Sony's *other* malicious audio CD trojan

On the Freedom to Tinker blog, DRM researcher par excellence J. Alex Halderman dissects a second variety of malicious software that purchasers of Sony music CDs can be infected with. Sony not only uses the now-infamous First4Internet rootkit, but also uses a second piece of malicious software from Suncomm, the less-well-known but still-dangerous MediaMax. Halderman's masterful research is both lucid and alarming. If you want to have a safe experience with Sony music, you'd better acquire it by some means other than purchasing it:

To summarize, MediaMax software:

* Is installed onto the computer without meaningful notification or consent, and remains installed even if the license agreement is declined;
* Includes either no uninstall mechanism or an uninstaller that fails to completely remove the program like it claims;
* Sends information to SunnComm about the user's activities contrary to SunnComm and Sony statements and without any option to disable the transmissions.

Does MediaMax also create security problems as serious as the Sony rootkit's? Finding out for sure may be difficult, since the license agreement specifically prohibits disassembling the software. However, it certainly causes unnecessary risk. Playing a regular audio CD doesn't require you to install any new software, so it involves minimal danger. Playing First4Internet or SunnComm discs means not only installing new software but trusting that software with full control of your computer. After last week's revelations about the Sony rootkit, such trust does not seem well deserved.

Link