Slashdot Mirror
SDMI Officially Reports on SDMI Hack
A reader sent us the press release that the Secure Digital Music Initiative folks have put regarding the hack SDMI challenge. They are stating that three out of the five were not cracked, contrary to earlier reports, and that of the two that were cracked, one was not a replicable event. Meanwhile, Salon has continued their coverage of the whole shebang.
If it was broken, AND there system could not detect ie the watermark, do they consider not cracked if THEY determine that the sound quality is not good enough? good enough for who? for them? for the people who will be glad to pirate it?
------ Curiosity killed the cat. {satisfaction brought it back | it didn't die ignorant | lack of it is killing mankind
Would not anything less than "perfect/absolute access control" be, in actuality, "ineffective access control"? Either you control or you don't.
"A microprocessor... is a terrible thing to waste." --
"A microprocessor... is a terrible thing to waste." --
GeneralEmergency
Does it stop anyone from making copies. Whats the point.
No, but it stops people from using their copies on SDMI systems. For example, what if your speakers are SDMI-compliant? "You don't have authorization to play this CD; it is owned by Foobaz Library."
Will I retire or break 10K?
Certainly.
:)
For that matter, it's easier than that. Wait until SDMI comes out. Someone with a few extra bucks can go pay for the new version of Real Jukebox that can watermark songs. Rip a track, watermark it, and compare the watermarked copy to the original. The watermark will stand out.
Repeat the process a few times, perhaps with a couple different paid-for copies of RJ to see what parts of the watermark are serial numbers, etc.
SDMI is stillborn, we might as well let the RIAA spend time and money on it. It will keep them from doing anything productive in the meantime.
If you can make it, someone will break it. I have absolute faith that something can be encrypted such that {DNA|quantum|brute force} methods are all infeasible. What if your cipher doesn't have discrete states?
-- LoonXTall
~~~LXT~~~
Life is like a computer program: anything that can't happen, will.
SCMS only prevents SERIAL copying. there is nothing that prevetns you from making more than 1 or 2 backups, right?
i'm not trying to pick a fight here so stop me if this argument has been rehashed, but if i drop my VCR, Sony has no obligation to correct my stupidity. if you destroy your CD, you buy another one too, right?
(yes i am naive) doesn't the number of copies depend on the EULA anyways? here, they are allowing you to make as many 1st generation, digital copies as you like, AFAIK.
In an SDMI world, your soundcard would refuse to play the new .wav because it still has the magic mark of Cain.
Do you realize how *unlikely* this is to happen? Your average game probably has between several hundered and several thousand sound effects, and maybe a few dozen cinematics. Suddenly, every single one of them has to be encoded with the watermark from a completely different industry, just because they happen to both use the same hardware. Amateur musicans would be another group who might not quietly accept getting screwed if SDMI hardware becomes the law.
Causation can cause correlation
In legal terms effective is probably defined as a "sliding term" used in relation to a situation.
i.e. the lock on your front door is effective for a personal residence but ineffective for a bank.
The courts who be the ones who define what is effective for a given situation.
And this was happening BEFORE DeCSS. DeCSS makes it easier to transfer the DVD data to other formats but the pirates were already using other methods of ripping the data out (mostly of the type listed above where they would play the DVD through an analog line and recapture it to digital in a non-secure format).
I don't know about BETA or Hi8, but I'm fairly sure that modern VCRs are supposed to have copy-protection circuitry in them. I've seen tapes that have been copied from rental copies, and they turn out all orange, unless you're recording with an old enough VCR.
Do DVD players put out this "copyright" signal as well?
You can never put too much water in a nuclear reactor.
Just my $0.00002 (new technology finds ways of cutting pennies in to veeeeeeeery small pieces :)
-orakle
unzip; strip; touch; grep; mount; fsck; yes; more; fsck; umount; make clean; sleep
firstly, i think we should all welcome this great victory for SDMI, and we should congratulate them for changing the entire world so it is completely safe from evil music pirates. bottom line, release SDMI ***NOW*** so we can crak---errr... listen to the wonderful music on DVD-audio, buy digital music online and all that good stuff. in short, SDMI release music, players and everything RIGHT NOW!!!!!
In a quote from Mr Gore, he stated "These companies are going about the matter all wrong. Digital watermarking isn't going to work. What we need to do is take new music, and put it away in a lockbox, one to which only the President and the Speaker of the House have the key. With the music locked up tight in this lock box, it will be safe and piracy free for future generations."
Mr Gore went on to say "We want Britney Spears and other artists who could be hurt by music piracy to know that a promise made is a promised kept."
Editors Note: Mr Gore's previous technological experience includes inventing the Internet.
The only consideration is that this group hasn't submitted their technical information (which automatically excludes their attempt from being considered). Now I don't know about most skeptics, but when a group of this stature claims to have done something, I would guess that they were being sincere - how many universities would allow research groups to do work on something like this and then make false claims?
