Slashdot Mirror
More On Hard Drive Copy Protection
rabtech writes: "I contacted one of the head guys working on the ATA specs [Kent Pryor of Quantum] about the 'copy protection' thing, and what that may mean for the hard drive industry. He responded, and I've posted his letter on our front page. I did point out the issue between copy protection and copyright protection: 'Yours may be the only one actually giving a rational reason for opposition.... I will pay special attention to the difference between copyright protection and copy protection. Thank you for pointing out that legal distinction. In general, we support copyright protection. The amount of copy protection that would be allowed under this proposal would not be determined by the standard, but by the software that controls the licensed devices.'" It sounds like a royal mess to actually implement hard-drive copy controls, since they require so many groups to cooperate, but the seed has been planted.
Plaintiffs are everybody with such a hd, purchasers of content with such protection, maybe more. Local governments and school boards buy a lot of that sort of thing. I think they would jump at a chance to rake in punitive judgments of some deep pocketed defendants.
Spreading the suits over many jurisdictions simultaneously would spread the defendants leather-winged legions pretty thin. Each would need to spend tens of millions a day just to have legal ears in all those courtrooms.
Any lawyer could come up with dozens of complaints starting fom denial of fair use, damages to unrelated data by failure of backup utilities, digital wiretapping (digital sounds more sinister to joe public), quartering of their agents, the list goes on. They don't need to be that sound, legally, there just needs to be lots of them -- enough that each suit is a little different from the others.
Fight politics and greed with greed, sympathetic juries, politics, and votes. The public won't be jawboned into protecting its rights, but it will jump right in if there's money to be had.
Maybe this is a general method for knocking the zaibatsu out of their roost.
--Zax
-- We are Linux. Resistance is measured in Ohms.
Have a look at what those industry morons are up to:
The proposal to enhance the ATA-spec with copy protection extensions is an enhancement of CPRM.
CPRM itself is just one of several technologies which are part of the so-called "Content Protection System Architecture" (CPSA).
[http://www.4centity.com/4centity/data/tech/cpsa /c psa081.pdf]
Enter CPSA, servants, attendants.
CPSA is an attempt to define a technological framework in order to fulfill the entertainment industry's (RIAA, MPAA etc.) demand for complete control of distribution and copies of audio/video content. The idea is to create a secure end-to-end chain from cable-station/satellite-receiver/settopbox/DVD etc. to the enduser's speaker/digital-display etc.
CPSA is supposed to include the following content protection technologies among others:
Content Protection for Recordable Media (CPRM)
- protected exchange of audio/video on DVD, FlashMedia, (ATA-hdds planned)
- encrypted storage of content
- protected storage of content management information (CMI)
- system renewability
- methods to prevent playback of bit-by-bit copies
developed by: 4C (IBM, Intel, Matsushita (MEI), Toshiba) http://www.4centity.com
Content Protection for Pre-recorded Media (CPPM)
- robust protection of DVD-Audio content on DVD-ROM media
- encrypted storage of content
- protected storage of content management information (CMI)
- system renewability
- methods to prevent playback of bit-by-bit copies
developed by: 4C (IBM, Intel, Matsushita (MEI), Toshiba) http://www.4centity.com
Content Scrambling System (CSS)
- protecting DVD-Video cotent via authentication and content scrambling
developed by: DVD Copy Control Association (CCA) http://www.dvdcca.org
Digital Transmission Content Protection (DTCP)
- robust encryption of content passing between digital devices in the home e.g. IEEE 1394, USB
- copy control information
- authentication and key exchange
- digital encryption [sic!]
- system renewability
developed by: 5C (Hitachi, Intel, Matsuhita (MEI), Sony, Toshiba) http://www.dtcp.com
High-bandwidth Digital Content Protection (HDCP)
- encryption on high-bandwith interfaces to digital displays e.g. DVI
developed by: Intel http://www.digital-CP.com
4C/Verance Watermark
- technology for creating/reading watermarks (Content Management Information - CMI) in audio content
developed by: Verance Corporation http://www.4centity.com
Finally, a video watermarking scheme (to be selected by the DVD CCA)
All information above taken from:http://www.4centity.com/4centity/data/tech/cpsa/c
(Dated February 17th, 2000; revision 0.81) Absolutely recommended reading!!!
