11/18/2005: And there's even more about the Sony-BMG rootkit....
As if all the other organic matter hitting the fan weren't enough. Now it appears that Sony (or its minion) is "protecting" Sony's copyrights by..... infringing the rights of Open Source developers:
BARCELONA (Reuters) - Controversial copy-protection software used by music publisher Sony BMG on music CDs appears to have tapped an open source project, raising questions about copyrights, software experts said on Friday.
The XCP program, developed by British software firm First4Internet and used by Sony BMG to restrict copying and sharing of music CDs, is already highly controversial because it acts like virus software and hides deep inside a computer where it leaves the backdoor open for malicious hackers.
Sony BMG earlier this week said it would recall some 4.7 million CDs with the software, after the discovery of the first computer viruses last week that took advantage of the weakness.
The XCP program will have installed itself on a Windows-operated personal computer when consumers want to play 49 title CDs from Sony BMG. The programme forces consumers to use a music player that comes with the program.
This music player contains components from an open source project, an MP3 player called LAME, it emerged.
"Multiple software components on the CD have references to the LAME open source MP3 code," Finnish software developer Matti Nikki said in an e-mail.
After unraveling the code, others found similar evidence.
"We can confirm that at least 5 functions in the XCP software are identical to functions in LAME," said Thomas Dullien at security software firm Saber Security in Bochum, Germany, which specializes in the analysis of complex software.
Open source software, if used, needs to be identified as such, so that it can be freely shared with others. Developers on Slashdot.org and other Internet bulletin boards could not find an open source reference in the copy-protection software.
Len on 11.18.05 @ 07:04 AM CST