UBU
What's to prevent me from taking an SDMI-protected song, dumping it to a .wav file [1], and then re-encoding it with, say, ogg? As a worst case scenario, I could set up a loopback with the D/A A/D converters on my soundcard to get the .wav. Will the watermark still exist in the .ogg file? Does that matter?
Causation can cause correlation
I remember a few weeks ago there was that streaming radio interview with Chiariglione, some linux webpage, some guy from 2600.org, and the FSF. in that interview, Chiariglione addressed several issues involving "fair use", and he said (rightly) that and SDMI will provide someone with the ability still to copy, but not serially (like the presnet SCMS).
The FSF rep wasn't able to respond to this, but from my point of view, SDMI's ability to make a limited number of digital fulfills the "free speech" needs of the FSF, which was their main concern.
what do people think about that? do i have this wrong?
Why rent when you can get them for free at your Local Public Library?
Glückwünsche, haben Sie Slashdot ermordet, indem Sie zum korporativen Druck beugten und Subskriptionen einlei
Do they really think that anything they come up with is going to be secure. People will continue to rip CD's and find ways napster or otherwise to distribute it. Lets get real here.
AF-Design, web development.
Its really about the sound data in the file. Hence the name 'watermark'.
If I put a watermark on a piece of paper, and you use a (high-quality) copier on it, the watermark will still exist. The same sort of thing applies if you re-record the music, even if you switch it to analog and back to digital, or so I'm told.
The point here, as I understand it, is not to prevent piracy, but to be able to detect it.
Each song, then, would have a unique 'ID', which would be associated with your name when you buy it. If it shows up on napster, they come after you for the royalties.
If I'm right, hope this helps. If I'm incorrect, please correct me.
Zipwow
I don't know which is more depressing, that 2/3 didn't care enough to vote, or that 1/2 of those that did are crazy.
actually i'm not signal11... atleast not consiously(don't know if i post in my sleep)6 51707,00.html
and apparently according to zdnet:
http://www.zdnet.com/zdnn/stories/news/0,4586,2
they have approved 3 technologies...atleast one of whom felton of princton claims to have broken... heh
I believe sex is highly over rated... unless it involves me
That is because you couldn't make 100,000 copies of one song with a very few actions (Napster...)
:wq
Do they really think *that* makes it secure?
;)
Well, if they do, they can feel free to release it.
---
pb Reply or e-mail; don't vaguely moderate.
pb Reply or e-mail; don't vaguely moderate.
The Record Rental Amendment prohibits renting of phonorecords such as cassettes and CDs without express permission from the copyright holder (generally an RIAA member label). This applies only in the United States.
Will I retire or break 10K?
the thing that makes mp3 cool is that it's not tied to anything to make it work. mp3 doesn't require a decryption key (which limits its portability), it doesn't require you to "pre-register" before you listen, it's totally anonymous (so people can't track your bizarre listening habits), etc
how many encrypted songs will you have to buy in order to listen to them on A: your computer, B: your portable SDMI device, and so on and so on..
What do you expect? If they actually acknowledged a real winner, they'd have to give out money (and we all know how they hate to do that) AND effectively toss away all the cash they'd thrown into it. (Never mind that part of the point of research is to find out what doesn't work!) Plus, it'd be really bad from the PR point of view...
Oh, well. Its also obvious that the technological solution is just to reduce the number of people taking advantage of their fair use rights to those who would do it anyway, to reduce the number of targets for the legal teams to mob...
-RickHunter
"Each submission -- whether successful or not -- taught us important lessons about what can and cannot work in the marketplace."
Ok, lesson here is... if you can encrypt it, someone can break it. Plain and simple.
If it can be streamed, it can be recorded.
Is there such a thing?
Ok, let say you make it where a watermark is 'somewhat secure' (there is nothing "secure" only "somewhat secure"). Say it uses a bunch of random bits that is encoded in the music. What would stop someone from just remvoing the code from the music? The DMCA?
Everyone here has seen a sound wave. Wouldn't the "code" produced abnormal spikes somewhere in the wave? With a powerful sound processor, it could be possiable to proccess the wave in a way to detect the code and remove it. Oh course this is analog.
With digtal music, random bits can be place in locations where typicaly would not produce sound or abnormal sound. Drawing from a "clean" sample patterns can be found for the encoding. Do some math, and the water become clear as day. Once the pattern is found on the single sample, you have to find out how this sample compare with another samples.
This is where it gets complex. If the music effects the pattern of the watermark, one would have to figure out what influece the pattern. It can be rather complex. But here's the problem. One can't just add a bunch of random bits on digtal music and expect it to sound the same. Figuring out where to put the bits, helps the cracker, becuase it makes it easier to find a pattern.
