Slashdot Mirror

← Back to Stories (view on slashdot.org)

SDMI Officially Reports on SDMI Hack

Posted by Hemos on from the what's-the-frequency-kenneth dept.

A reader sent us the press release that the Secure Digital Music Initiative folks have put regarding the hack SDMI challenge. They are stating that three out of the five were not cracked, contrary to earlier reports, and that of the two that were cracked, one was not a replicable event. Meanwhile, Salon has continued their coverage of the whole shebang.

14 of 136 comments (clear)

  1. regardless... by cybercuzco · · Score: 4
    no matter what happens with SMDI it will be cracked. I think that the fact that even part of it was cracked with a massive boycott going on speaks to the encryption schemes weakness. Even if the whole thing had been broken, i dont think SMDI would have released the fact. They have too much money riding on it now to start over with something new, which is what they would have to do if everything was cracked. what will be important in the following months is that if SMDI is actually released into the wild or not. If it isnt, i suspect the whole thing has been cracked, if it is, then it will be cracked soon enough. Either way mp3's are the future of music, not smdi.

    --

  2. Princeton Team by Mad+Hughagi · · Score: 5
    A coalition of cryptography and watermarking researchers from Princeton University, Xerox PARC and Rice University claims to have successfully defeated a music protection system proposed by the Secure Digital Music Initiative (SDMI). - From Salon

    The only consideration is that this group hasn't submitted their technical information (which automatically excludes their attempt from being considered). Now I don't know about most skeptics, but when a group of this stature claims to have done something, I would guess that they were being sincere - how many universities would allow research groups to do work on something like this and then make false claims?

    --
    UBU
  3. this is what was sticking in my craw by beckett · · Score: 4

    I remember a few weeks ago there was that streaming radio interview with Chiariglione, some linux webpage, some guy from 2600.org, and the FSF. in that interview, Chiariglione addressed several issues involving "fair use", and he said (rightly) that and SDMI will provide someone with the ability still to copy, but not serially (like the presnet SCMS).

    The FSF rep wasn't able to respond to this, but from my point of view, SDMI's ability to make a limited number of digital fulfills the "free speech" needs of the FSF, which was their main concern.

    what do people think about that? do i have this wrong?

  4. Re:Re-encoding as Ogg? by g_mcbay · · Score: 5
    In reality it doesn't matter...Your assement is correct.

    The music industry blindly believes that as long as you can't make a perfect digital copy, their investment of millions into a protection scheme is a good one.

    The music industry is wrong..Nobody seems to mind all the fairly crappy (compared to 'perfect digital copies') MP3 rips on Napster. Nobody will mind a protected song going to over high quality analog and being redigitized back into an unsecured format (Ogg or MP3).

    It is all an exercise in futility and corporate self-ass-protecting.

  5. heheheh... by AugstWest · · Score: 4

    "Each submission -- whether successful or not -- taught us important lessons about what can and cannot work in the marketplace."

    Ok, lesson here is... if you can encrypt it, someone can break it. Plain and simple.

    If it can be streamed, it can be recorded.

  6. SDMI will win by mikej · · Score: 5

    I have less and less faith that people like those behind SDMI, the DMCA, Library/School filtering, etc. can loose. Yes, thus far people with reasonable, intelligent, knowledgeable positions have been able to hold all that money in check, but I just don't see how that situation can continue. What isn't technically possible _will_ be legislated into effect by people with the resources and desire to see it so.

    What those who rose to the SDMI challenge did, if I'm to understand the implications of the end to the DMCA commentary period correctly, is now a felony. It is my understanding that even the Princeton team, a legitimate academic research effort, put themselves at risk of ending their careers by participating in this overtly sanctioned exercise in reverse engineering.

    If the mind-blowing amount of money behing initiatives like SDMI can't create a technical solution, you can guarantee that it will realign to bring about a legislative solution, and once that's done, that money will move toward financing enforcement. The truly sad part is that we're already moving into the enforcement phase, and neither of the two possible next presidents have displayed any willingness to curb the trend. As the subject says, SDMI will win, not because of its technical superiority, but because there's too much money working to guarantee that it does.

    I've been a cynic for a long time, but I've never seen so much to be cynical about as I have in the past year on the internet.

    --
    Ideology breeds Hypocrisy. Just how much is up to you.
    1. Re:SDMI will win by i-Chaos · · Score: 4

      When was the last time internet legislature actually secured anything? Don't tell me that you're completely blind that "warez" site that you KNOW exists. Don't tell me that you're unaware of the existence of FTP sites running on OC-3 backbones massively transferring pre-release games and microsoft betas. And lastly, don't even think about saying that you've never seen a file called "class.nfo" or "myth.nfo" Well, if you really don't know what I'm talking about, then you should reconsider your post, as you obviously don't have enough information about the topic in question.
      We're talking about securing music files to rid the world of internet DIGITAL music piracy. Let me just say that the only piracy protection on games that the "Release Groups" have not been able to crack is the logged reg-key. Logged reg-keys are stored remotely, and every time a game - for the sake of argument, let's use Quake 3 as an example - is played (over the internet only) there is a check for the reg-key. If the reg-key which the user entered into the game is in their file of "released keys", then the user is allowed to play, if not, then the user is not. Besides, Quake 3 has been cracked to work with single-player. What can SDMI do? Force only internet-connected users to listen to music? Ha! That's a laugh. Anyway, good day.

