List of audio CDs that will install Sony-BMG's DRM rootkit on your computer if you stick it in your CD-ROM drive, along with a couple of methods to help identify other discs with the malicious content. Certain music CDs published by Sony-BMG will automatically install invasive software on your computer if inserted into your computer's CD-ROM drive. The software is intended to prevent you from ripping the content off of the CD, such as to make MP3 files to transfer to your portable music player, but does so in a way that introduces security risks and can damage your computer. Indeed, its intended function, to prevent you from making MP3s from CDs you have purchased, could be considered damage, but it's worse than that. (CNet report, Ed Felten here and here, Wired.)

While normally I would expect this stuff to happen outside of the genres of CDs I usually buy, I'm sorry to see The Bad Plus's Suspicious Activity on the EFF's short list. Of course, Sony is doing this without the consent of the artists, so I can't hold it against the group, though the most they're willing to say about it on their web site is to post Sony's instructions for creating "secure" WMA (restricted, not iPod compatible) files from the disc. Mac users are not affected by the rootkit, but such a disc seems too risky to keep around, lest I forgetfully stick it into a Windows box a few years from now give it to someone who doesn't know about the problem. And of course, being broken, it may not work with all of my CD players.

Update: A Trojan Horse found in the wild that exploits Sony's rootkit if it's installed on your system.

Update: A suit has been filed in the State of California against Sony for violation of several California state laws.