So much for the overall framework.
Some interesting details on the technologies described above:
Content Management Information (CMI)
- additional information added to the content in order to establish rules and conditions restricting its usage
Copy Control Information (CCI - a subset of CMI)
- copy restrictions through data flags: copy free, copy once, copy nomore, copy never
There is an enlightening presentation on DTCP (warning: horrible layout):
http://www.dtcp.com/data/dtcp_tut.pdf
A preliminary version of the DTCP specification (v1.1) can be found here:
http://www.dtcp.com/data/DTCP_spec11_informationa
A few buzzwords to wet your appetite:
- content encryption, supported ciphers: M6, Blowfish (modified), DES
- authentication: Diffie-Hellman key exchange, PKI
- cryptographic functions: SHA-1, random number generator
[cf. Chapter 4.4 Cryptographic Functions]
The next document makes for another interesting read:
http://www.dvdcca.org/4centity/data/licensing/ado
let's have a look at some excerpts:
Exhibit B-1 CPPM COMPLIANCE RULES FOR DVD-AUDIO (p.35ff):
Section 3. Encoding Rules for individual parameters of prerecorded DVD-Audio disc
- specifications for control of copy permission (3.2)
- specifications for control of copy numbers (3.3.1)
- specifications for audio-quality control of copies (3.3.2):
The Audio Quality Parameter (Q) consists of 2 bits and defines the number of channels (ch), sampling frequency (fs), and quantization bit level (Qb) of permitted copies.
another example:
section 4. Playback and output control rules for participating player devices
- playback control by audio watermark: unencrypted content with CCI bit of Audio Watermark set to any other state than "copy freely" will not be played (4.1.1)
- player devices built after Dezember 31, 2000 have to respond to the Verance/4C Audio Watermark (4.1.2)
- as soon as a method is determined players shall, through media type detection, prevent playback of recordable media with CPPM protected content(4.1.3)
An interesting tidbit on HDCP can be found in an article at maximumpc.com:
http://www.maximumpc.com/reprint/intel_revamps/
a quote from that article:
(...) Intel has proposed the High-Bandwidth Digital Content Protection encryption spec. Using hardware on both the videocard and the monitor, HDCP will encrypt data on the PC before sending it to the display device, where it will be decrypted. The rub is that only new DVI-equipment will have the feature, which creates a slight risk of obsolescence for those who invest in DVI early on.
Intel officials have downplayed that issue. They claim that any DVI monitor will be able to display protected content, because the HDCP-equipped DVI card will simply sense that an older DVI monitor lacks HDCP features and will lower the image quality to keep the content protected. Of course, no one has accounted for consumer acceptance. Will people embrace a standard that reduces image quality on their older equipment? Intel officials say the loss won't be enough to irk people.
how about this one:8
http://www.techweb.com/wire/story/TWB20000218S000
"HDCP uses a 56-bit key, with individual keys distributed to the various vendors. A violated key could be tracked down and revoked over a satellite broadcast network, for example."
Apart from the documents obtained from the specification websites referenced above a search on the manufacturer's websites (Panasonic, Sony, etc.) for keywords like DTCP, CPRM etc. yields further information such as press-releases and other documents.
A couple of devices that already make use of these technologies have already been announced and/or gone into production such as:
Matsushita (Panasonic) DVD-RAM recorder DMR-E10
Panasonic D-VHS VCR PV-HD1000
Silicon Image SiI 168 PanelLink transmitter chip for DVI hardware
Silicon Image SiI 861 PanelLink controller chip for DVI hardware chip
And you guys thought CSS was the only thing to be worried about.
---Police Line - Do Not Cross !---
Copy protection hard drive plan nixes free software - RMS By: Andrew Orlowski in San Francisco Posted: 23/12/2000 at 01:07 GMT
Richard Stallman says that plans to put content control into industry standard hardware pose a threat to the adoption of free software.
