Skip to main content

Deeplinks Archives

Deeplinks Archives


December 1, 2005 - 9:47am 59372

On Monday, EFF went to superior court in North Carolina in order to challenge e-voting recidivist Diebold and their attempt to skirt the state's strong new election transparency rules. Diebold pleaded with the court for an exemption from the statute's requirement to escrow "all software that is relevant to functionality, setup, configuration, and operation of the voting system" and to release a list of all programmers who worked on the code because... well... it simply couldn't do it. It would likely be impossible, said Diebold, to escrow all of the third party software that its system relied on (including Windows).

What a difference a few days make.

December 1, 2005 - 12:58pm 59373

When we recently reported that the DOJ had chosen not to appeal two court decisions that forcefully rejected its secret requests to track cell phones without probable cause, we expressed our fear that the government would keep trying to secretly convince other judges to grant these illegal orders while avoiding appellate review.

December 2, 2005 - 11:39am 59374

Spotting Sony BMG's DRM in the wild can be challenging. While many have a standardized disclosure box on the back, CDs with the SunnComm MediaMax software have a far wider array of indicia; notably stickers on the front and, less helpfully, fine print on the back.

To help out the amateur DRM spotter, we have put together a slideshow illustrating the various methods, along with a picture compilation of variations of SunnComm's MediaMax software labeling on CDs.

December 5, 2005 - 8:52pm 59375

Real Networks today announced the availability of a web-based version of its Rhapsody music service. Finally, there is a listen-on-demand authorized music service with deep major label catalog that Mac and Linux users can use. I expect Napster 2.0 and Yahoo! will feel competitive pressure to migrate to a cross-platform, browser-based solution, as well.

December 6, 2005 - 6:18am 59376

After failing to reach a compromise on the final draft of the USA PATRIOT renewal bill, as described previously, Congress headed home for some turkey and put off the debate until after the Thanksgiving holiday.

Now everyone's back, and the word through the grapevine is not good. We're hearing that a final version of the conference report, essentially unchanged from the last version that we described here, will be coming down in the next day or two. A vote on the Senate and House floors is expected shortly thereafter--probably this week.

It's really getting down to the wire, so if you haven't already, call your Members of Congress today and say No! to PATRIOT renewal.

December 6, 2005 - 2:55pm 59377

EFF and Sony-BMG today announced the existence of a new security vulnerability that affects Sony-BMG CDs that include SunnComm MediaMax Version 5 copy protection software. The vulnerability was discovered by the security firm iSEC Partners after EFF requested an examination of the SunnComm software.

For more on the vulnerability, including whether you might be affected, see EFF's FAQ on it. Sony-BMG and SunnComm have released a patch that affected users should install immediately.

December 8, 2005 - 2:43pm 59378

Next Steps Unclear, Action Still Needed

The PATRIOT Act took a step closer to reauthorization today as Senator Arlen Specter of Pennsylvania announced that he would sign the conference report (in three parts: one, two, and three).

Backroom deals have watered-down the best reforms and opportunistic politicians have bolted on unpopular additions. However, several other senators refuse to go along with the deal, and a filibuster may be in the offing next week. Call your senators and representative now, and demand they vote "no" on PATRIOT renewal!

December 9, 2005 - 2:30pm 59379

Mr. Kevin M. Clement
President and Chief Executive Officer
MediaMax Technologies, Inc.

Mr. Clement:

As you know, we have already discovered one security concern arising from the MediaMax software, resulting in the patch issued on Tuesday and the revised patch issued yesterday.

The Electronic Frontier Foundation (EFF) remains concerned that additional security flaws will be discovered in MediaMax software, in both version 5 and version 3. EFF isn't alone in this concern. Indeed, as Professor Ed Felten has noted, "Experience teaches that where there is one bug, there are probably others. That's doubly true where the basic design of the product is risky. I'd be surprised if there aren't more security bugs lurking in MediaMax." See

December 9, 2005 - 3:08pm 59380

EFF was sad but not surprised to discover that the security holes in the software Sony BMG has placed on its CDs did not end with the XCP rootkit. As reported on EFF's site Tuesday equally troubling risks are built into CDs loaded with another type of software, MediaMax version 5. Given the nature of the software being forced on consumers along with their music, we fully expect that more problems will be uncovered.

But EFF is pleased to see that Sony BMG has begun to learn from experience in at least one way. In responding to the newly discovered problems with MediaMax version 5, Sony BMG has at last taken the obvious step we suggested last month--using its artists' websites to notify consumers of the security risks.

