Slashdot Mirror
Encrypting Digital Music With Multiple Keys
Orne writes: "The New York Times has an article about mathematicians at Brown who have patented a new music encryption system that is based on cycling encryption keys. '... a typical three-minute song could be scrambled into 180 different codes; anyone taking the time to break a single code would be rewarded with only one second of music.'" I'm not going to try to parse the math behind it, but advances like this are why I advocate laws to protect fair use of copyrighted materials -- sooner or later a successful crypto-system to prevent all non-permitted use of materials will be developed, complete with tamper-proof hardware in your PC, and then where will we be?
Believe me. I'm ex-military.
No it does not, wise guy. It depends on whether it is being used to promote or subvert freedom. Thanks for the facile, moronic reply, though. Its not surprising to see a subject with a moderate level of complexity completely elude the moron faction around here. Why dont you just post a link to the osm defense fund and skip to the next story, already.
Then we will put a recorder on the digital output of your PC.
I've always been amazed by these encryption approaches. They are useless. To play audio on your PC, the audio is eventually sent to the audio hardware. So what prevents me from writting a driver that pretends to be a audio hardware device, which records the audio to a file instead?
In any case, at the end of the day, the audio has to get to your ears. Instead of ears, a microphone works pretty well too.
In other words, it will always be possible to make copies of music. Until we have decryption implanted in our brains.
Breace.
imagine a future where the cultural history of the early 21st century is lost entirely even when its been pristinely preserved because the company with the decryption keys went out of business long ago. Think it can't happen? Look at Divx. All the disks for it are now utterly useless. Any company that thinks it will be here until the end of time (or when their copyrights expire) to decrypt our media for us is arrogent beyond comprehension.
>The difference is, DAT was a competitor to the cassette
:-) then we will have these neato decks. Till then... I'm gonna keep buying CD Players.
Eh? DAT is all digital -- just like a QIC-80 -- it was competition to the CD and casette (except it is linear, unlike CDs). Maybe I missed your point, sorry.
>now we have a satisfactory, if not perfect, technology.
CD Deck -- $150
DVD Deck (complete with lameass encoding scheme) -- $300
SuperHeavyEncrypted Audio Player -- $??? (I guess $600)
Just look at the first thing people look at in the stores today, Price! Unless this new tech is the same price or less than a CD Player, I think It'll be dead before it gets off the ground.
DVD has taken a little less than a decade to break 10% acceptance. Why? Even now it still costs thrice as much as a cheap VCR. When it came out it cost 10x or more! DVD still has a long way to go, maybe another 10 years, before it begins to eat into VCR sales.
Heck, even CD Players took 10 years to be a hit. Again, the price was too high (even the old, "crappy" sounding decks were good enough for the average man, so sound quality wasn't the problem).
I guess if the record companies want to eat the price of the player, they MIGHT be able to break into the market. But they will have to eat the price for a long time.
I suppose they could stop selling casettes and CDs, but that will only cause bootlegging from the radio (which is protected by law) to skyrocket to unfathomable proportions.
Who knows, maybe the entire world will become rich (but wait a minute -- if we are all rich, then aren't we all poor? You need a base to compare against...
Am I the only one wondering why it's better to encrypt 180 segments of a stream each with a different key (making brute-force decryption of the whole stream 180 times as hard as with one short key) than to add just eight bits to one key and make brute-force recovery of any part of the stream 256 times as hard? Multiple keys are a win when they drive different algorithms, or are held by different people, or expire at different times, but what good are they here?
NTRU are, as far as I can tell, snake-oil merchants with no clue about real crypto. If anyone can think of an advantage of encrypting a piece of music with lots of short keys over encrypting the entire thing with 256-bit Serpent in counter mode I'd be interested to hear it.
--
Xenu loves you!
Fundamental problem with any digital media protection system is that it must produce decrypted output for the end user.
This means even if Big Brother Records Inc. would require me to use special device attached to computer, that decodes music according to my fingerprints, sound output would still go to my soundcard. So if I go out and buy loopback cable for as much as $5, then connect audio output to audio input on my full-duplex soundcard and run audio recorder program in parallel with whatever decrypting program they use I still would record the song, encode it into normal MP3 and save it on a Zip disk to listen to it at work. There is no way they could stop me.
Obama 2012: our incompetent asshole is slightly less of an incompetent asshole than the other incompetent asshole !
among the .0001% of society that are geeks, DIVX died because of use-limited licensing. but in the broader market, the real reason DIVX died is it confused consumers on standards, and the sellers of standard DVD technology quashed this competition, they didn't want to pay the DIVX licensing fee to distribute their products.
It's the sad truth.
If it ain't broke, fix it 'til it is!
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
I was just remembering that old Metallica song-
whoops! time to cut Lars another check!
If it ain't broke, fix it 'til it is!
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
of course, doing this is against the law, now that we have DMCA, or WIPO, or, what is it now?
If it ain't broke, fix it 'til it is!
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
I disagree. People are stupid. Do you know how many Brittney Spears albums sold? They'll bend over and buy them, they'll pay double, and they'll pay double again each time to listen. Eventually, when the technology permits it, they'll pay for the privilege of *remembering* what they heard.
If it ain't broke, fix it 'til it is!
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
The thing that really burns me, is that 5-7 years ago, there was this "alternative scene" in music, and the pop music wasn't all that bad. Sure, there was a lot of crap "alternative" out there, but there was some good stuff being played on the radio.
Now, i was never really much of a Nirvanna fan, but doesn't it seem like it all ended, folded up and went away when Kurt Cobain blew his brains out? I mean, pop music was rock n roll back then, now, it's different, it's sort of this weird r&b/rappy/dancie/gap commercial stuff. Was Kurt Cobain really that important? What the hell happened?
The fact is, the musical landscape is dominated by four corporate giants, and the indies are there, but they're such minor players in the distribution and promotion infrastructure, that anything outside the money-making "formula" is lost. It's a LOT harder now to find good stuff than it was 5-7 years ago.
I also believe that socially, there has been a mass-rejection of nonconformist music among kids who were shocked at the whole black-trenchcoat scene when Columbine went down. It's a backlash against the Primus/Marylin Manson/Ministry set. (hm - if I listen to n'synch, and don't wear black, people wont think I'm a freak and am going to kill them).
If it ain't broke, fix it 'til it is!
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
But the cost of distribution has little to do with media costs nowdays. A lot of a CD's $18.99 list price is pure profit.
Today, I read a Washington Post article on the adult movie business and was struck by the following set of statements:
"Adult movie suppliers such as the Hot Network and New Frontier Media also make their products available to satellite and cable TV companies on a generous basis. When it comes to a typical Hollywood movie, a cable or satellite company usually keeps only 45 percent of the $3 to $4 fee paid by a subscriber. In the case of adult movies, however, cable and satellite companies keep up to 80 percent of a subscriber's pay-per-view fee. Those lopsided deals are possible in part because it costs relatively little to produce an adult film--$30,000 to $40,000--compared with $75 million for the average mainstream film.
Those savings are not passed on the customer, however. Instead, AT&T and Starpower charge as much as $7.95 for each adult movie, about double the price of a Hollywood blockbuster on a pay-per-view channel."
Media companies rarely "pass the savings on to you."
Yes, it is different. Digital world != real world. Information != property. Once a single person labours for (literally) 4 or 5 seconds or so and transforms the .riaa into an .mp3, then the security effectively does not exist for anyone else in the world. That single .mp3 can be copied verbatim to anyone else, making the .riaa literally inferior (and hence useless).
This is not the same as a security system on the house. Once I break into your house, I can not copy the entire inside of your house and share it with everyone in the world.
There is no D/A or A/D conversion going on, because you are not as stupid as the OP. You do not even need to have a sound card. Just set up a fake /dev/dsp (or the equivalent under Windows) to save it to .wav. This is not new stuff.
Hmm yes, that would be much more difficult. You could still get around it by using a VMWare approach, though, presumably.
The implanted chip will temporarily disconnect your speech centers while you are listening, preventing this. And they will encode the stored memories so that they can only be played back through the decoder, so you can't sing it later. There will also be protections so that your mind can only think and report positive and pleasurable responses to the music, all negative ones will be stopped, since they violate the license agreement.
I must be missing something. I fail to see how this will prevent duplication of the music/text/whatever. At some point in your device you have to produce output, that output can't be encrypted, or you wouldn't be able to understand it. So at the very least, you should be able to tap into the data stream, say where it enters the sound card, and gain access to the unencrypted format.
Casca
Well, thats not too much worse than what I get from Napster...
Same place we are now. . .someone will buy it, record it off a virtual sound driver or something, take the .mp3 and distribute it. . .Wow, lots gained for so much time, money and effort put into it. . .
** Martin
How would the RIAA know which person made the copy? They would never be able to tell a copy made by person A from a copy made by person B from a copy made by person C. The only way to lessen the chances of copying would be to restrict the sale of the music at all, and that would bite them in their pocketbook, exactly what they are trying to avoid.
Just *one* person needs to make a copy and put it on Gnutella or Napster or Freenet or whatever else comes along, and they are, as they say in the vernacular, completely fucked.
Somewhere, the key has to be in the open. Read:l #DVDEncryptionBroken
http://www.counterpane.com/crypto-gram-9911.htm
for Bruce Schneier's comments on DVD & why it was guaranteed to fail eventually. Also why it's not a technical, but a legal problem (preventing or prosecuting illegal copying of copyrighted materials), which is already solved (it's called taking the violator to court).
In my proposal, the watermarks identify the designer of the original pattern for the copy
You appear to be describing digital signatures.
"Wise men talk because they have something to say; fools, because they have to say something" - Plato
Here here, but I beg to differ... Coors is way worse than Bud!
However, if it can be held in an encrypted form until it is ultimately transfered to an analog signal, any reencoding would degrade the quality of the music. If the degradation is servere enough, then it will be worth it for most people to just buy the music in the encrypted form rather than deal with subquality encodings.
For instance, what could be done if the decrypting is done inside the speakers themselves? Capturing the digital signal before it reaches the speaker would be useless if the encryption algorithm is strong enough. Holding a microphone near the speaker wouldn't be an acceptable option as it would degrade the sound quality too much. And if the tamperproof hardware inside the speaker is well made, then it would be, for all practical purposes, impossible for the vast majority of people to intercept the digital decrypted signal.
Whether or not this is feasible or not is a whole other issue.
I believe you, AC. I certainly do.
Hmm. Emulation. That's one I hadn't thought of, and it's a damn good idea. One thing about emulation is that it requires intimate knowledge of the system being emulated and any tamperproof equipment will be engineered specifically to prevent being looked into. Look how long it has taken to get to the state of emulation on the simple SNES. The SNES, although not well documented (and it some parts, not at all), wasn't made for the specific purpose of keeping itself closed. A black box that is built to keep anyone and everyone away from its internals would be fantastically harder to correctly emulate. The 'thousands of eyeballs' of open source wouldn't help much either. What is needed is not a large number of developers, but a few developers who specialize in the field.
Just because a few people pirate mp3s doesn't mean the RIAA will just lay down and admit defeat. They're going to do everything in their power to keep control of the music they publish.
Why is patenting so expensive!!!
I wanted to patent something like this about 18 months ago - and then dump it on a GPL - but it's about a grand (UKP) to do it here (that's probably about fiteen hundred dollars I guess).<br>
Maybe I can claim prior interest?<br>
<b>Puma</b> - Annoyed
That is an interesting but un-informed view.
#1 - they cant make a "digitally signed speaker. I wont give up my Klipcsh horns for anything, and HUGE numbers of audiophiles wont give up their super high end stuff for crappy little digital computer speakers. so to make the RIAA happy we have to add $300.00 to the price of the tuner,amp,preamp,and each speaker, while dropping the audio quality.. HA! not one audio equipment manufacturer will do it. So, we get a "special" digital cd/mp/md player to play these "blessed" music files, we simply override the encryption as it hit's the digital audio stream. (Gee that's a standard, not encrypted)
They cant do it, no matter what they try.
It's a waste of time, and the start of the death throws of a giant while we continue to throw our tiny spears at it.
Do not look at laser with remaining good eye.
it doesnt matter what they do to it... if it comes out the line-out jacks I can do whatever I want to it. Line out's to line in - record-mp3-napster-giggle like a schoolgirl.
It's a joke that they keep trying to find ways to trample on a users rights, only to have the highest tech-best laid plans thwarted by good-ol low tech solutions (Yeah it wont be 100% cd quality, but then if you can tell the difference you're a dweeb.)
Do not look at laser with remaining good eye.
Encryption is useless for an application like this because at some level, we all need to hear the same pressure waves.
Ahh, but when they introduce their new DirectPlay format, and start piping the music straight to your brain, what are you gonna do then?
http://www.cco.caltech.edu/~bo yk/spectra/spectra.htm contains a scientific paper written by my dad, who teaches at Caltech, about this very topic. In fact, you can sense the loss of pitches well above 20KHz, which is where CDs reach their limit. That, for one thing, is why Lps sound better than CDs.
Switch the . and the @ to email me.
I mean, as long as you're free to use MP3 instead of this format, I don't see any problem. Except when the quality/compression-ratio is much better ofcourse, then it might become a problem.
But cycling keys will probably (I'm just guessing here) enlarge overhead, reducing the overall compression-ratio.
Anybody remember VQF? It creates smaller files than MP3 with better quality, yet nobody uses it (except for private music collections, maybe).
Why? It is not the standard, it's encumbered by nasty patents, and, let's face it: it does not have a decent player.
About the same goes for that stupid encumbered sound-format Microsoft tried to pull down our throath. I never heard anyone talking about it (except here on Slashdot), not even hard-core windows users.
So, I don't see why we should bother with it...
Every expression is true, for a given value of 'true'
There is more personal data stored in MP3 format than any other. (I conceede that perhaps Porno-Jpegs are a close second place.) ;-)
Millions of people have Gigabytes of MP3 music.
None of it need be "secured" to please its users more!!!!
None of it need be ripped|compressed "better"|replaced.
The flaw in any "better" music format is it's incompatible with most HW (Rio, eGo, etc.).
Or it requires new "better" SW.
The players/playlists in peoples music systems work perfectly well worldwide. Why change perfection?
Would you rather buy a CD full music in CDDA, MP3, SDMI, or "Yet Another Music Format" ?
...or perhaps one with two of the above?
The contest is LONG OVER: MP3 won!
Joe Torre - X - HardwareEngineer @ Amiga Inc & ZapMedia Amiga, AmigaDE, BeOS, Linuxz, QNX, Rebol, Windoze, ZME: So
Yeah right. And who's going to buy them when they cost more and offer no benefit? You can already get non-encrypted "digital" speakers (usb). (the decoder is usually only in one speaker with an analog cable to the other one; no real benefit there other than doing the decoding outside of your electrically noisy computer case)
:)
What about headphone jacks and all of the wonderful analog speakers that exist. They won't be going away so the headphone and normal lineout jacks won't either. audiophiles are also notorious for hating digital.
Any company making their content available only in a format that requires spending extra money and prevents you from doing such simple things as using headphones, making tapes, etc. will simply go out of business.
it hasn't been that long since we watched divx die for these reasons.
Logic chips are cheap. There's no reason that "secure" players would have to cost a lot more. And keep in mind that these guys control the content price, and that is already way over cost. So why can't they raise the price of unencrypted CDs a few bucks, while at the same time, sell the encrypted music at only $10 over cost instead of $15 over?
You think Joe Schmoe is going to hesitate to buy into the encrypted stuff when he can get a Brittney Spears album for $10 encrypted vs $20 not encrypted?
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Nope. Try running lopht's password cracker on a SMB password file from NT - the 16 character passwords are broken into two groups of 8 each, and it is MUCH easier to break a 8 character password and than another 8 character password than breaking a 16 character one. So it is 41 bits, because 40 + 40 = 80, but either this 40 or that 40 can be marked by one bit. If 40 bits made 5 possibilities (very simplified), then two sets of 40 bits would give you ten possibilities, but 80 bits would give you 25.
http://www.bombcar.com It's where it is at.
