Despite Sony BMG Music Entertainment's decision to stop using its controversial copy-protection technology, the anger generated by what one expert called "inept-ware" is unlikely to subside anytime soon.
Security experts believe that the world's second largest music label failed to see the ramifications when it chose to install the software without first seeking permission from PC users, and then using technology called a "rootkit" to hide its presence. The software came with 20 music CDs sold by Sony BMG.
But some customers of the record company and its parent, Sony Corp., were far less forgiving.
"I am personally making it a policy of mine that from this point on, Sony won't be able to sell me anything," Dennis Barr, Kansas City, Mo., said. "My family has a PS2 (PlayStation 2) plus some games, and I have a Sony CD player in my stereo rack. But no more -- no Sony music, no Sony appliances, no Sony gadgets of any kind. They've lost my business for life, because they were too damn dumb to realize just what they were doing."
Besides the hit Sony has taken among customers, its brand appears to have also been tainted.
"I don't condone piracy, but the unbridled greed of Sony is disgusting," Michael King, Salinas, Calif., said. "They are saying what the others (record companies) think - they own the information forever, even if you buy it, and have the unlimited right to control the information, including its use no matter what or where."
While not under-playing the seriousness of Sony's technology, which hackers have exploited in an attempt to hide malicous software, security experts believe the company made a bad decision in trying to do something right, which is protect its property.
Graham Cluley, senior technology consultant for Sophos Plc, called the technology, which was developed by U.K.-based First4Internet, "inept-ware."
"I don't think it was malicious in its intent," Cluley said.
However, a poll of systems administrators by Sophos found a far stronger opinion, which Cluley called "typical."
"Sony are dirty, rotten scumbags for secretly installing their crap on people's computers," a respondent said. "These big media giants are going the way of the dinosaur, and not all the copy protection in the universe will save them."
As more music is available on the Web, much of it illegally through file-sharing networks, record companies have become more aggressive in finding technology to protect their property. Indeed, Sony BMG was unapologetic in its mission to use anti-piracy technology.
"(It) is an important tool to protect our intellectual property rights and those of our artists," the company said Friday.
In the case of the latest technology, however, the tool was misused.
"They aimed at the pirates, and in the process managed to shoot themselves in the foot," Cluley said.
F-Secure Corp. spoke with Sony in October to try to dissuade the company from using the rootkit, Travis Witteveen, vice president of the security vendor's North American operations, said. The result was a patch Sony BMG recently offered to remove the technology's cloaking ability.
"We worked together with Sony to have them change their methodology," Witteveen said.
Unlike Apple Computer Inc., which protects music downloads by only allowing them to be played in its own iTunes software, Sony is dealing with protecting music played on devices that are out of its control.
"They were trying a different way to solve the same problem (copy-protection)," Witteveen said. "But (the methodology) was not being relayed to the security industry, and they didn't understand the consequences of their action."
The anger toward Sony was probably the result of people being taken off guard by a security threat coming from a record company, a security expert said.
"People didn't really expect a large, legitimate -- not questionable -- company like Sony to use something that hid itself from the computer user," Jon Orbeton, senior security analyst for Zone Labs LLC, said. "Given the press, (record) companies will take a good look at Sony. They'll learn from this incident that if you're going to install copy-protection, than you need to do it in a way that's upfront."