CD Copy Stopper

CTho9305 writes "Technology Review has an article about a new CD and DVD copy protection system by Doc-Witness, where the disc itself has a smart card on it. The card checks if a request is valid, and then returns a key to decrypt the contents of the disc. It apparently works with standard drives."

so....

[tx_mgm]

3....2....1....
ok, wheres the crack for this?
=)

Oh boy

[ArmenTanzarian]

I can't wait for the ridiculously easy fix for this one. All you have to do is spit on it and it not only copies, but increases the quality!

I bet $20...

[swaic]

Saying it will be defeated within 30 days. Any takers. Also, $25 saying it will be by a Russian.

Re:I bet $20...

[st0rmshad0w]

Heh.

More like within 30 minutes. And it'll be a high school kid.

Re:I bet $20...

[ivan256]

Try an hour. This uses standard readers. Spoof a ligitamate read and you've got the key. Sniff the IDE bus and you've got the key. The decryption algorithm has to be unencrypted and easily disassembleable on the disk for this to work in a standard reader.

Don't invest in this company.

Re:I bet $20...

[heathm]

Well that would be a stupid bet.

A few years ago I worked for a smart card company and we thought about doing this very thing. We realized very quickly, however, that the key securely stored on the smart card has to get passed out of the smart card and into software to be useable. Once the key is in software, it is vulnerable and can be hacked to decrypt the contents of the CD.

If everything were done in hardware and the key was transferred securely through hardware it would be much more difficult to hack the key, but who cares? After passing the key securely from the smart card to the decryption hardware, the hardware has to put out a stream of unencrypted data to make the content actually usable and the data can be recorded AFTER being unencrypted. What if the hardware outputs the data in analog format? Big deal. It's a high quality stream so we record it again and digitize it and we really haven't lost that much quality wise.

Adding a smart card to a CD or DVD doesn't really make it more secure. It just makes us jump through more hoops.

Of course, this whole post is probably illegal anyway due to the DMCA. I would post anonymously but the karma is worth time in prison and $1/2 million fine.

Re:I bet $20...

[Mr.Intel]

Of course, this whole post is probably illegal anyway due to the DMCA. I would post anonymously but the karma is worth time in prison and $1/2 million fine.

Well at least you have your priorities straight.

Re:I bet $20...

[Cruciform]

OK, so we all take that bet and lose 20 dollars, but because it's an obvious solution, and wasn't defeated by a Russian, you owe us all $25.
So here's the deal, don't worry about the full 25, we'll just accept the difference. That's 5 dollars apiece for everyone else reading this thread.
Just post your chequing account info and we'll Slashdot your beer money :)

Re:I bet $20...

[evilpenguin]

As the poster pointed out, at some point it goes to your eyes and ears. This is the so-called "analog hole." You can capture the output at this point and re-digitize it. Sure, there is some tiny loss of quality, but you now have an unencrypted data stream you can reproduce indefinitely.

I'm just waiting for the day when someone tries to pass legislation that require chips in our heads where every time we think about a movie, our debit card is automatically charged.

Perfect control, protection of intellectual property rights. Surely economic interests are more important than the commons of ideas?

Read Lawrence Lessig: "Code and Other Laws of Cyberspace" and "The Future of Ideas: The Fate of the Commons in a Connected World." Be concerned.

Re:I bet $20...

[roman_mir]

With the right equipment, I'll break it in hardware in a matter of hours.

Re:I bet $20...

[fishbowl]

"A few years ago I worked for a smart card company and we thought about doing this very thing. We realized very quickly, however, that the key securely stored on the smart card has to get passed out of the smart card and into software to be useable."

If you'd only patented it, you would now be in a
position to either quash the development of this
"technology" or else to collect royalties on all
media sold with your invention.

Re:I bet $20...

[evilpenguin]

But the original poster was talking about the DATA "idiot". Who the hell cares that the key remains unknown if I can steal the data? The MPAA and RIAA don't give a damn about keys, they don't want you listening or watching without paying. P.S., I am all for AC posting, but if you are going to be abusive, have the courage to use your name.

Re:I bet $20...

[WNight]

They probably encrypt the data on the disk, with a huge, almost impossible to break key.

And then they send the key to the program from the smart card, maybe even in a secure way, and the program decrypts the data to play it.

The hacker nabs it here.

Or, they got even more clever, the program reads the data, passes it to the smart card, and reads the decrypted data out the the smart card to play it.

The hacker nabs it here.

There's likely some funky tech involved to embed the smart card in the disk, and to read and write to it with a normal CD drive, but in the end, the data has to be played on a computer I control, so I can always sniff it out.

Even if they take away my control of the computer, via Palladium or something, I can always clip into the wires right at the cones of my speakers, translating that back to audio either on an old, contraband computer, or in an emulator of one that I write on the new protected computer.

They'll never plug the "analog hole" and the harder they try, the more motive I have for distributing the copies I make and trying to put them out of business.

As to how it's powered, these devices can be made to run on almost no power, a battery could be embedded into it that would power it for years, or it could use the rotational energy of the disk much like self-winding watches. If it only sends a key to a program that properly identifies itself, it doesn't need to do much and could survive years on the smallest of batteries. Hell, it could even have a solar-cell, powered by the read laser, though I doubt they'd go that far.

Re:I bet $20...

[metlin]

Yeah.. and it kinda reminds me of this Doctor Fun comic strip :-D

Attractive?

[fiftyLou]

The technology is highly attractive...

Perhaps, but that website sure isn't.

Re:Attractive?

[Mattcelt]

Heh. Any company that prints its entire ad copy in 16-point font is selling snake oil.

It amazes me that some people still think that a bigger font makes it more believeable.

Re:Attractive?

[ranulf]

It amazes me that some people still think that a bigger font makes it more believeable.

I always wondered why /. was only tolerable with the largest possible font setting.

CD Costs

[DavidLeblond]

How will this effect the cost of the CD media? It doesn't sound very cost effective to me, seeing how it would be a matter of minutes before someone wrote a program to crack it. I'm sure the developers know this too.

Could be tough to defeat

[JeanBaptiste]

Usually I say it is trivial to bypass almost any security measure, but after reading the article, it sounds like this one could be tough to crack, as these are not 'normal' off the shelf CDs

Fortunately for /. type people, I bet these CDs will be expensive enough that they wont be used en masse by CD publishers...

Re:Could be tough to defeat

[Arcturax]

They will just use it as an excuse to raise CD prices yet again.

But cracking this will be easy enough, all you need is a patch cable and a sound card and a PC. Most MP3's are flawed with digital artifacts anyway, so people won't complain too much about the slight loss in quality from this kind of copy. All they will care is, "Does it work in my MP3 player?".

Re:Could be tough to defeat

[mpe]

Usually I say it is trivial to bypass almost any security measure, but after reading the article, it sounds like this one could be tough to crack, as these are not 'normal' off the shelf CDs

The way it's operation is described makes it something of a waste of time. You can just copy the data after decryption.

Re:Could be tough to defeat

[dcavanaugh]

The irony of a price increase is that it provides the incentive to break the protection. Audio CDs are seriously overpriced as it is (compared to DVD, at least). I think they are dangerously close to the point of diminshing returns.

Am I the only one who sees this as a viscious cycle?

5 rem RIAA strategy as a BASIC program
6 rem written in BASIC to illustrate
7 rem how truly silly these people can be
10 print "Complain about piracy"
20 print "Purchase laws, scream for enforcement"
30 print "Spend money on protection technology"
40 print "Raise prices"
50 print "Oh no! protection is defeated!"
60 goto 10

For those who want to see this on paper, feel free to change print to lprint. I am not responsible for printer damage or consumption of supplies (ribbons,toner,ink cartridge,paper,etc.)

Re:Could be tough to defeat

[Ooblek]

I know a foolproof way to protect CDs. It is highly secure and could never be cracked.

Sell empty cases that have all the pretty cover art and lyric books. Can't rip that music.

Seriously, I remember my uncle telling me about some new, uncrackable, small satellite dish that the company he was working for was working on. You just attach it to the eave of your house, and point it north. That company was Hughes, and we all know this technology as DirecTV. Turns out it was far from uncrackable.....

It appears that if someone makes it, it is only a matter of time before someone cracks it. But aren't all William Gibson novels about a conflict between large data companies and a fringe digital underground?

I predict - maybe I'm wrong, who knows - that this BS with digital rights laws and stuff will bounce around for another 10 years until we actually get politicians in office that know anything about technology. It always seems strange that politicians are generally really old people that are ill-equipped to deal with new technologies. These people will die off or get pushed out of office, and people who are mid-20s to mid-30s now will start to take office. Hopefully, they will have had the chance to get an education in the digital age, and they will educate the remaining dinosaurs of the folly of trying to regulate this stuff. You can't make laws that apply a label of criminal to everyone in the world except for the luddites, it is just a waste of time.

Re:Could be tough to defeat

[JeanBaptiste]

I am not worried about audio, of course if you listen to it you can rip it... I am more worried about softwarez...

Re:Could be tough to defeat

[gilroy]

Blockquoth the poster:

didn't your mother ever teach you that coding with line numbers and go to statements is evil?

Whippersnapper! You can have my GOTOs when you pry them from my cold, dead fingers! :)

Re:Could be tough to defeat

[dcavanaugh]

I thought the dumb-as-dirt coding style was a perfect match for the logic. I deliberately downgraded my coding style and choice of language to suit the task at hand.

I predict that sitting on a bookshelf at RIAA headquarters is a big-time consultant study that cost about 100 kilobucks and takes about 200 pages to describe and recommend a strategy that can be represented in less than 10 lines of BASIC code.

Re:Could be tough to defeat

[RailGunner]

You hit the nail right on the head.

You've motivated me. In 2004 I'm running for the U.S. House of Representatives.

RAILGUNNER FOR CONGRESS!!

The only candidate with the balls to beat these jackass politicians over the head with the proverbial CLUE STICK!

Re:Could be tough to defeat

[mpe]

And what happens when the contained program decides it wants to query the cd as to whether it's valid or how many licenses you have left? It'll require patching the software as well which could be difficult.

If you do this how can you have multiple licences on one CD, since it can only be in one drive at once? Anyway program which insisted on the CD being in the drive all the time would be a very unpopular form of dongle.

what?

[supernova87a]

How can this possibly be claimed to work with standard drives?

