Advertisement

Sony's CD rootkit fiasco marks its inglorious 10th anniversary

Here's one product anniversary that Sony probably wants you to forget. It's the 10th anniversary of security researcher (now CTO for Microsoft Azure) Mark Russinovich publishing details of the Sony BMG rootkit, a CD copy protection system that compromised the security of Windows PCs and was near-impossible to safely uninstall. The music label was initially dismissive, but it soon had to change its tune -- it paid millions to settle charges and recalled legions of discs. To top things off, the discovery made Sony a punching bag for anyone unhappy with digital rights management (DRM) and other heavy-handed uses of copyright.

Have things improved much in the decade since the incident? Yes and no. Sony did back away from invasive anti-copying code, and it wasn't long before even downloadable music came DRM-free. However, restrictive copy protection certainly hasn't gone away. If anything, the rise of streaming services (where you don't own copies of the content) has made it more commonplace. And, as Lenovo can attest, companies will occasionally bundle insecure software that creates more problems than it solves. If the tech industry has learned anything, it's that you shouldn't intentionally hack your customers to keep them honest -- their security and trust are more important than lost sales.

[Image credit: esolla/Getty Images]