making illegal copies of CDs.
According to BBC News, Sony BMG and digital rights group the Electronic Frontier Foundation (EFF) issued a joint statement on Tuesday (December 6) about the discovery of problems with the program.
The statement gave a warning that anyone putting a music CD with the MediaMax software in their PC introduced a vulnerability that means hackers could hijack their machine.
Now, the EFF are urging users not to apply the patch as separate research has revealed that it too introduces vulnerabilities.
Security researchers Felten and Halderman have called on Sony BMG to recall all of the CDs which bear the MediaMax software.
“We take any security problems identified by these security researchers very seriously,” said the EFF.
However, it is estimated that around six million CDs using MediaMax have already been shipped to stores, with artists affected including Alicia Keys, Britney Spears, Black Rebel Motorcycle Club and Faithless.
Sony BMG came under fire again recently when their XCP copy protection system ignited a row when its virus-like abilities forced the label to recall all of the CDs using it and issue new discs to consumers.
Legal action is also being taken against Sony BMG over the use of XCP.