Our dvd players read the optical stream from the disc, and then decode it video out. What is this chip supposed to do -- decrypt on the fly and send a new optical pattern to the read head? I don't think so.

I think someone is trying to push a new kind of dvd drive that requires the discs to have smart cards...

Re:what?

[gargle]

"What is this chip supposed to do -- decrypt on the fly and send a new optical pattern to the read head? I don't think so. "

Well, yes apparently:

The technology works by turning an ordinary CD drive into a smart-card reader. A photodetector at the edge of the CD turns the drive's laser light into electrical pulses, which travel to the embedded smart card and request the key. If the card deems the request legitimate, it returns the key as an electronic signal that an onboard light-emitting diode converts into light and beams back to the drive.

Re:what?

[Biolo]

You're thinking too linearly. This can't work on audio CD's, but I imagine they are just aiming at
data CD's (and DVD's coming soon if you believe them).

There will be a piece of authentication code in the installer (or whatever). This will be responsible for interacting with the smartcard to send it that initial information pulse. It will then ask the drive to re-read the "smartcard area" of the disk until it gets a response (decryption key), and will use that to decrypt the rest of the disk. Since DVD drives can run code also they will be able to use this same scheme there.

'course all the Warez'ers will have to do is replace the initial installer code once they've accessed the drypt key, so I give new titles a week after they are released before there are cracked versions going about.

One worrying question - are they getting all the power for the smartcard from that laser pulse? Really? Probably means a battery, so your CD or DVD now has an even more limited lifetime. Tinker with the battery size and Hollywood now has a way to program in obsolescence into that new DVD, forcing you to buy a new copy!

Re:what?

[fireweaver]

I am suspecting that the way this works is that there is supplied with the disc a separate authentication key that the user enters into his PC. Software would then modulate the CD-R's laser in a manner similar to a CD writer. The smart card looks for that signal and returns the appropriate response, I.e. the decryption key.

I think that the fancy CD is just -part- of a total programme here.

Gut feeling: It will be cracked in a week.

Re:what?

[Coplan]

One worrying question - are they getting all the power for the smartcard from that laser pulse? Really? Probably means a battery, so your CD or DVD now has an even more limited lifetime. Tinker with the battery size and Hollywood now has a way to program in obsolescence into that new DVD, forcing you to buy a new copy!

It all comes down to a scene in a demoscene demo of years ago. The demo is called "Eden". I can't remember the group that designed it..."Psychic Monks" or something like that. Anyhow...there was a scene where there was an oldskool anti-soviet poster stating "Big Brother is Watching". But instead of Lenin on the poster, it was Elvis. I always thought that was a funny paralelle, as the entertainment industry is always trying to find more ways to charge more for consumers.

I'm still on the fence about this one. Am I happy that Hollywood/RIAA wants to come up with some sort of encryption system built into their media? No. But I can sorta see where they're coming from. After all, if that were your business, you'd try to figure a way around it as well.

However, the gaming industry might have realized one minor fact that Hollywood and RIAA have overlooked -- spend all your money on research, and its likely going to get wasted. It doesn't matter what you do, someone will find a way around your "security". The goal of an entertainment industry is literally just to make more gains than losses (profit). I'd be curious to know (if there is a way to measure it) the difference between the net loss relative to piracy and the cost put into research for anti-piracy devices such as this. I wouldn't be surprised if it came close to balancing out.

The reality of the entertainment industry...with some exceptions, a movie, or a CD or a game or anything of the sort has a life span. It is popular for a certain amount of time, and then people loose interest. They get interested in the next new thing. The industry could take advantage of that.

Re:what?

[oenone01]

Ok so how does the onboard diode get its power?

Re:what?

[SanLouBlues]

Good explanation. Now the $17.99 question, how is it powered? I doubt the photoreceptor can generate enough power from the laser to do all that. Maybe inertia chargers, but I didn't think they were quite that small. Which leaves a battery as the answer, meaning people will have to rebuy these CDs if the battery dies. Or buy a charging "cradle" for the discs.

Re:what?

[DustMagnet]

Software would then modulate the CD-R's laser in a manner similar to a CD writer.

They claim it works on CD-ROM drives, so it can't be that. It probably transmits data from computer to CD by looking at what track/block is being read (yes I know there's only one track).

The whole thing sounds like vaporware. The website flashy, but lacking in technical detail. It's probably just fishing for VC.

In the end, I doubt they could produces these smart cds for less than a dolar each, and that's a huge cost for most companies. Those that use dongles now, might buy into this, but it doesn't provide any more protection.

Re:what?

[Fizzlewhiff]

I thought it worked like this. The added weight of the smart card throws the CD off balance making it very unstable and therefore unreadable when spun faster than an audio CD. ;-)

Re:what?

[nahdude812]

They could if they asked the drive to read the appropriate area several times, or until it receives a signal, it charges up a little capacitor, and when it has sufficient charge to return a signal, it does so. Though LED's are pretty power hungry little guys, I think it would probably require quite a bit of effort, and a capacitor with a fairly significant charge capacity (for being part of a very thin piece of hardware meant to fit within the standard thickness of a CD) to make it realalistically reliable, which could mean a 5 minute period of charging up the little guy. Remember, the LED is only on one side of the CD (which I assume is somehow counter-balanced; and one led on each side would require twice the charge), so it has to provide its signal as one bit per revolution, and has to remain lit for that whole revolution (or else respond to the laser light to light very briefly, which come to think of it is a pretty good way to do it with less power).

Really, it is a system that would work fairly well... sortof. Like copy protection schemes on games, it depends on unmodified software installers. You can't depend on that, and it won't be long at all until someone writes a little program for each release that provides the appropriate decryption key, and hard-inserts it in to the return value of what ever function call retrieves the archive decrypt key. Such programs would most certainly be covered as illegal under current US laws, as there's little doubt that they are copy protection circumvention, so they won't be as readily available on public warez sites.

The biggest concern here will most assuredly be the expense of this system: as said in another post, over $1 per CD is too much for standard use, and only really intended for special situations (super duper expensive software)... which means crackers have even fewer programs to crack, and a lot more motivation due to the expense.

I do have to wonder how the article thinks it could limit the number of different locations you can install it, since one of its touted advantages is not requiring registration of user information with a central repository (ala XP), so the best they could do is to program the thing to only allow you to install it a fixed number of times total, when you'd need a replacement CD. That hurts badly, especially for nice buggy Windows and Mac machines where you're looking at periodically just needing to scrub your drive, and reinstall. Oops, even though you own this software, and it's never seen a different machine, the disc says you've installed it too many times, bad YOU!

Re:what?

[Alsee]

he difference between the net loss relative to piracy and the cost put into research for anti-piracy devices such as this. I wouldn't be surprised if it came close to balancing out.

Actually the proper measure would be between the anti-piracy spending and actual increased profits due to actual decreased piracy. You also need to subtract and lost profits if the anti-piracy device causes any hassle to legitimate users.

The balance of the equation is going to take a big hit from fact that anti-piracy measures have been a dismal failure and that very few instance of piracy actually represent a lost sale.

-

Re:what?

[karlm]

You touch on a very good point. The gaming software people used to get hit much harder than the music industry ever did. Then the figured out how to work with the net instead of against it. If you release a good online game, you can have your customers flocking to gladly take part in a subscription-based revenue model, on top of outright purchasing the software.

Comparison to WinXP copy protection

[McCart42]

Granted, Windows XP had nothing this advanced on the disc itself, but the methods of circumventing this new protection device will likely be the same as the ways WinXP's product activation was circumvented. Just reverse engineer the code, find the references to the smart chip, and remove those references. Granted, one won't be able to just "copy the disc", but cracked ISOs can still be theoretically distributed. It'll be interesting to watch.

Re:Comparison to WinXP copy protection

[Erasmus+Darwin]

"Granted, one won't be able to just "copy the disc", but cracked ISOs can still be theoretically distributed."

Sure. But remember that copy protection doesn't have to completely prevent copying to be effective. Instead, it merely has to make the legal purchase more attractive than the copyright infriged copy, at least to some consumers.

In this case, it sounds like each and every DVD would have to be cracked by someone with a good deal of skill and possibly some special equipment. Compare that to "cracking" CDs, where you can get pre-made tools that handle all the effort of ripping CDs, encoding them as mp3s, and even naming the files to match the CD info.

Re:Comparison to WinXP copy protection

[Mitchell+Mebane]

No, that wouldn't work. The data on the CD is encrypted. The disc decrypts itself if it passes security checks. It would presumably keep track of the systems that it has been installed on, and refuse to decrypt itself if you violate the EULA.

The glaringly obvious hole, that I see, anyway, is that you could stick it into a valid system, and then copy the contents. It would decrypt the files to give you, the authenticated user, access to the data. Then you could crack and burn. The only thing I see this preventing is 1-to-1 copies, like CloneCD does.

Re:Comparison to WinXP copy protection

[Myco]

I don't know about you, but this kind of BS makes the legal purchase a whole lot LESS attractive in my eyes.

They're Destroying It

[KelsoLundeen]

Maybe it's just me, but does it dawn on no one -- at least no one at the RIAA and perhaps the MPAA (Jack "Maddog ... Grrrrrrr!" Valenti in particular) that they (and by "they" I mean the RIAA and the MPAA) are slowly destroying the promise (so-called, of course) of digital technology?

All this stuff -- from half-assed watermarking, to government-sanctioned hack attacks on 14 year-old Kazaa users, threatening to throw them in federal high security lockups -- all this stuff is destroying what it's attempting to preserve.

Re:They're Destroying It

[Colz+Grigor]

Would that it were so...

Remember that the 14-year-old Kazaa users tend to still be significantly more intelligent than the average population.

Anyone below average scares the crap out of me and, by definition, that's 50% of everyone.

With Microsoft and Dell making computers that any idiot could buy and use (Jeez... just take a look at Dell's spokesperson!), we'll actually have at least half the population buying these copy-protected CDs without thinking twice about Fair Use.

So much for voting with out wallets. We're going to actually have to vote with our votes during every upcoming election. Our best course of action is to educate those that are educable and motivate them to cast their votes every time they have a chance.

It's society's own apathy that's going to wind up allowing ..AA to kill digital content.