Fellowship 9/11
Egg-zackly true! The same "problem" lies with digital video, as well. As long as the encrypted information can be changed back into the original signal, that signal can be re-encoded *without* encryption. It'd be one of the simplest hacks in the Universe.
... There was a local repeater system that started using old Motorola hardware to send a half-second of beeps to open it up. Every paying user had this hardware, and his own set of different tones. I took a digital recorder chip from Radio shack, tuned to the input of the repeater, and "recorded" one of these beeps. Then, I made a playback circuit to play that recording in via the microphone, whenever the unit was keyed.
An example, from ham radio
Bingo! That "closed" machine was now open. The hardware that the paying users had to buy cost them about a hundred bucks each; the hardware that allowed anybody to use it cost under $20, retail.
ANYTHING that can be heard, seen or measured, can be copied. No such encryption scheme will ever succeed because there must be a way for "approved" users to see or hear the end product.
Jeannette
Lemon curry?
Um, MP3s are not exactly the same as the original input signal. There is already loss there, it's just loss that you can't much hear (tho I know some snob audio purists who claim they can).
The point is, taking the output from a fast-enough DAC with proper filtering, and re-digitizing it, the loss is very small. In a pinch, software and hardware could be made to try to fing the "bit length" from the DAC, and in turn synch the ADC to the same length (tho that'd be both hard to do, and pointless, given the proper filtering).
Jeannette
Lemon curry?
You can encrypt however you want but if it can be played it can be copied. Under a unix you just replace the /dev/dsp or whichever file it is being played to with another file. The play the audio through their player. It will decrypt it and you have a clean digital source with no encryption. If you are using windows there are virtual sound card drivers that do the same thing.
All this music encryption is worthless. Since soundcards can not decrypt it must be sent to the sound card unencrypted. Since that is so you can easily send the data somewhere else.
Computer modeling for biotech drug manufacturing is HARD!
> How would the RIAA know which person made the copy?
No, the RIAA will know the legitimate users because *their* players have Globally Unique Identifiers.
They won't know the ones who download or upload using FreeNet.
Computers. You can't live with them, you can't live without them.
It would be nearly trivial to make a linux driver that looked just like /dev/audio but let me dump the digital input right into a file
Somebody did it.
This is the opposite...they have trusted data...and run it in an untrusted environment...yet make sure the environment (which is what is interpreting it in the first place) is not doing "bad things".
That's why they will try to push "trusted clients" into the market.
Think of an e-book reader: It's like a computer because it needs to be one so it can interpret digital data. But you don't know the root password, can't telnet into it. Its only output interface is for your eye (or did somebody try to scan and OCR an e-book from the reader?).
Can they do that? I don't know. Some people will be very unhappy if they have to buy their CDs, DVDs, CD players and DVD players AGAIN. And who likes to pay for patent licenses just to restrict oneself's rights?
People started to use mp3 because it is conventient to hear music on the PC. They cut video on the PC because it is better than buying specialised video-cutting devices. What will make us instantly stop using the computer for this activities?
Computers. You can't live with them, you can't live without them.
What the proponents of such a
new format have to do is make sure it does what MP3 can't/doesn't. This new file format needs to offer
something that people will want to pay for. I venture to say that if a secure format with no audible differences from
CD audio, capable of being compressed at 50:1, and priced fairly was introduced, consumers would drop MP3s
like yesterday's pop album.
And then someone rips it apart, finds out how it works, and makes a version without encryption. Not that hard... (Well, the ripping apart prolly will be, but it'll happen anyway).
Ouch, that hurts. I meant:
What the proponents of such a new format have to do is make sure it does what MP3 can't/doesn't. This new file format needs to offer something that people will want to pay for. I venture to say that if a secure format with no audible differences from CD audio, capable of being compressed at 50:1, and priced fairly was introduced, consumers would drop MP3s like yesterday's pop album.
And then someone rips it apart, finds out how it works, and makes a version without encryption. Not that hard... (Well, the ripping apart prolly will be, but it'll happen anyway).
Hmm, seems like you can still crack open your speakers, then splice and split the wire after the Digital-->Analog converter, then connect the cable to the input on your circa 2000 audio card (which doesn't know a damn thing about crypto).
Like the guy said above, if you can listen to music, you can copy music. I never really thought of it that way, since we're so used to ripping CDDA to WAVE format, but its so true.
Actually they did. They all had patrons who paid them handsomely to write music, they got commisions to compose pieces. Mozart at least was a court composer who was quite well known throughout England. Beethoven was very well known in Vienna and hung out with nobility and the royal court.
"When you sit with a nice girl for two hours, it seems like two minutes. When you sit on a hot stove for two minutes, it
You could pay extra money and have the disk permanently (?) enabled. The disk was still locked to a single player.
So what.
Britney Spears may be synthetic, corporate music, but it is slick, well-produced music. The aural equivalent of a Big Mac.
You don't know what bad music is until you have gone through and listened to a pile of promotional records at a radio station. There is an unbelievable amount of really bad music that never gets played on the air.
So you are saying that you can hear the difference between a 20 kHz square wave and a 20 kHz sine wave? That your ear can perceive the presence or absence of the odd-order harmonics (60 kHz, 100 kHz etc.) in the square wave?
There's no such thing as a tamper-proof PC, and never will be. It's only a matter of time before someone with the time and resources does a silicon-level reverse-engineering of the relevant chips, and then it's the curtains for another (widely spread?) protocol.
Needless to say, if the playing code is in software (which it will be, since not everyone wants to buy a new card for their PC just to listen to a record, at least not immediately) it'll be even easier to recover the keys.
They might screw up, but it's not going to be something fundamental as less powerful with shorter but multiple keys. I'm pretty sure they learned concepts like that very very early in their PHD program.
what amuses me though is all these /.ers who think they outsmarted the profs. One smart guy said "and not even a white paper? not a good sign."
LOL. It's not like it's some guy living under a basement.
Go get your free Palm V (25 referrals needed only!)
Oh please. I'm not even going to argue why mathematic professors not specializing in algorithms and crytpography would touch crypto. You might as well say "how do you know if they really got their PHDs?"
We are smart people here. John fucking Carmack posts here from time to time. I'm no John Carmack, but I've got a good mind and I know how to use it. So, yeah, why shouldn't we be able to?
Too bad smart people wouldn't doubt Brown professors based on their lack of access to a white paper. So I'm pretty sure that person wasn't a smart person.
Go get your free Palm V (25 referrals needed only!)
I love slashdotters - to think that people like you probably think you outsmarted 3 Brown math professors on cryptography. I'm very sure those professors are yelling "doh!" at each other now, after spending 6 years on this, then reading these numerous "insightful" post on how the security is compromised by using different keys.
point in fact - you read the MEDIA PIECE, not the original white paper. Just because you read how it's using different keys for each second, you jump to your trolling conclusion that security is compromised. Clue in to the fact someone like you isn't going to outsmart three Brown professors in that post that took you five minutes to post.
Go get your free Palm V (25 referrals needed only!)
point in fact - you read the MEDIA PIECE, not the original white paper. Just because you read how it's using different keys for each second, you jump to your trolling conclusion that security is compromised. Clue in to the fact someone like you isn't going to outsmart three Brown professors in that post that took you five minutes to post.
Go get your free Palm V (25 referrals needed only!)
Now it has to be www10, not partners, so of course it got moded up.
In all likelyhood, people just wouldnt use it. The music industry can have all the security they want, but if noone buys the products in that format it doesnt do much good.
Everyone seems to be intent on MPEG encoding the audio from the headphone jack if that's what it takes to copy encrypted music. I wouldn't be surprised if watermarks could be used to make re-compressed music sound awful. Ever xeroxed a check or a college transcript? Not very usable, is it? If people are going to make digital copies of watermarked music, I suspect it will have to be losslessly compressed. Not that that will be a big deal as even current digital media (DVD-RAM) holds much more than a CD's worth anyway.
Being a musiciana This actually gets me excited. As long as there are no stupid patents and exorbitant fees for using the encryption this would be great for many young bands.
I have spent thousands of dollars on music equipment, travel, etc to play my music and let as many people hear it as possible. That is my driving force. But if I can get some compensation, that is wonderful. That's why bands make CD's and T-shirts so that they can keep making music. I make mp3s of my band available for free. On my website, mp3.com and Napster. But if we could get like $0.25 a song that would be wonderful also.
This would allow people to conveniently listen to my music in their preferred format and would compensate me.
Close attention needs to be paid to the price though. Maybe even lower. But definitely WAY less than if you got them on a CD. And besides for bands on larger record labels... If this goes straight to them that's probably more than they make per song right now!
However due to the way things have been happening recently I'm sure it will be like $10,000 to license the algorithm and another $20,000 for equipment then a $0.10 per use charge or something stupid like that so that major labels will be able to charge you $1.50 per song. If you do the math that is more expnsinve tahn a CD. And No, I do not trust ost record labels, I used to work at a record store.
To within half a percent, pi seconds is a nanocentury. -- Tom Duff
First you assume the music is decrypted in the PC, what happens if it is decrypted in the DSP? Now what happens if every DSP you buy checks for unencrypted / watermarked music before it plays it or records it. Sure you could build your own sound cards, maybe even start a company to sell them. How many people are going to buy your sound cards if they are unable to play all of the 'normal' SDMI music? How long will it take before you get sued for making a device to circumvent a content control system? How many people are you going to be able to maintain contact with who will supply you with pirated music when technologies like napster are monitored for abuse?
Anyway, the point is that you will be working in a controlled environment. A pirate might be able to get around the controls but it will have served its purpose which
is to stop 99.9% of the massive piracy that the RIA is scared about because joe average user isn't going to setup a hacked music player. Of all the playstations
sold how many of them have been modified to play CDR's?
Watermarks are not audible. Once converted to analog the watermark in the digital audio stream is gone for ever.
You should become more informed before you make such claims. Just because the watermark isn't audible to humans doesn't mean that it cannot be detected from an analog signal. The SDMI doc's make it very clear that recording devices will attempt to detect watermarks in analog streams before they record them. The playback devices will also refuse to playback audio with a watermark that isn't in an encrypted form with the appropriate playback keys.
Now if they would release the USB info so a driver for Linux could be written.
I can totally see them screwing this up. Even college professors screw up from time to time. Besides, the main problems are the two that others pointed out: No one will buy it / client side security always fails.
Don't assume that professors are always right. Heck, for all you know, I could be Bruce Schneier in disguise (I'm not, but you get the idea).
-Dave Turner.
Become a FSF associate member before the low #s are used
I'm not sure I prefer a big mac to a few well baked escargots or some well made sushi.
The problem is, it's much easier to find a McD's joint than to find a good french or jap resturant.
McD's will never make fine food, because they don't care about it. There not in it to make good food. There in it to make a buck out of consistant american man-feed.
Apply that analogy to the record companies and you get it.
It takes way too much ingenuity to produce quality music. So they just go ahead and figure out something that nobody dislikes and promote the hell out of it.
Have you ever though that nsync sounds just like the bs boys and just like bspears and ca? Well, those stuff are written and produced by the same small group of people. DUH!
The reason people listen to fucking nsync is not because their music is good. It's because the labels pay the media to play the living shit out of their songs.
Man do you think those nsync vs bs boys shit on MTV is for real? They are fucking paid for by some "independant" promotion company.
:. Ultimate Control Dedicated/VM Servers
No offense, but you claim anything you want. That doesn't make it true.
MP3's cut out the part of music that the human ear either has trouble hearing or can't hear.
If you really think you can hear a difference, why do you listen to recordings at all? None offer perfect recreation of a live performance. So you're listening to a tainted copy.
The point is, you could probably only tell the difference if you are trying to find it. And if you have headphones on. And if they're turned up really loud. And if you actually clicked the play button on your MP3 player to know that it's an MP3 instead of the original.
Maybe not in theory, but there exists devices that for all practical purposes is tamper resistant. I once worked on a software product using an IBM4758, a cryptographical device that can keep a private RSA key very private. It detects abnormal input voltage, too high temperature, X-rays, physical intrusion, and whatnot.
My impression is that nobody in the world can get the private key out of the device.
By the way: the device has two batteries to keep the keys in RAM. If you would like to keep your precious keys, you are supposed to change the batteries only one at a time. Suddenly, a stable 1,5V can be worth a lot!! ;-)
With a built-in D/A-converter, such a device could protect music from being digitally copied. The real problem for the music industry is a practical one, though - someone has to put the private key into the device. As long as a few people has access to the information about how to do that, it's no longer a secret. Sooner or later, the key will be public.
Let's see how long it will take the industry to figure out that they cannot copy protect music without preventing the costumers from listening to it.
I see this type of thing progressing very rapidly in the future. If there can be technological ways to circumvent IP restrictions (Freenet, gnutella, napster, et all), why not have technology to ENFORCE the same thing?
There is no way to stop freenet-like systems from propagating (cat's already out of the bag). Same thing with development of technology to "lockdown" information.
I see it all as a natural progression of things. I do believe "lockdown" tech will have limited use however, as people like their freedom.
Today's concept: "Cognitive Dissonance".
Maybe there's no difference other than the fact that the audiophile says "damnit, I spent $200 on these s00per-s33kr1t speaker cables made from depleted uranium, and if I don't hear a difference, by God I'm gonna feel like an idiot! So I must be able to hear the difference! I don't care if it's beyond the oscilloscope's ability to detect it, any evidence that threatens my worldview is the work of the devil! I can hear the difference, I tell you!"
More seriously: MP3 is a whole lot more lossy than cheap cable. Yes, even at high bitrate and a good encoder, I believe it's possible for a trained listener to tell the difference between an MP3 and the real thing. (And for a crappy encoder or a low bitrate, anyone can tell!)
IMHO "audiophile" is marketroid-speak for "guy who'll spend $10,000 on pseudoscience in order to convince himself he's cooler than his friend who also calls himself an audiophile." Of course, that's because I can't hear the difference. Maybe there are people who can tell what metal a cable is made of by the way it sounds, and if you're in that unfortunate 0.0001% of the population you have to spend $10,000 on gear in order to get something that sounds good. (I'm not advocating buying the cheapest crap on the market, just saying that once you get past a certain level, you're merely throwing money down a hole :-)
Let the "audiophiles are weenies" vs "you have tin ears" flamewars commence.
But to get back on topic: There are enough people whose ears are tinny enough to listen to Blade/128 MP3s. Given that level of awareness in the mass market, nobody's gonna care whether the MP3s of the future come from DAE off a CD or from an analog hookup with $0.50 alligator clips to the speaker lugs.
The "freedom of the viewer," eh?
The viewer and the producer share a relationship that is abused if either neglects the other.
You can encrypt stuff to hell and back again, but if I can hear it, or see it, then I can record it, there's just no way around that. Even things that are somewhat insightful, like macro-vision, can be gotten around.
-- It is too late for the pebbles to vote, the avalanche has already started.
I've taken to writing my own music..
m l
and yall can have it for free.
http://hammer.prohosting.com/~ikekrull/noise.ht
If you like it, or if you think its crap.. let me know.
I gots ta ding a ding dang my dang a long ling long
No offense, but you claim anything you want. That doesn't make it true.
As far as hearing the difference between uncompressed and compressed (MP3), I have tested the two. I stand by my claim because I know it to be true.
If you really think you can hear a difference, why do you listen to recordings at all? None offer perfect recreation of a live performance. So you're listening to a tainted copy.
I listen because I enjoy music. By your logic, since we can't reproduce a live recording perfectly, then quality doesn't matter. I don't buy it.
The point is, you could probably only tell the difference if you are trying to find it. And if you have headphones on. And if they're turned up really loud. And if you actually clicked the play button on your MP3 player to know that it's an MP3 instead of the original.
To state that the difference I hear is audible would be an understatement. Not only is it audible, it detracts from the music. It makes the music less enjoyable. I think if you made the comparison for yourself (in a suitable environment), you would come to the same conclusion.
-- "Complacency is a far more dangerous attitude than outrage." -Naomi Littlebear
It's very simple. Any music released in this format will never be used. Period. As long as they still sell the CD, people will still get it in mp3 format.