... tries to disguise obstructionism and rampant power as an attempt to keep a program or book or song safe from harm. It is a propaganda word."
Proposals have been made to add CPRM (Content Protection for Removable Media) into the ATA hard disk specification, we reported on Wednesday. CPRM originates from the the 4C Entity and licensing is administered by License Management International, LLC, which also administers the CSS license.
"This resembles CSS and e-Books: it is another plan to impose additional power over people who use published information, on behalf of those who hope to control the power," he writes in emails to The Register.
"This plan seems to pose a threat to free operating systems. We will surely not be authorized in the US to implement free software to access any of the centrally-controlled data. So a free GNU/Linux system won't be able to do it."
"If users accept the domination of centrally-controlled data, free software faces two dangers, each worse than the other: that users will reject GNU/Linux because it doesn't support the central control over access to these data, or that they will reject free versions of GNU/Linux for versions "enhanced" with proprietary software that support it. Either outcome will be a grave loss for our freedom."
"We must hope that some countries refuse to pass laws to prohibit free software such as DeCSS, so that some part of the world can publish the software that will keep freedom alive, underground, in the rest of the world."
Stallman also highlights the term "copy protection". "The word 'protection'
Indeed: it's a euphemism as incongruous as down-sizing or friendly fire. As an alternative, we quite like "copy control". But if you have snappier suggestions, we'd like to hear them.
--
Blaming GW Bush for the Iraq war is like blaming Ronald McDonald for the poor quality of food.
Individual boycotts are unlikely to have a discernible effect --- there just aren't enough disk buyers around who are aware of this issue.
However, there is an easy way of amplifying our insights and making the companies take note: use the extremely active investors' networks, and offer the view that investing in hard drive manufacturers is inadvisable given that their sales will be taking a huge downturn owing to the incorporation of copy protection on drives. Names names if you can: we know that Quantum supports the scheme, and at least 3 of the 4C companies make drives --- IBM, Matsushita and Toshiba.
In the UK, investors' information exchange sites like this one seem to have dozens of thousands of very active customers (we see their mailing lists spew out an incredible torrent of investors' comments every day). Advice offered here is likely to have a significant effect on share prices far beyond the number of people providing the advice, at least in the UK.
Does anyone have a list of equivalent sites in the US and the rest of Europe?
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
If so, you are consenting to being taxed on independent work, the money of which goes directly to my worst competitors. It effectively negates my attempts to undercut the majors via mp3, if you decide to pay this flat tax like you propose.
It's kind of like 'music CDRs': as an indy guy I would kind of like to see people outright boycott that stuff: all it's doing is adding X amount of surcharge, which goes straight to the RIAA as if it were some government authority, which then turns about and uses that money to try and shut me down or impose taxes any way they can. Please don't give them _more_ ideas :P :)
Anyway, The Register (the site that also broke the story) has posted a very good FAQ on the subject:
http://www.theregister.co.uk/content/2/15718.html
(for the goat sex paranoid)
(end comment) */ }
(end comment) */ }
[an error occurred while processing this directive]
from what I saw the site was more of a "we like the Mac, but hate apple" type thing. All their articles were about either cool Mac stuff, or screw ups by Apple (as a company, not so much related to the quality of the actual machine). This is somewhat understandable attitude. As an outsider looking in, it has always seemed to me that Apple delights in tormenting it's loyal users, who keep coming back because they like the product.
I don't need a million points of light, just two points of multi-mode fiber and a 10 Gig-E router.
No copy protection scheme prevents commercial pirates from turning out identical copies of the 'copy protected' material.
All 'copy protection' schemes are about preventing people who have legally purchased material from using their material in ways which the law has always allowed.
Copy protection is about allowing current industry companies to maintain control of artists and other people who create copyrighted material.
'Copy protection' is about the current industry companies attempts to continue to be dominant in the recording and publishing fields.
Current companies are terrified of the Internet because the Internet allows artists and writers to publish their works without going through a publishing company .