::Colz Grigor

Re:They're Destroying It

[SirSlud]

Yeah, the digital devide of the future is going to include many folks who opt out of the degital device market simply due to any lack of control as to the use of those devices. Frankly, if all this competition (of which lobbying the government is supposedly a part of) and shit is supposed to encourage people to work harder and be innovative, screw that. I had a friend who stopped working on flight sims after he found out they were selling to governments to help them train pilots to bomb their own people. It's an unfair comparison, but its still the same forces at work that would make me question my involvement as an engineer in the development of technologies that are designed to remove the accountability and responsibility of obeying the law from an individual citizen. All this to appease a demonstratibly corrupt industry?

I will not contribute towards technology that does nothing to even the playing field in this plutocracy.

Re:They're Destroying It

[Arcturax]

More like they are doing all they can to stop the inevitable. Their business model fails with today's technology and they know it and are doing whatever they can to squeeze what little they still can from it. Instead of embracing the technology and working the problem of making a new buisiness model around it, they are thrashing to and fro as they slowly die, doing anything to extend their life a little longer.

Case in point... last weekend I was at Conglomeration (nice mid sized sci-fi con held near Lousiville) and attended a panel by the directors of the home made movie "Rock and Roll Starship". I brought up computer technology and he told me that since the advent of things like iMovie and companies like Adobe and Apple making what was once high end movie software cheap enough for the masses, that the number of people who are interested in starting their own independant movie making groups has skyrocketed. He said that anymore, movie making is going more and more independant and it is only a matter of time before Hollywood loses control to groups of kids who are able to make their own films and put them up on the internet or burn them to DVD and sell them at cons.

True, the flashiest looking stuff will always come from big budget Hollywood, but independant film makers are going to catch up enough to make some stuff which looks pretty nice on their own. That and some of the independant stuff is pretty damn good story wise, better so than a lot of Hollywood fluff.

In fact, I was able to see a rough cut of their second movie and comment on it, to influence the final version, which was very cool! Their first movie came out in 1997, had shaky camera work, Dr. Who like special effects and the sound was a bit buzzy.

This next one, though a rough cut, already looked a lot better. The sound hadn't been cleaned up yet and there were only a few "test" effects, but from what there was in there the new movie will look as professional as something that Hollywood might put out.

Times are changing and you will see more and more of this as time goes on. Hollywood had better prepare itself, because the computer is going to bring on the age of the independant film, and nothing they do is going to stop it.

Re:They're Destroying It

[Jeppe+Salvesen]

One of the best things that happened to Hollywood was that the VCR was deemed fair use in the lawsuit in the early 80s. They were trying to make us unable to tape shows. Now, a substantial portion of their income is from selling those tapes and dvds to us.

I hope they'll sometime catch on about digital media. Frankly, the biggest mistake they did was to allow the playback of DVDs in computers. If the data DVD had been physically incompatible with the video DVD, they would have been able to keep their secret keys. They distribute those keys once they're satisfied the manufacturer is going to comply with their regulations. Thus, no DVD on our computers (perhaps a USB connection on the player to allow control from your desktop?).

Oh well. Greed got them. Non-compliant software, if I remember correctly. Jon - we are proud of your friends.

Re:They're Destroying It

[Jason+Earl]

The good news is that even stupid people want free stuff. Imagine the howls of derision when the rube realizes "Dude! I just bought a PC that can't play MP3s."

It's obvious to you and I that the DMCA is bad news, but that's because we happen to be part of the fringe that is currently effected by it (no, it's not your superior intellect that has clued you into this particular problem). Fortunately, Hollywood is likely to continue to push their draconian vision on America to the point where your home videos won't play on your television and where it is impossible to tape Oprah and watch it later. At that point the public will wake up and smack Hollywood in the head with a clue-by-four.

Re:They're Destroying It

[GroovBird]

No,

By definition, 50% of the everyone is more intelligent than the median of the population.

It could be that more than 50% is dumber than the average. In that case you have a bunch of very very smart people making up for all the dumb ones.

Dave

Re:They're Destroying It

[Arcturax]

http://www.netusa1.net/~starship/

No NDA at all, but I won't tell you the plot simply because I don't want to spoil it ;)

They were open with it and showed it to anyone willing to come see a rough cut of a movie at the con and comment on it. The director is one of the coolest people I've met and he was more than willing to discuss the movie's good and bad parts and take that into consideration for how to make it a BETTER movie when they do the final cut of it.

The first movie came out in 1997 and while it looks a bit rough, its funny and it was the best technology a small group like them had available at the time. Now, just 4 years later they are producing something which looks like it could have been shot in a real movie studio. It just shows how far we've come in getting movie making technology to the masses and independant film makers.

If you happen to see them at a sci-fi convention, I highly suggest you go to one of their panels on movie making!

After they finish #2 this year, they are planning to do a DVD re-release of the first with some re-editing and some updated effects and "special edition" features such as bloopers and other extra material.

If you can't wait, you can buy their movie on VHS from their website or at any con they are attending.

Re:They're Destroying It

[shren]

Conglomeration? mid-sized con? I bet I could go back to that hotel next weekend and it would be just as crowded without a convention. Selling Conglom as a mid-sized con is a large-size con(game).

CD-ROM drive recall announced

[PseudoThink]

"Please return your drive to the manufacturer so that we may upgrade it to be compatible with new and exciting technology that has become available! Don't miss your chance to make full use of this new technology, because it really is better!"

Didn't you read!?!?

It is impracticable to crack since it is hardware based

See! Uncrackable! Just like that CSS thingy!

Re:Didn't you read!?!?

[roman_mir]

and cue-cat

Impracticable?!!

[Bonker]

From Doc Witness's homepage:

It is impracticable to
crack since it is hardware based and is
based on dynamic protection. Unlike
competition it is not based on passive
protection (that is easily cracked)
or remote activation (that is both offensive
to customer's privacy and easily cracked).

Uhm. Okay guys. If I was a record producer who was living with (the very real) fear that my job was about to go away because of digital copying, the line above would make me think twice about using your technology.

Re:Impracticable?!!

[KelsoLundeen]

Why is hardware based encryption impractible to crack?

And "dynamic" -- what does "dynamic" mean in this context? That the CD has a little ethernet connection and requires you to plug it into an internet connection before playing it?

This reminds me of the organic DVDs promised a couple years ago. Rip the special plastic off the DVD and it begins decaying. After 72 hours, the DVD is unplayable. It was touted as revolutionizing the DVD rental business model.

Yeah, what a revolution! Wait ... I think I missed that one ...

and next month we'll see....

[sirinek]

new encryption scheme
baby oops i cracked it again
more britney copies!

siri

ugh.

[garcia]

let's count how many posts say "the crackers will have this fixed in X days."

I don't understand where my ability to make backups for myself has gone. That's part of my right as an OWNER of a piece of software. I am ALLOWED to make a backup for myself.

With this, if the disc goes to crap or the "smart card" goes to shit what am I going to do? Can I call up Doc-Witness and say, "hey, send me my money so I can get a new CD?"

Re:ugh.

[garcia]

no, I'm not bothered about pirating stuff. People are going to pirate stuff anyway, including this. My problem is that I am not going to have an easy way to go about what I am allowed to do.

Re:ugh.

[jandrese]

Or maybe it's the people who have actually tried to get defective media replaced after a couple of years (around the time when floppies start to decay). Several times companies are unresponsive citing that they don't support that piece of software anymore, or worse, that they're out of business.

Also, like most previous copy protection systems, I suspect this won't work on a subset of the hardware for some reason. I know it irritates me to no end to get a new game and discover that it doesn't work in my CD-ROM drive because the publisher used Safedisc.

Re:ugh.

[pete-classic]

I take exception to that. I am royaly pissed because my Phantom Menace DVD got scratched and Fox won't do a media replacement for me.

-Peter

Re:ugh.

[pete-classic]

If it was scratched due to your clumsiness, you need to either invest in a bottle of KlearKote or another DVD.

Bullshit. Media damage happens, that's why backups are part of fair use.

I would gladly buy a new copy of the DVD, but I refuse to by a second license for the movie.

In other words, "they" want their cake and eat it to; when the media becomes dammaged I "own" it, but if I want to act like I own it I'm "just" licensing it.

Fuck that, I deserve either fair use backups OR at cost media replacement. But they have left me with the options of either buying a second license for no reason, or "pirating" it.

-Peter

Craziness!

[case_igl]

I have the kids that run around my house. They wake up, eat breakfast, and then go outside and collect all manner of nasty goo on their little fingers.

Then they come in for lunch, "play" computer, and muck up CDs. I'm not talking about my really important stuff that is snuggled away - I'm talking about the games they are alloyed to play...God forbid they get their hands on Warcraft 3!

I always make burnt copies of CDs for the kids to use, so that when they roll over it with the toy car and crack it I can just make a new one.

I know piracy is a problem for the industry, but it just sickens me at how legitimate fair use gets slaughtered for people like me!

And forget the "I won't be buying any of THESE CDs line" -- that only works until Toy Story 17 comes out on DVD....

Case

Re:Craziness!

[mark_space2001]

Hmm, this gadget doesn't seem like something you'd put on a Warcraft CD. Too expensive, and also for the reason you mention (kids getting their dirty mits all over the optical smart card thing, rendering it usless), the customer support would be a potential nightmare for Blizzard.

It does seem like soemthing that Mircosoft would put on a $279 CD of MS Office, to stop IT staff from making a few extra copies or to stop employees from making a personal copy at home. It might work too, as the support costs for high end packages might justify the cost of the smart card dohickey.

Hmm, but you'd have to insert a differt CD every time you'd want to start a different program, and if you want to store your Excel spread sheet on a CD-RW, it'd be a two step process, or you'd need two drives.

Kinda a wash if you ask me. Not suited to low end, and the high end would probably complain too much. Shrug. We'll see I guess.

Re:Craziness!

[Reziac]

I think you just pointed out why copy protection on DVDs, audio CDs, and software tends to have two effects: INCREASED piracy (since people get a "WTF should I *buy* this crap if that's how they're going to treat me?" attitude) and DECREASED sales (same reason). Companies that make copy-protected software that can be replaced by going to a competing product have generally gone out of business, rather than grown and thrived.

A hard example: Wordperfect Corp. made a market leader largely *because* they all but actively encouraged piracy (after all if you're using OURS, you're not using THEIRS, and whose upgrade will you buy, when you and your company do purchase??) When they started clamping down, THAT is when they began losing market share (at the time Word had very little to do with it).

