If you are a copyright owner and believe that your copyrighted works have been used in a way that constitutes copyright infringement, here is our DMCA Notice.

« Oh My God, You Don't Know What You TOOK? | Main | Sites for Sore Eyes »

December 01, 2005


Mark Weiss

Actually, the biggest vendor of them all, Microsoft, classified XCP as spyware and announced their antispyware tool would be updated to remove it.

Kenzo ( /

Don't be fooled! Read Microsoft's announcement very closely - if their tool winds up doing anything, it will just be to remove the cloaking component of XCP, just like the official XCP patch does. This does not address the majority of the problems with XCP, nor any of the problems with MediaMax, nor any of the problems with DRM in general.

This is yet another PR stunt - Microsoft is VERY, VERY pro-DRM.

Please see my second article: Sony releases PR patch for its DRM malware that doesn't address the problems


There's also something talking back home in the Sony Soundforge audio editing software. You get newsletters through your email whenever you use the software. Good news is it now gets stuck in my firewall; bad news is i causes gaps in my recordings while it gets stuck!

Mark Weiss

Right, making no claims about DRM in general, nor do I know anything about MediaMax. Nor do I work for MS nor particularly care for them. And, again, of course they want very much to get an authentication/authorization cut on every bit of culture we consume. However, in this case, isn't the cloaking element (at least partly, since such an invasion has to hide itself) what makes this a rootkit, and what allowed other trojans to hide by naming themselves to match the names of the cloaked files and registry entries? MS AntiSpyware aims to alleviate the security threat, not interfere with the DRM scheme. It is *very* important to understand what all of these companies are doing to monitor us, and how secretive or not they are being, certainly. But it is equally important to be even in doing that, and to focus exactly on the facts of each *particular* case. Paranoia is definitely useful in this space, I don't deny that. But it is equally useful to be able to answer a much narrower question, like "Does MS AntiSpyware remove the *security threat* posed by XCP?" I don't know the answer, but broadening the inquiry to include a great deal of additional context doesn't provide any additional facts. Facts would be: how exactly does this software work, why and how does it pose a security threat, etc. That was the scope of my first post. The scope of "they are trying to install themselves on our computer however they can," while basically true and useful, is much larger. I'm saying, you *also* have to be able to be completely non-hysterical and focus on the humdrum minutiae of engineering and empirical proof. e.g., Russinovich's original series of posts about this are absolutely clinical, and, thus, unimpeachable. Any other tone, and any other presentation that wasn't absolutely authoritative and irrefutable would not have fried Sony's ass. Being pissed off is a motivator, talking about being pissed off is a distraction.

Kenzo ( /


I agree, it's important to be clinical and not hysterical. This is why I pointed you to my second article above: Based on Microsoft's press release, it appears that their tool will do the same exact thing that the Sony "patch" did. In the above linked article, I list Russinovich's six major criticisms with Sony's XCP software (MediaMax is not mentioned there), culled from my first article, and point out that Sony's patch just resolves issue #2, not touching the other five.

The fact that Sony's XCP cloaked itself as a rootkit has already caused much of the damage, in that it took security-minded folks all year to discover its presence at all. Now that it's been uncovered and is less of a secret, Sony provides a way to uncloak it. Not hiding it in the first place, or having told people how to uncloak it before an outsider discovered it, would have mitigated much harm.

Reading through article #2, plus my article above, you'll see numerous problems XCP and MediaMax cause. They tie up the computer, they may cause the computer to crash, they interfere with legitimate uses of legitimate tools users may attempt, they secretly leak out unspecified information back to Sony and/or its agents, their installers open machines up to even more vulnerabilities and perform even more snooping on their users... And, Sony is still misleading the public as to the scope and impact of their software.

From the perspective of computer users, these are clearly security threats.

Thanks for this discussion.

- Kenzo

Kenzo ( /

...and I forgot to repeat other security threats: The harmful programs are difficult to uninstall, and doing so incorrectly can render one's CD-ROM or DVD drive useless.


It has recently come to our attention that some individuals and companies are offering various instructions and tools to uninstall the XCP content protection software from computers. Please be advised that we have already made available a proper uninstaller at This is the only safe and secure method for removing the protection components of which SONY BMG is aware. SONY BMG assumes no responsibility for use of any other uninstaller tool or instructions.

For any questions about XCP content protection software used on SONY BMG discs please go to

Thank you.



What a touching love letter from my friend SONY BMG. They "already" posted an uninstaller - after everyone and their mom complained and several people figured out how to remove it themselves. Also retarded is their reference to their "protection components." They are "protecting" you from using your computer! Do they sell a home security system that can lock me out of my bathroom?

Please be advised that CHAIRMAN TUBE AMP assumes no responsibility if you click on any SONY BMG link.

Thank you.



It has recently come to our attention that some individuals and companies are offering various instructions and tools to uninstall the XCP content protection software from computers. These people, particularly the Windows expert Mark Russinovich, actually know what they are talking about. Our programmers apologize for creating the uninstaller software at that has made our lawyers' lives miserable. We also want to take this time to formally apologize to everyone who has ever bought one of our CDs, copy protected or otherwise. Additionally, it has become clear that SONY BMG lacks the ability to write software and thus we will refrain from doing so in the future.

For any questions about XCP, digital rights management, SONY BMG, or why you should pay $19.95 for a 50 cent CD with two good songs on it, ten bad ones, and a rootkit that installs itself on your Windows PC, please go to:

Thank you.


The comments to this entry are closed.