There’s been a lot of coverage on this recently, but that’s no reason not to mention it here – especially because this kind of arrogant disregard for people really irritates me and I want the coverage to extend as far and wide as possible. The more people know about this kind of thing the better, so if you ever play music on your computer, you may want to read this.

It’s been revealed recently that the software bundled with certain recent Sony releases uses some arguably dubious techniques to hide itself and make itself almost impossible for the average user to remove. The CDs with this software aim to enforce Sony’s copyright by only allowing customers to play the CD on their computers using the music player bundled with the CD, so the average customer has little choice but the install the software if they want to play their legally-purchased CD on their machine.

You might think that protecting copyright is fair enough, but think about these points:

• The software is hidden in such a way that most users will be unaware it is there (More information at Mark’s Sysinternals Blog).
• This hiding method is then available to anyone else who wants to use it to secretly install software on the infected machines: there is at least one virus already out there which piggybacks on the technique.
• Removing the software can causes serious problems to the computer that will almost certainly be very difficult to fix for the average user without technical support which they will probably have to pay for, or at the very least spend some time researching themselves. (More information at Mark’s Sysinternals Blog)
• The license agreement with the CDs makes no mention of the difficulty of removing the software or its potential security implications.
• By forcing their customers to install software that puts their computers at risk, it seems to me that Sony is making an implicit statement about the relative value it places on its customers’ security and privacy over its own doomed efforts to prevent music piracy (all the time continuing to deny the fact that the software is a potential security risk, when anyone with any technical knowledge can confirm otherwise).
• Since being caught out on this, Sony have made an update available that removes the technique used to hide the software. However, this update has not inspired confidence and it is not clear exactly what else the update does.

In summary: the music companies appear to have little or no respect for their customers and place their copyright enforcment needs ahead of your computer’s and your data’s security. Be very careful before installing anything supplied by a music company on your computer, because it appears that you cannot be sure what it is or what it is doing.

If you have already installed this software and are concerned about it, detailed removal instructions can be found at Mark’s Sysinternals Blog but they are not for the faint-hearted. You may be better off waiting for the anti-virus vendors to release removal kits, such as this proposed one from Sophos.