I think the ultimate effect of this will be MORE people looking for a crack or emulator, in which case they may start thinking about "why buy the damned stuff when I can warez it? I have to find a crack to make it work anyway, so what the hell."

Piracy [sic] may be wrong, but cutting your own throat to prevent it sorta defeats the purpose.

Re:Craziness!

[CharlieG]

As a parent of 2 children, it's quite simple - TV is ONLY for special occasions - We own the Toy Story DVDs, but I think they've been played once or twice! Ditto every other DVD in the house.

BTW The only way to enforce this rule, and make it stick, is to do it yourself. I haven't watched TV in months (and I work for a TV station)

Re:Craziness!

[dasmegabyte]

I'd like to point out that I have YET to find a kid's game that was copy protected. Hell, even "The Sims," which I can't get the kids I deal with to put down and still sells for $30, is perfectly copiable. You'd just better have a key for it.

Of course, nearly every PC game for adults (except Unreal Tournament...i lub j00 Epic) I've bought in the last year has made some pathetic ploy at copy protection. I've been able to copy most with my 2 year old copy of CloneCD, which is nice when you treat "in use" cds the way I do (storing them in stacks on top of a bookcase).

Oh, and another quick note: Mac software is hardly ever copy protected. And yet the software sales per hardware unit are always a lot higher than in the PC world. Why? Because people who buy expensive machines spend money on software, man. I guarantee you folks buying Alienware lappys do less pirating than Joe Q. Cheapdell.

Which is where Free software will come in. When Linux allows Walmart to sell $100 PCs that aren't windows compatible, suddenly we'll see a lot of shitty Walmart games for linux. DeerHunter 3d for Linux. Bachelorette in Cyberspace. Barbie's Dream S&M Website Designer.

Windows will suddenly find itself more upscale and that ratio -- installed machines to sold software units -- will increase.

key management

[russcoon]

How quickly they forget:

If you are forced to distribute the secret in an insecure way, the game's over. Better yet. it only takes one read to copy the data.

I guess it's a nice idea that just misses the point.

Re:key management

[Sven+Tuerpe]

If you are forced to distribute the secret in an insecure way, the game's over.

You are right, technically. But legally, mentioning or employing this obvious fact turns you into an evil cyber terrorist, as they nowadays use to call us.

Re:Spoofed?

[L.+VeGas]

In a related story, stock prices plummeted for Sanford®, the manufacturer of Sharpie® markers.

this is fantastic

[GoatPigSheep]

(sarcasm)
YES! This is great news!

Thanks to this new technology, the price of CD's should plummet, as it will be impossible to rip them!

Finally, they have solved the problem of piracy and can now lower the price of CD's since they will not be 'losing money' anymore (a slow economy doesn't count)
(/sarcasm)
Yeah, right. I bet those greedy pigs will raise the price of cd's even more citing the need to produce 'anti-theft technology'

Not for music

[djshaffer]

It looks like this is for software packages.

The installer communicates with the smart card to get permission and the decryption key needed to finish the install. So, reverse engineer the installer and run one legitimate install to capture the decryption key and you can make as many installs as you want.

It's a little more secure if the disk has to be in a drive to run the final software, and it expects to communicate with the smart card to authenticate authorization to run.

Re:Not for music

[cloudmaster]

Yeah, that'll go over *real* well. "Sorry, Mr. computer lab, you have to physically have this CD in the drive to run a program, and to run a different program, you need a different CD in the drive, etc."

Which User Agreement?

[LadyGuardian]

FULLY TRANSPARENT to the consumer (as long as he or she keeps the user agreement).

This worries me. They even mention down below how static systems are easily cracked and how 'phone-home' is offensve to user privacy and still not solid. Which user agreement will they use? The one that inclides fair use or a new creation that disables any and all attempts to protect our investment?

I'm not a 'consumer' with gigs and gigs of stolen MP3's, but I am someone with backups of my legitimately bought copies. I have two siberian huskies that seem to love chewing on CD and DVD cases (I'll stop leaving them at the door, I promise) so these backups become invaluable.

Sadly, people who've read their benefits section will realize that our right (yes, it is a right) to have legitimate back ups are tossed out the window...

Just keep the key

[javatips]

Their website is not very generous on details on how it work.

If no special hardware is needed to make it work, then it probably rely on software to do decrypt the disk.

The key used to descrypt the disk is sent to the computer when a legitimate request is made. Once you have the key, who is going to prevent you from keeping it and reuse it later.

How can they have dynamic keys if the CD-ROM is encrypted once?

It would also be probably easy to pose a reading request as legitimate and then decrypt the whole disk and store the cleartext ready to be burn on a new CD.

This kind of scheme may prevent M Smith from copying the disk, but M Cracker will find a way arround the protection in no time.

All copy protection scheme inveted as of yet were defeated. This one will go the same way.

Ok, but once I have the key...

[color+of+static]

Ok, they encrypt the data on the CD. Ok, I have to get the key from the smart card with the optical interface (really a cool bit of technology if you think about it). Ok, then I can unencrypt the CD. Now explain to me why I can't just keep this key, or even the unencrypted data around?
If you are trying to protect an application (say a game), then I could see it require the use of the smart card, but it doesn't seem like it would be to hard to write a device driver wrapper around the CD-ROM driver that exists that will emulate this.
Overall, very cool technology. In this instance it seems like it will do little more then keep honest people honest. Is that really of value to any publisher?

Re:Ok, but once I have the key...

[color+of+static]

It would be a real neat trick to make a rolling session key for data encoded on an optical disk. They could persumably have multiple keys for any chunk of data, but once you have a working key, there is no way of revoking it in this case.
It boils down to, if you give someone read only media, and a way to access it, then all the encryption in the world can not prevent them from accessing the same data into the future. You must control one of the aspects of the data or access methodology to retain this level of control.

Re:Ok, but once I have the key...

[color+of+static]

If these folks are at all competent, you won't be able to just keep a copy of the key, since most modern cryptosystems require the key to be hashed with a current timestamp, which means a visible instance of the key is only useful for a short time (like a second).

If the data was controlled somewhere other then on write once optical media I would agree. Mixing in a timestamp to decode this data is impossible, as the data is static with respect to time. Encrypting the data to give to Alice only prevents her from looking at the data when she doesn't have the key. Since this key can't change, she always has access to the data.

Now you could use this to prevent people from accessing data until a said point (like a release date for add on features, or an extra game level unless you have some token).

Re:We've been over this...

[Dark+Nexus]

I believe the intent for this is more for software than music or video.

Consider this the logical evolution of the hardware dongle that 3DS Max once did, and possibly still does.

In Tech Review

[sielwolf]

This technology was mentioned in this month's Technology Review. Sadly it only seems that it was in the print version.

Re:In Tech Review

[tadas]

Sadly it only seems that it was in the print version

Obviously, they wanted to keep you from copying it...

Contradictions

[unsinged+int]

Title: CD Copy Stopper

Okay...

Later: You can copy the CD

Sounds effective. Then: without the card the software won't run.

Hmm...okay. So we've copied it to another CD. There isn't a card anymore. Why's the card needed?

Earlier: A "smart card" embedded in the CD unlocks the disc's encrypted content.

Oh. So we rip an ISO off the CD, crack the encryption to form an unencrypted ISO, and burn it back to another CD.

Gee, like that's not gonna happen.

Re:Oh boy:: me not worried, it won't work

[gerf]

It is impracticable to crack since it is hardware based and is based on dynamic protection

Sorry to say, but hardware has been 'cracked' and hacked before, and will be done again.

At some point in your computer, the signal must be decoded for regular use. All someone has to do, is find this signal, and use that to copy a CD or DVD (DVD burners are getting out more and more...). I'm sorry, but i really don't think that this, or any technology in general, is going to work perfectly, to a consumer's satisfaction. Problems::

1. As has happened so many times, the media screws up on Average Joe consumer.

2. Those who want to copy/crack/hack it, will. They can't stop it.

Old hardware, like quad-speed CD-roms and the like, won't work. Hardware varies, from year to year, from manufacturer to manufacturer, from country to country, from pc to car audio. Things will not work for someone, and people don't like that. It's just bad karma man!

Is this the copy-proofing technology........

[Ride-My-Rocket]

.... that is able to outmaneuver my Sharpie pen?

No hardware changes needed? Really?

[Anonymous+Canard]

It seems pretty disingenuous to me for them to claim that their technology is compatible with current hardware. Where hardware and firmware are sold as a single entity, I read that expecting to find some sort of protection system that would interact with current firmware, but they clearly need a trusted client on the device to interact with the smart card since they have to rely on that software not giving away the decrypt key. In other words, these may play on the current mechanical hardware, but they certainly won't play on current CD or DVD players without first getting a firmware upgrade. In all this isn't much different from shipping a separate smart card and CD-ROM.

At least I can't see any way to trust a client once it has been transferred to the general purpose computing platform; at that point the software is open to inspection and its secrets won't remain hidden very long.

Cost of media vs. "cost" of piracy

[dcavanaugh]

I guess this is where we find out if piracy has any real cost associated with it. If piracy really does cause the massive losses that RIAA says it does, then it would be worth their while to try a media-based solution, even if it raises their cost. The retail price of CDs is set by what the market will bear, not by the cost of production. If I can buy a blank for 25 cents, I know the music industry is getting a better deal in bulk.

If RIAA members still want to get $18 per CD and this hardware/media hybrid protects the ability to do that, then they will absorb the cost. On the other hand, if piracy "problem" is merely a smoke screen to attack low-cost/online/non-RIAA distribution, then this technology is dead-on-arrival. Time will tell.

Re:Cost of media vs. "cost" of piracy

[levik]

The really interesting question, which is not covered by the article, is wether all the CDs of let's say Office 2004 will be encoded with the same key. If so, then the scheme becomes incredibly silly, since people will start forums where such keys will be traded much like today serial numbers are.

If each legitimate copy of the CD has a different key associated with it, then the industry will have to overhaul its replication practices - you can no longer use one master to quickly stamp out all the CDs you need. You have to encode each one individually with its key, which would take a significantly larger amount of time.

A compromise would be to split the whole set of CDs into 10 - 20 subsets, each encoded with a different key. This way they can still sncode thousands of discs off of one copy, but chances are you and the next guy wouldn't have the same key.