Also, one is limited to the number of bits to the lost of enjoyment. How many can you really put using complex anaglothes in a 4 minutes song? How many of the 50 megs of a wave file or 4 meg in a mp3 isn't really used?
There is one good thing, with effective encoding, it can increase security for simple text messages.
=)
MarNuke
It is too late for them to jump on the wagon.
Let them declare it secure and try to implement it, but several of the member organizations refuse to implement it, and watch SDMI get clobbered in the marketplace.
-- It only takes 20 minutes for a liberal to become a conservative thanks to our new outpatient surgical procedure!
I believe part of the protection is an audio watermark which would not be eliminated by your solution. It would defeat any other protections though as far as I can imagine.
Well, look at the source.
Slashcode is currently distributed under GNU GPL 2, which allows modification and (apparently) ASPing (using code to run a service without distributing binaries) without requiring modified source to be disclosed. GNU GPL 3 will have restrictions on ASPing, which <IANAL>may be construed as a public performance under copyright law</IANAL>.
Slashdot is presumably running a highly customized Slashcode installation. Fat chance you'll find lameness filters in the tarball.
Will I retire or break 10K?
This is not a joke, and is of course the real reason that all computer professionals fear the DMCA.
No he's not, but thanks for remembering!
I haven't trolled in a while; lately, it's been hard to compete with the real Bruce Perens!
Will the real Bruce Perens Please Stand Up
The real problem I see is that SDMI will probably also get erased by accident by increasingly good compression technologies. What is going to happen then? Most like the music industry will scream "bloody murder" and be all up in arms about better compression standards (as if they weren't already), not just because they make distribution of music easier, but also because they erase the SDMI watermark.
In fact, a particularly cynical view of all of this would be that SDMI is intentionally weak in order to be able to have a future claim, based on DMCA, against the deployment of better, or at least alternative, audio compression techniques.
I have less and less faith that people like those behind SDMI, the DMCA, Library/School filtering, etc. can loose. Yes, thus far people with reasonable, intelligent, knowledgeable positions have been able to hold all that money in check, but I just don't see how that situation can continue. What isn't technically possible _will_ be legislated into effect by people with the resources and desire to see it so.
What those who rose to the SDMI challenge did, if I'm to understand the implications of the end to the DMCA commentary period correctly, is now a felony. It is my understanding that even the Princeton team, a legitimate academic research effort, put themselves at risk of ending their careers by participating in this overtly sanctioned exercise in reverse engineering.
If the mind-blowing amount of money behing initiatives like SDMI can't create a technical solution, you can guarantee that it will realign to bring about a legislative solution, and once that's done, that money will move toward financing enforcement. The truly sad part is that we're already moving into the enforcement phase, and neither of the two possible next presidents have displayed any willingness to curb the trend. As the subject says, SDMI will win, not because of its technical superiority, but because there's too much money working to guarantee that it does.
I've been a cynic for a long time, but I've never seen so much to be cynical about as I have in the past year on the internet.
Ideology breeds Hypocrisy. Just how much is up to you.
They're going to watermark CD's? Does that mean they'll want everyone to fill out a form and agree to the ToS at the record store?
The security of SDMI depends on would-be pirates having exceptionally high standards for sound quality. Given the quantity of 128 Mbit mp3s on napster, I think it's safe to say this is not the case.
WARNING: there is a trojan on your
If it wasn't for the fact that all freely accessible music formats are apt to be declared illegal I'd _love_ the idea of these clowns going ahead with SDMI. I can tell you that it is going to be _noticable_ if you have an ear- perhaps less so if you are 'watermarking' Britney Spears junk, but anyone who is getting a good sound will find that sound _defaced_ by the watermarking. That's not all- radio stations have elaborate equipment to compress and enhance detail on the music they play. Played through that even the Britney Spears stuff will be obviously flawed by the watermarking- it will bring out the distortion and make it audible, that is what this type of equipment is _for_: bringing out hidden detail in sound.
There is a Chinese ideogram (?) which represents both danger and opportunity. This SDMI garbage is just that- both danger and opportunity. There was a time when major label/corporate musical content actually was better than garage stuff- studios were paid for, artists got to concentrate on their work, and a lot of music got created that was really rather good. That's why you're still hearing it 20, 30, 40 years later instead of last year's corporate music product.
That time is gone- now, with SDMI, the corporate music product is boldly choosing to degrade the quality of its product to _substantially_ below what a clued electronic musician (with some sound engineering experience) can produce. That's because the corporate people think they have such a lock on media in general that they can _afford_ to do this to tighten their control- and that is the opportunity.
It's never been a better time to become a musician- not because there is industry support- there's not- not because there's money in it, there has never been money in it compared to, say, going public with a dotcom. The reason it's such a good time to be an indie musician is because the main competition, commercial media, is becoming so arrogant that it no longer cares about any sort of quality. This tends to alienate people, and there are going to be a lot of alienated people milling around trying to find music, entertainment, stuff to listen to or watch or even stuff with a message and a purpose. It's simple mathematics- as the corporate product gets complacent (check), lower in quality (check BIGTIME) and cynical (check), a market opens up for competition to come in. Straight capitalism- capitalism cuts both ways *g*
why does it need an *encoder* to make one, and a *decoder* to play one?