I don't think it's fair to say that a secure digital music format will *never* catch on. What the proponents of such a new format have to do is make sure it does what MP3 can't/doesn't. This new file format needs to offer something that people will want to pay for. I venture to say that if a secure format with no audible differences from CD audio, capable of being compressed at 50:1, and priced fairly was introduced, consumers would drop MP3s like yesterday's pop album.
I realize the example is extreme, but who is to say that such a format isn't just over the horizon? The recording industry as we know it is not doomed, they're just having to adapt.
-- "Complacency is a far more dangerous attitude than outrage." -Naomi Littlebear
The idea that a single generation will have a noticable affect on the quality of a recording is laughable. We are talking about a single d-to-a conversion and another a-to-d conversion.
It's hardly laughable. We're talking about going through a computer sound card - hardly high fidelity. Secondly, we must go through some sort of cabling (and for this example, let's assume that we're not talking about $500/meter cable). Now we have to come back through the sound card. I assure you, the effect will be noticable.
On even mediocre equipment you would have to have some golden ears to be able to hear the difference.
My equipment certainly isn't high-end in the true sense of the word, and my ears are far from golden, but I would certainly be willing to bet that the difference would be more than audible, it would be obtrusive upon the listening experience.
Once it is in a non encrypted format, it is digital generations from then on.
So you take a CD, degrade it by putting it to MP3, then degrade it by putting it through a sound card, then through a cheap cable, and then through a soundcard again. Now you compress it back to MP3. But sure, from there on out it's smooth sailing.
If you are willing to put up with 128k MP3's, and most people are, you certainly aren't going to care about a single generation copy.
For the record, I don't listen to MP3s because they don't sound as good as uncompressed music. But even if I did, a single generation copy (in the manner described) would take the MP3 from bad to worse.
-- "Complacency is a far more dangerous attitude than outrage." -Naomi Littlebear
Um, MP3s are not exactly the same as the original input signal. There is already loss there, it's just loss that you can't much hear (tho I know some snob audio purists who claim they can).
In my example I was using MP3 as the basis for comparison. And I not only claim to be able to tell the difference between MP3 and uncompressed, I actually can. Take a track that you know well, burn both an uncompressed and compressed copy to disc, take it into a hifi shop, and listen. I think you'll be amazed.
The point is, taking the output from a fast-enough DAC with proper filtering, and re-digitizing it, the loss is very small. In a pinch, software and hardware could be made to try to fing the "bit length" from the DAC, and in turn synch the ADC to the same length (tho that'd be both hard to do, and pointless, given the proper filtering).
But we're talking about going digital > compressed digital > analog sound card > analog cable > analog sound card > compressed digital. There is lots of loss in that sequence.
-- "Complacency is a far more dangerous attitude than outrage." -Naomi Littlebear
You are incorrect. No loss of quality would result since the original sound data is being captured as it comes through.
The problem comes with the d/a and a/d conversions, not to mention the compression.
If transferring things over cables caused a loss in quality, you would not even be able to view this discussion forum due to data corruption.
I think a large majority of the audiophiles that you talk to (I mean serious music and equipment lovers, not the guy next door who just wired up his Sony receiver) will tell you that there is an audible difference between a $2 cable and a $200 cable. In my example, cables just serve as one more analog transmission that degrades the signal.
-- "Complacency is a far more dangerous attitude than outrage." -Naomi Littlebear
They also garnered royalties from publishing their music. Before there were recordings, the only way to reproduce the music was to have someone else play it or learn to play it yourself.
The same reason code wheels and manual lookups are a pain in the ass for games: if it's inconvienient for the honest consumer, and can still be easily cracked by pirates, then then only ones to be aggrivated and lose are the customers. That's the difference, to me anyways, between this and other situations.
-- www.bteg.com | bleh.n3.net | hac47.dhs.org
What's to stop someone from plugging their output from their sound card right back into another sound card, or another computer, and record it as .wav or something, then encoding to mp3?
Is there some way of encoding audio like DVD's are encoded to prevent something like this?
as far as hardwired protection... what's to stop us from keeping our machines as they are and using those?
In a world where 386's can still be used fruitfully, I think all us geeks can find some use for our P2's for the next 7-10 years.
Why not RIAA? What a fucking farce this industry is.
it's your own fault, says Adobe.
The message on the other side of this sig is false.
It's not as if N-Sync is going to be around this time next year to bitch about their album
being pirated.
The message on the other side of this sig is false.
to the artist.
/.! To /.! The corpses are coming!
Antitrust! Antitrust! Antitrust!
To
I'm not anticorporate and happen to hate whiners, but only a fool couldn't see that a lot of the old guard are decaying and trying to hide it.
The message on the other side of this sig is false.
Problem: I have still paid too much.
Problem2: If this thing prevents me from playing my music on MY stereo system designed by ME, I'm paying way too much.
Problem3: If only record companies can get their hands on this thing, frag it.
I can come up with patents too you know.
The message on the other side of this sig is false.
Multiple keys are no different than having one longer key. That shit shouldn't even get a patent. It's got one-click written all over it.
Plus longer keys mean BXA licences are required. Now what? Do I have to kiss Reno's ass to produce a record and protect it?
But I digress. How much you wanna bet no artist will be able afford this technology, only record companies?
Sorry, but all this alarmism is driving me toward a more creative industry where people use music to create more music. You and your fucking lawyers have fun. I'm interested in something else
The message on the other side of this sig is false.
It's called general purpose machine revolution. Get used to it.
Up with communicating artists, down with self-involved eggheads indepenedent or not.
The message on the other side of this sig is false.
IDEA is not a Public Key Algorithm, it is a symetric key algorithm./p
<sigh>
Seriously though, we've already done it once with
divx, why can't we do it again with this new crap.
Come on, folks. Do you honestly think the RIAA
can make money if you don't buy their crap?
The same reason Divx died is the same reason we
can make any new copyright protection mechanism
fail. Continue to buy unencrypted compact disc's.
Refuse to buy anything else.
Power to the people, vote with your money.
~
Twivel
Many posters have pointed out that the flaw in all these music/video "encryption" schemes have is that at some point the data becomes human readable and thus can be captured. This seems like a fatal flaw and probably is from a technical standpoint but we should never forget that when powerful interests don't feel they can protect themselves technologically they will resort to using the law (force, in other words).
I have long thought that government and corporate interests would ultimately conspire together to get laws passed controlling the sale, distribution and modification of computers that are similar to those effecting firearms, using a lot of the same justifications:
From the govt. side:
From the corporate side:
I know it sounds farfetched but remember that it wasn't long ago that Louis Free(sp?) at the FBI proposed a "key escrow" system for all encryption keys and that there is a law moving through Parliament in the U.K. right now that would effectively make a criminal out of anyone who would not or could not produce his private keys on request. How long will the various cyber-fascists take to realize that they can just build all this snooping ability right into the hardware and then make it a crime to "tamper" with the box (at least the tattle-tale chip and related harware). The public is already worked up over "hackers" after all...
--
--
Nothing to see here. Mooooove along...
Have to agree on this one. I always piss off the audio sales "professionals" in the local shop when discussing cables. I ask a few simple questions, such as "What tests have been done on cable X that show it is better than cable Y?" Normally, they start talking about the construction, the connectors, etc. None of them can point to any testing done to see if the cable is any better. The only "scientific" answers are ususally from people who bought them, read something in a newsgroup of crazy audio freaks about "skin effect" and high frequency loss (even though skin effect doesn't exist at audio frequencies - only RF).
"Well, good luck finding a judge that doesn't run a bestiality site."
The only way to stop piracy is to make everything work like it does in the movies, ie: No "Copy" only "Move"
and that's just plain stupid
Just to be sure this doesnt get moderated up:
Damn Fuck Shit Cocksucker, and Slashdot Sucks Fucking Ass.
-- 'The' Lord and Master Bitman On High, Master Of All
My Gravis Ultrasound PnP had a neat option for selecting the recording source. One of them was called "Master". This recorded whatever was being *played* by the Ultrasound. Sooooo... Select Master as recording input, play your encrypted audio, and bingo! You've got a .WAV of it to do what you want!
Are there any more modern cards that do this?
As long as music is still being released on CD's, there will always be people who will rip 'em, encode 'em, and make them available over whatever file sharing program isn't being sued at the time.
--The Groove
I'm not sure I prefer a big mac to a few well baked escargots or some well made sushi.
The problem is, it's much easier to find a McD's joint than to find a good french or jap resturant.
It's may be harder to locate the best music (i.e. to actually find a place to buy the CD's), but it is not difficult out to FIND OUT about the best music; simply read reviews for the best genres. The majors only put out 20,000-30,000 titles per year, and the current system of review makes it easy to find the best music. Most genres in the indie scenes have fewer than that per year, again making it manageable.
McD's will never make fine food, because they don't care about it. There not in it to make good food. There in it to make a buck out of consistant american man-feed.
I bet that the average escargot joint who charges a $100 a plate is a lot more profitable than most any McDonalds location.
Have you ever though that nsync sounds just like the bs boys and just like bspears and ca? Well, those stuff are written and produced by the same small group of people. DUH!
So?
The reason people listen to fucking nsync is not because their music is good.
On an absolute objective scale, N'Sync et al's songs are not as good (as complex, as beautiful, and as emotionally reaching) as Beethoven's late string quartets, Schoenberg's 12 tone work, or Coltrane's late period work, BUT for what they are trying to do, which is make catchy, radio friendly, well produced, slick sounding music, they do it INCREDIBLY well. All of those songs are perfect little jewels of pop.
People like it because its marketed only in the sense that that's how they found out about it. Big deal. Any act of promoting yourself (including recording music, or publishing music) is promotion. I wouldn't know about Beethoven if he hadn't promoted himself. You wouldn't know about ANY artist, besides your next door neighbor who plays really loud, if the artist hadn't promoted himself.
If you think people actually don't like the music, you are SADLY mistaken. Personally, I think anbybody who does not think the music is catchy and fun to listen to is lying and is insecure about their musical tastes. Catchy and fun does not constitute "good", but it IS what most people are interested it. Have you ever seen those teenage girls get in N'Sync vs. Backstreet Boys fights? They're more passionate than any Slashdotters are on any issue. What would be their motivation if not the music?
Man do you think those nsync vs bs boys shit on MTV is for real? They are fucking paid for by some "independant" promotion company.
Right. N'Sync and the Bastreet Boys did not even consider music as a career but were formed by responding to a newspaper ad. It's manufactured. So? It's what 99.44% of the population wants, and for us remaining 0.56%, there are hundreds of thousands of indie selections per year waiting for our perusal. What's the problem?
The fact is, the musical landscape is dominated by four corporate giants, and the indies are there, but they're such minor players in the distribution and promotion infrastructure, that anything outside the money-making "formula" is lost. It's a LOT harder now to find good stuff than it was 5-7 years ago.
I think the last five years have been by far the best in the history of recorded music. There is more GOOD music being put out now, and MORE music period out now. It is easier to access. None of the best music is on major labels, and none of it is played on the radio. Radio and major labels are the worst barometer of music -- there never has been good music played on the radio, and I don't expect there to ever be.
I also believe that socially, there has been a mass-rejection of nonconformist music among kids who were shocked at the whole black-trenchcoat scene when Columbine went down. It's a backlash against the Primus/Marylin Manson/Ministry set. (hm - if I listen to n'synch, and don't wear black, people wont think I'm a freak and am going to kill them).
For starters, any guy who listens to NSync would be considered a freak or at least a fag, as that is girls music. Popular guys music is stuff like Limp Bizkit, Eminem, etc. Not exactly clean cut, manufactured pop stars, but not serious artists either. I was the least popular kid in my high school, but I think there is value in conforming, and think the youth geek/rebel culture is counterproductive.
Britney Spears may be synthetic, corporate music, but it is slick, well-produced music. The aural equivalent of a Big Mac.
Correct. But here's the rub: 99.44% of the population _prefers_ slick music, and doesn't want to go out and look for other music. There _has_ to be slick commercial music because that's what almost everybody prefers. Even when recorded music ceases to be a market, this kind of fluff will still be played on the radio,
You don't know what bad music is until you have gone through and listened to a pile of promotional records at a radio station. There is an unbelievable amount of really bad music that never gets played on the air.
And even these are the cream of the crop! For every artist who was actually talented enough to get a recording contract, there are 1,000 others trying to make it, who are even less talented.
In the post-RIAA "utopia" which everyone talks about, where ALL music gets EQUAL distribution, we not only have to wade through all the top 40 music, and we not only have to wade through all of the no-talents you describe above (which outnumber the stars by a factor of 10), and not only do we have to wade through all of the unsigned bands (which outnumber signed artists by a factor of 1,000), but on top of THAT, we will need to wade through amateurs: old women crooning in the shower, people singing campfire songs at the family reunion, and junior high school marching bands (all of which probably outnumber unsigned artists by another factor of 1,000).
Right now, when I buy a CD from the best independent labels (such as Rounder, Hightone, or Sugarhill), my "hit rate" (the chance of getting a great CD) is about 95% - the best labels do not release fluff, and have their reputation on the line whenever they release a new CD. According to my calculations above, when a get a random MP3 in the post-record company world, my chance of getting a good song is about 1 in 10,000,000. This is supposed to be better than buying a pre-selected CD, by an artist who has already proven to be talented enough to warrant a sizeable recording budget?
I'm assuming that any of the hardware used for playing back the sound is tamper proof, i.e all the hacks around encryption at the hardware and software level have been eliminated (an impossibility im sure, but for the sake of argument)
How about a photo quality copy that you can only tell is copied with a loupe? With a nice frame, id put that over my mantle any day. Also, were assuming that with any encryption scheme, the quality will go up, since because were paying for the music they can afford to up the quality ( or so the RIAA says, ha ha). Regardless I can still go out and buy a cd and rip an mp3 off of it if i have to.
Ahh, but when they introduce their new DirectPlay format, and start piping the music straight to your brain, what are you gonna do then?
Then you get in front of a microphone, hit the record button on your digital recording device, and begin "singing" what you are "hearing", in real-time:
"Nananana, tananana, chika-chika, boom, snick, tananananana, snick, snick, boom..."
Voilá! Instant digital copy.
--
begin 644
ya, that's what I mean. With they right encryption or compression any piece-of-shit major-label-poster child wonder band could sound like your favorite industrial band
XML causes global warming.
XML causes global warming.
Frankly I expect to pay less if I'm not allowed full use.
And you do. If you buy a CD, you buy the right to play the music on that CD with certain conditions. If you want complete, exclusive control of a song, you can buy that too (if you make the current owners a large enough offer - everyone has their price). The thing is, it will probably cost you thousands or even millions of dollars depending on how popular the song you're trying to buy the rights to is.
Just a supposition, but suppose that CD stereo system manufacturers integrated a SDMI like system into their newest systems, Where they would still play the old Quote-unquote-insecure stuff but had the capability to handle this awful DRM stuff.
They could accounce their players had this capability, in which case joe public says 'Wow, look it does 2 things', or they could keep the technology a secret (not sure about the legal aspects as IANAL), in which case everyone buys one and at some indeterminite time in the future, all Quote-unquote-insecure stuff comes off the shelves.
Don't say it wont happern, we're seeing the same sort of thing happerning with television, in 5 or so years, all analogue transmission will cease in the UK, [which I think is disgusting, have they even thought about the pensioners who would never be able to afford such a commodity] - in favour of digital television, god knows, the same thing is probably happerning with radio.
WE MUST NOT LET THIS HAPPERN UNDER -A- -N- -Y- CIRCUMSTANCES!!!!!!!!!!!!!!!1
can you believe the inconvenience? being unable to fairly use the materials that you are supposed to have bought the rights to listen/view.
I had to say something, these fscking 'trusted client' systems scare me too, system - speaker encryption is just A BLATANT MISUSE OF COMPUTING POWER AND ENCRYPTION TECHNOLOGY, simply to restrict our rights.
skiy.
skiy. www.Smokedot.org Drug Info, Rights, Laws, and Discussion
I cannot listen to a song
and not have access to the information - at least not until the install a chip in my brain
---------
DON'T GIVE THE FSCKING EVIL MUSIC INDUSTRY IDEAS
skiy. www.Smokedot.org Drug Info, Rights, Laws, and Discussion
It's a waste of time. The musicians will be no more successful at protecting their music than DirecTV is at keeping pirates from decrypting their satellite broadcasts.
