The famed multinational entertainment company may have
gained the world’s sympathy after the cyber attack by North Korea and other
rogue hackers that almost brought it to its knees near the end of 2014, but is
Sony nothing more than a de facto cyber terrorist group?
By: Ringo Bones
Ever wondered why the famed multinational entertainment
company Sony Pictures Entertainment has become the proverbial “whipping boy” of
rogue hackers (Guardians Of Peace) and state sponsored cyber-terror groups
(North Korea’s Bureau 121 and Unit 61318 of the Beijing 50-Cent Cyber Army)
years before the brazen cyber attack aimed at the Kim Jong Un assassination
spoof movie titled The Interview on its scheduled Christmas 2014 release? Well,
US President Barack Obama might have used Sony Pictures Entertainment as a
platform of the entire planet’s last bastion of free speech in a world
increasingly inching towards “illiberal democracy” and thus making Sony, Seth
Rogen, James Franco and some the world’s sympathy when it comes to one’s right
of free expression. Unfortunately, virtually all of the world’s population
remains clueless of a “grave crime” committed by Sony Pictures Entertainment in
the form of its “XCP Rootkit copy protection software”.
There might be some truth to the fact that Sony Pictures
Entertainment might have “inadvertently” made themselves into one of the
world’s first cyber terror groups by the multinational company’s first attempts
to secure its own intellectual property and other copyrighted works from online
piracy at the height of the NAPSTER debacle back in 1999. Copy protection and
Digital Rights Management (DRM) measures that date back to a Sony Pictures
Entertainment meeting back in August, 2000 when statements made by Sony
Pictures Entertainment’s US Senior Vice President Steve Heckler foreshadowed
the events that eventually led to the creation of the Sony BMG XCP Rootkit copy
protection software when Heckler told attendees at the Americas Conference on
Information Systems that: “The industry (Sony Pictures Entertainment) will take
whatever steps it needs to protect itself and protect its revenue
streams…”
The debacle that resulted in the “over zealous” copy
protection measures of the Sony BMG XCP Rootkit copy protection software that
eventually became the Sony Digital Rights Management copy protection rootkit
scandal of 2005 to 2007 might have “inconvenienced” everyone wanting to clone
an expensive rare CD for use in their car stereo or portable players in line
with existing Digital Millennium Copyright Act and Fair Use laws might be
overshadowed by a greater debacle of former US President George W. Bush’s
handling of the aftermath of Hurricane Katrina back in Autumn of 2005. It
unfortunately swept the Sony BMG XCP Rootkit debacle and the dangers it poses under
the rug from the radar of the general public.
According to his personal blog entry in October 31, 2005 of
Microsoft’s information technology researcher-in-residence Mark Russinovich who
– amongst countless others – who were the first to have uncovered the main
dangers posed by the Sony BMG XCP Rootkit copy protection software are as
follows: 1) It creates security holes that can be exploited by malicious
software such as worms or viruses. 2) It constantly runs in the background and
excessively consumes system resources, slowing down the user’s computer,
regardless of whether there is a Sony BMG XCP Rootkit protected CD playing. 3)
It employs unsafe procedures to star and stop which could lead to system
crashes. 4) It has no uninstaller and is installed in such a way that inexpert
attempts to uninstall it can lead to the operating system to fail to recognize
existing drives. Soon after Russinovich’s first blog post, there were several
Trojans and worms exploiting XCP’s security holes. Some people even used the
vulnerabilities to cheat in online games – i.e. Sony’s Playstation consoles’
online games capabilities.
At the height of the Sony Digital Rights Management copy
protection XCP Rootkit scandal, there were 22 million Sony BMG CDs equipped
with the “copy protection software” that allowed them to install one of the two
pieces of software which provided a form of Digital Rights Management (DRM) by
modifying the operating system to interfere with CD copying via your personal
computer. Both programs couldn’t easily be uninstalled and they created
vulnerabilities that were exploited by other malware. Sony claims this was
unintentional.
Following public outcry, government investigations and class
action lawsuits in 2005 and 2006, Sony BMG partially addressed the scandal with
consumer settlements, a recall of 10 percent of the affected CDs and suspension
of CD copy protection efforts in early 2007. Sadly, the Sony BMG XCP Rootkit
copy protection software still wreak havoc in donated computers often used in
computer labs of public schools in developing countries set up by set up by
leading charity groups like the Clinton Global Initiative / Clinton Foundation since
free online antivirus software programs are powerless against the Sony BMG XCP
copy protection software. Some IT experts say that only premium antivirus
software packages costing 50 US dollars and above are the minimum required to
keep the Sony BMG XCP Rootkit copy protection software at bay in infected
desktop PCs.