A reasonable recap of everything that happened, with a few revelations: First 4 Internet was originally hired to protect studio recordings from prerelease leaking, and the broadly disseminated rootkit technology just kind of happened along the way. Second, Sony BMG initially didn’t respond to F-Secure’s questions because the security company contacted the wrong Sony subsidiary. There won’t be any real answers unless the legal proceedings still underway uncover them; both First 4 Internet and Sony BMG declined to comment for the article, which kind of limits the scope of its revelations.
I’m quoted in the article about the Boycott Sony blog and my reaction to it, though I’m morphed inexplicably into a Web developer.
Unfortunately the article comes down on the side of arguing that there has to be some kind of “good DRM,” that all Sony did was err in how heavy-handed and covert its attempts to apply DRM were. I’m not sure I agree any more. I certainly don’t think the answer is going to come in trying to make something “consumer friendly” that limits your rights.