But... the cost will be high and will in turn be used to justify an $18 CD.
Ok, so a whole bunch of people have already pointed out that any music that you can hear can be recorded into an mp3. This given, no encryption scheme can prevent music piracy. 'Nuff said. Still, the concept is interesting, if only for other potential uses of the system.
.exe"?
A few people have realized that any encryption scheme, no matter how sophisticated, can be broken or circumvented. I think in this particular case, the key, if you'll pardon the pun, is that the "cycling encryption keys" are based on a single key that is provided by the original user's hardware. There would be no need to decrypt every key, just that base key. I'm interested in seeing this system used to protect against software piracy. Can you say, "cracked
I like cheese. Hey, I told you these were random.
I wonder what impact this will have on internet security. Bye-bye SSL, hello cycling encryption?
Loss of quality results when passing through ANYTHING. Try it out for yourself. Get some good speakers, a pair of cables that's 60 feet, connect them to your amp, and listen. Then, try the same thing with a 2 foot cable. there is a very noticable degredation in quality.
In response to your second point, you ARE losing information (called packet loss). It's just not enough to really make a difference.
-saintalex
Observe, reason, and experiment.
Observe, reason, and experiment.
(if you're too dumb, just pray)
Well, point taken about the uselessness of the crypto in the sense that you could intercept the signal between the Sound Card and at the Speakers.
But could the scheme be aimed at portable MP3 players instead? There seems to be some mention of this in the article.
I am not saying that applying the scheme to portable players would make digital music tamper-proof. I am just saying that this could be where they intend to apply the crypto.
What you are describing is similar to what Intel wants to do to video displays, as reported here.
The nice thing about Windows is: it does not just crash; it displays a nice little dialog box and let's you press 'OK'
The only question I have is a technical one that concerns the rapid generation of keys. It claimed is that the keys are generated essentially randomly. But how true is this? To be put into players and software, the algorithm must be deterministics. After generating one key, the next one must follow, or else the playback would be screwed up. Why is it that someone cannot attempt to crack the first 1-minute block of music, and once successful, figure out the keys for the rest of the stream? Sorry - my math is not up to scratch, and I think this is a fair question. Anyone?
Next!
- Andy R.
A pizza of radius z and thickness a has a volume of pi z z a
Once there's a player for this new encrypted standard, then why bother hacking the standard -- just hack a player, and divert the output to a different file.
The article also states that I can have a single token, and share it among my devices to transfer music between devices with the same token. Why can't I transfer tokens to friends? There seems to be a few logical problems going on here.
So take the leads off the speakers and splice them into a wire, and plug it into a soundcard's "line in". Even given that they can control all the hardware in the world, you will always be able to do that, it's just the way that speakers work. Also, you could use a microphone (if say all the speakers contained some form of bomb or mine triggered by opening them).
You're missing the point... The software doesn't get the capability to decrypt the mp3 at all. Rather, the hardware has a /dev/encrypted_dsp. You stream the mp3 into the sound hardware still encrypted, and the sound hardware decrypts it.
Incorrect, because opening the speakers triggers a self-destruct mechanism. Heheheh.
Someone will, and they'll put the music on the freenet. Also, there will always be some company that is willing to ignore watermarks, build watermark-removal filters, etc. Even if it's illegal, some international company will.
No you couldn't, because only real hardware manufacturers would be given the information necessary to decrypt -- NOT VMware, or anyone else who would put the information into software or some equally easy-to-reverse-engineer product.
Newsflash: the use that you pay for when you buy a CD is personal listening. Fair use would cover you making a tape copy of a CD to listen to in your walkman. Fair use does not cover you making a tape copy for a friend, or even putting one song on a mix tape for a friend. As I understand this new encrypted format, you would still be able to copy the music as you hear it (i.e., no digital out line) for your own personal use. That's all the use you have ever paid for, and all the use you are ever going to get.
Holding a microphone near the speaker wouldn't be an acceptable option as it would degrade the sound quality too much
.oO0Oo.
Sorry but the degredation would not be too much for people to listen too.
When I was a kid we used to make tapes from putting one deck with a condenser mike next to the another tape/amp/speaker unit. The highest quality setting being the "closed bedroom door - no shouting" setting.
I've watched planety of VCD's that are done by some guy in a Hong Kong cinema with a camcorder.
And then ftp'd or mailed around the world on CD.
PLus that's how plenty or recrods are recorded in the first place. Something makes a sound and a microphone records it.
Even slightly sophisticated usic prirates would spend a few quid on some decent recording equipment and with analogue technology the way it is now you could make near perfect recordings of ANY encoded music with a aspeaker and microphone combination.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
I have to totally agree with this.
Up with independent artists, down with recording industries.
-m
--- Cum catapultae proscriptae erunt tum soli proscripti catapultas habebunt
This is all well and good for those of us who can handle that. Most of the masses, however, won't be able to find the tools or want to waste the time on it. It's similar to the copy protection schemes used for games and such now. Those who are going to pirate a game still do, regardless of protections.
These schemes are little more than putting a little wimpy doorlock on your wimpy hollow wooden front door. It's more of a deterrant than actual protection.
I think the goal here is to keep protection technology at a certain point relative to the deprotection technology... to make a "this door is locked" sort of statement.
2 cent rebate available.
-m
--- Cum catapultae proscriptae erunt tum soli proscripti catapultas habebunt
If you went to the South by Southwest music industry conference in Austin the last few years you could see this happening with the music execs:
'98: "Hmm, this MP3 thing looks interesting. Will it catch on? What could we do with it? Will it cannabilize CD sales? What about piracy?"
'99: "SDMI. That's what we'll do. We'll sell our music encoded with SDMI. That will prevent piracy and we're sure to make a mint."
'00: "Shit. Napster. Gnutella. We're fucked. What are we going to do??"
Burris
plus, if loads of audio manufacturers produce riaa compatible speakers, the chances of someone leaking the spec increases dramatically, or a poor implementation etc. or of someone building a box that you plug into your pc that takes a pleasantly sampled-from-analogue signal from it.
I've got MS Word documents that are only a few years old that I can no longer read, now its gonna be the same with music and motion pictures.
>I'm assuming that any of the hardware used for playing back the sound
>is tamper proof, i.e all the hacks around encryption at the hardware
>and software level have been eliminated (an impossibility im sure, but
>for the sake of argument)
>Not possible. The hardware has to assembled and a speaker/some means
>of generating physical sound attached.
Certainly *possible*. Imagine a closed box which immediately self-destructs (blows up) when you come within a 5 meter radius of it.
ok then your [sic] infringing on my copyright! Could you as [sic] me next time before STEALING my comments for your own?
Seems to me that at one point or another we're going to have to settle for analog recordings of the "put the mic up to the speaker" variety. The problem of course is shitty quality. But what if you make a shitty quality copy N number of times, then combine those N copies using an algorithm which "cleans" the signal, sort of taking the average, or eliminating the abnormalities. For instance, if you record the first time, and the speaker pops at 2:49 into the recording, but the second time it pops at 2:23, and the third time it pops at 1:59, you take all three recordings, and take majority rules. Now multiply by 10, 100, 1000, 10000 recordings.
patent pending for this process. license to use the process hereby granted for all public domain software products.
ok then your [sic] infringing on my copyright! Could you as [sic] me next time before STEALING my comments for your own?
how do you know if you guessed the first bit right?
ok then your [sic] infringing on my copyright! Could you as [sic] me next time before STEALING my comments for your own?
Not necessarily. Let's say I have a 16 character unix password. It is encrypted with two 40 bit keys, one for the first 8 characters, one for the second 8 characters. Come up with a brute force algorithm to decrypt the password which is better than this:
while (key1=0; key12^40; key1++) {
while (key2=0; key22^40; key2++) {
decryptedpassword=decrypt(encryptedpassword, key1, key2);
if (trytobreakinusing(decryptedpassword))
return key1*(2^40)+key2;
}
}
which takes 2^80 trials worst case (2^79 average case). you can't, since you can't tell whether the first half is right seperately from whether the second half is right.
ok then your [sic] infringing on my copyright! Could you as [sic] me next time before STEALING my comments for your own?
Of course, since everyone only listens to music using windows or Macs, the software to handle digital music wil only be available for these systems.
A Sicilian hacker (about time Sicily got into tech news after all) will find a quick and easy way to circumvent this system, and release GPL'ed software that can conceivably be used to pirate the music.
The GPL'ed program will be posted on 2600. The RIAA will immediately start a court case against them. This will go on for a very long time, during which time we will find out that the only people in the entire case who has any idea what the actual software does are the 2600 staff (Their legal team will not have a clue).
Since this will result in a lot of news for Slashdot, I suggest Andover lobby for its introduction into the music industry immediately.
Ahh... i now see things more clearly. So this is why in all the cool interpretations of the furure, all the Good Guys are using old, semi-decrepid hardware from decades ago.
The campaign for real ale.
flossie
Write now. Defend liberty
Where does that new-fangled internet music come from? It's ripped from CD's, right? What if music didn't come on CD's anymore, but only some unrippable media? Joe Schmoe will *have* to look back.
Yes, you'll always be able to rip an analog copy of digital media, but if hardware vendors get together (think DVDCA, but having learned from their mistakes) then they could prevent us from intercepting the music. Your assumption is that the cleartext stream passes somewhere usable to you. What if soundcards had native support for an encrypted music format? All you would see is meaningless garbage on the way in, and you're only interceptable output would be analog (until soundcards have digital outputs...but then they could just pass the encrypted stream to the next piece of hardware, assuming it too knew how to decrypt the format). Granted, this sort of thing would be very hard to keep secret, just like the DVD fiasco, but never underestimate cryptographers.
Who would pay for this? The consumer purchases the hardware of his or her own choice. Even if the mainstream hardware goes to this (which I doubt that it will) there will always be a market for non-fucked up electronics.
So the shot across the bow has been fired. I have no problems with a company using strong crypto. Read about the Utopia group cracking the Sega Dreamcast GD-ROM format? Impossible to crack it, right? While not exactly the same thing, the point is, that someone will find a way, no matter how good the encryption is... it may take a while, but I have confidence it will be done.
Atempting to use any sort of music crypto to prevent pirating is just like what the MPAA did with DVDs. In fact trying to encypt music cds would be even less efective because unlike DVDs anyone with a CD-R drive can make an exact bit-for-bit copy. And as with DVDs the encyption could be bypassed by capturing the unencypted output, except that to do so with music CDs would be even more trivial since all you have to do is connect the line out on your sound card or CD player to the line in. When are they going to figure out that encyption was not meant to nor is at all effective at stoping people from copying CDs and DVDs. The only thing encyption is good for is preventing unauthorized viewing of material, and not preventing copying of that material.
While that state of affairs exists we MUST oppose any technological measures to "protect" copyrighted work, not because of the technological impediments such a system imposes, but because of the legal danger such a system imposes to the legality of making fair use of a work.
P.S. I should write an encryption and "work protection" system that XORs protected data with a 1 byte key and call it a DMCA fair use eliminator. Trivial to crack, nearly useless technologically, but it would make fair use of protected products illegal. Maybe that would show the absurdity of the DMCA...
Just because it CAN be done, doesn't mean it should!
The real risk is that they will come out with hardware that can support "legacy" (unecrypted) and encrypted content. It will play old stuff AND new stuff, so it will be seen as better. As more and more stuff is encrypted, the old stuff will be able to play less and less content. Now it is a question of how much content will only be encrypted.
There is also the issue of whether the encryption will be licensed to those that can also play unencrypted content. If not, unencrypted content will have a big barrier. That would be worse than DVD, which contrary to some people's misapprehension, CAN play non-CSS protected disks.
If almost all new content is encrypted we lose, if not, we win. The hardware industry wants to make a buck, not protect the content industry (unless, of course, that will help them profit).
The big question is, will the content industry stop making unencrypted content....
Just because it CAN be done, doesn't mean it should!
PLEASE encrpyt Brittney Spears, NSync, Kid Rock, and just about EVERY SINGLE OTHER pop 'artist' spitting out crap as fast as the 15 year olds can spend their allowance money. Then see if I buy the player!
My internet-wired 60-Gig-MP3 CDR-equipped jukebox will satisfy me for the rest of my life with everything from Robert Johnson & Albert King to Pink Floyd and Led Zepplin
THAT Genie ain't gettin' back in THAT bottle!
Open source hardware design specs are also beginning (and some are fairly along, as well.) Let's see them try to take that out. It's like trying to take out Vorbis and PNG -- wouldn't work.
Mr. Asshole of the MPAA simply argued that DeCSS breaks CSS. The DMCA says breaking cryptography is illegal, whether you distribute the protected work or not. In fact, you would think that it was deliberately easy to crack so that you DID crack it simply to get you into a larger legal mess.
Uh huh. True to a point only, however. Sure, we have the DCMA, and other fun laws. You see groups like Razor1911, Phrozen Crew, Hybrid, etc. get carted off to jail? Mmmnope. They can't really just try to make an example of someone, because everyone knows that they don't have the resources to go after all the pirates. Not even close.
If DeCSS had been distributed anonymously, and people had just 'meekly' shut down their sites when the MPAA threatened, and then put up others, they still wouldn't be able to put up the fire. As long as Geocities, and FortuneCity, and AngelFire, and Tripod, and the myriad of other free hosting services (anonymous, no less) are around, they'll never get rid of us. Tough for them, eh?
Then, if you upload the music, they will be able to track down the source of the new digital copy of the music to you.
to a point. Ever been in #cracks or #serialz of EFnet? Seen a '?? get real' followed by h4x0r3d serialz and codes to get the newest realplayer from their own site? Ostensibly as a legit upgrade?
How's this different? Only more bogus names, possible a wee bit more credit card fraud. That's about it. I don't see many far-reach effects, really.
I can see that this is more targetted at portable devices and not pcs, but who wants to have to buy a song once to listen to on your pc, another to listen to in ur hifi, another time to listen to it in ur car and if you have a portable then you'd have to pay AGAIN!
Also if you upgraded your hifi you'd have to rebuy your music collection once more.
Ultimately any device that plays this sort of music will ultimately have to also play mp3s, so by trying to promote this they will also further promote mp3s. The only route to which they could promote just their own technology would be to heavily subsidise global sales of players and smart media and hope to recoup it from record labels.
As everyone here says if you can listen to it then you can easily copy it, and encrypted music downloads can only ever take off once cds are taken off the market.
"It's tiny and can fit into 1,500 bytes, while competitors take 10 or 20 or 30 times as much space," he said. "That's important because consumer devices have very little memory."
Last I checked my RIO had 32 megs of data memory and it's probably got a meg or two of other memory in there too... I really doubt that 45k of ram (on top of the obvious mp3 decoding chunk and buffer) will add much to the cost of a player.
Yeah, it's not as if Metallica is going to be around this time next year to bitch about their album being pirated.
Tomorrow will be cancelled due to lack of interest
And, then what would radio stations do? They'd have to get special equipment right, to be able to transmit the signal decoded out... well, ummm... how long do you think it'd take before such equipment was either used to create a near same amount of illegal copies that exist today, or, was recreated and sold illegally. Like.. 5 minutes?
Tomorrow will be cancelled due to lack of interest
Even if the device was actually tamperproof, and noone could emulate it, they would lose it all, because there is no way to copy protect something tamperproof without making sure the listener never hears the music.
Tomorrow will be cancelled due to lack of interest
bored
managers...why god invented purgatory
I know quite a bit about how trolls typically operate, and I can tell you straight off that this is not typical behavior. I'm not so sure I buy this Andover lawsuit thing, but something is happening here. Before you all go off half cocked writing letters to the staff OR going nuts with moderating everything as "Troll" I think we need to find out what's really going on.