Re:Cost of media vs. "cost" of piracy

[symbolic]

It's precisely this kind of thinking that will continue to escalate this war between content thieves, and its rightful owners. Whether or not there are any real costs is completely beside the point. The point is that the RIAA (or its companies) produce something of value. It obviously has value, because so many people are willing fork over their money, and a good number of people are willing to steal it. What I've failed to understand throughout this whole ordeal, is the reasoning that affords people a special right to another's property without due compensation.

Funny thing about this - many people who steal music act as though they're taking the moral high ground, but they're kidding themselves. This is especially true since there's a perfectly viable solution, and it's the same solution that applies to every other sector of the market: don't buy the product. Perish the thought that people might actually have to exercise some sacrifice and self-discipline, but compared to the alternatives (increasingly restricted freedom), this is trivial.

Re:Cost of media vs. "cost" of piracy

[dcavanaugh]

Personally, I'm more of a "don't buy it" person. Cost being one of the factors, I have really lost interest in [new] recorded music. I listen to old stuff, and have purchased 0 CDs in the past year. My interest could be restored if they had better material (songs I like), and could be restored even further with more reasonable prices. Copy protection that interferes with my fair use rights scores a zero in my book and will result in no sale -- period. I can easily live without the RIAA's product -- watch me.

Admittedly, there are "people who steal music act as though they're taking the moral high ground..." but we also have the music industry clouding the issue by misrepresenting fair use as theft, trying to legalize their own plans to commit computer crimes, not to mention price fixing. It's hard to tell which side is sleazier. If we didn't have the piracy issue, some of the industry's sleazy tactics would go away, but then again some of those sleazy tactics motivated the pirates in the first place.

Giving the music industry everything it wants will not help anyone in the long run (not even the music industry itself). However, it will allow a few key executives to earn bonuses for another couple of years. During this time, the investors will quietly seek an exit strategy from an industry that will soon be rocked by competition -- one way or another. The music industry is so paranoid about piracy ^h^h^h^h^h^h competition, they have lost sight of the customer. From this point forward, it's just one desperate money-grab after another, until online distribution sends the RIAA to the same fate as the home-delivery milk man.

Funny thing about this -- all of the RIAA's favorite "solutions" to the piracy problem have the side effect of locking out low-cost/online/non-RIAA distribution of music. Coincidence or conspiracy? You decide.

Re:Cost of media vs. "cost" of piracy

[symbolic]

You make a very good point. My position on this mainly deals with people who knowingly and willfully participate in the unlawful distribution of copyrighted material. Your point also lends support to my conention that "things will only get worse" if the current trend continues. I personally don't see anything wrong with making a backup copy, or media/time shifting - these should be liberties that consumers are permitted to exercise. However, in its zeal to stop people who steal and illegally distribute content, a legitimate consumer may now have to face restrictions that make this practice (technically) illegal. It sounds like you might agree that no one wins in this case.

Re:Cost of media vs. "cost" of piracy

[dcavanaugh]

You may very well be right; it looks like an expensive concept that would only be useful for specialty markets, where a data CD would cost enough to make it worthwhile.

From the website... "...it requires neither additional hardware nor setup and is FULLY TRANSPARENT to the consumer (as long as he or she keeps the user agreement). "

The more I look at it, the less I believe the claims that it's "transparent" and that it works with existing CD and DVD readers. I think it would have to rely on some kind of client software, so as to communicate with the smart card and possibly to facilitate decryption. If it didn't work that way, the optical drive would "see" a regular CD and there would be no "protection" at all.

Re:Cost of media vs. "cost" of piracy

[symbolic]

There are as many different reasons as there are copiers. You could certainly argue against any of the reasons, but to say that you don't understand the reasoning would be a serious insult to your intellect.

These are all ways that people rationalize their behavior so that they can avoid dealing with the fact that it's ultimately wrong. So, my lack of understanding comes not from where their reasons come from, or how varied they are, but why there is an expectation that their reasoning makes it right.

I've heard the "no one is being hurt" argument before. I don't buy it, because it only addresses one side of the equiation. The other side, is that which deals with the value derived from the use of the illegally copied material. It is value derived, but not paid for, and that, in my opinion, makes it wrong. It's perhaps more commonly referred to as "getting something for nothing."

Insufficient.

[Faile]

This wont work. It doesnt sound any different from the protections companies employ now where the CD has a magic key or secret uncopyable section on it. Pirates simply copy the part of the CD that is readable and then use a cracked executable distributed on the CD that doesnt bother looking for the secret section or bytes.

Until it's impossible to copy all the information on a CD this is the way illegal games and applications are distributed. This innovation, however ingenious wont make a dent in the pirate industry.

Re:Insufficient.

[Sancho]

Well let's see.. for one, the entire disc could be encrypted if they really wanted, for one. This greatly increases the amount of time it takes to download. For another, the smartchip is able to interact with the Installer or program that's running. The installer could just copy the CD's contents to the hard drive, and then the key to decrypt any given part of it is given by the disc /only/ when it is needed. This makes it harder, but still not impossible, to "rip" the CD.

And they just don't learn - or do they?

[BlueboyX]

There is nothing magical here that is truely different from any other scheme. I read how this thing is designed, it will work off any standard cd drive. Which means that you can still 'rip' an image of the darn thing. You can try to figure out what a 'legitimate' code is and then just copy the data, or you can let whatever program that they consider 'legitimate' to run properly, but with a custom debugger grabbing the info as the program gets it. Heck, you can make a microcontroller that logs all communication going through the ide pins! Since both standard cd drives and computer ram can be read and hacked, there is no way this will work any better than any other half baked scheme.

With one exception. Those countermeasures I mentioned above probably won't work on Microsoft's new oh-so-secure upcoming OS (which shields ram and devices from such attacks, supposedly).

Re:We've been over this...

[yatest5]

You can use Kazaa for music? And I thought it was a porn-sharing network ;-)....

In fact, you don't see too many slashdot articles on the rights of those poor girls getting the copyright infringed on their beaver shots, do you?

I don't buy it.

[BeBoxer]

A photodetector at the edge of the CD turns the drive's laser light into electrical pulses, which travel to the embedded smart card and request the key.

I suppose it's conceivable that this might be possible with a CD-RW drive. But with a regular CD-ROM drive? I think that's bullshit, plain and simple. It's not like there is any command for sending data to the laser of a read-only drive. Do they send the request in morse code by turning the drive off and on again?

I think this is just more snake oil being peddled by folks who know the can make an easy buck off of nervous media executives. My guess is, it'll work fine during the dog and pony sales presentation, it'll cause endless support headaches for paying customers, and be trivially bypassed by the warez folks.

I swear, I don't know where they finds the folks who sign on to these deals. Have a problem with piracy? Make your product less attractive than the warez version by saddling it with a bunch of flakey 'copy protection' technology. That'll help your market share!

Re:I don't buy it.

[geekoid]

so what you are saying is its the perfect quick buck business.
I think I'll start coming up with copy protection schemes.

Re:I don't buy it.

[throx]

You don't have to turn the laser on and off - you just move the seek head. Last I looked, this is a pretty standard function of CD-ROM drives...

The smart card can interpret the movements of the laser beam, or the on/off pulses as the laser is moved over the receptor and away from it again as a request. Decent cryptographic requests could be slow though...

It all fails the ultimate test anyhow - eventually the plaintext key must be passed to your CPU where someone with a debugger can snatch it and decrypt the entire disc.

Re:this is very limited in usability

[Saint+Fnordius]

1. This is nothing more than a CD that carries its own dongle. This might be attractive to companies like Quark and Microsoft, but isn't applicable to music CDs.

2. The company hasn't said how much this costs. If the price is much higher than what it costs to mass-produce normal CDs/DVDs, then only a few software publishers will bite. Also, not every CD production facility will be willing to invest in new machines.

3. PR releases tend to hype (and even lie) about how many companies are "interested" in an attempt to lure the others in. We need to shine more light on this subject fast.

That it deems appropriate?

[dinotrac]

Hmmm.

Suppose we presume that this magic card really, really works.
Assume it is the fly, cats-pajamas, Golly-Gee-Whiz-Neato, super deluxe, smokin', king of the hill, rad copy protection of all time.
So perfect it gets canonized in Rome.

So ---
It determines what it considers to be legitimate requests?

How does it tell the difference between a completely legal archive copy and an illegal copy?

How does it know the difference between a completely legal archive copy (a right protected by federal law, BTW) of an archive copy made because the original disk was destroyed?

How does it know the difference between an illegal installation on another computer and a legal installation on an upgraded computer? A legal installation on another computer that replaces the first one?

Is this smart card also a legal scholar, familiar with fair use exceptions?

Unlike many here, I believe in intellectual property rights and have no problem protecting them.

I have a big problem, however, with protecting intellectual property rights by taking away my rights and those of everybody else.

Store owners aren't allowed to protect against robbery by shooting everyone who looks like they might steal something. IP owners shouldn't be able to protect against theft by infringing on the legitimate rights of their potential customers.

Re:That it deems appropriate?

[Peyna]

Store owners actually can't even do anything until the person actually leaves the store with the object or they can get in trouble. (They can't tackle them and what not to stop them, they could probably ask about the item stuffed under their shirt though.)

Re:That it deems appropriate?

[Reziac]

And what happens when your uncopyable disk gets damaged, and the company is no longer around to provide replacement media? Or decides to charge an arm and a leg for replacement media?

Or worse yet, REFUSES to provide replacement media, and instead requires that you PURCHASE an upgrade? (I've actually seen this happen with copy-protected software. My client purchased a competing product instead.)

Re:That it deems appropriate?

[HiThere]

My senators already appear to have been bought and paid for. They still send those letters that say:
"We will take your opinion into consideration...", but this means nothing when they have taken money from the sponsors. They say that even after they have been listed as sponsors. The liars!

Still, it can't hurt, and my representative actually does seem a bit responsive.

Re:That it deems appropriate?

[dinotrac]

OK, one more time.
The DMCA, so long as it carries the force of law, endangers those who wish to facilitate the exercise of fair use by working around copy protection schemes. In so doing, the DMCA + copy protection eliminates fair use rights -- rights, by the way, that originate in part from the Constitution, in part from old case law of very long standing and whose codification in the Copyright Act is a relatively recent event.