All compressed data is encrypted. It HAS to be to compress it. Think about it for a minute.
The key issue is that for mp3 the key is *public* rather than private.
KFG
People won't want low grade audio and Napster will never take off.
What the SDMI people forget when testing for perfict audio is that they are making a protecting against MP3 piracy.. This will have zero impact.
Accually ANY piracy would degrade the audio somewhat.
So golden ears can tell the diffrence while partly tone deff me can't tell the diffrence..
Someone pointed that SDMI will be flawed but the music industry will just get laws past so it dosn't matter.. Someone else pointed out (to me in RL) that with the United States ellections so close (In all offices) that we are likely to get a pritty much even mix of partys we'll end up with 4 years of bickering and political infighting.. no new laws.. and nothing gets done. So if the SDMI stratagy is to get a new DMCA type thing passed.. Good luck..
Basicly it's not so easy to buy people.. buy republicans and the democrats will oppose you on princaple.. and visa versa.. you can't buy em both...
I don't actually exist.
Nothing is wrong with paying for music. Granted, there is a lot of
:)--powerful people and organizations are
:)
overreacting that goes on: some people really come across as though
they believe that if A) someone creates something, and B) it's really
easy to copy, then C) it must be made freely available to one and all.
But that's not the issue here. The issue is that a lot of
very--temporarily?
attempting to apply laws to a new technological and sociological
foundation, and that same foundation obsoletes many of those same laws
and concepts. They have their heads so far up their assets that they
don't see that this desperate attempt to make old models work in a new
world is doomed.
Perhaps the worst part, however, is that they're foisting the whole
load on the world as being in the interest of the artists. This
hypocrisy is what really condemns them for me. Since bloody *when*
have artists meant a sparrowfart in a hurricane to these execs? They
matter when they have a lucrative track record. That's it.
If you must pity someone, pity the artists. They weren't getting
treated what they were worth before, and they aren't now.
And please please please don't bother mentioning any of the vast
minority of artists who make it to the top rung. Sure, they get big
bucks and all the extras. You only know about them because they're
making money for someone else. Who do you think writes the press
releases, pays the studio/engineer time, yada yada? The execs. Why?
'Cause they'll make a bundle.
There are labels which buck this trend, but they're for the most part
quite new and have grown out of the underground/independent
scene. Which, by the way, is taking full advantage of the same
technology which the Big Boys are trying to suppress. Independent
music is flourishing, since creating and distribution of one's own
works is more available than ever before. Yes, this results in a lot
of drek. But at least with independent music, *you* get to decide what
you want to hear. You don't get your music selected for you by suits
pandering to market pressures. Think they want that pressure? Sure,
it's not a huge chunk out of their pockets, but the competition *is*
there, and lots of studios, bands, and labels are popping out of the
woodwork with independent/semi-independent works which are just so
much better than anything you ever hear on, say, RCA. Godspeed You
Black Emperor, Tortoise, Neko Case, you name it. The execs don't like
this either: competition sucks when your suit costs more than your
PC.
Eventually, with any luck the music industry will simply adapt to the
way things are now, instead of the way they wish they were. But for
now it's gonna suck for a bit.
Watermarking is adding details you can't hear.. Audio compression is REMOVING details you can not hear. Assuming the anolog cables and sound card DAC and ADC don't strip it first the compression should.
It seems to me the SDMI is totally based on identical reproduction.. do anything to elinminate that and you lose the watermark in the process
I don't actually exist.
A 2-1 vote? this is something so subjective i don't see why it matters except for the sdmi to use to make itselft feel better. I mean just what is considered "minimal loss" or "no apparent loss" of quality?
didn't the parc team that cracked it say that the online testing "oracle" wasn't quite working either?
personally i could care less if the audio quality degrades a little for the convinience.
do they really think they are going to deter the masses from sharing music with this technology? even if no new mp3s can be ripped what about all the existing millions of mp3s already out there?
I believe sex is highly over rated... unless it involves me
What's odd about this is that we have a means to break SDMI and produce a file which probably has excellent (given that the people to submit said cracks would be sufficiently happy with their results), but not quite excellent (failing the golden ear test), but free of copy protection. When it comes to "distributing" free music, what will the average user of such services look for? I'd argue that only true sound affectionados would be the ones to get the CD given the option between it and digital music files, and they'd be the only ones that could hear that difference that the golden ears tests revealed.
Basically meaning that since it can be hacked to remove the watermark, SDMI is pretty much defeated.
Save for that stupid little thing we call the DMCA.
