Our friends at the Electronic Frontier Foundation have confirmed that the nefarious Sony rootkit resides on at least 19 music CDs.
According to experts, the rootkit, created by First 4 Internet and known as XCP2, "protects" the music from illegal copying. But in fact, it blocks a number of legal uses -- like listening to songs on your iPod. The software also reportedly slows down your computer and makes it more susceptible to crashes and third-party attacks. And since the program is designed to hide itself, users may have trouble diagnosing the problem.
There are also reports that at least one virus exploits the rootkit. I'm betting that Sony's actions violate Florida laws that protect computers.
Both Sony and BMG are permanently on bytewriter.com's vendor blacklist.
If you have listened to a CD with the XCP software on your Windows PC, your computer is likely already infected. An EFF investigation confirmed XCP software on these titles:
- Trey Anastasio, Shine (Columbia)
- Celine Dion, On ne Change Pas (Epic)
- Neil Diamond, 12 Songs (Columbia)
- Our Lady Peace, Healthy in Paranoid Times (Columbia)
- Chris Botti, To Love Again (Columbia)
- Van Zant, Get Right with the Man (Columbia)
- Switchfoot, Nothing is Sound (Columbia)
- The Coral, The Invisible Invasion (Columbia)
- Acceptance, Phantoms (Columbia)
- Susie Suh, Susie Suh (Epic)
- Amerie, Touch (Columbia)
- Life of Agony, Broken Valley (Epic)
- Horace Silver Quintet, Silver's Blue (Epic Legacy)
- Gerry Mulligan, Jeru (Columbia Legacy)
- Dexter Gordon, Manhattan Symphonie (Columbia Legacy)
- The Bad Plus, Suspicious Activity (Columbia)
- The Dead 60s, The Dead 60s (Epic)
- Dion, The Essential Dion (Columbia Legacy)
- Natasha Bedingfield, Unwritten (Epic)