Boing! Boing! has a nice roundup of links related to Sony’s infecting potentially millions of personal computers with a rootkit distributed with their compact discs. In fact, there is some evidence that more than half a million nameservers made DNS queries for the domain that the rootkit phones home to. All of those PCs are now vulnerable exploits that take advantage of Sony building a backdoor into those computers.
The lesson I take away from this is simple — you’d have to be crazy to buy a CD and play it on your computer these days. Music companies like Sony have taken their zeal to protect their intellectual property to the point that they’re willing to compromise the security of millions of their customer’s computers to do so.
Why take the risk of having Sony or some other company decided to open your computer up for the whole world — just download the damn music and be done with it. Buying commercial CDs is just too risky (or, alternately, use an isolated computer to rip the music and then transfer it in MP3/whatever format to the computer and/or device you’re going to actually use to listen to it).
Sony’s malicious behavior is, at least to me, simply the last straw. If they see no problem in compromising my computer, I’m not sure why I should feel any compunction against stealing their music.