This weekend, there’s been lots of furious chat on blogs and Slashdot about the EULA that comes with SonyBMG’s audio CDs.
An EULA? What’s that? I hear you cry. An End User Licensing Agreement (EULA) is something that has been shipping with software packages for a very long time – the cold-hearted view of them is they impose restrictions on the purchaser while absolving its producers from any liability.
To have an agreement shipping with an _audio CD_ in itself is pretty strange. The EULA may well be related to the software that is shipped on the protected CDs, not the music – but this is now unimportant as the generally held view is that it is for the music.
It certainly has got the goal of a few – but it’s the terms of this 3,000 word EULA that has most up in arms. Some of the highlights/lowlights of it are
- If you move out of the country, you have to delete all your music. The EULA specifically forbids “export” outside the country where you reside.
- If you file for bankruptcy, you have to delete all the music on your computer. Seriously.
- You can’t keep your music on any computers at work. The EULA only gives you the right to put copies on a “personal home computer system owned by you.”
The full list is detailed on the EFF site.
All of this builds up on the now huge story of SonyBMG’s choice of software on some of their US released audio CDs. Called XCP, originally designed to ‘assert’ SonyBMG’s rights over their music CD’s, it installs itself on any computer where the audio CD is played. The user of the disk isn’t asked if this is OK, or even told that the software is installing itself. The software then hides itself using something called “rootkit.”
The really big problem for SonyBMG is that virus writers are now using this rootkit exploit to deliverer their viruses.
Many have reacted to RootKit by saying that they feel it is ‘safer’ for them to download their music from unlicensed file sharing services, as they aren’t exposing themselves to unauthorised pieces of software installing on their machines.
SonyBMG have said they will stop selling music CD’s using XCP, but the damage to the Sony name has been done.
It’s all going wrong
A while back Sony, the parent company, had a revelation – that they needed to look outside their Sony Silo and start of embrace open formats. We saw MP3 being supported on their music players, where they’d always insisted on using their propriety content protections scheme ATRAC3. I even saw DivX supported on their DVD players, where DivX had previous been thought of as the content pirates tool.
Sony had (I stress had) started to claw back against Apple and the other companies that they’d been losing out to. As of now, it looks like they’ve slipped even further behind. For goodness sakes, they’ve even got groups of people suggesting Boycott Sony and 3488 have, so far, signed an anti-Sony petition.
Sadly for Sony, it doesn’t end there
In digging through SonyBMG’s code, Finn Matti Nikki has located references to LAME, an open source, MP3 encoder library, within the code used by SonyBMG’s version of the XCP software.
As Matti says, “I’d say this indicates that the executable has been compiled against static LAME library, which happens to be LGPL. I don’t have any further evidence about this, other than lots of data from libmp3lame being included and easy to find.” Let us translate – the LGPL (Lesser General Public License) provides certain freedoms and restrictions in the use of the software covered by it.
These include needing to make the source code to the open-source libraries available and the source code and executable code of their programs.
Without abiding by these rules, they are breaking the licensing terms of the content. Carrying out the exact act they the music companies are loudly decrying in their customer.
Where now for Sony?
SonyBMG have managed to completely undo the small, patient steps that Sony, the hardware business, has been taking to gathering favour with the equipment buying public.
The idea of Sony owning content and hardware businesses always appears to be a great idea – they’d win all around. The reality is turning out to be very different.
There is a tension between the content business, who want to restrict movement of content, and the hardware business that wants to set the purchaser free. Whether a comfortable balance between these can ever be struck is unclear.
What is clear is that it appears that this CD story is nearly out of control for Sony. Someone at the most senior level at Sony needs to grab hold of this and do something radical. Our suggestion for a surefire, credibiliy-straightening maneuver? Reject DRM.
LGLP
SonyBMG on XCP
Wikipedia on LAME
LAME
Slashdot – Sony’s EULA Worse Than Its Rootkit?