Whether or not the holder of copyrighted material is obligated to make fair use easy, it is perfectly valid, in light of the DMCA, to be concerned for my legal rights. Mind you, the MPAA and the RIAA wish that I would forget those rights.

Re:That it deems appropriate?

[Ogerman]

Unlike many here, I believe in intellectual property rights and have no problem protecting them.

I really wish people would stop using the term "intellectual property," because such a thing philosophically does not exist. Copyright and patent are man-made, social institutions. They are not underlying moral, unalienable human rights. Unlike the right to own physical property and be safe from having it taken away unjustly, so called "intellectual property" is not a necessity for capitalism and democracy. It is a compromise, a social contract, an economic rule of the game, a legally backed honor system. It is NOT property because it is NOT scarse. Note that I'm not arguing against a reasonable, balanced system of compensating artists and inventors for their work, but such as system must be fair and ultimately beneficial to all of society. It should not be a way to price gouge, get rich quick, monopolize markets, and leverage total control over consumers. And because it is a social compromise, it must always put basic individual rights above the priviledges given to beneficiaries. Copyright, like patent should be entirely a field of civil law, not criminal. Copyright holders should be able to sue for damages, but they should carry the entire burden of finding infringers and proving that they: 1.) purposely copied the work without permission, 2.) did so for purposes outside a very broad set of fair-use exceptions. 3.) were actually causing significant commercial damage such as to make a lawsuit appropriate. I believe this is more what our founding fathers had in mind when they established these institutions...

Re:That it deems appropriate?

[dinotrac]

All property is man-made and social.
There is nothing about land, water or any other thing that makes it inherently property. Property is a legal distinction that gets applied to things, places, even people (though, we like to think, not in modern societies).

Scarcity is not intrinsic to property, though it certainly provides an incentive to devise the concept of property.
It is, however, wrong to presume that scarcity does not apply to intellectual property.

For a test, try running down to the local Borders and counting up the books (ok - consider this a thought experiment ;0) ). Then, count up the books that are worth reading.

Though not scarcity in the sense of only so many copies of any one item available, there is a relative scarcity of talent and time available to create worthwhile things. IP is one way -- though certainly not the only way imaginable -- to provide value in the creation process and to encourage the creation of those worthwhile things.

Re:That it deems appropriate?

[Ogerman]

Scarcity is not intrinsic to property, though it certainly provides an incentive to devise the concept of property. It is, however, wrong to presume that scarcity does not apply to intellectual property.

In a sense, perhaps, but 'intellectual property' only has artificial scarcity in the physical world. I would say that human intelligence has scarcity, but once knowledge is produced, the knowledge itself has no scarcity because it is infinitely reproducible whether by word of mouth, fiber optic cables, direct neural implant, whatever. If information can truly be owned, then it is wrong to memorize a poem without paying the author first. If information can truly be owned, then copyright and patents should never expire and should be passed along forever through many generations. Dunno.. maybe you catch my drift.

Re:That it deems appropriate?

[dinotrac]

>then it is wrong to memorize a poem without paying the author first.

Interesting example in several ways:

1.A poem is not mere information, but an artistic expression of information. The information itself cannot be copyrighted.

2. Memorizing a poem is not copying or distributing it. In fact, to memorize the poem in the first place, you needed access to a (presumably) legal copy.

Re:That it deems appropriate?

[Ogerman]

1.A poem is not mere information, but an artistic expression of information. The information itself cannot be copyrighted.

Hmm.. but that artistic expression is itself information. If I strip the header off a JPEG image, is it still a picture or just random data?

2. Memorizing a poem is not copying or distributing it. In fact, to memorize the poem in the first place, you needed access to a (presumably) legal copy.

Lets say I borrowed someone else's copy, memorized it, then gave it back. In a sense, memorizing is copying. Information can't exist on its own; it must be embodied in some characteristic of a physical object--whether the neuron configuration in your brain or the RAM in your computer. Once I have the poem in my brain, I can speak it to a crowd--perhaps allowing them to memorize it as well, write it down on paper, or perhaps someday even upload it from my brain to my computer. To stop someone from doing any of these things would be a pretty huge violation of basic personal freedoms.

Re:That it deems appropriate?

[dinotrac]

>but that artistic expression is itself information

That artistic expression contains information, but is more than "mere" information.

If you want to play semantic games, everything is information, including real estate and underwear.

The law recognizes a creative input that it seeks to encourage while trying to protect the freedom of prosaic facts.

Re:Can you Read? (was Re:ugh.)

[garcia]

"you can copy the CD, but w/o the card the software won't run".

So, the card is on the CD but it won't copy. Explain to me HOW I am going to be able to use this burned CD w/o the smartcard?

"Valid" Request?

[Kwil]

Could somebody tell me what an "invalid" request from a CD is?

'I want to read this bit, and the next bit, and the one after that..'

After all, I always thought it was what you did with the bits once they were off the CD and in your 'puter that was the problem.

Dude, you gatta get a Dell.

[FreeLinux]

You are so right it scares the crap out of me.

These things ARE coming to pass because the general population *is* voting with it's wallet. MOst people buying CD players and CDs have no clue what copy protection or digital rights management is. If you try to explain it to them they still don't get it. What they do get is that, I buy this great CD player and these CDs and I can listen to the latest cool tunes. Their not thrilled with the cost of the CDs but, "hey, what are you gonna do?". "Dude, you gotta get the latest Brittney Spears CD it is SO sweat and did you see that shot of here on the back of the cover?"

Like a dear in the headlights, most people don't even know that they are being screwed, much less care.

Re:Dude, you gatta get a Dell.

[tswinzig]

If this were true, DIVX would be alive and well.

Re:Dude, you gatta get a Dell.

[DeeKayWon]

If this were true, DIVX would be alive and well.

The difference here being that people were well-informed about DIVX's drawbacks because of the relatively uninhibited alternative that was DVD. The only "alternatives" to buying CDs (P2P programs & file sharing in general) are legally shaky at best. They won't be hearing about broken CDs from store clerks because there's no available legal alternative.

The buying public only makes the right decisions when they are fully informed.

Re:Dude, you gatta get a Dell.

[tswinzig]

The difference here being that people were well-informed about DIVX's drawbacks because of the relatively uninhibited alternative that was DVD. The only "alternatives" to buying CDs (P2P programs & file sharing in general) are legally shaky at best. They won't be hearing about broken CDs from store clerks because there's no available legal alternative.

Excuse me, but you're completely leaving out the fact that people have had access to completely uninhibited CD's for over a decade. You think they won't notice when suddenly they are running into roadblocks when trying to use these new CD's as they normally would with their others? This is even more obvious than the differences between DVD and DIVX. And in case you forgot, for a while there, several studios were ONLY going to release titles on DIVX. What legal alternatives were going to be available for those movies?

The buying public only makes the right decisions when they are fully informed.

This crap will fail the same way P2P thrived: a few knowledgeable newspaper and magazine articles spread out in the popular rags, and some word-of-mouth from friends and peers.

Re:Dude, you gatta get a Dell.

[Alsee]

Like a dear in the headlights

No, it's quite different. Deer know they're screwed. They are geneticly programmed to freeze when frightened.

As for consumers, you need to go with "oblivious" or "herd instinct".

-

Re:Dude, you gatta get a Dell.

[zCyl]

MOst people buying CD players and CDs have no clue what copy protection or digital rights management is.

Probably because you're calling them "copy protection" and "digital rights management"! Seriously, you can't speak to people with no experience in these matters on those terms. You have to speak to them on terms they can understand. When I explain what's bad about dvd's, I don't say, "They have regional encoding that restricts your access," I tell them that if they buy a dvd in Europe or buy an imported dvd, it won't play in their drive. I might also throw in that people are going out of their way to screw over and imprison people who are trying to let people play dvds on more computers, and I might even throw in an explicit mention that this is a crazy thing to do. Speak in simple, human, and understandable terms to people who are not experts, and they will understand you clearly.

Why is this kind of CD bad? Because it screws with you and won't let you play it where you want to. That's enough to make people want to buy it. People don't want to be restricted, they just don't understand when it's happening to them because things are given marketing labels like "copy protection", which sounds like a good thing, and not "restricted use," which is clearly a bad thing. All you have to do is translate for people.

50% below average... not true

[TibbonZero]

Actually, this isn't true.
Anyone below average scares the crap out of me and, by definition, that's 50% of everyone.

Let's look at a few IQ's- 90, 90, 90, 95, 100, 180.
With these numbers, the average IQ comes out to be 107.5. This puts 83% of the population to be "Below Average".

It can also work out the other way.
20 (vegatable), 50 (retard), 120, 130, 125, 100, 115, 180.
The average of these numbers comes out to be 105. So that putss 75% of the population above average.

Now you say, "Well isn't 100 supposed to be the average IQ? Well, yes, but as you can see, it doesn't always work out to be the median number either. Truthfully the average is probably a little higher or lower. But then you have to ask yourself who you consider...
To make everyone take it you have to factor in language (which many IQ tests factor in), problem solving, etc.. which can all be somewhat screwed up. A dolphin has a pretty high IQ as things should go, but he can't tell me if Cat is to Kitten as Dog is to...
yea, and then we have to factor in those with mental problems, or mental gifts. Those people throw things off pretty well. Then some people are uncaring or unwilling, which would pull the scores down more. What about people who have a huge problem speaking and dealing with people, but can spit numbers out at you (hmm, Pi...)

Anyway, 50% of people are not below average, nor are 50% above, even if it all averages out to "average" IQ...

Re:We've been over this...

[Spirilis]

I don't think this technology is very effective against digital CDDA audio. According to the site it has a part at the edge of the disc where the CD drive attempts to read, and when the smartcard detects the request it sends back a key using an LED. Basically that kind of system would be used by software, where software runs off the CD but then goes to request this special key from this 'special area' of the CD to see if it's allowed to operate. This simply wouldn't work for CD audio, you could still copy the CDDA tracks perfectly. They couldn't encrypt the CDDA data and have the encryption 'key' on this smartcard either, 'cause no CD audio drives/players understand this system, thus a CDDA CD encoded as such wouldn't work on any CD players.

Sign me up!

[Mirk]

The technology works by turning an ordinary CD drive into a smart-card reader. A photodetector at the edge of the CD turns the drive's laser light into electrical pulses, which travel to the embedded smart card and request the key. If the card deems the request legitimate, it returns the key as an electronic signal that an onboard light-emitting diode converts into light and beams back to the drive.