December 13, 2005 - 1:45pm 59381

When I buy a CD, I look forward to having the lyrics printed in the liner notes. That's part of what I expect in exchange for my money. If the record label omits the lyrics, I feel I'm entirely within my fair use rights to listen closely to the recording and copy down the lyrics. Similarly, I'm within my fair use rights when I use a search engine to find the lyrics of the music I've legitimately purchased. And thanks to Apple's iTunes software, I now can add those lyrics to the digital copies of the music I've purchased and have them appear when the song plays on my iPod.

Apparently, at least one music publisher thinks that makes me a music pirate. Yes, annotating music I've legitimately purchased with lyrics makes me a pirate, according to music publishing giant Warner/Chappell.

December 13, 2005 - 3:55pm 59382

While Sony BMG has only offered a patch for the MediaMax'd CDs that have a serious security problem, a recent Rolling Stone article notes that the band My Morning Jacket is offering its own recall of the MediaMax'd discs:

Mike Martinovich, manager for My Morning Jacket, says that even before the revelation of MediaMax's security problems, his company had been mailing burned, unprotected copies of MMJ's new album Z to fans who complained that MediaMax prevented them from transferring songs to their iPods. "It should have been enough that fans are annoyed," he says. "But this should be the final reason."

December 15, 2005 - 11:28am 59383

As you may know, EFF filed suit last week on behalf of voting integrity advocate Joyce McCloy, arguing that the North Carolina Board of Elections ignored its obligation to test all electronic voting system source code before certifying those systems for use in the state. Wednesday, the judge in the case asked for further briefing on the issue and additional oral argument in a hearing set for Dec. 21.

At issue is North Carolina's tough election transparency law, which requires the Board of Elections to review all e-voting code "prior to certification." However, on Dec. 1, the board certified voting systems from Diebold Election Systems, Sequoia Voting Systems, and Election Systems and Software without having first obtained -- let alone reviewed -- the system code.

December 15, 2005 - 2:42pm 59384

That's the question that pearLyrics asked today on its homepage. But the cautious optimism from developer Walter Ritter comes after a rough week.

pearLyrics is software that automates the process of adding lyrics to iTunes tracks. As EFF's Fred von Lohmann outlined in his blog post Tuesday, Ritter recently received a cease & desist letter from Warner/Chappell Music. The letter claimed that Ritter was liable for copyright infringement because he developed a tool that "enable[s] the reproduction and downloading" of song lyrics. Fred fired off a open letter in response, pointing out that while the software does not violate U.S. copyright law, if Warner/Chappell went through with its threats, it could get in its own legal trouble.

December 16, 2005 - 9:07am 59385

It's the best holiday gift any civil libertarian could hope for: a bipartisan coalition of Senators has refused to end a filibuster that is blocking renewal of the USA PATRIOT Act. The group of Democrats and Republicans are rightly concerned that the PATRIOT renewal bill lacks meaningful checks and balances to protect civil liberties from roving wiretaps, secret search warrants, super-secret demands for private records, and the many other broad police powers that Congress granted in haste immediately after the 9/11 attacks. Many of those PATRIOT powers are set to expire on December 31st—but Congress is set to adjourn for the holidays today.

December 16, 2005 - 12:51pm 59386

Displaying political courage too rarely seen, the Volusia County Council today voted to reject Diebold's proposal for a paperless e-voting system and instead adopt a more expensive contract with competitor ES&S. This contract will eventually lead to the use of a ballot marking system that will ensure an auditable, voter-verified process.

The County Council had been subject to powerful pressure from Diebold, the National Federation of the Blind, and the state of Florida -- including threats of criminal sanctions -- to adopt Diebold's system. In July, the NFB filed suit against the Council, demanding that the County adopt the NFB's favored system even though federal accessibility requirements do not kick in until January 1st.

December 16, 2005 - 1:35pm 59387

While the Senate was standing up for civil liberties, the House was handing out a Christmas gift to Hollywood. For digital consumers and innovators, however, it looks to be a nasty stocking-filler.

Representatives Sensenbrenner and Conyers have introduced H.R. 4569, the "Digital Transition Content Security Act of 2005," a.k.a. the return of the MPAA's "Plugging the Analog Hole" scheme, which is itself just a variant on the dreaded "Hollings Bill" introduced back in 2002.