"Pinky, you've left the lens cap of your mind on again." - P&TB
"I can see my house from here!" - ST:
Couldn't the DCMA be challenged legally on the basis that there really is no such thing as an 'effective access control' device in purely digital content?
"A microprocessor... is a terrible thing to waste." --
"A microprocessor... is a terrible thing to waste." --
GeneralEmergency
This isn't going to stop people from listening to mp3's on the computer any way right? I mean.. All you have to do is save an old copy of mpg123 or winamp and you can listen to all of the mp3's you want..... I would think....
What are they going to do? Force an open source mp3 player to check from their water marks?? haha..
I guess the only thing they can really do is force the companies making portable mp3 players to use this technology.. That kinda sucks, but oh well.. I personally don't use them anyway. I'll just burn them to a cd instead..
-----------------------
Jeremy 'PeelBoy' Amberg
Yeah. That's the whole point. The SDMI has to lie now or else they can't lie later. SDMI is cracked (and mathematically we already know from information theory that you can't do what they want to do). A secure system is impossible. They know it's not feasible so they have craft out these early lies to support their later lies when they go before Congress and ask for more restrictive laws and when they go before a judge and ask him to confiscate joe college student's computer and audio equipment plus levy a steep fine because joe knows how to make copies.
--
--
He lives in a world where those who do not run the client software of the omnipresent meme are unacceptable.
It seems to me based on the Salon reporting, the MULTIPLE universities and other groups that claim to have cracked all their watermarks, and protection schemes that they are fibbing.
Maybe they have some cute little exception (cant be reproduced on a p100, doesnt sound the same to golden-ears after the fact), but it seems like a fib or a stretch at LEAST to me.
So, what if they are fibbing?
More power to them. Let them release a flawed product, get everyone's support, have it added to a million products and songs, and weeks after release have a winamp plug-in come out that real-time decodes them.
Suits me just fine.
The honest, appropriate, and correct solution to the problem of digital security is to not be militant about it.
Sure, anyone can copy cassette tapes, and lots do. That didnt stop PLENTY of cassette sales.
You say its different because its digital, but it really isnt. The general populace doesnt have the knowledge, time, nor toys that support mp3's in a wide-spread way yet.
Not to mention I dont think it will become super-widespread for another 3-4 years.
(Yes, I know napster has a large user base. Thats not the same as the user base of people with cd-players (home, car, personal, AND computer) now is it?)
In short, the media giants need to just tuck tail. Its a losing battle. Mp3's sound more than decent, and are not secured. They will always be around now. If the music companies had gotten on board sooner, and done digital distribution sooner, they may have prevented it.
All they can do now is try to save their ass.
GPL'd web-based tradewars themed space game
Perhaps "stating" was meant. I understood the poor editing when /. was a noncommercial entity produced by the grace and kindness of Malda's and Hemos' hearts but now I wonder if the editors, even though they should have the time (and money) now, do not have the skill to produce quality work.
No, on the inside front cover, in small print, it will say:
"By opening this package, you aggree to be bound by the ToS. For a copy of the ToS, please write to..."
No need to go bothering with a form when they can simply trick you.
Withdrawal before climax is very ineffective and those who try this are usually called "parents."
I seem to remember reading that the "Golden Ears" test for the SDMI challenge simply required the "hacked" songs to sound better than a 64-bit MP3. That seems like a pretty reasonable standard to me. I'm not too picky, but anything under 128-bit sounds like crap.
:-)
All you people screaming at the RIAA for their supposedly bogus Golden Ears test should calm down and take a few breaths
Granted, I don't see the point of watermarking, period. If watermarking is used to control playback, you can always convert to a non-controlled format like Ogg or MP3 (through analog, if necessary). If watermarking is used to trace whoever first "steals" music, someone will just buy the music with fake ID, post in on Napster/Gnutella/Freenet, and then the RIAA will have no recourse.
Can somebody explain to me how watermarking is actually supposed to stop piracy (even if it isn't broken)?
Suppose you have two copies of the same song, both carrying a watermark, but different ones. Suppose you substract one song from the other. The bits that belong to the song should delete each other, and the bits that belong to the watermark and that are different in each watermark should remain. That should give you a pretty good idea how and where the watermark is in the song.
By flipping these bits randomly you should be able to perturb the watermark beond recognizeability without doing damage to the song beyond what the inital compression has done.
Currently, the crack attempts had only one copy of the song, and one watermark, to work with. How much easier will it be PACTOR style with two or n identical copies of the song, each with different watermarks?
© Copyright 2000 Kristian Köhntopp
It's a bit like: suppose we'd chop off Hillery Rosen's arm, she'd still claim she has two arms.
The contest was boycotted, could it be that the real hack wasn't exposed to the RIAA?
And those golden ears, aren't these people paid to reject any hack posted? They even think that the watermarked songs were bad quality, so how would they determine songquality?
