Hot on the heels of the recent Sony-BMG XCP rootkit uproar, computer security researchers have discovered a new mechanism for Sony-BMG to protect their copyrighted content.

Speaking for Xytheros, an enterprise networking consultancy, Larry Goldenrod, Chief Technology Officier, says, “In my 37 years of software development and research, I’ve never seen this before.”

At issue is a new content protection system distributed on certain of Sony-BMG’s new audio CDs which seeks to stem the tide of casual music trading by restricting what consumers can do with their purchased songs. Says Xytheros’s Goldenrod, “This previous XCP mechanism was described as a ‘rootkit,’ but I would use the term ‘proxy server’ for this new technology.”

This new proxy server, called FFU, was licensed by Sony-BMG from the French software company MonDieu. Speaking through an interpreter, spokesman Jacques Knoff said, “Zees copy protection, she’s a hrobust internet feelter.” When asked about the licensing arrangements, Knoff said, “Sony, she gave us a creesp new Amerrrican one-hundreed dollar beel. Such vast amounts of currencee are unlike any we have ever seen, no?”

“In the past, consumers would digitally extract, or ‘rip’ audio content from a CD,” explains Goldenrod, making finger quotes in the air. “From there, users are free to do whatever they want with Sony’s music, be that listen to it in their car, or even at a friend’s house. Some people make the music available via illicit internet connections, or ‘P2P,’” continues Goldenrod, again with the finger quotes.

It is this last statement that is the primary cause for Sony-BMG’s concern: world-wide losses to Big Media for casual illegal music sharing are several thousand dollars per year, according to some estimates. In a recent statement, Sony-BMG president Tofu Mogadishu said, “Our primary focus is to deliver shareholder value. Rampant casual music sharing impacts our bottom line, and must be permanently extinguished, regardless of the consequences or cost involved.”

To that end, the new CD copy protection, FFU, activates itself when a CD is inserted into a personal computer. Once installed, a technology called a “proxy server,” routes all internet traffic from the host computer to a clearinghouse in China’s Guangdong province. Technical workers in this clearinghouse then manually inspect each internet request, and determine which traffic to allow and which to block. “P2P traffic is always blocked,” explains clearinghouse manager Zhuge Qing, “as well as other inappropriate traffic. Our staff of 13 technology professionals are highly trained in determining what types of traffic to permit.” When asked about the tremendous amount of internet messages that the clearinghouse would need to process, Zhuge said, “Most internet traffic from America is jingoistic, imperialistic, capitalistic or pornographic, and is therefore blocked by China’s state-controlled internet infrastructure before it even reaches us. It’s a real time-saver.”

CDs affected by the new copy protection include Jõgeva, by Estonian pop-diva Lääne Põlva, and Why Must I Live? by Electric Ketchup.

“We have complied with our voluntary recall of XCP-protected CDs,” says Sony-BMG spokesperson Dick Smallwood. “But, we never said anything about introducing new protection schemes.”