November 16, 2005 | By Kurt Opsahl

US-CERT: Never Install Audio-CD DRM Software

The United States Computer Emergency Readiness Team (US-CERT) is a part of the Department of Homeland Security that is charged with the task of "protecting the nation's Internet infrastructure" by coordinating the "defense against and responses to cyber attacks across the nation." In response to the Sony XCP DRM debacle:

US-CERT recommends the following ways to help prevent the installation of this type of rootkit:

  • Do not run your system with administrative privileges. Without administrative privileges, the XCP DRM software will not install.
  • Use caution when installing software. Do not install software from sources that you do not expect to contain software, such as an audio CD. [emphasis added]
  • Read the EULA (End User License Agreement) if you do decide to install software. This document can contain information about what the software may do.

Yep, you read it right. US-CERT recommends that you never install DRM software that comes with an audio-CD. Frankly, that's good advice. As for the EULA advice, it's a good idea, but Sony's problematic EULA does not tell you much about what the XCP may do.


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Good news! In major policy shift, DOJ tells law enforcement agents: Want to use a Stingray? Get a warrant. https://eff.org/r.bbky

Sep 3 @ 5:30pm

DOJ saw the writing on the wall, will require a warrant to use 'Stingray' cellphone trackers: https://eff.org/r.fbd9

Sep 3 @ 4:38pm

Libraries and booksellers band together to support Wikimedia’s lawsuit against NSA. Read our brief: https://eff.org/r.49dp

Sep 3 @ 1:50pm
JavaScript license information