Extended Copy Protection

XCP-Aurora logo

Extended Copy Protection (XCP) is a software package developed by the British company First 4 Internet (which on 20 November 2006, changed its name to Fortium Technologies Ltd) and sold as a copy protection or digital rights management (DRM) scheme for Compact Discs. It was used on some CDs distributed by Sony BMG and sparked the 2005 Sony BMG CD copy protection scandal; in that context it is also known as the Sony rootkit.

Security researchers, beginning with Mark Russinovich in October 2005, have described the program as functionally identical to a rootkit: a computer program used by computer intruders to conceal unauthorised activities on a computer system. Russinovich broke the story on his Sysinternals blog, where it gained attention from the media and other researchers.^[1] This ultimately led to a civil lawsuit and criminal investigations, which forced Sony to discontinue use of the system.

While Sony eventually recalled the CDs that contained the XCP system, the web-based uninstaller was investigated by noted security researchers Ed Felten and Alex Halderman, who stated that the ActiveX component used for removing the software exposed users to far more significant security risks, including arbitrary code execution from websites on the internet.^[2]

^ Russinovich, Mark (31 October 2005). "Sony, Rootkits and Digital Rights Management Gone Too Far".
^ Felton, Ed (15 November 2005). "Sony's Web-Based Uninstaller Opens a Big Security Hole; Sony to Recall ..."

[1] Russinovich, Mark (31 October 2005). "Sony, Rootkits and Digital Rights Management Gone Too Far".

[felton-2] Felton, Ed (15 November 2005). "Sony's Web-Based Uninstaller Opens a Big Security Hole; Sony to Recall ..."

[1]

[2]