Bizar technology?
No they will use your new American "digital signature" law. As far as I can determine this does not actually refer to digital signatures as we understand them (X.509 or PGP certificates) but rather "click here, OK you just legally signed this."
So look out for some sort of simple gizmo, or maybe it'll get incorporated into a point-of-sale credit card PIN system or whatever. ("For your protection" of course.)
"Don't belong. Never join. Think for yourself. Peace." V.Stone, Microsoft Corporation
You saw that bit on slashdot on securing your hardware designs so that they cannot be reverse engineered without breaking it to pieces etc.?
what if the RIAA requires that all this SDMI stuff is implemented in hardware, under an NDA and protected from reverse engineering in the manner above, well have quite a problem on our hands, wont we?
This is of course assuming that no-one will ever release PC software to run this stuff, which they probably will if there is a consumer demand, and as we all know from the DeCSS case, this is the weakest link in any access / copy control scheme.
skiy. www.Smokedot.org Drug Info, Rights, Laws, and Discussion
Any suggestions? :)
So I say's to myself, self how can I get the complete thing without it being tracked back to me.
Ah and then a light comes on. The local video store. I get a fake ID, (not hard at all), I open account. I rent CD. Make copy.
Now who cares if they CAN read the watermark???
Oh no!!! I paid with my credit card.
DRM? No thanks, I'll just get it somewhere else...
If we wait until there are a few zillions of players in the market, they won't be able to change the standards without "eroding the customer base", or whatever is the marketese wording for it.
All hacks to SDMI attempted so far have been made without access to the watermarking algorithm. If SDMI is ever released to the public, however, someone will reverse engineer the algorithm--and post it on the web for all to see. As soon as that happens, SDMI will almost certainly be cracked more or less completely. The current contest wasn't at all close to a real-world test.
So what would you expect them to do? Roll over? Of course not. They'll fight to the end and does that make them evil? No.
Has anyone ever had the chance to listen to some of those ear training tapes that sound people listen to to get that good? I listened to one once as it went through a series of sound bursts of 3 seconds through 1 millisecond. Past half a second, they all sounded identical to me. Then there was the test where they raised a certain frequency a few dB above a noise floor, at 50 Hz, 100 Hz, etc. all the way up to 22KHz. That sounded like a 2400 baud modem played backwards.
And yet, my friends in the professional sound field can hear these minute changes in the quality of the sound and correctly identify each one. That's why they get paid as much as ninja Solaris admins. They can't listen to anything less than digital to the speaker theatre quality sound without cringing. Me? I like MP3s and AM radio. So much for the golden ear test. Now back to my Rio.
--
Rob Carlson
Okay, so lets say everything in the press release was true, and that at least one of the watermarking technologies has not been cracked. So then this watermark is implemented in SDMI compliant hardware and software. First of all, what's to stop someone from playing it on noncompliant hw/sw? Secondly, once players are released, the watermark detection algorithm will be available to anyone with the capacity to reverse engineer. Won't it become a lot easier to crack any such watermark? As I recall, the contestents in the Hack SDMI challenge were only given 3 samples, a clean sample and two marked samples, one of which matched the clean one. They had to rely on the "oracle" to tell them if it worked or not, thus they had no chance to examine the players. On side note, the press release said something about "all 447 contestants"; that doesn't seem like very many to me. How could they expect to get an accurate test out of this?
you can rent CDs?
what video store is this? i want to rent CDs!
The majority of people who buy music are those who are already used to the degradation caused by broadcasting, people who listen to audio cassetes in noisy cars, etc. As long as the music passes "tin ears tests" it's good enough, and the RIAA knows that.
Everyone was trying to boycott the challenge earlier, thinking that if we let them release, we'll break it after it's official. Then some people broke it (for the most part. Not forgetting that it's impossible to secure anyway). Now, they're saying it wasn't broken and are moving ahead anyway! That's the impression I get.
Sounds like a good deal to me.
Jason
WHy do they bother? To kiss the RIAA's ass? All of their encryption schemes will end up broken.. and the software to play mp3s is already out there. SDMI all you want, it ain't going to work
How come we are all so busy explaining how SDMI or anyone else has no chance in the universe of ever getting a watermark system to work.
When we're wearing our other hats (you know the ones with the "Yes Sir I Can Keep Evil Gubmint Snoopers Out Of My E-Mail" logo) aren't we all completely sure that hiding stego messages inside pictures is a really great idea? Isn't it the same thing?
"Don't belong. Never join. Think for yourself. Peace." V.Stone, Microsoft Corporation
Leave SDMI as is, and we'll break it once it's in production....
The really dedicated audiophiles (no, not the type who measures the quality of his speakers by their price and then puts them in opposing corners of a room) probably doesn't listen to the music that is most prevalent on napster (like 'top of the hitlist'). After they spent like $10000 on their audio equipment they'll happily pay another $50 for some japan-import-CD.