Consider that all of this has happened in the last 2 weeks:
- Penis Bird Man
- A hostile, anti-troll sid
- Substantial increase in the number of spam kiddies on slashdot
- The troll's main home on
/. abandoned by all the regulars - A new sid was created, and is dominated by the spam kiddies
- Prior to abandoning the original k22320inchfan there was much talk of a stalker, similar to what happened on TrollTalk. No, this is not bullshit. Ask around if you weren't here then.
- The Steve Woston trolls dried up suddenly
- That bit about Natalie's birthday is also 100% true. All the troll posts got slapped to -1, and therefore weren't archived, but it did happen. For about 4 hours nobody could post to that story
Now, whatever the case really is here, we definitely need to calmly begin understanding what is actually going on.If Andover is suing over comments, that warrants serious discussion.
If a poster is being stalked and threatened, that warrants serious discussion
If a group of malicious spam kiddies from Usenet is trying to invade
...in this market.
See Bruce Schneier's comments on this.
Even if they do find a way to encrypt a music with multiple keys, what is it's worth? Someone is going to "pay" for it and just record it and get it out there unencrypted and there will always be napster (I hope) :-P
Daniel Bendorf
Is that having several keys does not make the encryption exponentially harder to break. It makes it linearly harder. Having 40 55 bit keys is worse security than having 1 56 bit key. It's like using 40 bike chains as locks versus a deadbolt lock. The only good thing about this is 1) in case someone tries brute force (even then its feeble in comparison to having a larger key) or 2) To tell the "big wigs" that they have 1000bit encryption (which is a lie), but sounds better than 56bit.
witty sig goes here
I agree that this system is *far* from stopping piracy of streaming media, however, this probably will *not* affect keyspace...
5 6.8 .
IDEA is a pretty popular PK algo, right? A PGP attack FAQ   (I found trying to go to Fran Litterio's now-defunct PGP archive) which is fairly complete, albeit unconventional, has a statement that I would tend to agree with for just about any pk/hybrid cryptosystem based on large primes:
-- Brute Force of IDEA --
As we all know the keyspace of IDEA is 128-bits. In base 10 notation that is:
340,282,366,920,938,463,463,374,607,431,768,211,4
To recover a particular key, one must, on average, search half the keyspace. That is 127 bits:
170,141,183,460,469,231,731,687,303715,884,105,72
If you had 1,000,000,000 machines that could try 1,000,000,000 keys/sec, it would still take all these machines longer than the universe as we know it has existed and then some, to find the key.
IDEA, as far as present technology is concerned, is not vulnerable to brute-force attack, pure and simple.
Of course, the claim of vulnerability to brute force attack has lost validity, at least to some extent, since it's 'publication' in '96... The point is, that's a lot of keys. If I'm not mistaken, *any* primes in that range are potential keys. (any crypto experts out there?)
When I grow up, I want to have Christopher Walken hair.
As long as people are designing the hardware no "tamper-proofing" attempts will ever be 100% effective. Face it, you have to hear the audio at some point.
Right where you ought to be. In the stores purchasing your music!
MP Perl Development
lol that's the best brittney spears analogy i think i've ever heard. the big mac of mass-produced pop music =)
There are a couple of factors that degrade the sound of MP3:
1. It is compressed at about a 10:1 ratio. You can't do that without losing a lot more than what you claim (that which the human ear can't hear).
2. Sound that is "outside the range" of human hearing affects the tambre of other sounds on the recording. Even CD's forfeit a little bit of useful sound for the sake of data efficiency, but nowhere near as much as MP3.
3. I'm no "Audiophile" writer, but I promise you that I could tell the difference in double-blind tests between even the best MP3's and a good CD player. Whether I can tell the difference as it comes through the sound output of a PC is another matter.
The good news is that d-a, a-d solutions do not have to be that bad.
Start with a really good CD players (for maximum sound quality for the money, there are some good "bargain hunter" units that out-perform the $1k systems. I reccomend the $300 Rotel. Some reviewers also love the sound of the CD transport on the Panasonic DVD players.)
Now that we have a really top-notch analog source, let's consider a-d input. Even the best soundcards have trouble here, because a PC mobo is such a noisy environment. The good news is that for about $600, you can pick up a halfway decent external unit that does the a/d conversion and sends a digital signal to a PCI card. The "Darla" card is probably one of the most popular of the cheap models... garage band geeks will want the "Layla" or the "Digi001" so the can have multiple-track inputs on other products.
Having done all this, burn yourself a CD to archive if you are so inclined, or just do your MP3 ripping right of the HD and back up the files on whatever format you like.
Will this be a "perfect" digital copy? No, but if you turn around and play your burned CD on that same Rotel player, it will still sound better than the original playing on your buddy's Sony all-in-one home stereo.
Will your MP3's sound any worse? No, because MP3 is a low-res format anyway. You could rip them off an FM radio broadcast and I doubt anybody would know the difference.
As for the whole "fair use" argument... If you are just quoting a segment of something for education, research, or other copyright-exemption-type purposes, isn't an analog copy good enough? Particularilly when you are compressing it down?
"Fair use" means that you are allowed to copy data in some situations, but it does not mean that a producer can't publish something that is difficult to copy.
Information wants to be anthropomorphized.
s/tambre/timbre/
s/products/projects
and so on...
Information wants to be anthropomorphized.
"You wanna toe? I can get you a toe."
Really, it's not going to stop somebody who legally has the decryption key(s) from ripping the audio into an mp3 and distributing it. As far as hardware, audio players that play only proprietary formats can easily be replaced by software based players that can play anything.
[javac] 100 errors
The added benefit of this is that it brings the musicians closer to their fans. Small time bands have been doing this for a while, and they have a very strong (if miniscule) following. If metallica distributed their music exclusively via mp3 (and wav's for people who want to burn a cd - 2 cents extra), this distribution method would become popular and eventually, as more bands did this, it would be mainstream. We have bands that play music, and people who like the music and want to listen to it and support the band. What the hell do we need the RIAA for?
[javac] 100 errors
One important correction: Watermarks are not audible. Once converted to analog the watermark in the digital audio stream is gone for ever. Even "lo-fi" (audible, or quality degrading) watermarks dissapear due to do
phase shift, intermodulation distortion and other changes caused by D to A, and speaker-microphone dynamics.
My subjective take on this topic:
Maybe moronic consumers that buy fabricated pop music a la "Spears" or "Backstreet Boys" will go
along with the machinations of en evil and corrupt industry.
But musicians and their fans have been known to be a little rebellious of "Dad" fascist CEO.
Even if (that's a pretty big if) we were forced to move to encrypted speakers, you have to hear it eventually. Most speakers have a headphone jack, and since I don't see these going out of style any time soon, all you have to do is connect a male to male cable from the headphone jack to the recording device of your choice, whether it's tape or minidisc to record the music.
-Antipop
The point your missing is that it only takes one person to figure out how to bypass the copy protection system, and then right a program that will let anyone else do the same.
A one way hash, sort of like a unix password which can never be actually decrypted! Let's call it CRAPto(tm, etc) Bear with me:
CD's, DVDs, tapes and any other content is produced by using the CRAPto(tm) encryption scheme in a secure environment. This of course applies to all prints of a film shipped to movie theatres worldwide. Since it can't be read by any player at all, piracy is impossible.
Then the master tapes, the negatives, the source code of closed source software is also mangled through CRAPto(tm). This ensures that not even company insiders in high positions can aid to copyright violation and piracy.
Then all directors, producers, musicians, authors and closed source software writers are also processed through the CRAPto(tm) scramble. So there's nobody anymore, who can actually produce content which, ergo, can't be pirated.
TV signals may only be disseminated CRAPto(tm)ed. And presto: The end of piracy.
I think, for a nominal service charge, I'll license it to the RIAA, the MPIA and the BSA
Ho!ho!
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
Joe Sixpack tries to copy some hot new song from his friend Ernie, it doesn't work, so he goes and buys it himself.
No. Joe Sixpack tries to copy some hot new song from his friend Ernie, it doesn't work, but he hears about this tool called De-Something, downloads it, then the copy works.
Once one person has cracked the encryption, it'll spread all over the place for everyone to see. Even without DeCSS, how easy is it to find a program that let's you bypass the region coding on a DVD for any common software player?
Why do companies continue to try to do it? They are clueless about technology in general. There are plenty of people who claim to know they're way around computers, when all they know is how to use the GUI that Microsoft provides them inside out. It's difficult for a non technically-savvy employer to find a person who really does know what he is talking about.
It is well known in the cryptography world that any company that produces its own, proprietary algorithm most likely doesn't know what it's talking about, resulting in a product that's easy to crack. This may or may not apply to this case, but we can see that this is what happened with DeCSS.
Evidence of this? DeCSS provides the perfect example. Although harder to capture an outgoing digital video stream than audio, it is possible. Worse than that, the whole encryption scheme was cracked. If the companies involved really did know what they were doing, we wouldn't have DeCSS (we'd be simply be left to capturing the decrypted stream instead).
The whole CyberPatrol issue show us the same thing happening again. In fact, capturing the unencrypted stream isn't even necessary if this continues :-)
Agreed. At some point there has to be an analog signal to operate the speakers (or the amp). Once you have that analog signal, it's no big deal to re-digitise it on your HDD. Why do they bother?
sound = (original_audio_cd + line_out) || (super_duper_encryped_audio + line_out) || (encrypted_audio + speaker + microphone);
mp3 = sound + sound_card + recording_software + mp3_encoder;
If a someone creates sound for human ears, whether encrypted or not, then an mp3 can be made and distributed.
I've posted an Ask Slashdot question that brings to the front the point you made. Is weak encryption protected by DMCA? If I use a "Captain Crunch Decoder Ring" encryption in my digital "IP" and you crack the encryption 'cause it's so lame, can I have you're sorry ass dragged to jail? I wonder if this ever came up during the debates over DMCA? Kirch
Diligence is the price of Freedom
What if the record company decides to use this like the divx (dvd) standard, but then starts to offer this music for free. Singles are already less and less brought out into the consumer store since they do not earn much by this. If they created a pc-windows (+ linux?) player you could donwload the latest music in their new format, but for free this could become popular. This way they could create a (microsoffie) new standard. It has already been established that mp3 actually sells records . and if mp3 players start including this new algorith as a extension (hey you have to have something extra over the competetion). It could win. (It could be copied ...)
Most audiophiles will not download music, however, due to the loss of quality in the first place.
We may not, of course, be able to count on this occurring every time. But Sony's Music Clip, roundly booed in the press as being impossible to use, shows that bad design is still very, very easy to create, particularly if the vendors are fundamentally hostile to their customers.
sulli
sulli
RTFJ.
sulli
sulli
RTFJ.
A chip in the token would tell the music distributor what encryption key to use. The customer could move the token between his MP3 player, home stereo, computer or other device so he could listen to his music library in more than one place, Mr. Crenshaw explained, but because the token would be customized for his devices only, he wouldn't be able to give it to a friend to share digital music illegally.
Now why the )($*#@(*$ would anyone go the trouble of doing this, carrying around his "music token" like a SecurID card, trying not to lose it, trying to remember if a particular tune is encrypted with his token or that of his roommate, stringing LAN wire to the stereo in the shower to enable sharing / rights enforcement, getting the token stolen by his neighbor who doesn't like his music, etc., when he can simply buy the CD, play it in a Discman, and rip it into MP3s if necessary?
There is just no way that the American consumer, who is barely willing to set a clock for Daylight Savings Time, much less program a ReplayTV or other such thing, will put up with this.
Sorry, IP (the wrong kind) lawyers and the engineers who are trying to reap your lawsuit-fueled largess, try again.
sulli
sulli
RTFJ.
sulli
sulli
RTFJ.
Oh, by the way, no apostrophe in MP3s it's not posessive.
Information wants to be free like speech wants to be free, not like we want beer to be free.
Also in our industry is the concept of the "trusted agent". Usually a tamper-proof smart card. This can decrypt programs and can be invidually instructed to do so by remote (encrypted) commands.
Now, combine the two concepts and you have an audio player than can be instructed to decode a certain digital track, when the owner of the smart card pays up. Make the decryption and D/A conversion occur inside the tamper proof hardware. Now the tricky part: in the hardware introduce an impairment to the audio signal.
The trick would be to design this impairment such that when driving an analogue amplification/speaker system, it is pretty much inaudable. But designed such that when the waveform is A/D converted and applied to the MP3 (say) algorithm, the results are bad.
As new bit-rate-reduction algorithms come to the fore, analyse them and update your impairment to take them into account. Do this to the smart-card whenever it's presented to buy music.
Obviously you need to take a big step and stop releasing the tracks in any other format. So you need to make this new format seem really attractive by bundling a whole lot of other whizzy consumer friendly technology in it. CDs took over because the consumer felt they offered a genuine quality improvement. You'll need to get this new format introduced in the same way.
Where's the holes in my grand plan?? :-)
The frequency response is usually poor (currently it's mostly used for sub woofers) but it's very power-efficient.
You can still mike them up, but as an ex-sound engineer, I don't think many consumers are that skilled with a stereo pair of mikes to make a half decent recording. It's difficult enough in ideal conditions. Besides, (lack of) watermarking will make such copies painfully obvious, or unplayable on the equipment (which will of course be heavily subsidised by the music companies. Don't believe me? Check out price per megabyte for secured and unsecured storage cards. Last time I looked, memory stick was cheaper than compact flash at the 64 MB point)
Even though this encryption is easily broken, let us pretend that it works. So what next? The encrypted CDs get released, and we (the music listeners) get pissed and stop buying because of the hassle necessary. We continue to rip MP3s from the radio (lame I know, but hey, it's a method to get music if our other sources are removed) and get MP3s from other people. Because CDs are no longer bought in stores, due to the encryption, the musicians are forced to stop selling CDs and start making their money on concerts alone (like artists did before the day). Ironically, where does that get them? No where. We take recorders to the concerts (I guarentee no matter how many metal detectors, strip searches, and even (gasp) enemas they put us through, recorders will get snuck in) and record music, and then make MP3s. Back to square one, just there's a hell a lotta live mixes out there. In summary, the only way to "encode" the music would be to sing in a foriegn language, which somewhere, isn't foriegn, and thus will be in demand.
We don't need no Net Explorer We don't need no Thought control
I just submitted this under YRO. Since they obviously won't bite, I will share with you all:
mini-meme writes "I have to say that the story of OSM qualifies as "News for Nerds, Stuff that Matters" and "Your Rights Online" more than any story you've ever posted. This is a major issue involving individual rights running afoul of a corporation. This is a major story concerning censorship, corporatist overbearing, etc. Aren't you horrified at what you've done? Isn't jonkatz up in arms and threatening to quit? How can you guys carry on? OSM is beloved around here by a lot of lurkers and trolls. I admit I am one of them, a sometimes troll with a couple of 'straight' accounts with which I contribute legitimate posts regularly. Now, angry reactive trolling has shot up some dramatic percentage since word started getting around that you (andover.net) were sicking the lawyers on OSM. I've also noticed what looks like a lot of extra mod points being spent on (-1 troll). Is this a kluge to stem the tide of extra trolling? Are you going to sue all trolls? Is this your only response? I urge you to post a feature on this... it is the only decent thing you can do."
A) Develop a new CD/TAPE like "easy access" hardware version of this digital music (Not everyone uses the computer as their primary method of listening to music @ home. In fact, I'd say that's the VAST minority).
and
B) Get the consumers to "take" to this new technology. (Otherwise, they'll still be putting albums out on CD as always, and those will still be "rippable" no matter what fancy crypto the "For-sale-on-web" version of the album has. While getting consumers to take to CD went pretty smoothly, it still took years...And had clear benefits to the consumer. They'd have to do something really special with regards to audio quality or convienience in ADDITION to just adding secure crypto for the average consumer to convert, I think.
It is pointless to develop stronger and stronger crypto for these kinds of problems because ultimately, the digital content is presented in the clear for the end user. The only way to prevent the user from copying the digital content at this point is by mandating the use of specific software (or hardware) players that don't have hooks for output redirection or copying. This will never work for two reasons:
Motivated hackers can disassemble the player, find the buffer holding the unencrypted content, and provide hooks to copy this buffer. In the case of hardware players, the process is similar. "Tamper-proof" hardware is anything but (Ross Anderson has a nice paper illustrating this here). Note that layers of industrial strength crypto mean absolutely nothing at this point.