'Copyright protection' is the responsibility of government to protect material which is copyrighted from theft or other illegal use.
'Copy protection' is a scheme by companies in the recording and publishing industries to control how legitimate purchasers of copyrighted material use that material . 'Copy protection' is an attempt by the recording and publishing industries to eliminate 'fair use' of copyrighted material such as LIBRARIES .
The only encouraging thing about the copy protected disk situation is that it is the first time that I have been able to get across to non technical people why the DMCA affects them . That is a very good thing - we need to let the non technical people understand why these things are so important to all of us.
I can't figure out why the hard drive manufacturers are giving this scheme the time of day. If it works, it will dramatically reduce the amount of copying being done (perhaps 95% of all non-corporate copying I'd guess), and so it's absolutely inevitable that the number of drives bought will plummet. This is not to the advantage of disk manufacturers at all.
Given the profit motive, the drive manufacturing sector of the free market should be dismissing/ignoring these proposals altogether. What's happening here, what's pushing them to support it? They're definitely not addressing their customer requirements.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
I don't see any. The only way to effect copyright protection you need to have copy protection, right?
Nope! Copyright protection can be effected by watermarking the content. Then, if you see your copyrighted material on Napster (for example), you track it down to the person who is offering it for download. You can get some idea of how many people downloaded it based on having the same watermarks. Now, you tell them to pay up or prosecute. You don't have to catch them all, or even most. Just a few examples will do.
None of that would have any impact on me making a copy for use in the car or for backup, or even making a copy for a friend (small change!), but it would prevent mass abuse.
From the e-mail:
but by the software that controls the licensed devices
SO what does this mean? AT what level would that be implemented?
BIOS; HD Controller; OS?
I actually think you would have to have a carefully crafted cooperation between the HDD, the Disc Controller na dfinally the OS. So does that mean that once on of those links doesn't work the whole CP Scheme will not work? I still don't quite get it how this stuff could work, even with appliances like tivo.
However it's scary seeing you rights fading out more and more each day.
"Mommy, mommy! The garbage man is here!" "Well, tell him we don't want any!" -- Groucho Marx
Good work.
Now, we need to make it very clear to the CEO's of every disk manufacturer that we can reach, that we will boycott any copy-protected drive.
They can't even be bothered to make drives with a real hardware write-protect anymore, so the security of MY data is apparently unimportant. I'll be DAMNED if I'll buy a disk that secures the MPAA's data, but can't be configured as read/only so I can keep the script kiddies from messing with it.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
How will they manage to prevent a single raid-array disc to be copied ? /dev/hdxx (or sdxx) volume is not rot13-uuencoded / rot13/uudecoded on the fly ?
How will they ensure the raw
And btw, doing this will have an ethic impact : what about fellows who want to backup their ext2fs or reiserfs volumes ?
Does this mean we will have to pay for specific backup software with NSA backdoors (who said "MS" ?) ?
I believe there's something rotten...
--
Trolling using another account since 2005.
This whole copy protection scheme (as all others are) is pointless. You can make downloaded songs triple-encoded with different 4096-bit keys, require a hardware dongle that has to be kept locked in a safe that is welded to the computer, and this still isnt going to stop people from swapping pure good ol' american FREE MP3S!!. When I say free, I mean free of copy protection and other impurities. Not free of cost.
You can secure the secure stuff all you want and unless you can find a way to un-invent MP3, you're right back where you were.
If they want to stop 'piracy' (By this I mean people gaining posession of a song without paying) they should SELL MP3s. And I mean all of them. Every song by every artist. Available for download in MP3 for $10/month. I would get that in an instant. That $10/mo would get you a guranteed good rip with a good download speed would be worth it.
People dont use Napster because they dont want to pay any money. They use Napster because they dont want to have to go to a store, pay 100x what the CD is worth, and then find out they dont like it. If I could pay $10/mo for unlimited downloads IN UNSECURED MP3 FORMAT I would never use Napster/openNap/PowerNap/etc again.
--IronHelix
Is this whole CPRM effected by the filesystem (fat,e2fs,etc) or OS used to store the data?