For most of todays 'top hits' it doesn't matter anyway if audioquality is slightly degraded and most people listen to that music as background to something else, like driving, working, chatting, partying etc. Under these circumstances audioquality doesn't matter too much, especially since with the audioequipment it is played on the difference is probably inaudible anyway.
But if the RIAA needs the illusion that noone will copy their music because it's slightly altered to pull through their SDMI scheme I'm just happy to let them proceed with it and fail.
"By the way if anyone here is in advertising or marketing... kill yourself." -- Bill Hicks
Is it abuse-windows-users day today?
On Slashdot, every day is abuse Windows users day
... because maybe they'll decide that it's good enough, and people can then go through and rip it to shreds three weeks after they standardize on it and release it. Once it's out, perhaps there's a rat's chance in hell of proving that it was faulty technology in court and getting the court to rule against the music industry if they try to sue.
"Titanic was 3hr and 17min long. They could have lost 3hr and 17min from that."
IBM had PL/1, with syntax worse than JOSS,
And everywhere the language went, it was a total loss...
seem to be:
1. Watermarks can never provide adequate security for music (or video) because they're necessarily irrelevent to the analog signal contents, which can be recovered without them.
2. SDMI is an unworkable battleground of the RIAA versus all the HW/SW players, where gridlock will reign for years, and technical reality will eventually trump rearguard lawyers.
3. The SDMI "challenge" failure is being stonewalled and spun by fools for RIAA purposes, but they're _not_ fooling anyone who understands music and the bankruptcy of the RIAA.
4. Nonetheless, RIAA controls SDMI (dollars are clout), will declare victory, retreat to an illusion of security, aided and abetted by Micro~etc, to control the masses (for a little while).
5. SDMI is Evil Tech(c) that is inevitably doomed to fail because it flies in the face of both physics (in the form of information theory) and plain common-sense (mp3 is good enough).
6. But don't explain this to the RIAA's fatcat morons just yet - wait until _after_ they commit their future business models to this flawed, hopeless scheme - then, take full advantage.
The MPEG / Fraunhofer / Ogg standards look like a clear case of the technicians sticking it to their corporate masters by defining clean interfaces not amenable to money-grubbing big-company monopolies. Way to go, guys & gals! The best part is that they've been shot throught the heart, but they'll never see it until their business models just keel over and die.
If I can send an artist (or band) $1 to download a whole CD, that will be just as much money as they'd get if I bought it from a RIAA distributor for $16. I'll make the trade and, more importantly, so should the artist or band. The leeches losing out are unnecessary, inefficient, passe' overhead. Labels are dead, now celebrate artists! Look forward to media freedom!
Alas I fear that this is another case of skewing the rules to make winning impossible. Anyway, REAL audiophiles listen to vinyl *grin*, although I have to admit CD isn't halfway bad either. (For sound engineers out there, I do know about bandwidth etc... but I also know that Tallis' "Spem in Alium" sounds better - I didn't say closer to the real thing - on vinyl).
Either way I think that the RIAA etc... are doing themselves no favours at all. I see nothing wrong (as with software) with making money from music but they are thoroughly guilty of naked profiteering and abuse of the customer - I think Britney Spears alone is worth a few years in Broadmoor for some exec. but then again, they did bring us LedZep.
Elgon
Um, actually I was just re-iterating a very common prediction and mentioning that it's coming true. Sheesh. Everybody knows that.
Jason
The only way I can think of is to have an audible watermark on all CD's, which is pointless because you couldn't get any information from that (it would be the same no matter who ripped it). If not obviously you cant decide who can rip them and with what, so they dont have to encode some water mark into them. And if you do control all ripping software (not possible) then people would just record the audio out.
Let's see... They got the audio from the files. That counts as being cracked, right?
:wq
Of course, there's another translation available:
...successful attacks were not identified on three technologies, and were identified on two.
Of those apparently successful attacks, one of them was not reproduced on additional music samples as part of our evaluation process.
Neatly morphs into...
"Despite our best efforts, it appears that all 5 encoding methods were cracked. We could not figure how people did it on 3 of the methods because they didn't send the program.
On the two groups that were kind enough to send their program, we could only figure out how to use one of them"
(Fine, I'll take the bait.)
I should "knuckle down"? Are you implying that I should seek to emulate knuckledraggers like Bush? Funny that you should praise Bush, a blowhard who's never done an honest day of work in his life and doesn't have two neurons to rub together. America has been rapidly improving just fine without his ilk.
Besides, Bush lost the popular vote, which means he's a lame duck president from day one. Some victory. Maybe after 8 years of prosperity through hard work, many forgot that "moral fiber" doesn't feed the kids or lead to productivity. It just increases the level of irrelevant crap we have to deal with.
That's why the Technocrat got my vote and the moron didn't.