If the above "perfect copy" method doesn't work or is too difficult, one can always revert to analog methods:
take a picture of the image, record the music from the speaker with a microphone, etc.
Basically, once you give someone unencrypted information, there is no way to take it back. If they want to copy it at that point, they will.
I'm not sure I understand the appended editorial. If I'm a songwriter and I only want paying customers to listen to my songs, this helps me do that. Sure, you can still record it once you've paid for it and distribute freely, but that will always be with us. The complaint seems ludicrous -- "keep encryption good (but not too good) so us smart folks can still break it. That way we can laugh at you!"
> sooner or later a successful crypto-system to prevent all non-permitted use of materials will be developed, complete with tamper-proof hardware in your PC, and then where will we be?
.mp3, and BAM! It's all done. just like that. BAM!
as long as we have music we can hear, there will be copying. i don't think the government is going to (successfully) ban tape decks. there is nothing magical about audio. it can be recorded. sure, there'd probably be a bit of generational loss because of the d/a - a/d conversion, but after that, we just need a non crypto compression format... something like, i dunno,
BAM!
"I hope I don't make a mistake and manage to remain a virgin." - Britney Spears
honestly, having worked in an audio studio, i can tell you it really does make a serious quality difference in some situations. Even on the $3000 audio workstation i used, a single d-a-a-d conversion just about kills synthesized music. the solid bass drum loses definition, treble loses... uh... treble..ness. and static! goddamn! however, in some situations, it doesn't make any difference. i just remember trying to dub drum beats using a simple loop... and going batty cause they sounded like shit... but you probably don't care anyway! why did i waste my time?
"I hope I don't make a mistake and manage to remain a virgin." - Britney Spears
What's new is just that encryption and decryption is fast and cheap, so that it could be used by default in almost all Internet communication, in cellular phones, smaller devices (and in case the customers really want that to keep the RIAA in power).
I am sure the technology will mainly be used where it benefits both the supplier and the consumer: secure WWW transactions, private communication etc.
So, YES I LIKE the fast public key encryption. I don't like that a new idea is described by the media only as a solution to a fashionable but out-dated problem.
Also, I don't like much that it is patented.
This is far from the end of the MP3-copyright controversy. Who is going to stop you from using an old version of MusicMatch to rip a CD to put on your FTP site? No one, yet.
MP3 encryption will not stop music from circulating, it will just provide an avenue for record companies to make money from MP3 downloads. One must remember that record companies are still businesses, and they will try to make money wherever they can.
Such is Emusic.com. You pay for your MP3's. Encryption will only prevent those from paid for MP3's from being circulated.
What percentage of MP3's available do you think came from Emusic.com?? Uh huh, not very much.
Theluckman
luckman
I don't involve myself with flames, much less know how to bait one.
I thought Divx discs were MEANT to be useless after 48 hours... "This disc will self-destruct in 5 seconds..." ;)
Until they put a personalized decryption chip inside my head (which they no doubt will try if we let them) encryption has to stop somewhere, the fartest they can encrypt is down to the DAC. But we can always redigitize, its all futile.
You are absolutely right. I have not been "thinging" about anything. "Thinking" about beer? Oh, yes. I have been doing plenty of that.
Enjoy life. Drink
You can't possibly listen to this music without decrypting it. The DMCA makes decryption illegal. Therefore this will be made illegal.
Ok we have a problem here. You guys hear about this game or whatever(if anyone knows the name please reply and say what it is) they encryption took 6 months to make and this guy cracked it in 5 minutes. Truly encryption is useless. If it can be decrypted in ANYWAY then it can be decrypted by an un-authorized source, it is that simple.
I suggest using a free audio compression format, we can't force the music industry to use it, but that's what they thought about mp3 not long ago.
and maybe the licence can forbid the industry to encrypt it or make propritary additions to it.
take a look at http://www.vorbis.com and tell me what you think of it.
there's enough for everybody, let's share it
hmm...yep I agree...and the maths wasn't all that stressful and difficult...personally having read that patent thingo, I think those guys are pretty clever myself... that asside, all systems of prime number encryption have key generation issues...good luck to them, but what about this for an apprilcation mobile telephone enryption... ?? have a better onw
imagination is more important than knowledge --Albert Einstein-
no matter how tight computer based music encryption becomes, what is to stop someone with a digital line out and a dat recorder from getting passed this? Not real up on the tech, was just curious...
And what happens when you obfuscate the watermark?
Example: Take a picture off a site with a watermark. It is in GIF format. Recompress with JPEG at full quality. There watermark is still there, but not in original condition. Any bit for bit information is lost in the watermark. Same thing applies towards audio. Take this sound with a watermark. Run it through a lossy compression routine (such as MP3) and your watermark becomes distorted.
For those who still dont know you can use WWW10 instead of partners or www.nytimes.com Below is the link
THE ARTICLE
Which is exactly what the FCC is doing with digital TV. If current plans hold up, after 2006, you will have to throw out your old TVs/VCRs, or buy a converter box so your old TV will still work (but it won't do half of what those brand new TVs at Circuit City will do). And I have no idea what sort of crypto/access control/whatever the MPAA is going to demand on digital broadcasts...
OK, it's a bit of a stretch from TVs to CD players, but they're already talking about digital radio standards, too (and just imagine what those'll look like after the RIAA gets through with them). So never say never...
Eric
--
Be who you are...and be it in style!
Reading the patent, these people clearly do have some familiarity with modern crypto. I still think most of this is bogus but "snake-oil merchants" and "no clue" is putting it a bit strongly.
--
Xenu loves you!
Or, even better: intercept (either in software or in hardware) the actual cleartext digital stream going to your dsp. Convert to CDDA, rinse, repeat.
Repeat after me: digital media cannot be copy protected! Write this out 5,000,000 times, or, better yet, just use copy and paste :-).
--
"How many six year olds does it take to design software?"
dinner: it's what's for beer
As a virulent opponent of copy protection systems in any form (because they are childish), it's important to point out that watermarking does have a place in the digital universe. But it's a role very different from the one the media corporations have been feeding you.
In the future, where everything that already exists is copyable thanks to matter replicators or buckets full of programmable nanobots, there will still be a need to create new things that don't exist. There will still be a need for artists.
So, if you want something new created, how do you know which artist to approach? By their reputation. Presumably you'd examine other objects that are close to what you want, then talk to the artist who created them. But how would you know that the person you're talking to is the true creator, not an impostor? By examining the watermark embedded in the work.
Note the subtle distinction here: Media corporations want to use watermarks to uniquely identify each copy. In my proposal, the watermarks identify the designer of the original pattern for the copy. The reason this is important is because, whether you like it or not, there will be bazillions of copies out there. Any one of those copies may find their way into the hands of someone who wants to know more about where it came from. Being pointed at the original artist is considerably more useful than pointing at the guy who obtained that copy.
Schwab
Editor, A1-AAA AmeriCaptions
untamperable hardware.
I'd like to see THAT.
Better yet you can just install a software shim between the player and your sound card (ie, a software-only audio "driver" that pretends to be a sound card, using your real sound card as the output device) and copy the decrypted data to disk.
It's a *simple* concept, and i keep wondering why people have such difficulty with it: If the media can be used at all, it's content can be duplicated.
This is just like television, only you can see much further.
If you can do them separately, it is just like a 41 bit key.
40 bit key = 2^40 trial guesses.
Two 40 bit keys = 2 * 2^40 guesses = 2^41 guesses.
One 80 bit key = 2^80 guesses.
With an 80 bit key, you have to get the whole key right to see if you've gotten it. You may guess the first half right, but not know because you didn't guess the second half right.
Now, if you encrypt something with one 40-bit key, and then encrypt that whole thing again with another 40-bit key, THAT takes 80 bits of work. But encrypting two different chunks of data with two different keys creates only double the work (add one bit).
In any case, on the legal front, you may notice that this was a little submarine patent, with an original application having been dormant since 1996, incorporated into this patent.
And, as usual, the NYT article seems to imply that any use of music other than by the purchaser on the original device is "infringing", which, of course, it is not. But that point has been made again and again; Lessig's book "Code Rules" is a must read. At least, we can still copy the content using analog means, like we always could. And whether consumers will go for this kind of system remains an open question--it has a lot of unpleasant practical restrictions even for completely non-infringing use.
Wrong. They will buy it. Here is why...
The record companies are in control of the mainstream market. They set the prices. "So what?" you think. Well, imagine this: You go to the music store, and there's a Metallica CD for $20. And there's also an SDMI copy-protected version of the same music for $10.
After seeing that a few times, Joe Schmoe is going to want an SDMI player. So he buys one, and now all he ever buys is SDMI music, and then millions of people are doing it. A couple years later, and the unprotected audio CD is about as rare as an HTML page that can be read by Mosaic.
Copy-protected music will sell if the companies are able to keep control of the market.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
And for those of us who aren't quite so good at hacking hardware, you can always just use a microphone to record the sound the "old-fashioned" way.
Sure, you'll lose some quality, but faced with a choice between a format that they have no control over, or a slightly lower quality format that they control completely, I think I know which way most people will go...
Cheers,
Tim
It's official. Most of you are morons.
As I said in reply to another comment, what's to stop people from digging out their old microphones and recording the music the old-fashioned way?
You can encrypt the signal right up to the point where it has to become compressions and rarefactions of air; at that point, nothing can stop it from being ripped to another medium.
If I can hear something (or see it), I can copy it, one way or another. I may well lose some quality, but then mp3s are lossy, and it doesn't seem to have hurt their popularity at all.
Cheers,
Tim
It's official. Most of you are morons.
That merely makes the copy traceable, it doesn't stop you from making it.
Of course, if the copies could be traced back to you it would make distributing them riskier, perhaps to the degree where almost no-one would take the risk. It would only be a matter of time before someone figured out how to remove the watermark from the copy though, then we'd all be back to square one.
Cheers,
Tim
It's official. Most of you are morons.
just take audio out from your computer, use a double male line to the audio in port,
No need to. Just use the vsound hack to save it digitally.
Copy protecting data doesn't work. (OK, it might work against AOL users.) The reason: it is enough if one person can copy it and puts it onto FreeNet or Napster.
Why can at least one person copy it?
To make it accessible, the program needs to decrypt it. To decrypt it, the program needs to know the key. To know the key, it must be built into the program (as in the case of DeCSS) or transmitted over the net.
And who would buy anything knowing that the RIAA knows his/her identity and how often he/she listens to the music?
Computers. You can't live with them, you can't live without them.
All this encryption of audio files brings a smile to my face when I think of the UK. Imagine loosing the key, and just after that they come to your door with a search warrant. Off to jail for you if you can't hand over the key :-)
I'm sick and tired of hearing the same old "If artists don't get paid they won't make anymore art". How is it that we have had such great music from Mozart, Beethoven, Tchaikovsky... I don't think they lived the lives of superstars our contemporary "artists" enjoy.
I hope this trend of millionaire "artists" dies away when they alienate all their fans from their music through their constant search for "better protection for their IP" instead of doing what they set out to do in the first place - create art!
Where do you think the term "royalties" comes from?
In days gone by, great composers were in the employ of the royalty; they did indeed garner "superstar" style lives -- but the times were different then.
Mozart, Beethoven and Tchaikovsky were very well paid for their work... modern day artists don't have royalty to bestow boons on them, so the system doesn't work exactly the same way - but it's very similar.
Simon
Coming soon - pyrogyra
I see far too many people posting about the possibilities of recording the output or whatever. We have computers...many of which do nothing in their spare time. We have distributed.net. Granted Distributed.net would likely not host a crack-the-lame-music-format contest...but I'm sure a few people would. Hell, I'd kick in a grand for the prize just as a way to stick the proverbial finger to the RIAA. I'm just curious as to why so many people look at it as copying the output - why not just work to get the decryption routine. If it can be done realtime (as it must be able to do, to be played and all) then it can't be too mathematically intensive...hence while the key may be large we could go through a lot of possibilities rather quickly. Anyways, I'm just blabbing for the sake of blabbing - I'll shut up now.
Apparently, you haven't read the SDMI doc's. It is possible to watermark audio such that any recording device (your computer included) simply will not sample audio it detects the watermark in. You can plug that nice analog audio stream into you 'fancy new ultra cool feature loaded' sound card and it will refuse to record the audio because the DSP has a watermark decoder in the ROM that causes it to detect copyrighted music. Do you accually plan on keeping your current PC for the next 40 years just to record and play audio?
IANAC but from what I can see this is really just another public key algorithm. Now, considering that there are not that many different variants of pkc, that might be an accomplishment in itself (if it is actually any good), but can anybody see what makes this better for doing the *AA's dirty work then any other cipher?
I would almost be inclined to guess that these guys are intentionally putting the "Copyright protection" spin on the system for monetary reasons. Everybody knows that the content industries are willing to cover in gold anybody who can give them the instruments the they need to keep and solidify their control of our lives. Since these guys are obviously not in it for altruistic reasons (software patent and all), I would guess this has to do with selective marketing at the most desperate and stupid customer.
However, what the *AAs fail to see is that this is not a question of mathematics, but one of logic. I cannot listen to a song and not have access to the information - at least not until the install a chip in my brain. No new cipher is ever going to change that.
As to Michael's comment, laws to try to ensure that technology doesn't infringe on fair use are just as ridiculous as laws that try to make sure that it does (aka DMCA). Are we going to start forcing people to decrypt information under certain conditions? Put laws on how software media players can be designed? Mandate that people reveal their code even if they don't want to? I don't care about the intentions, that is not a mandate I want to give the government.
The fact is that the system proposed, like every other such systems, relies of closed hardware and software keeping you from having control of your own computer to work. And the vote against that is not something that we should do politically, it is something we should do capitalisticly. Listen to what Stallman has to say about why Free software is an issue of consumer freedom and democracy, and stop inviting corporate controlled judasware into your house.
-
We cannot reason ourselves out of our basic irrationality. All we can do is learn the art of being irrational in a reasonable way.
"Having tons of keys to encrypt mutliple parts of a piece of music is essentially indistinguishable from just using one really long key to encrypt the same material. Perhaps this helps skirt encryption export laws, but beyond that it really doesn't buy you significantly better protection. "
Actually, it's worse than that. Consider a piece of music with the first half encrypted with a 40 bit key, and the second half with another 40 bit key. It's not the same as one 80 bit key, because each half can be decrypted separately. It's more like a 41 bit key.
-Dave Turner.
Become a FSF associate member before the low #s are used
Ok, I'm not a cryptographer, but I do a lot of infrastructure work that relies on Kerberos. And I have somewhat come to this conclusion:
Any security system which puts trust in a fundamentally untrusted client, is flawed.
So...How would encrypting the stupid MP3 180 times, as opposed to 1 time, help prevent against the user just copying the MP3 to their friend? ("Hey, if we make our boat hull out of two foot thick lead it will never be punctured! We'll never sink! Yay!")
It's 10 PM. Do you know if you're un-American?
I heard of a plan of some sort that came out of one of the big media companies (Sony possibly) that involved all devices involved in an audio setup having to pass encrypted data streams - from source to speakers. There is no way to connect unencrypted devices, and there was a method given to disable devices that are found to give unencrypted output. There is only three ways to get an unencrypted output - by getting the encrypted stream and decrypting it, by getting a signal from the analog wires on the speaker that actually drives the cone, and by miking up the speaker.
tangent - art and creation are a higher purpose
postmoderncore - art and creation are a higher purpose
So? If you're smart, you crack it quietly, and rather than bragging 'bout how 3733+ you are, you just walk into an Internet cafe 500 miles from your home town, wearing a disguise, and then you upload it anonym00zely to Sealand or some other data haven. Then you go home and get wildly drunk and laugh like a maniac while RIAA tries to stuff the genie back in the bottle.
> Cryptography kicks ass, but not when it's used to strip people's rights away.
s/"but not..."//g.
Cryptography kicks ass. End of sentence.
Yes, I realize what you're getting at in the context of your original post, but with the encryption system being discussed, crypto isn't being used to strip us of our rights; our rights have already been stripped by DMCA.