What if I use an encrypted filesystem?
How might this work with non-ms software?
No, I did not read the f***ing article!
Can't any copy-protection mechanism be defeated by using an encrypted filesystem? Or am I missing something here? An encrypted filesystem would slow down disk access, because encryption and decryption consume CPU cycles, but CPU is cheap.
The proposed standard will not prevent organised copyright theft, or even a knowledgeable hacker; user-friendly software for installing an encrypted filesystem will quickly become available, so that even ordinary users will be able to copy whatever they want, just like they can now.
Of course it's fine to voluntarily boycott such controlled content, but what do you do when it's the only content available? I've been told repeatedly that VHS is on its way out in favor of DVD, and there does seem to be a gradual trend in this direction at the local Blockbuster. (After all, excepting the copy protection scam^H^H^H^Hscheme, DVD's are clearly superior to analog videotape.) So as soon as you want to use anything at all that relies on this dubious technology you will fold up, buy the software and the compliant hardware and grumble while it does its thing. And you will lose that content when you buy a new PC or hard drive -- unless you get the hack for it.
We are all sheep. We all know that slashdotters and the like have effectively no voice in the world-- that we are either portrayed as whiny losers who whine to each other on Slashdot (there's a whole lot of truth to this) or renegade hackers who have nothing but damage to others' rights on their agenda (there's very little truth in this). But with DVD's we aren't even using what little voice we have. Indeed, the technophilic nature of the sort of people that are drawn to slashdot probably means that a higher percentage of them than the common public have DVD players.
What we *should* be doing is boycotting the DVD standard, and loudly. Some of the few respected speakers among the techno-nerd crowd from which slashdot draws its audience should be echoing these boycotts. The message should be, we're not interested in a format that has a central patented control (i.e. DVDCCA) on the very format. We will boycott it until manufacturers and content providers come up with another format not so encumbered-- and buy *that*. Market forces could clearly win out here, but all of us techno-geeks are too drooling in awe of the capabilities of DVDs that we've just jumped lemming-like over the cliff rather than have the willpower to take whatever insigificant steps we could to harenss those market forces.
Market forces killed DIVX. The manufacturers are getting more canny, though. With DVIX, it was obvious to every consumer that they were getting a bum deal. Now, the manufacturers are getting better at slipping things in, things that only techno-geeks notice, which they can then use to provide DVIX-like controls on the hardware and software that everybody already has bought. There will not be market forces against it until the computer illiterate notice what they're losing, and by then it may well be too late.
(What's happening is that the massive entities who control distribution in the analog world are trying to enact legislation and such that will allow them to continue the same sorts of controls on the digital world. In the analog world, they were a little more natural. Joe Average making a copy of content would degrade it in quality; only the big entites had the resources necessary to really provide quality content. In the digital world, this is not true; anybody can make full quality copies. What should really happen is that as the digital world takes over, there should be a paradigm shift, and whole new models of distribution should come in. (Much as the very presence of recording technologies introduced new paradigms.) However, the people who have all the power in the analog world don't want it. But it really is unnatural, and eventually something that really uses digital technology to its full effect will take over and send the analog power brokers the way of the dinosauar. It will happen. Unfortunately, I fear it may take 50 or 100 years (pessimistically speaking), and those of us who live in the interem will have to suffer for it. Especially since those few who understand the issues don't do anything about it, but either just whine to each other (as I am doing now) or give up and buy tainted technology (as all of you have done with your DVDs).)
-Rob
Anyone have details about this?
Sounds like you're advocating something illegal under the DMCA, namely circumventing copy protection used to protect a copyrighted work.
It's decss all over again. They encrypt software, music, you name it onto a CD, DVD, Installer disk, whatever. You can't get it off there because that's a DMCA violation. Then they make a Windows-based installer to transfer it securely to the Hard Drive. You can't get it off the HD either-- it's another DMCA violation.
Boom. There goes your right to use any of that content in Linux, unless they feel like giving you a Linux installer.
-------------------
-------------------
This is my SIG. There are many like it, but this one is mine.