I think not...(*poof*)
I predict that SDMI will never be broken.
Now matter how many people actually break SDMI and no matter how good the audio quality of files so broken, it will never qualify as broken to the RIAA.
Why? Because they want to have a "secure" standard that nobody could successfully break. (Regardless of the facts.)
They did their part to make a truly secure standard. After SDMI is released and music starts getting pirated, then they can use the DMCA and cry, "look, we spent millions building a truly secure system that had industry support and those evil hackers broke it". This is a violation of DMCA.
In a nutshell, they have no intention of stopping piracy through purely technical means. SDMI is just part of what they need to fight piracy through the only means they understand -- litigation, money, political corruption, lies, etc.
I'll see your senator, and I'll raise you two judges.
Nope, and they don't have to. Or so they think. Remember that (so they claim) you don't really own most software you buy, or any of the DVDs you might've bought recently. Unfortunately, this IS illegal, and is known as post-sale disclosure of terms. Its roughly the same as buying a car, then being told that you aren't able to open the hood and can only drive it on roads approved by the manufacturer. And (often) being told by the car salesman that you have to get your refund from the manufacturer if you've opened the door, and by the manufacturer that you have to talk to the salesman.
-RickHunter
In non-independent tests avoided by the majority of people with taste buds, 3 out of 5 cola non-skilled cola hackers report that they can't tell the difference between SDMI and MP3 music.
The industry funded RIAA reported that this conclusively proves the existence of life on Mars, and will proceed with plans to produce Colas that will sound the same to Martians and can't be cracked for their recipes. No Martians could be found who could crack the recipe, according to RIAA.
Rumors that there are no Martians, that colas don't work in low-pressure atmospheres, and that you will never make a profit when people drink the free Open Source cola rivers on Mars were all reported to be just rumors, according to the news media who depend on insider cola event tips and free cola concert tickets from RIAA.
--- Will in Seattle - What are you doing to fight the War?
Hmmmm... do they have to pretend that at least one of them works for SDMI to qualify under the DMCA as an 'effective access control' device?
I read the earlier report and this one as well and I have to say that the differences are interesting. Were all five really cracked? I would think not with the SDMI saying that they weren't. I mean after all, if the one they choose to use really was cracked, it would only be a matter of time (measured in hours) before people were out in Netspace (not to be confused with Netscape) sharing the info on how to rip off the big bad music industry. Heh. I'm sure that it would also be put here on /. as well.
Eric Gearman
--
Atomic batteries to power! Turbines to speed!
It is incredibly naive of them to consider a hack on SDMI unsuccessful because professional sound engineers could hear the difference in the watermark-hacked version!!! Especially in the case mentioned in the article where it was a 2-1 vote, meaning one of these professional sound engineers out of 3 didn't hear the distortion.
Lets see here. Two out of five were cracked within weeks, granted that one is questionable. Seriously how long would it take for the rest to fall? A few more week? A few months? I'd be willing to be all would go down within a year at that rate. One being broken in a matter of weeks is enough to show that if you work enough at it you will find a hole to exlopit.
I'm not sure there's real news yet: The SDMI proclamation and the Salon reporting is just a war of words at this point. What will be of real significance is when an SDMI format is selected, files becomes available, and can be played by commercially available devices. THEN it will be significant if there are cracks of the chosen SDMI format.
imho, I don't think that the people motivated to produce the best cracks (and to build gui crack tools, which are what would do the real damage to SDMI) are also motivated to share the results with the SDMI folks. The real news will be whether successful, reproducable cracks and crack tools become available immediately after the SDMI release.
I think not...(*poof*)
Congratulations, then. Time to call it a success and to implement SDMI, isn't it? I'd love to see them say that as their final opinion. SDMI is flawed and they know it. I'd rather they implement a flawed technology than we can handle than to come up with something even more wretched.
But what if there's no viola playing in the music?
I don't disagree with anything you say here, but I believe we are getting into the realms of pedantry. You pick one definition for the words, I pick another. (I deliberately picked the definitions that particularly apply to computer science, rather than the more generalised definitions you use).
I contend that the difference is the intent of the encoding/encryption used. I prefer to think that encryption is intended to prevent unauthorised access, whereas encoding may be used for other purposes (e.g. making files smaller).
Not all encoded information is encrypted. To pick a bad example, HTML could be described as an encoding, but I have difficulty trying to see it as encryption as the information within it is not 'hidden'. However, all encryption is by definition encoded.
Technically SDMI should be described as an access control mechanism rather than an encoding or encryption scheme, since it does not scramble the data (it merely corrupts it), neither is it a standard format (the watermark is encoded with a standard format, along with the sound it is overlayed on).
ht tp: //advice.networkice.com/advice/Intrusions/2002901/ ?magic_cookie=2f312e31
Is it abuse-windows-users day today?
"Hot lesbian witches! It's fucking genius!"