Hell yes! Sign me up today!

I would be more than willing to pay an additional premium on the CDs I buy if it meant I could have the c00l technology.

Re:Company claims unbreakable copy protection.

[DaHat]

I wonder if they are related to Orical and Larry Elison. He was the last person to realize that unbreakable doesn't mean unbreakable.

Battery?

[Technician]

I don't know of any processor that does not require power. They are a little short of info in the article, but what do you do when the battery on the CD dies? It's not like a smart chip that is powered by the socket during the transaction. I can't see this being compatible with the redbook standard in any way providing compatibility with any of my exixting hardware. It looks like another obscure new kid on the block that will have to crack the chicken and egg problem.

Re:Battery?

[Technician]

Actualy, I finaly read the first article after reading the second. I was under the impression it was for music. This isn't redbook at all. It is for data CD's. I guess it is targeted at the Adobe books, or Photoshop or other high ticket items. The article explains it well. It is powered by the laser using a photocell.
How it is going to get the laser the wink it a coded message for the handshaking is not clear. It will answer by shining some LED's back at the pickup. It sounds like something that could cause some tracking errors. Anyway the whole concept sounds expensive. I wouldn't expect it in anything mass produced. It could be used to protect sensitive encrypted data.

Re:Company claims unbreakable copy protection.

[Tackhead]

> Company claims unbreakable copy protection.
>Film at 11.

Crack at 10:30.

Re:This is great ..

[Archfeld]

I am sorry but I've not downloaded music since the first initial Napster rush. It's too much work to find a decent copy of a track, I'd rather just pay for what I listen to, but when one of these disks prevents me from making a backup copy of my game to take to the LAN party, I am gonna become a full scale pirate like the SW industry really fears. I BUY LOTS of games. I am looking at a cd rack full of hundreds of legal titles, and I use the NO-CD crack for all of them.

exactly.

[gimpboy]

when i get a new cd, the first thing i do is convert it to mp3. then i stick the original in a cd case never to be seen again. if i cannot do this, then i'm not going to purchase the cd. if i get a cd that doesn't allow me to do this, then i will return it.

if this happened to an artist that i really liked, i would probably send them a letter explaining my position. i would then tell them that i will not purchase the cd in question or any future cd's which have this type of protection.

if they dont listen, then they dont listen. the cd would end up on irc, p2p networks, netnews, etc. before it's even released. this type of alienation of their fans hardly seems worth it.

OS X?

[Megane]

Any bets this crap works (if it's working at all, and not just a vaporware announcement) only under Windoze?

Quite right, and possibly a Good Thing

[bbqBrain]

Yes, the mfr. tech page only mentions "CD-ROM/DVD-ROM media". And, if this is the case, I have no problem with it. IMO, companies/people who produce software for pay have the right to collect money for its use. With that said, I do not support (with my pocketbook) commercial software, with the rare exception of a game I really want.

I think something like OpSecure could prove to have a positive effect on Free software. Consider that, as publishers find more effective ways to prevent license violation and unfettered copying/distribution of their wares, many PC users will be forced to make a decision that they have not in the past: 1) Pay for a legitimate copy of a given title, or 2) Use a Free (or free) alternative. Consider how many people today buy one copy of MS Office and install it on several machines or share it with friends and family. If the license enforcement becomes difficult to circumvent, a three-machine Office purchase will suddenly skyrocket from a few hundred to over a thousand dollars--more than the cost of a new PC! This opens the door for low-cost (StarOffice) and no-cost (OpenOffice, KOffice, Gnome Office) alternatives to establish a foothold in the market.

The end result? I guess that depends on the big guys' response. MS, for instance, might dramtically reduce prices for its Office suite, which also has short-term benefits for the public. This may not be sustainable, though. The funny part is this: unlike Wal-Mart, which moves into town and sells (concrete) goods at cut-rate prices until the competition disappears, there is no way to run the competitors out of business when they give their (intangible) goods away for free. How long can MS' Office division remain profitable in this scenario?

To sum up my rambling, improved software license enforcement could, in a delicious display of irony, promote Free software adoption.

Re:Quite right, and possibly a Good Thing

[Schnapple]

Yeah but the crux to this is that it's only useful in that

1. It doesn't allow you to make a copy of the disc, and
2. It really only works for "usage" if the CD is in the drive when you use the application.

Meaning that if, say, Office.NET (or whatever they call it) uses this then you won't be able to copy a CD and give it to a friend, nor can you upload it to the Internet (unless you could crack it, which most casual users can't). You could of course still hand the CD to a friend and let them install it (though in this case Product Activation kicks in, but that's another story).

Games would be the real application for this. Neverwinter Nights shipped with a copy protection called SecuROM and though I had no problems with it, many people did. SecuROM has problems with "very old or very new" drives, so if this technology can avoid those kinds of problems then it could be a contender.

But yeah if, say, Microsoft were to require the CD every time you wanted to run Word then they can kiss that market goodbye.

Re:Quite right, and possibly a Good Thing

[walt-sjc]

By charging an arm and leg for support on software products infested with bugs and riddled with security holes.

OK, they do this now. You didn't answer the question of How long can MS' Office division remain profitable in this scenario?

I think the POINT is that the more software companies crack down on license compliance via hardware / software protection, "product activation" or audits, the more shift we will see to Open Source alternatives. The fact is that many people just won't pay for software. Many people use MS stuff because they can get it for free by pirating.

To enforce paid licenses at an extremely high level is detrimental to their own business and they KNOW it. It will cause "the great shift." In fact, just license terms alone is starting to cause a shift in corporate mindsets, as well as certain governments.

Once this migration gets past a certain point (adoption level), MS's business model is TOAST. Migration will avalanche.

Re:Quite right, and possibly a Good Thing

[User+956]

PC users will be forced to make a decision that they have not in the past: 1) Pay for a legitimate copy of a given title, or 2) Use a Free (or free) alternative.

You forgot choice 3) Download the RaZOR 1911 release of said software from IRC.

Re:Quite right, and possibly a Good Thing

[orangesquid]

I think Microsoft has already anticipated something to this effect. Consider a situation where you still might need a copy of Office around, although you use StarOffice on all your other PC's; what if Office cost you $200/yr. in upkeep fees?

I've heard a great many rumous about MS wanting to "license" their software as a service with mandatory upkeep fees, rather than simply letting someone purchase a eternal license and be done with it (the current scheme). This is actually a fairly common technique for very specialised or high-end computing hardware and software, but MS supposedly wants consumers to have the same kind of licensing fees for consumer software that various industries have for expensive industry software.

Of course, if free software becomes the `norm' there will be no need for consumers to buy commercial products---unless, of course, government-mandated DRM support someday requires very specific closed software that just happens to only run on upkeep-licensed Microsoft platforms, which just happen to only be compatible with upkeep-licensed Microsoft software...

Maybe DEC's PDP will get the last laugh, then. (For those who don't know: DEC marketed their PDP series of mini-computers as "Programmable Data Processor" instead of "computers" because they were much smaller computers than the mainframes companies and academia were using at the time. We might start to see very "computer-like" systems that aren't marked as "computers" because they won't have to have DRM support.)

Use virtual machines

[cyber_rigger]

It seems to me the you could
install the CD into a virtual machine
and then just copy the entire virtual machine.

I hate it when companies go out of their way
to make something not work.

Well the truth is

[dnoyeb]

The truth of security is that its inversly proportional to the number of people with a desire to circumvent it.

It will NEVER work in any form for the music industry. For the software industry its just a matter of how popular your software is...

Re:Well the truth is

[hrieke]

You are all under arrest for breaking the DMCA.
Please go report yourselfs to the nearest police station.

Re:Well the truth is

[Gordonjcp]

Please go report yourselfs to the nearest police station.

Sure, will do. There's one at the end of the street. Oh, wait, there is do DMCA in Britain...

Re:Well the truth is

[brain159]

clock is ticking on this one, I'm sorry to say.

I know it's not exactly the same thing, but the same sort of "don't even think about trying to exercise fair-use" is still there in the EUCD.

that reminds me..

[gimpboy]

I swear, I don't know where they finds the folks who sign on to these deals. Have a problem with piracy? Make your product less attractive than the warez version by saddling it with a bunch of flakey 'copy protection' technology. That'll help your market share!

i had friends who used a program, 3d studio i believe, which used to rquire a hardware dongle. this wasnt really a problem, except they had about 2 or 3 other software packages which required the dongle. finally they started installing the warez versions-even though they had legally purchased the software. it was just easier to deal with the warez version than the big tumor of dongles hanging off the back of their computers.

Re:that reminds me..

[BeBoxer]

it was just easier to deal with the warez version than the big tumor of dongles hanging off the back of their computers

And once you have to get the warez version anyway because the vendor has broken the legal version, it becomes pretty easy to forget to buy the next upgrade.

Re:that reminds me..

[Skuld-Chan]

Yeah in high school we had a few cam machines (a router and a lathe). The software - cadkey, had a dongle which plugged into the parellel port. The cam machines also plugged into the same port and it had an adapter to plug into this wierd plug - probably meant for some sort of cnc interface for a factory - what you ended up with was a mess of plugs probably 5" long - and I'm not kidding in the slightest.

I remember some kid moved the machine once and ripped the serial port out of the computer - I believe they were able to resolder it in, but I was thinking this was too much.

Someone once said - why don't you just use a parallel cable - as I recall if you attached the dongle to one, it didn't work.

Re:We've been over this...

[NanoGator]

"Consider this the logical evolution of the hardware dongle that 3DS Max once did, and possibly still does."

This is great for verifying media. However, the dongle comment put a scary thought in my head. I'm not sure if you intended to imply that the media could be used as a dongle, but let's pretend you did mean that:

There are a couple of problems: 1.) The dongle becomes very delicate and 2.) I've only got one CD drive, what happens when I want to run Lightwave and 3DS Max at the same time? (I.e. translating a model...)

If they can solve that, no worries. But I do hope they don't use it (protection/restriction-wise) for more than just verifying the media is original.

Re:Fine

[Computer!]

You are comparing apples and oranges.