      Oh yeah, a note on "resources"... umm... one would think that MR Gates has LOTS and LOTS of resources, yet a lot of people use pirated Windows - just a thought.

      --
      ...I am proof that intelligent beings are not always intelligent...
  7. Go ahead, fib.. by iamsure · · Score: 4

    It seems to me based on the Salon reporting, the MULTIPLE universities and other groups that claim to have cracked all their watermarks, and protection schemes that they are fibbing.

    Maybe they have some cute little exception (cant be reproduced on a p100, doesnt sound the same to golden-ears after the fact), but it seems like a fib or a stretch at LEAST to me.

    So, what if they are fibbing?

    More power to them. Let them release a flawed product, get everyone's support, have it added to a million products and songs, and weeks after release have a winamp plug-in come out that real-time decodes them.

    Suits me just fine.

    The honest, appropriate, and correct solution to the problem of digital security is to not be militant about it.

    Sure, anyone can copy cassette tapes, and lots do. That didnt stop PLENTY of cassette sales.

    You say its different because its digital, but it really isnt. The general populace doesnt have the knowledge, time, nor toys that support mp3's in a wide-spread way yet.

    Not to mention I dont think it will become super-widespread for another 3-4 years.

    (Yes, I know napster has a large user base. Thats not the same as the user base of people with cd-players (home, car, personal, AND computer) now is it?)

    In short, the media giants need to just tuck tail. Its a losing battle. Mp3's sound more than decent, and are not secured. They will always be around now. If the music companies had gotten on board sooner, and done digital distribution sooner, they may have prevented it.

    All they can do now is try to save their ass.

    --
    GPL'd web-based tradewars themed space game
  8. SDMI will fail--so sorry by Sara+Chan · · Score: 5
    The most important point was made by the Princton team in their FAQs:

    All hacks to SDMI attempted so far have been made without access to the watermarking algorithm. If SDMI is ever released to the public, however, someone will reverse engineer the algorithm--and post it on the web for all to see. As soon as that happens, SDMI will almost certainly be cracked more or less completely. The current contest wasn't at all close to a real-world test.

  9. Re:So called golden ears tests by mangu · · Score: 4
    To see how much those "golden ears tests" mean, take a look at rec.audio.high-end. It's not those very few people who are naive enough to spend $6000 for a pair of "oxygen-free copper" speaker wires who matter to the music industry.

    The majority of people who buy music are those who are already used to the degradation caused by broadcasting, people who listen to audio cassetes in noisy cars, etc. As long as the music passes "tin ears tests" it's good enough, and the RIAA knows that.

  10. This is perfect by Jafa · · Score: 5

    Everyone was trying to boycott the challenge earlier, thinking that if we let them release, we'll break it after it's official. Then some people broke it (for the most part. Not forgetting that it's impossible to secure anyway). Now, they're saying it wasn't broken and are moving ahead anyway! That's the impression I get.

    Sounds like a good deal to me.
    Jason

  11. Re:but why? by danderson · · Score: 5

    Why should i use SDMI when i already have MP3!

    (If you live in the US: ) Easy. MP3 will be found to be an illegal bypass of the security measures found in SDMI and will be declared illegal. So will the CDs you own. And any tapes. And the concept of Fair Use will be thrown out. Just prepare yourself

    (If you don't live in the US: ) Try not to laugh too hard at our stupid coporate laws.

    --
    This is supposed to be great art. So why does it look like a bunch of decapitated naked people? -- Calvin
  12. So called golden ears tests by g_mcbay · · Score: 5
    The 'golden ears' tests are what make me laugh the most. Haven't these people ever downloaded an MP3 from Napster? Even I can tell that the quality is fairly poor on many of the MP3s people host..Yet, it doesn't seem to deter the masses.

    It is incredibly naive of them to consider a hack on SDMI unsuccessful because professional sound engineers could hear the difference in the watermark-hacked version!!! Especially in the case mentioned in the article where it was a 2-1 vote, meaning one of these professional sound engineers out of 3 didn't hear the distortion.

  13. irrelevant by xeno · · Score: 4


    I'm not sure there's real news yet: The SDMI proclamation and the Salon reporting is just a war of words at this point. What will be of real significance is when an SDMI format is selected, files becomes available, and can be played by commercially available devices. THEN it will be significant if there are cracks of the chosen SDMI format.

    imho, I don't think that the people motivated to produce the best cracks (and to build gui crack tools, which are what would do the real damage to SDMI) are also motivated to share the results with the SDMI folks. The real news will be whether successful, reproducable cracks and crack tools become available immediately after the SDMI release.

    --
    I think not...(*poof*)