blacklist come into widespread use. Application developers may also adapt their software to the blacklisting
technique by randomizing their process image names or taking other measures to avoid detection.
4
4.2.2
MediaMax Temporary Protection
MediaMax employs a different--and highly controversial--temporary protection measure. It defends the
music while the installer is running by installing, and at least temporarily activating, the active protection
software before displaying the EULA. The software is installed without obtaining consent, and it remains
installed (and in some cases, permanently active) even if the user explicitly denies consent by declining the
license agreement.
MediaMax discs install the active protection driver by copying a file called
sbcphid.sys
to the Win-
dows drivers directory, configuring it as a service in the registry, and launching it. Initially, the driver's
startup type is set to "Manual," so it will not re-launch the next time the computer boots; however, it remains
running until the computer is shut down, and it remains installed permanently [13]. Albums that use Media-
Max version 5 additionally install components of the MediaMax player software before displaying a license
agreement. These files are not removed if the EULA is declined.
Even more troublingly, under some common circumstances the MediaMax installer will permanently
activate the active protection software (by setting its startup type to "Auto," which causes it to be launched
every time the computer boots). This behavior is related to a mechanism in the installer apparently intended
to upgrade the active protection software if an older version is already installed. Under the following scenar-
ios, it is triggered even if the user previously declined the EULA:
· The user inserted a MediaMax version 3 album, then sometime later inserts an MediaMax version 5
album.
· The user inserted a version 5 album, then sometime later inserts a version 3 album.
· The user inserted an version 5 album, reboots, then sometime later inserts the same album or another
version 5 album.
These steps do not have to take place in a single session. They can happen over a period of weeks or months,
as users purchase new albums.
We can think of two possible explanations for this behavior. Perhaps the vendor, SunnComm, did not
test these scenarios to determine what their software did, and so did not realize that they were activating
the software without consent. Or perhaps they did know what would happen in these cases and deliber-
ately chose these behaviors. Either possibility is troubling, indicating either a deficient design and testing
procedure or a deliberate decision to install software after the user denied permission to do so.
Even if poor testing is the explanation for activating the software without consent, it is clear that Sunn-
Comm deliberately chose to install the MediaMax software on the user's system even if the user did not
consent. These decisions are difficult to reconcile with the ethical and legal requirements on software com-
panies. But they are easy to reconcile with the vendor's platform building strategy, which rewards the vendor
for placing its software on as many computers as possible.
Even if no software is installed without consent, the temporary activation of DRM software, by both
XCP and MediaMax, before the user consents to anything raises troubling ethical questions. It is hard to
argue that the user has consented to loading running software merely by the act of inserting the disc. Most
users do not expect the insertion of a music CD to load software, and although many (but not all) of the
affected discs did contain a statement about protection software being on the discs, the statements generally
4
An extreme extension of this would be to adopt rootkit-like techniques to conceal the copying application's presence, just as
XCP hides its active protection software.
7