In such an environment (i.e., a cryptographically-weak system intended to be cracked in order to expose the cracker to DMCA charges), crypto is what you use to forcibly reclaim said rights after DMCA has stripped them.
Or as I said earlier: "Cryptography kicks ass".
You only need one person to do the decryption and post it to whatever is the equivalent of Napster that week.
IANAC. But...
y LAN/Hotline/ripping a friend's CD/burning a friend's CD/AIM/ICQ...
This must be the absolute stupidest cryptographic idea I have ever, in my entire life, heard of. Seeing as how they're mathematicians at an Ivy League university and they've apparently actually presented a paper at a major cryptographic conference on this protocol, one would think that the people who came up with this would know more about crypto than I do. Just looking at how this works, though, I'm really not so sure...
For those who don't know, the basic idea behind cryptography is that there are some mathematical functions that scale linearly in complexity when run forwards (i.e. multiplying large numbers, generating elliptic curves) but scale exponentially when run backwards (respectively, factoring very large numbers and finding integral algebras from a given elliptic curve). In other words, multiplying two 20-bit numbers together to generate a 40-bit key only takes twice as long as multiplying two 10-bit numbers together to generate a 20-bit key; but factoring the 40-bit key takes 2^20=1 million times longer. (This is an oversimplification both of how real cryptographic algorithms work and of how multiplication in a computer scales with complexity, but close enough.) The point is, a cryptographic cipher is only a cipher when it takes longer to undo it than it took to do it.
If you've been following me so far, then you ought to be realizing why the idea of encrypting each second of music seperately is so blindingly dumb. If you encrypt each second of a 3 minute song with a different key, then you have a cipher which takes 180 times as long to crack and 180 times as long to decrypt properly; in other words, it takes just as long to do it as to undo it (as far as the each-second-independently thing goes; obviously there is also some real cryptography going on here, but these guys didn't invent that). By the most basic definition of cryptography--an imbalence in forwards complexity vs. backwards complexity--this is not cryptography.
Another way to look at it is this: over the course of an entire 74 minute CD's-worth of music, this approach only makes the music 4440 times harder to crack. One might think this is about as good as adding 12 bits to the key length (2^12=4096), albeit at a much higher cost to decryption time than, well, just adding 12 bits to the key length. In fact, that's not even the case, because adding 12 bits to the key length not only means the calculations to crack it take about 4440 times as long, but that they require 4440 times as much memory; obviously that is not the case when all 4440 encryptions can be cracked seperately.
But to get a real idea of how ass-backwards this scheme is, it helps to know a little about how real ciphers work. In any modern cipher, the work is split up into several smaller algorithms called rounds; this is done to keep down memory requirements, keep all the numbers involved small enough to fit in the registers of the machine doing the decryption (often commodity 8-bit chips), and keep cryptanalysis simpler so one can be reasonably sure a new attack won't surface after the cipher has gone into use. The reason the many-rounds approach is (theoretically) as secure as the discredited all-in-one-big-round approach is based on the assumption that the attacker has no way of knowing what the intermediate results of each round are.
In fact, perhaps the most powerful type of attack on a cryptographic implementation, known as "side-channel attacks", happens when the attacker is somehow able to guess at some of this intermediate information. Luckily, this is usually quite difficult to do (although with some early smart cards all it took was an oscilliscope) and doesn't yield complete information. And that's why this new multiple key idea is so outrageously bad. It's essentially like doing all the work of a very powerful, many-rounds cipher (i.e. one "round" per second), but yielding up complete side-channel information for every round! This is like a very powerful cipher which has already done 99.9999% of the cracking for you!!
In conclusion, this is just stupid, stupid, stupid, stupid, stupid.
And furthermore, it's completely unnecessary. Even a 20 year-old, 56-bit cipher like DES is good enough to take a modern computer a good long while to brute-force; it took a special purpose machine plus a supercomputer almost a day to do it in the last DES challenge, and they got lucky. Plain old obsolete vanilla DES would be more than secure enough to make it worth anyone's while to pay a dollar or two for the song instead of cracking it. Or to get it via Napster/scour/iMesh/Gnutella/FTP/CuteMX/universit
That is, I'd say the significance of this is approximately zero.
Course, I could be wrong. Comments welcome if I am...
I don't see too much of a big deal with their algorithm. So, they can do a public-private key cryptosystem faster than other people.
But, you never encrypt real data with RSA. It's slow and stupid. You use RSA to encrypt a session key and then encrypt the data with THAT key. If it's 100 times faster; that only means that it's 100x faster at something that already takes a fraction of a second (250ms on a P2-450). This is important for SSL or some other server which has to authenticate a large number of sessions. The average user won't need to authenticate more than a few sessions an hour.
Being 100x faster might have uses as a smartcard, but I don't immediately see a place where that would actually improve security, compared to current offerings. (If someone steals your smartcard that contains your private keys, you're just as screwed as if it was a plain old credit card.)
Also, RSA has withstood a 20 year test, unlike this new system. It has been standardized into almost every public cryptosystem alive, only the most pressing of reasons could force it out of that hegemony. Finally, RSA is about to leave patent production (3 months).
Who would want to ignore the time-proven RSA to risk an almost brand new cryptosystem. As Bruce Schiener said: There's no money in selling cyphers anymore. (And that goes double as RSA is about to leave patent protection.)
This company seems more interested in offering a product (music encryption) and selling it to management more than selling their cryptosystem. Why not just use standard techniques. Conceptually, they're just PGP'ing the music, why not do that literally?
We'll be in the same place we are now, very simple, just take audio out from your computer, use a double male line to the audio in port, and record onto mp3 or whatever replaces it, encryption scheme bypassed.
I'm thinking about putting the Mona Lisa in my living room. Except instead of buying it, I'm going to make a photocopy of it and put the copy on my wall.
Yes, as long as we can listen to music there will be no way to prevent it from being copied or heard by others. But that's hardly the same place we are now. I don't think you can claim to have bypassed the encryption scheme; you are taking an existing file and creating a new file (with a quality loss of factor X). This sort of copying scares the RIAA far less than MP3 filesharing. It's analogous to copying to analog tape in that there is (significant) quality loss. MP3s sound bad enough as it is without introducing such a large loss of quality.
If the RIAA could implement the sort of encryption algorithm that is discussed, and be assured that the only copying done is by the method you described, they would do it in a second.
-- "Complacency is a far more dangerous attitude than outrage." -Naomi Littlebear
Of course we don't like this. The system is nothing more then a slightly glorified CSS. It still requires that the decrypting and playing/displaying be in a controlled environment following the agenda of somebody other then the user. You think you'll ever see an open source player for this? Think they are going to be happy when somebody reverse engineers it and makes a tool that write the raw data to disk rather then hardware?
The idea of controlling information is just wrong. It doesn't matter how good the system is, by defenition it has to mean that you are infringing on the freedom of viewer and somehow controlling his actions. You may LIKE that, but I sure as hell don't.
Ohhhh ok, so it's alright for our software to be protected from misuse under the GPL, but it's not alright for a musician to protect his or her music using technological means? Just because CSS was and is misused to control where you can view a DVD doesn't mean the technology itself is wrong. I don't think any of us should have a problem with someone who creates something being able to profit from it. I imagine we ALL object to the RIAA profitting from someone elses work though. And of course, if they hijack the tech and try to use it to further control the distribution of music they did not create then it will be a Bad Thing(tm), but if this becomes a tool for musicians to use to protect their work from misuse and allows them to distribute it without the interference of the RIAA then that will be a Good Thing(tm). So we shouldn't be bitching about an 'Evil Technology' we should be cheering for an excellent technology and then bitching if/when it is misused.
Kintanon
Check out JoshJitsu.info for Brazilian Ji
Yeah, it's not as if Metallica is going to be around this time next year to bitch about their album being pirated.
That seems to be the crux of the matter, the actualy good bands (Metallica WAS good at one point) are still around to bitch, while the crappy pop bands disappear. So I imagine 3 doors Down will still be around in 15 years to complain about their music being pirated. But their last 2 songs released on the radio (Kyrptonite and I'm a Loser) lasted about 4 months apiece in their top radio play spots. Now they are part of the regular music rotation. In another 12 months they won't be sought after songs, and 3 Doors Down will have made their money from those songs. So why not let them enter the public domain? Hopefully the band will have new songs out by then. And if people are able to get their old stuff and listen to it then people are more likely to buy the new stuff. See my point?
Kintanon
Check out JoshJitsu.info for Brazilian Ji
CSS and systems like it (such as this digitial music system) are bad, especially because of the DMCA. That law means anyone can override all the fair use provisions of copyright law by simply writing an access control/encryption system that makes it even one bit harder than trivial to access or copy the data. If you write code to make an activity "hard" (i.e. not completely trivial), DMCA makes that activity illegal. Any programmer can be her/his own legislature. Write the code and outlaw the activity.
You even admit it yourself, it's not the TECHNOLOGY that is wrong or evil, it's the legislation which allows it to be abused. We shouldn't be crusading against the Tech, but against the DMCA. Write your congressman, fight against the legislation so that the Tech can be used for good.
Kintanon
Check out JoshJitsu.info for Brazilian Ji
Right. So why does Big Business keep insisting that every be encrypted? DVD copy protection, region encoding, all that other stuff, is cracked. Dreamcast's proprietary CD format - cracked. Any software copy protection scheme is defeated shortly after the software hits the store shelves. What major brain dysfunction is responsible for entire industries to devote millions of dollars in what you pointed out is a futile effort?
Perhaps its the same reason we lock our doors - just to provide the "casual thief" a reasonable deterant. Joe Sixpack tries to copy some hot new song from his friend Ernie, it doesn't work, so he goes and buys it himself. Those of us with some technical knowledge know about the tools to get around such protection (or we create said tools if we have to, despite the possibility of arrest & harassment from the MPAA or RIAA). Some of us with a conscious refuse to use such tools, but then again such people would probably have spent the money for a legitimate copy anyway.
Thoughts?
---- I made the Kessel Run in under 11 parsecs.
Of course, if the music were available for downloading free, then said dumbass wouldn't be able to charge $10/CD for the music - because everyone would ignore him/her.
The use restrictions a company wll then be able to put on its products will then be phenominal. Bose could sign a contract with Metallica making Bose the official speaker of Metallica. Try to play their music with any other speaker and you won't get anything. Or ABC could sign a deal with Toshiba restricting all ABC shows to Toshiba televisions only.
Won't that be a wonderful future?
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Seth
$5 / month hosted VPS on linux = awesome!
There are about 2000 "oldies" that get airplay. If you compressed hard, you could all those on a single DVD. Now there's a product. It will probably be sold on late-night TV in a year or two.
what's to stop people from digging out their old microphones and recording the music the old-fashioned way?
Digital subliminal watermarking. Put in something the user can't hear but that MP3 encoding preserves and that watermark decoders can pick out. If all copies are watermarked, any recording that appears on Gnutella or Napster is suspect.
Will I retire or break 10K?
Give us an example of an unrippable media.
An SDMI encrypted bitstream going to digital SDMI speakers that blow a fuse if opened.
Will I retire or break 10K?
Coming soon: encrypted sound card protocol, and de-encryption chips with an encrypted input on one side, and analog output on the other. This can probably be patched onto existing DSP hw, and it will remain backward compatable with unencrypted raw data APIs. Then, the only way you can decrypt is to get inside the black caterpiller, or use an FPGA that emulates it or something. Still vulnerable, but no longer a casual hack. People who want to do this will have to agree on a protocol (difficult for the vendors to cooperate) and then they will have to push it in the market place and wait for it to achieve saturation level. They will start putting it on portable players first. Given consumer education and the level of coordination this will take, I give it about as much chance as DIVX, but you never know.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
I don't have a problem with a musician making "fair" profit, but I am concerned at any encryption scheme that tries to limit my choices on how I want to listen and use the music I am using legally. Have you read the article?
This system is designed to tailor music downloads to a particular computer or device. I'd have to buy separate music downloads for each device I woudl want to use. No thank you
I'd rather pay for overpriced unencrypted cd's that I can physically control and with which I can convert to other media as I need it or even resell, then to ever buy a digital download that puts such limits on my fair use and my ability to sell the product again once I tire of it.
Let's also think about how badly such an scheme limits society's ability to archive this material. US, and I imagine elsewhere, copyright laws have the stated purpose of encouraging people to release ideas and works so that eventually those works will enter the public domain. A one device/one use encryption method only hampers movement of this material into the public domain. Such encryption methods create a situation where music and ideas can be totally lost in time.
If encrypted data systems become widely used then the works they encrypted should not be protected under copyright law. If the music producers can not entrust their work to be held safe under copyright law and instead hide their work away from the public behind these horribly restrictive encryption schemes, then their work does not deserve the special protection copyright law affords against piracy. If someone should be able to crack the encryption they should have no legal recourse to sue becuase they did not make the information public to begin with. Copyright laws are government granted limitied monopolies on thought and ideas to encourage people to make their work public. Encrypted data, is not public data, and therefore should not be protected by copyright.
it all depends on which slashdot author posts the story
This is simple.
With exceptions, most of us do like the idea of encryped music. Obviously, it won't cause MP3 format to stop working, and it might be a step toward that elusive "way that an artist can distribute his music without being raped by either the RIAA or piracy".
What we don't like is how easy this appears to be to circumvent. It seems that someone would only have to buy the song once, record the audio stream, and distribute it as a bootleg.
Crypto is a useful security tool, but when it's nothing more than a hurdle and a formality, it's not a lot better than annoyware.
"Beware he who would deny you access to information, for in his heart he deems himself your master."
I'm sick and tired of hearing the same old "If artists don't get paid they won't make anymore art". How is it that we have had such great music from Mozart, Beethoven, Tchaikovsky... I don't think they lived the lives of superstars our contemporary "artists" enjoy.
I hope this trend of millionaire "artists" dies away when they alienate all their fans from their music through their constant search for "better protection for their IP" instead of doing what they set out to do in the first place - create art!
I'm gonna look real hard into the "alternative" henceforth... Heck, that's why I started using Linux (OpenBSD now too) in the first place. Perhaps the rule nowadays is that the alternative is better than the mainstream.
The human listerner is not that good at parsing what test tones should sound like, but I might have a chance, if the speakers are capable of producing the shapes at that frequency.
A better experiment might be this: IIRC, the average American adult range of hearing only goes up to about 13-18 Khz, depending on the individual, their age, etc. (it should be higher, but American life is hard on the ears). Hook up a good orchestral recording to a quality stereo system (I suggest the Moscow Sessions from Scheffield Labs for this kind of test). Have 10 American adults who listen to a lot of orchestral music hear the album two ways, a few times with a cut-out filter taking out everything above 18Khz, and a few times without the filter. Scramble up the order in which they hear it either way (i.e., On, Off, On, On, On, Off, On, Off, Off...) so they can't start guessing which they were hearing.
In most cases, you will find that most of the 10 people will correctly pick out the "filtered" sound most of the time.
This is what I mean by a double-blind test, and it has been done. Successfully. (Sorry, but I don't have time to look up URLs of such reports, I'm posting from work and I am about to leave...)
These kind of tests were the source of a lot of heated debate back when the CD industry was considering introducing a "silent spot" above the "range of human hearing" as a signal to switch off DAT tape recorders back in the early 90's.
It's not the presence of the 20 Khz signal itself that you hear the loss of, but how the sound of other notes are perceived from the alterations to their harmonics. Even the sound of a trumpet or violin playing around 1 Khz sounds a little different if you drop the high frequency waves.
Information wants to be anthropomorphized.
We do need a new fair-use law, though. The attempted destruction of fair use by IP (the bad kind) lawyers is highly inappropriate and needs to stop, now.
sulli
sulli
RTFJ.
15 years from now, your 50 000 Gig HD will be capable of storing 95 years of continuous audio playing. How about a device that contains all the music ever created.
Add a 100bps satilite connection for updating, and everything and everything will be available to hear as if it was already in your head. (Interface to implant optional)
Check the 2015 Summer Sony catalog, starting at $299...
or $499 without the banner ads...
