RIAA president Cary Sherman (via Boing Boing) labelled the Sony BMG situation a mistake for which Sony have already apologized.
Rubbish. The bulk of the problem - and the bulk of the complaints - are about things that Sony did on purpose. They also made some mistakes along the way; but that does not excuse those things that were intentional.
Most importantly, the decision itself to make a rootkit and covertly install it into customers' computers was intentional. The decision to interfere with CD drives was intentional - it could hardly be otherwise, if limiting CD burning is one of the primary functions of the software.
Making the rootkit hide anything that begins with $sys$ was careless. Choosing the prefix $sys$ (rather than, say, $drm$ or $sony$) was intentional.
The copyright infringement also would've been intentional (though probably on the part of First4Internet rather than Sony).
The massive security hole in the uninstaller was an unfortunate mistake; however, the fact that a completely unrelated uninstaller procured by Sony from a different supplier had a very similar massive security hole would indicate a pattern of carelessness at Sony. Whether that carelessness extends into the realm of negligence I'm not qualified to say.
(other posts: feature comparison chart, the recall, I heart rootkit, who do they
serve and who can we trust?, bloggers vs Sony, EULA, my Sony link
collection and
DRM of adhesion)
⇦ Link: Sony offers new CDs, MP3s for recalled discs | ⇨ Sony BMG - malware feature comparison |
