CD Copy Protection Firm Promises Fix for Software Problems
In response to an open letter written by the Electronic Frontier Foundation (EFF), SunnComm Technologies, Inc., has outlined what it has done and will do to address potential security problems caused by its MediaMax CD copy-protection software.
Use of the software on CDs released by Sony BMG has received significant media attention, but many consumers are unaware that the software was also used by several independent music labels.
SunnComm says it will ensure that future versions of MediaMax will not install when the user declines the end user license agreement (EULA) that appears when a CD is first inserted in a computer CD or DVD drive. SunnComm has also agreed to include uninstallers in all versions of MediaMax software, to submit all future versions to an independent security-testing firm for review, and to release to the public the results of the independent security testing. SunnComm and EFF are discussing how to ensure that legitimate security researchers who have been, are, or will be working to identify security problems with MediaMax will not be accused of copyright violations under the Digital Millennium Copyright Act (DMCA).
In January, SunnComm published a complete list of all music CDs that employ the MediaMax technology and sent a letter to the independent labels using MediaMax with information about a security vulnerability in MediaMax version 5. Music label Sony BMG has separately committed to addressing security concerns arising from CDs using MediaMax.
EFF wrote the open letter to SunnComm because of its concerns about the MediaMax software, which is included with a wide variety of music from independent labels, such as Cuban Link's "Chain Reaction" by Men of Business Records, Peter Cetera's "You Just Gotta Love Christmas" by Viastar Records, and several releases on KOCH Records.
The problems with MediaMax came to light in November and December 2005, after independent security analysts discovered problems on Sony BMG CDs that included MediaMax. EFF and others subsequently brought legal actions against Sony BMG based on its distribution of the MediaMax titles, and a settlement in that case provided a remedy for music fans who bought Sony BMG MediaMax CDs.
EFF's open letter to SunnComm:
http://www.eff.org/deeplinks/archives/004245.php
SunnComm's response:
http://www.eff.org/IP/DRM/Sony-BMG/response-to-open-letter.pdf
List of CDs with SunnComm MediaMax 5:
http://www.sunncomm.com/CD/List_CD_B.html
List of CDs with SunnComm MediaMax 3:
http://www.sunncomm.com/CD/List_CD_A.html
SunnComm says it will ensure that future versions of MediaMax will not install when the user declines the end user license agreement (EULA) that appears when a CD is first inserted in a computer CD or DVD drive. SunnComm has also agreed to include uninstallers in all versions of MediaMax software, to submit all future versions to an independent security-testing firm for review, and to release to the public the results of the independent security testing. SunnComm and EFF are discussing how to ensure that legitimate security researchers who have been, are, or will be working to identify security problems with MediaMax will not be accused of copyright violations under the Digital Millennium Copyright Act (DMCA).
In January, SunnComm published a complete list of all music CDs that employ the MediaMax technology and sent a letter to the independent labels using MediaMax with information about a security vulnerability in MediaMax version 5. Music label Sony BMG has separately committed to addressing security concerns arising from CDs using MediaMax.
EFF wrote the open letter to SunnComm because of its concerns about the MediaMax software, which is included with a wide variety of music from independent labels, such as Cuban Link's "Chain Reaction" by Men of Business Records, Peter Cetera's "You Just Gotta Love Christmas" by Viastar Records, and several releases on KOCH Records.
The problems with MediaMax came to light in November and December 2005, after independent security analysts discovered problems on Sony BMG CDs that included MediaMax. EFF and others subsequently brought legal actions against Sony BMG based on its distribution of the MediaMax titles, and a settlement in that case provided a remedy for music fans who bought Sony BMG MediaMax CDs.
EFF's open letter to SunnComm:
http://www.eff.org/deeplinks/archives/004245.php
SunnComm's response:
http://www.eff.org/IP/DRM/Sony-BMG/response-to-open-letter.pdf
List of CDs with SunnComm MediaMax 5:
http://www.sunncomm.com/CD/List_CD_B.html
List of CDs with SunnComm MediaMax 3:
http://www.sunncomm.com/CD/List_CD_A.html