...a successful crypto-system to prevent all non-permitted use of materials will be developed, complete with tamper-proof hardware in your PC, and then where will we be?
I, for one, have a celeron set aside as an mp3 server. I won't be upgrading it to 'tamper proof hardware' any time soon. No-one is going to take away my ripping/playing/downloading software. nor will I ever lose the gigs of mp3's and store-bought CD's I already have.
It will be five to ten years before they can realistically stop selling music in CD format, and I already have the equipment to deal with that.
Unless they start visiting door to door and collecting the gear that offends, and enforcing compliance like they do with your car or gun, I don't see an issue here at all. I already have most of the music I am ever going to need, classical and jazz that's even legit, backups of my CD collection, stuff collected off napster, etc.
If the record cos. start distributing this encrypted stuff, and abandon CD's and DVD's altogether, I still have a line in jack from my stereo. I can convert anything audible to mp3 the old fashioned way.
Not that this scheme won't be cracked, hacked and otherwise beaten to death the moment it hits the ether...
:)Fudboy
:)Fudboy
I guess I'm only a Fudboy, looking for that real Transmeta
No, there's no other reason. We want to get what we want free of charge. Why? Cause we're cheap and selfish, and extreemely greedy. And we're proud of it!
The idea that a single generation will have a noticable affect on the quality of a recording is laughable. We are talking about a single d-to-a conversion and another a-to-d conversion. On even mediocre equipment you would have to have some golden ears to be able to hear the difference. Once it is in a non encrypted format, it is digital generations from then on. If you are willing to put up with 128k MP3's, and most people are, you certainly aren't going to care about a single generation copy.
Obviously I don't think this scheme will work (see comment 2 above) but I don't think the music would cost $20 anymore. for all intents and purposes there is zero Marginal cost for every song sold digitally, so each song would probably only cost a few to fifty cents to download for one device.
Information wants Coq
Now, back in 1977 the RSA 129 scheme was said to take 40 quadrillion years to factor. Well, in 1994 they factored the number 1143816257578888676692357799761466120102182 9672124236256256184293570693524573389783059 7123563958705058989075147599290026879543541 into 34905295108476509491478496199038 98133417764638493387843990820577 times 32769132993266709549961988190834 461413177642967992942539798288533. It took them 8 months and 600 volunteer computers in a distributed computing project
Now, if we wanted to break this new encryption scheme, and we were that *desperate* :) we already have programs such as Napster, which could be modified to be a Distributed Computing project and have literally millions of computers throwing in cycles, and it would be just a matter of time.
Standard I/O Error. Incompetent/Operator.
So? The point is not that one can copy digital media if one wants to, despite all the encryption available. The point is to make it as difficult as possible.
This is no different than getting a good security system for your house. Without one, any burgler with a crowbar can get in and steal your stuff. Even with a security system, there's really still nothing to prevent someone from breaking in; it's just harder to be successful. Yet people still buy security systems, because they count on burglars choosing to do something less difficult with their time.
I'm sure RIAA can afford to license this patented technology, and if it protects their assets, it will be. In fact, you can probably be assured that RIAA will go to great lengths to prevent others from using this technology (such as independent musicians distributing over the web) if, again, it threatens their assets.
As for its use, most of you are forgetting that the average person is willing to pay for convenience. Sure, it's easy to intercept the signal at the soundcard, or record it off your speakers, but the average person isn't going to go to that trouble, provided that the price is reasonable ($20/mo for on-demand access to the majors' catalogs, e.g.).
To within half a percent, pi seconds is a nanocentury. -- Tom Duff
Of course we don't like this. The system is nothing more then a slightly glorified CSS. It still requires that the decrypting and playing/displaying be in a controlled environment following the agenda of somebody other then the user. You think you'll ever see an open source player for this? Think they are going to be happy when somebody reverse engineers it and makes a tool that write the raw data to disk rather then hardware?
The idea of controlling information is just wrong. It doesn't matter how good the system is, by defenition it has to mean that you are infringing on the freedom of viewer and somehow controlling his actions. You may LIKE that, but I sure as hell don't.
-
We cannot reason ourselves out of our basic irrationality. All we can do is learn the art of being irrational in a reasonable way.
It seems that the music industry is hell-bent on preventing people from ever listening to the music (in short, preventing them from consuming the product they produce!). The problem comes from the fact we all hear the same thing - audio pressure waves - and there's absolutely nothing (short of a digital-in jack in the back of everyone's head, yeah, ok, sure) that they can do about it.
Encrypt it all you want. Put all the OS-specific protections on it you want. It doesn't change the fact that on your sound card, there's a DAC chip. Any electrical engineering student, given the specifications on the DAC being used come up with something to do a pretty good re-sampling at the chip, before filters are applied, and get a good copy out - or hell, just resample the audio out. As another poster indicated, doing this many times helps to isolate random noise that can be processed out, and mp3 is lossy, anyhow (another debate).
What the music industry is deglecting is that they thing that the millions of consumers out there are willing to throw away a multi-hundred dollar investment in a CD player - which does a damn good job of playing back music as is, even crappy ones. This is what kills the music industry - in their greed, they've made the de facto standard for music a perfect unencrypted copy. Any attempt to change this will result in legislation out the wha-hoo, because for all the RIAA's lobbying dollars, they're SOL.
Encryption is useless for an application like this because at some level, we all need to hear the same pressure waves.
kudos
..don't panic
They are just going to encrypte everything. You sound card will have hard ware encryption. It will only connect to special digital speakers. Upon connecting to these speakers, it will negotiate a special encrytion key with the speakers, and then only send encrypted music to the speakers. The same will be done for monitors and such, so that you can't FUCKING USE ANY OF YOUR STUFF!!!
Dionysus vs, Socrates! The greatest battle of all time!
I especially hate the bullshit about USE licensing. That's breaking up a product into multiple pieces. Frankly I expect to pay less if I'm not allowed full use.
The real motivation for most artists in wanting to protect their work is not to prevent their fans from listening to it, but to prevent some dumbass from burning 2000 CDs of their music and selling them for 10$ apiece. That person is profitting from someone elses work. As a poet I wouldn't like it if someone took my work and sold it for a profit without even asking me. But I also don't think my work should be perpetually protected. I think 2 years is more than sufficient before any form of artwork becomes public domain.... Some would disagree with me I'm sure. But I think that is plenty of time for an artist to profit from their work. Heck, it's about 5 times what the average popular lifetime of a piece of music is nowadays. It's not as if N-Sync is going to be around this time next year to bitch about their album being pirated.
Kintanon
Check out JoshJitsu.info for Brazilian Ji
The idea is interesting...even if it is fatally flawed, in ways that make it useless.
/dev/audio but let me dump the digital input right into a file (or better yet...had an mp3 encoder on the other side of it encoding and dumping)
Anything short of tamperproof hardware, with built in DAC and speaker outputs just can not stop the copying....and even then...with the right equipment...a pretty good copy could be made (do a few analog copies and combine them together to reduce random noise).
If a program, in the Users system, EVER has a decryption key that the whole system rests on...then it is flawed...the user has the key (even if it means probing memory in real time to find it). Even barring that....if it ever goes digitally through something the user controls (like the sound card driver)...then the user can copy with no key.
It would be nearly trivial to make a linux driver that looked just like
What about for windows? I wouldn't imagine it would be too hard.
I supose these guys are mathematicians. They have a hammer (math; encryption technology) and to them every problem looks like a nail. The problem is that encryption is an end to end thing. It can't protect you from the person that you are sending the data rightfully to.
I mean if adam encrypts a letter to bob telling bob that he suspects his wife is having an affair but he wants to find out who it is with before he accuses her...all the encryption in the world wont help him if bob is the one who is sleeping with her.
This problem is a technical impossibility to solve, if you want to allow people to use the data you give them on anything but custom hardware that you have control over. Its a completely backwards aproach.
Take java...java is a trusted environemnt (avirtual machine) which knows how to check and "watch" untrusted code and stop it from doing bad things. This is the opposite...they have trusted data...and run it in an untrusted environment...yet make sure the environment (which is what is interpreting it in the first place) is not doing "bad things".
"I opened my eyes, and everything went dark again"
If you can ever buy a CD, it seems to me that you could always use a ripping program not equipped with this encryption standard and rip some good ol' mp3s that you can trade freely with your freinds and loved ones.
I don't think that the music industry wants to stop selling cds, either, especially considering that they still have a slight advantage over mp3 in quality and portability through ubiquity. And even if you could only get music in this encrypted format, eventually they gotta release a player of some sort that will have a digital out for high class speaker systems, so people could take that signal and convert it into a wav and then make it into an mp3.
Information wants Coq
Some asshole once stated that "You're going to force us to make songs that can only be played on one walkman". How would they do this?
You would go to their web site, you would plug in your walkman. Your walkman would send the web site it's public key. The web site will charge you $5.95 and encrypt the song with your walkman's public key and then let you download it. That song can now only be sent to your walkman, which decrypts it with it's private key moments before sending it to audial output systems.
Now, most keen people will say "Uh, big deal, I'll just record the output". Uber-leet hackers will go "Cool, a challenge" and take apart the walkman and yank out the private key, or simply figure out the algorithm and determine how to best crack it. If possible.
Now, here's the point. They know you'll crack their encryption. The entire point of encrypting it is so that they can point to the DMCA and say "Cracking cryptographic systems is illegal, and he did clearly this, using these steps." and the fun-loving hacker is carted off to prison and given a sentence that would make the sentence for rape seem like a slap on the wrist.
Mr. Asshole of the MPAA simply argued that DeCSS breaks CSS. The DMCA says breaking cryptography is illegal, whether you distribute the protected work or not. In fact, you would think that it was deliberately easy to crack so that you DID crack it simply to get you into a larger legal mess.
Cryptography kicks ass, but not when it's used to strip people's rights away.
What worries me, though, is technology that companies like IBM is developing where a digital watermark actually becomes part of the playback audio, reproduced by every component, including your soundcard and speakers, but which cannot be heard by human ears. IBM has developed such a system which is part of the EMMS system (also known as madison), which they claim has passed what they call "golden ears" tests. These tests have people with exceptionally good hearing try to differentiate between recordings with the watermark and without. (I've been to IBM research and heard the files. I couldn't tell the difference, either, FWIW).
The next step, of course, is to have the watermarks generated on the fly for each electronic transaction that purchases the music (how far away do you think we are from hardware that can do that in a second or two?), encoding your personal information or a transaction ID into the stream. Then, if you upload the music, they will be able to track down the source of the new digital copy of the music to you.
That's pretty scary to me, at least, because we're back to that total control picture. I personally don't believe that artists should have total control of their works, let alone abitrary "copyright holders" like labels and publishing companies, because fair use is an important part of the knowledge chain.
Imagine tuition bills for higher education once professors can't photocopy small excerpts to pass out in class, or you can't actually pick up a book from the Library, copy a few pages, and go home to write you papers. Or that to actually read the book *in the library*, someone has to pay.
What happens to free libraries with perfect copyright control?
I could go on, but I think I've made my point. Different pieces of the technology puzzle to enable full copyright control exists already. I think that all the pieces will be there soon. And that scares me.
politics, food, music, life: FatMixx
The system talked about will be useful only to send out previews of unreleased music - once the CD hits the shelves, MP3s will become readily available, and unstoppable. For that matter, high bandwidth connections will soon become common enough to make practical downloading uncompressed CD audio - 1.2 Mbit/sec allows real-time transmission.
Near the bottom of the article was mentioned a token that could be moved from device to device, but that would be customized for each user's devices, so it couldn't be loaned out. It also couldn't be used on any new hardware you buy without reprogramming, making it even less convenient than Circuit City's DivX. This is one idea for a consumer app that's going to sink without a trace.
The cryptosystem may have a useful application, but preventing music trading isn't it. Maybe it would be good for high-bandwidth military applications.
I don't care about the RIAA, MPAA, etc. I don't like the idea that fair use is not being considered. Fair use is above any group and individual. But then I'm biased. Everything I work on will be preleased in XM or IT or MOD or some other tracker format. Then MP3s on miniCDs.
Maybe out on vynil next. And then for backup purposes on CD.
If I have stereos all through my house and back yard, I'd like to access my music from anywhere using a wireless palmtop running a Unix.
All this protecting is going to annoy anyone who actually does something with music and that includes a lot of music buyers not just signed bands. This whole listen and shut up attitude bugs me.
I especially hate the bullshit about USE licensing. That's breaking up a product into multiple pieces. Frankly I expect to pay less if I'm not allowed full use.
The message on the other side of this sig is false.
Reasons why this is not a big deal:
sigs are a waste of space
So the sum of this is that it's ultimately a futile endeavor, regardless of how they rotate keys or whatnot. The folks at Emusic are selling hundreds of times more music than anyone else and none of their stuff is encrypted -- did you know that half their board came from PGP: Pretty Good Privacy, the crypto folks? And that Gene, their CEO, is a longtime cypherpunk? So why is it, you should ask yourself, that some of the most knowledgeable crypto people in the world would start the only online music sales outfit to sell *unencrypted* dowloads?
Maybe because they understand what crypto is really for.
Crypto is for keeping secrets between parties that desire to keep that information a secret. If A wants to tell B something, he can use crypto to prevent some C from listening in that both A and B don't want hearing the information. But if B desires to share this information with other parties, there is fundamentally, long-term nothing that can be done to protect B from sharing it. Crypto is only useful at protecting information if all parties who know the secret want to keep it a secret.
So ultimately, any attempt to protect publicly-published data (books, movies, music) with crypto is going to fail; it's fundamentally untenable.
David E. Weekly
David E. Weekly
Code / Think / Teach / Learn
h4x0r for
Oh, fantastic. another unbreakable cryptosystem to secure digital music. yea. Not that I can't play it, and loop it back directly in with no loss of quality into another system. ooooh. who cares if it's encrypted??? If the consumer can listen to is, the consumer can record it. Simple. No technological controls will ever, ever prevent pirating.
While this cryptosystem sounds really cool technologically (possibly very powerful encryption) a) the cryptographic element of security is never the one broken--if you have five trillion brass-plated locks on your steel, reinforced door, people break through the window, for look for the key in one of those stupid rocks by the side of the door. b) cryptography is great for security and privacy and integrity, but is helpless against willful copyright violation by a cryptographically-authenticated party (like, say, the consumer).
And in any case, there is nothing to get consumers to move 100% to this system, as opposed to trading MP3s. even if bill gates includes DRM into windows, people will use Linux, or FreeBSD, or not throw their 'old' computers away and keep them for functionality sake to play mp3s and whatnot.
in short, cool idea, useless for the purpose.
Returned Peace Corps IT Volunteer
I thought slashdotters liked strong crypto and innovative crypto and anything else that could be used to keep the government out of your hair. Why are we getting our panties in a bunch that someone else might get to use crypto too?
If, as we've stated many many times, the RIAA is obsolete then they will have no use for this technology because they won't have any music to encrypt. The musicians will all be using this to encrypt the songs they are selling off of their websites. Does anyone have a problem with the musicians profiting from their work and using this to enforce how something they created is used? Not I.
Kintanon
Check out JoshJitsu.info for Brazilian Ji
Remember, denial always comes right before going kaputski. Remember the disney movies? The Humorous Sidekick always tells the bad guy: "Umm... what if they Exploit Badguy's One Huge Weakness?" The Generic Evil Bad Guy will then laugh and say: "Nonsense. They would never be able to... " At that point, he is obliterated.
This can be extended as an analogy to the recording industry. First, they think "nobody will ever like this mp3 stuff". Then they pretend to ignore its spread. Once they realize that things are going to hell in the proverbial handbasket, they introduce their weak attempt at mimicking this.
It's very simple. Any music released in this format will never be used. Period. As long as they still sell the CD, people will still get it in mp3 format. And if they only release it in a digital encrypted format, then nobody will buy it. No matter what, the recording industry is doomed.
Friends don't let friends misuse the subjunctive.
We'll be in the same place we are now, very simple, just take audio out from your computer, use a double male line to the audio in port, and record onto mp3 or whatever replaces it, encryption scheme bypassed. if you can _LISTEN_ to music, you can get around any and all encryption of it.