Sony BMG Music Entertainment distributed a copy-protection scheme with music CDs that secretly installed a rootkit on your computers. A rootkit is a software usually used by an intruder after gaining access to your computer and in order to steal information, track your habits, collect your preferences without your knowledge nor your consent. Moreover, you can’t remove it since it will damage your operating system (the main software of your computer).
Since I like freedom of speech and free software, I doesn’t understand the need to control what the consumer is doing with your product. In my opinion, a “copy-protection scheme” (aka. DRM) is only there to improve the company profits, not the consumer experience with the media. And, here, this scheme gives the consumer a very bad experience: with Sony rootkit, your computer is not only giving your secrets to a third party but crackers can also access it (and all the information you stored inside) without your consent.
But Bruce Schneier is also pointing the fact that big “computer-security” companies like Symantec and McAfee did not react quickly to this threat to your safety. The news revealing the existence of Sony rootkit broke on October 31st. And, on November 15th, they only published tools to remove the software that hides Sony rootkit: the rootkit is still there, in half a million computers! The fallacious excuse is that removing the rootkit may harm the computer. Are they “computer(-security) specialists”? People are paying them for the protection of their computer. They are protecting your computer from virii, worms and malware written by “criminal organizations” but not by a multinational corporation?
This makes me laugh … It is as if you hire a bodyguard that will protect you from any John Doe attempting to steal your money but will allow big corporation guys to steal your identity and social security cards, your agenda, your documents, etc. Will you continue to trust your bodyguard? Will you continue to pay the annual fee for “protection”? I don’t think so.