Does anti-piracy software on video games open security risks on users' computers?

May 4, 2009

(PhysOrg.com) -- Computer scientist Alex Halderman wants to know if antipiracy software built into Spore and other video games makes computers more vulnerable to hackers. To find out, he might have to break the law.

Halderman will soon ask the federal government for official permission so that he, along with other researchers, can safely study the question, and so that consumers can take necessary steps to protect their computers.

Halderman is an assistant professor in the University of Michigan's Department of Electrical Engineering and . At a hearing on May 7 in Washington, D.C., he will petition the U.S. Copyright Office for a three-year exemption from the Digital Millennium Copyright Act. The exemption would apply to all researchers and consumers, not just to Halderman.

"In the computer security community, we're interested in how software impacts the security of consumers' personal computers," Halderman said.

"We have growing reason to suspect the software tends to create security problems. The Digital Millennium Copyright Act has had a chilling effect on our ability to investigate and test systems to find out what's really going on and protect users from any defects. The threat of lawsuits under the ambiguous law makes researchers shy away from studying these risky systems. This is the chief impetus for my petition."

Because the act prohibits tampering with copy protection, researchers like Halderman could run afoul of it as they investigate and suggest repairs for any problems. Such research could invite lawsuits. Halderman knows this first hand.

In 2003, SunnComm Technologies threatened to sue him after he discovered that the company's new digital rights management (often shortened to DRM) software was defective and easy to circumvent. The software was designed to bar CD buyers from copying songs and uploading them to the Internet. Halderman found that simply holding the shift key while inserting the CD into the computer prevented the computer from running the software, and gave users access to the audio files.

Halderman continued to study similar copy protection products. In 2005, he and other researchers found that copy-protected music CDs sold by Sony BMG installed software that opened major security holes in users' computers. In response to this concern, Sony released a patch that uninstalled the program, but Halderman discovered that the patch actually unlocked another way in for hackers.

Halderman is now petitioning the Copyright Office for two variances: one targeting digital rights management in video games that harms users' computers, and another targeting dangerous copy protection more broadly. The exemptions would enable researchers to test, investigate, and repair vulnerabilities in such software, and it would allow consumers to protect their computers by taking necessary corrective action.

If the Copyright Office grants these requests, Halderman plans to study the antipiracy software on Spore, a best-selling video game in which players control the evolution of a species. When installed on a computer, Spore installs a digital rights management program called SecuROM, which was developed by Sony. Some video game users have claimed that SecuROM disables critical security measures such as firewalls and antivirus , opening their PCs to viruses, spyware, and other malware.

Three class-action suits have been filed on behalf of those who say they've been negatively affected by SecuROM in the video games Mass Effect, Spore, and Spore Creature Creator. Sony maintains that the program is safe, but Halderman worries that it has not been rigorously studied.

"In the larger context, security concerns of this type have a way of affecting everyone, not just those who experience security breaches or use media with digital rights management," Halderman said. "We all face inconvenience and risk when attackers use compromised systems to send spam and hijack machines to hide their tracks, for example."

Provided by University of Michigan (news : web)


print this article email this article download pdf blog this article bookmark this article     Stumble it Digg this share on Facebook retweet share on Reddit add to delicious
Rate this story - 5 /5 (3 votes)

Rank Filter

Move the slider to adjust rank threshold, so that you can hide some of the comments.


Display comments: newest first

  • LariAnn - May 04, 2009
    • Rank: 5 / 5 (1)
    I don't doubt that Sony could care less whether or not they jeopardize the computer security of Sony customers, so long as they extract their "pound of flesh" in terms of high-priced, hacker-friendly software products. Perhaps some of the hackers are actually on their payroll . . .

May 4, 2009 all stories

Comments: 1

5 /5 (3 votes)
  • Stumble this up

  • Digg this

  • share this

  • hide

  • Related Stories

  • Security firms react to rootkit
    created Nov 17, 2005 | popularity not rated yet | comments 0
  • Attackers Target Gamers with Spyware
    created Mar 23, 2007 | popularity not rated yet | comments 0
  • Attack on computer memory reveals vulnerability of widely-used security systems
    created Feb 21, 2008 | popularity not rated yet | comments 0
  • Trouble for iTunes in France?
    created Mar 15, 2006 | popularity not rated yet | comments 0
  • Researchers reveal 'extremely serious' vulnerabilities in e-voting machines
    created Sep 13, 2006 | popularity not rated yet | comments 0



  • hide

  • Relevant PhysicsForums posts

  • casio calculator that's similar to TI-89
    created 3 hours ago
  • Mathematica Question: Finding local maximums
    created 7 hours ago
  • Advice on what cell phone to get
    created 8 hours ago
  • Read multiple binary files to ascii
    created Nov 07, 2009
  • Engineering Translation software
    created Nov 06, 2009
  • Changing the language options on your phone.
    created Nov 03, 2009
  • More from Physics Forums - Computing & Technology

Other News

A system of space solar power system (SSPS)

Japan eyes solar station in space as new energy source

Technology / Energy

created 19 hours ago | popularity 4.7 / 5 (13) | comments 19

It may sound like a sci-fi vision, but Japan's space agency is dead serious: by 2030 it wants to collect solar power in space and zap it down to Earth, using laser beams or microwaves.


Software cos. eye key patent case in Supreme Court (AP)

Software cos. eye key patent case in Supreme Court

Technology / Business

created 19 hours ago | popularity 5 / 5 (4) | comments 2

(AP) -- With the technology industry looking on, the Supreme Court on Monday will explore what types of inventions should be eligible for a patent in a pivotal case that could undermine such legal protections ...


Framed for child porn -- by a PC virus

Framed for child porn -- by a PC virus

Technology / Internet

created 11 hours ago | popularity 5 / 5 (5) | comments 2

(AP) -- Of all the sinister things that Internet viruses do, this might be the worst: They can make you an unsuspecting collector of child pornography.


Campaigners are stepping up efforts to curb online tracking

Advertisers face resistance to on-line tracking

Technology / Internet

created 18 hours ago | popularity 5 / 5 (3) | comments 0

Campaigners are stepping up efforts to curb online tracking of Internet use by firms that deliver adverts tailored to the specific interests of consumers, as polls reveal widespread unease with the practice.


Sony offers 'Cloudy' early to people with its TVs

Technology / Business

created 11 hours ago | popularity not rated yet | comments 0

(AP) -- In a bid to sell living room electronics and spur buzz for "Cloudy with A Chance of Meatballs," Sony Corp. is offering the movie for free to U.S. buyers of its Internet-connected TVs and Blu-ray players starting ...




PhysOrg Account
advanced search
  • follow with twitter
  • follow on facebook
  • read with kindle
  • customize RSS
  • physorg mobile
  • newsletter