Is The Recording Industry Hiding spyware In Windows Media Files?

from the so-many-questions... dept

Here's a story that raises many more questions than it answers. When the recording industry first tried to get politicians to shut down file sharing networks, they went with the "it's stealing music" line, which generated some interest, but most people didn't seem to pay attention. Then, the industry suddenly became oh-so-concerned about the fact that child porn was on these systems, and tried to convince politicians they needed to stop file sharing for the "sake of the children." Lately, it seems the industry will do whatever it takes to make file sharing systems look bad. With that in mind, it makes you wonder if they'd go so far as to specifically hide spyware on file sharing networks just to upset users. It's not entirely clear if that's what happened, but it seems like the most obvious explanation for the following story, which was found on Broadband Reports. Overpeer, a subsidiary of Loudeye, has been caught hiding adware and spyware within Windows Media files. Overpeer is the same company that the recording industry has hired in the past to dump fake versions of songs on file sharing networks. What the article doesn't answer is whether or not the industry hired Overpeer to dump spyware on the network as well, but it's likely they're pleased either way. Overpeer defends their actions by saying that everyone deserves what they get because, obviously, they were looking for unauthorized files. It's not clear that everyone would agree. Sneaking malicious files onto someone's computer because "they deserved it!" doesn't seem like a very good justification. What may be even more important to this story, however, is the revelation of just how easy it is, thanks to a huge loophole in Microsoft's copy protection technology, to include a malicious file with an audio or video file. Basically, because Windows DRM needs to look for a license, all anyone needs to do is point that license to a website that loads malicious content and off you go. Thank you Microsoft, for creating a huge loophole that will probably make sure millions of new computers are loaded with spamming, DDOSing trojans shortly. Thank goodness for that Microsoft DRM, huh? Not only does it not protect any actual property while making things more expensive, it opens up plenty more people to malicious attacks.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Bill Eccles, 1 Jan 2005 @ 8:45am

    "They deserved it?!"

    Seems to me that the hypothetical perp who hypothetically broke into my house and got hit by the wall of flame cast forth from my hypothetical booby-trap flamethrower got what he deserved, too, but somehow that's illegal.

    And what they're doing isn't?

    Go figure.

    RIAA, MPAA, you're getting what you deserve.

    reply to this | link to this | view in thread ]

  2. identicon
    Agamemnon, 2 Jan 2005 @ 5:53pm

    the black hats...

    need to create disruptive code that exploits the DRM open-door, effectively making Microsoft patch it as a vulnerability, and keeping them on their toes in terms of the next DRM bright idea, which can also be hacked, much to the detriment of the user.

    reply to this | link to this | view in thread ]

  3. identicon
    hanzie, 4 Jan 2005 @ 5:25am

    what about the Dutch?

    Seems to me there's another astronomically big problem with this system: e.g. in the Netherlands it's actually legal to download music from p2p networks (although it's illegal to offer it). Thus, a hapless Dutch consumer downloading one of these infected files is actually not doing anything wrong. Can the music industry explain why he "deserves it"?

    If I were Dutch, I'd be looking for one of these files, download it, get my PC infected, and then demand a 10.000 dollar settlement from these bozos who infected my PC while I was doing no wrong (claiming, of course, to be ignorant of the integrated virus). Might be a fun game if, say, a thousand Dutchmen follow suit. :-)

    reply to this | link to this | view in thread ]

  4. identicon
    nonuser, 11 Jan 2005 @ 8:11pm

    good God

    If the description of the exploit provided by the PC World reporter is correct, Microsoft should be ashamed. That was not a security bug, that shows a complete lack of security auditing on the design of Windows Media player before shipping it... on every desktop PC, because Microsoft's executives and marketers had earlier decided that WMP had to be a core part of the OS, as one of their typical anti-competitive "screw Real, screw Apple" moves.

    reply to this | link to this | view in thread ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)


Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

Introducing the new Techdirt Insider Chat, now hosted on Discord. If you are an Insider with a membership that includes the chat feature and have not yet been invited to join us on Discord, please reach out here.

Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it

Email This

This feature is only available to registered users. Register or sign in to use it.