By Jon Newton 11/16/05
Dont use Sony BMGs deb-based CD DRM uninstaller, warn Princeton's Alex Halderman and professor Ed Felten.
Sony BMGs First 4 Internet XCP uninstallation utility "exposes users to serious security risk," they say on Felton's Freedom to Tinker blog.
"Under at least some circumstances, running Sonys Web-based uninstaller opens a huge security hole on your computer. We have a working demonstration exploit.
"We are working furiously to nail down the details and will report our results here as soon as we can.
"In the meantime, we recommend strongly against downloading or running Sonys Web-based XCP uninstaller.
"Kudos to Muzzy for first suggesting that such a hole might exist.
"UPDATE: If youre technically sophisticated, and you have run the XCP uninstaller on your computer, you may be able to help us in our investigations. It wont take long. Please contact Alex to volunteer. Thanks."
Bill and the Boyz have already decided to include the Sony BMG rootkit DRM on the December Microsoft Malicious Software Removal Tool update for detection and removal.
Jon Newton is the editor of p2pnet.net and is a regular contributer to MP3 Newswire. Jon's site is devoted to the politics of digital music and his insights as well as those of his co-writers can be read there. We urge you to explore it.
Other MP3 stories:
Can iTunes Resurrect Old Time TV?
Notes on the iPod Video and selling TV Shows on iTunes
The 30GB iPod Video is available on Amazon