The new bill is a rehash of the one we first mentioned on Halloween. It would impose strict legal controls on any video analog to digital (A/D) convertors "manufacture[d], imported or otherwise traffic[ed]" in the United States.

December 18, 2005 - 7:03am 59388

My most recent column at, "Sony-BMG's Copy-Protection Quagmire", describes the various legal theories that have been brought against Sony-BMG over the CD copy-protection debacle. The quick summary: more than a dozen class action suits filed around the country, based on a mix of state anti-spyware statutes, the federal Computer Fraud and Abuse Act, common law trespass to chattels claims, and state law consumer protection and deceptive advertisting statutes.

Complete text of the article after the jump.

Sony BMG's Copy-Protection Quagmire

Fred von Lohmann
Special to

December 21, 2005 - 10:44am 59390

The Texas Attorney General announced today that Texas is expanding its lawsuit against Sony BMG to include the SunnComm MediaMax CDs, which are also part of EFF's lawsuit against Sony BMG. The Texas AG's press release explained:

The Attorney General alleges the company's "MediaMax" technology for copy protection violates the state's spyware and deceptive trade practices laws in that consumers who use these CDs are offered a license agreement, but even if consumers reject that agreement, files are secretly installed on their computers that pose additional security risks to those systems.

December 21, 2005 - 1:37pm 59391

Yesterday, Magistrate Judge Gorenstein of the federal court for the Southern District of New York issued an opinion permitting the government to use cell site data to track a cell phone's physical location, without the government having to obtain a search warrant based on probable cause.

December 21, 2005 - 4:30pm 59392

CNN is reporting breaking news that the Senate has ended its impasse over USA PATRIOT Act renewal. As we told you previously, pro-PATRIOT lawmakers have been unable to end a filibuster by senators demanding that new protections for civil liberties be added to the renewal bill. With the "sunsetting" provisions of PATRIOT set to expire on December 31st and the holiday recess fast approaching, the Administration and its supporters in the Senate have now chosen to cut a deal: the sunsetting provisions will be extended for another six months, allowing more time for debate on what reforms must be added to the PATRIOT Act before complete renewal. It's not yet clear how the House of Representatives will respond, but we think it's likely to accept the deal tomorrow (knock on wood).

December 22, 2005 - 10:39am 59394

On the heels of the Senate's vote for a six-month PATRIOT extension, here's the latest from the Associated Press:

The House passed a one-month extension of the Patriot Act on Thursday and sent it to the Senate for final action as Congress scrambled to prevent expiration of anti-terror law enforcement provisions on Dec. 31.

Approval came on a voice vote in a nearly empty chamber, after Rep. James Sensenbrenner, R-Wis., chairman of the House Judiciary Committee, refused to agree to a six-month extension the Senate cleared several hours earlier....

It was not clear when the Senate would act on the one-month bill, but approval was possible by evening.

We'll let you know what the Senate ends up doing.

December 22, 2005 - 1:13pm 59395

Last week, the New York Times reported that President Bush personally authorized the National Security Agency (NSA) to wiretap the international phone and email communications of people within the U.S., all without getting search warrants. We've gotten several inquiries from people wondering what EFF thinks about it, and whether we plan on suing anyone.

December 22, 2005 - 3:53pm 59396

The suspense is over. After a weeks-long game of brinksmanship, the Senate and House have agreed to extend the sunsetting provisions of PATRIOT--which were scheduled to expire on December 31st--until February 3rd. The President plans on signing the bill.

December 22, 2005 - 8:24pm 59397

Following a flurry of litigation that found EFF fighting both alongside and against the state Board of Elections, Diebold on Thursday withdrew from the North Carolina procurement process, ceding the state's voting machine business to rival ES&S.

December 29, 2005 - 6:09pm 59398

"The proposed settlement will provide significant benefits for consumers who bought the flawed CDs," said EFF Legal Director Cindy Cohn. "Under the terms, those consumers will get what they thought they were buying--music that will play on their computers without restriction or security risk. EFF is continuing discussions with Sony BMG, however, and believes that there is more they can do to protect music lovers in the future."

"Sony agreed to stop production of these flawed and ineffective DRM technologies," noted EFF Staff Attorney Kurt Opsahl. "We hope that other record labels will learn from Sony's hard experience and focus more on the carrot of quality music and less on the stick of copy protection."

Deeplinks Topics

JavaScript license information