Dear EMI: Please Let Security Researchers Protect You From A Rootkit Fiasco
from the an-open-letter dept
Following the huge mess involving both of the copy protection systems Sony BMG uses on CDs having serious security vulnerabilities, it’s about time that people started paying attention to the other record labels as well. For some reason, Universal Music has gotten away unscathed, despite having a deal in place with First4Internet, the makers of the terribly flawed XCP rootkit copy protection that kicked off this whole story. Now, some are starting to look at EMI, but have realized that the DMCA does create something of a “chilling effect” as security researchers can be accused of breaking the law for investigating the copy protection. This situation is made worse by the fact that malicious hackers now know that copy protection schemes are a fertile area to mine for possible vulnerabilities. So, the EFF has put together an open letter to EMI, asking them to publicly state that they won’t go after security researchers who discover security holes in the Macrovision copy protection EMI has been using. While we wait for their answer (which we get the feeling may take a while) can someone please explain why the EFF insist on putting content like that in PDF format, rather than making an HTML version as well?