This coming from the moron that compared a compact disc to a puppy?

not the same

[gimpboy]

If a CD audio player can read the data on the CD by any means, a CD ripper can read the data the same way

actually when you listen to an audio cd on your computer the data is transferred through the audio cable. it's a 4 pin cable about 1/2 an inch wide. the rippers transfer data through the data cable. it's normally a 40 pin ide or 50 pin scsi data cable about 2 inches wide.

using the data cable allows for a bit for bit copy of the data. i dont believe you can get that out of the 4 pin audio cable. not that everyone would be able to notice the difference in the audio by using the two different methods, but they are not the same.

It is compatible, but does not prevent copying

[eples]

How can this possibly be claimed to work with standard drives?

It may be compatible with standard drives - meaning you can read data from them (and copy them as well). BUT in order to enforce the encryption you need either a new drive, new firmware, or a new driver. It cannot enforce it's "lock" on current standard drives. To claim to do so is a blatant lie. There would need to be a globally unique serial number on every CD/DVD drive on the planet - AND it would need to be transmitted to the last track of the disc every time it is inserted into a drive. Standard drives do not do this.

The game is over... they just don't know it

[gilroy]

Blockquoth the poster:

we'll actually have at least half the population buying these copy-protected CDs without thinking twice about Fair Use

The recording industry (and through them, the movie industry) has already lost this fight. They lost it around 1995 or 1996. Everything since then is just a King Canute maneuver. They've lost for the following, single reason: For more than six years -- 1.5 student "lifetimes" -- college students have been getting music for free and getting used to playing it where, when, and how they want. And their younger siblings have been watching them. Game over.

You're right. Most of them probably don't know or care about "Fair Use" rights or copyright law or the DMCA. But they know MP3. They know timeshifting and spaceshifting. They know what they like to do with their music. And they are, statistically, going to be a demographic the RIAA/MPAA want: For no one is discretionary income so high a ratio to total income as for 20-somethings. The *AAs desparately, desparately want to sink their hooks into this demographic and extract all the cash they can. Yet these people expect free music.

And it won't get better. Maybe the culture machine will drive people to buy the protected CDs. At least as likely, the teen set will say, "Screw this -- I want my MP3".

The corpse hasn't stopped moving yet, but no technological fix is going to breathe life back into the old music distribution model. And Holllywood knows it's next... why do you think they combined a crappy protection scheme with the draconian DMCA? Because they know (a) people can draw the line from copying music to copying movies and (b) only a massive legal campaign will have any hope of stopping that, by stigmatizing movie copying before it becomes socially acceptable.

But they are too late. People can draw the line. And people already accept movie copying... somewhat fringe now, but growing.

The buggy-whip makers hear the thunder of tomorrow and are scared. Rightfully so.

Re:Oh boy:: me not worried, it won't work

[Indras]

1. As has happened so many times, the media screws up on Average Joe consumer.

2. Those who want to copy/crack/hack it, will. They can't stop it.

The sad thing is, when Average Joe Consumer starts having problems with the latest DMCA-compliant device, he is unable to fix it without spending a fortune to get a new player/decoder/etc, and often he is unwilling to pay. So, in reality, the only people who get to reliably use it are the hackers.

"Easy to use" and "hacker proof" devices are a lot like child-proof safety caps on medicine bottles. It's trying to make it easy to use for those with lesser abilities, and harder to use for those with greater abilities, which is impossible. That's like trying to come up with a math problem that an elementary student can answer, but a college math professor cannot.

It ends with alienating the target audience (my grandmother absolutely hates the childproof caps, and takes all the pills out first thing and puts them in a plastic bag...), and are unable to prevent its circumvention (...while every one of her grandchildren can open the bottles without a problem).

Re:Oh boy:: me not worried, it won't work

[ranulf]

You would have to have the program attempting to verify send a random piece of data to the CD smartcard, which signs it with a private key and sends it back.

How is this substantially different introducing bad ECC data on the disk and checking for that? I can see how this will stop no-brainer solutions that attempt to burn the same incorrect ECC signal to a disk when doing a raw disk copy (as I guess the laser needs to move around the disk in a predetermined manner), but it won't stop the "real hackers". Basically it'll be the same difficulty as current systems - just remove the section of the code that performs the check and the system is worthless. Are there any games on the market you can't get wares versions of if you look hard enough?

And it's always the legitimate users of the software that have to suffer. For instance, look at the no-cd hacks for pretty much any game you care to mention. People who paid money for the game have an added inconvenience when playing, people who pirated the game just load it straight from hard disk.

I think it's really about time that companies just started trusting their customers as their attempts at copy protection seem to achieve little except annoying genuine customers.

Silly, silly, silly.

[CrystalFalcon]

Ok, so for all intents and purposes, this is a dongle. It's an active piece of the CD that contains hardware that can be used for challenge/response mechanisms used for copy protection.

Has anybody ever heard of cracks for dongle-protected software? (insert roaring laughter here).

Silly fools. Marketing anything as "uncrackable" is going to shoot you in the foot. This is no more secure than SafeDisc, it just requires a patch to the binaries (don't check that disc) and you're good to go.

If a computer can read it, it can be cracked.

Re:Silly, silly, silly.

[hyphz]

Mmm, it's a bit daft. Who's going to use it?

I have a package called Reaktor, which is a synth simulator for the PC. Reaktor v2 shipped with a system CD which had two holes drilled in it, for exactly the reason described here - to validate the CD. But the next version got rid of this and used a USB dongle instead.

Why? Because having to put a CD in the drive when you're using a piece of serious app software is a pain in the ass. To be honest it's a pain in the ass for games as well, but at least a game is likely to take over the whole system. On serious software, which can work together, a CD check is a serious pain. If serious software commonly used that, then if I wanted to drive Reaktor 2 and Vaz+ through Cubasis, I would need 3 CDROM drives. Great.

In short, this is going to be too expensive for games (and they've already found that serialised network play is the only protection they need), and apps software won't use it. Big hairy deal.

Re:Silly, silly, silly.

[CrystalFalcon]

Where did you get the USB dongle, and where did you get the templates for drivers to use it? I've been looking for a solution like this but been unable to locate any.

(Yeah, yeah, I know, it'll be cracked from here to eternity etc. I'm counting on that. Speaking of that, what's your experience with the USB dongle in that regard?)

Further, I agree with your analysis that games are going networked and have all the protection they need through that. High-end apps will continue to use dongles (preferably USB). Mass-market apps like Office can't require the CD to be in the drive. End of story. :-)

Good for software only

[mblase]

You can copy the CD, but without the card the software won't run. Try to install the software on more computers than the publisher allows and the smart card will shut you down.

This is supposed to work on CD/DVD software, not music. If you think about it, there's no way this gimmick could keep me from ripping CD audio to MP3 files. I'm not even sure it could keep me from making a straight bit-to-bit copy of the CD audio, unless the rewrite the CD player firmware to process the card -- a functional impossibility.

This might even work with DVD movies, but I think it would be incompatible with existing DVD players. It seems that only software, which is designed to check the smart card on the disk and verify its presence, could possibly benefit.

I'm not convinced it's unbeatable, however. The CD drive is designed to scan a piece of media for bits in a particular order; that being the case, it should certainly be possible to copy the output of the smart card to an ordinary CD-R.

This only leaves the consumer with the inconvenience of having to have a phyiscal CD in their drive in order to use a piece of software, sort of a "key" to unlock the game or application. And for anything other than games which take over the screen, this would be a major pain. If I wanted to swap media out of my CD drive every time I wanted to play a different game, I would've just bought the Playstation version.

This technology might work in future game consoles which are designed to check for a smart card and know the difference between a CD with and one without, and that might be the best place for it. I can't see it catching on anywhere else. We'd be going back to the days where every program, including the operating system, had to be run off of a different floppy disk.

Re:"legally rip" = oxymoron

[NanoGator]

"ou are sold the disc in a very specific format, with the understanding that you will use the disc in that particular format...

Where is this 'understanding' coming from? When I bought CD's (haven't bought any since the RIAA tried to pass the SSSCA), it was so that I'd have the convenience of listening to a song whenever I want, as opposed to waiting for it to appear on the radio. There was no 'FBI Warning' (metaphor, don't take that literally) stating I could not make Mp3 versions of it. The only reason I know about the copyright laws on it now are because the topic became of interest to me.

I refuse to be called a thief when the RIAA failed to educate anybody. It makes me itch to use the word 'entrapment'.

As for the copy restricted CD format, it's perfectly okay for them to do that. I just hope they don't expect me to buy the music. I listen to music on my computer and on my Mp3 player. I am not buying a CD-Walkman (Discman?). If that were an acceptable solution, I wouldn't have replaced it with an MP3 player. I have a feeling other people will feel the same way. If that's the case, then the RIAA's sales will slowly decline. And you know what they'll do? They'll blame MP3s etc and claim that they were destroyed because they didn't get the technology out sooner.

Re:Standard drives?

[Sancho]

Does anyone read the articles anymore?
"Apparently it will not work with today's standard drives," is a completely invalid statement if you actually read the article that was provided. This isn't for use with Video or Audio discs, it's for use with program discs, specifically things you install to the hard drive and then run.
"Apparently" the install program will request the CD key from the disc by pulsing the laser in a certain sequence. The disc, realizing that this is a legitimate sequence, will send a beam of light back at the reader that tells it the key. The key then is used to decrypt the contents of the disc and install the program. Presumably the fact that the disc has been installed is recorded on the smart card, along with (also presumably) a hardware profile of the machine. This way they can prevent you from reinstalling. The data could be erased during an uninstall, or it could remain, truly binding that particular disc to that particular computer. One thing that no one has mentioned is the fact an inopportune power failure could actually render the disc unreadable. Also, how will jitter affect this? Guess we'll have to wait to find out.

Joe Sixpack will stop 'em cold

[A+nonymous+Coward]

Let those copy protection flags get put in every broadcast by 2006. Let them bring smart card CDs to market. It's all theory to Joe Sixpack now.

But imagine Joe Sixpack needs a new VCR or DVD player in 2006, his is broken, or he gave his to the kids and wants a new one for his home theater. He heads down to Circuit City, picks one up cheap, takes it home, and boom! several days later, discovers he can't record Return Of Seinfeld or Monster Trucks Revealed.

He might try the 800 number. He might bug a friend or two. But he's really going back to Circuit and chew some major ass, especially when he finds EVERYTHING is like that, and he is SOL, and not even his old tapes will play in his new machine. He's going to bring that machine back to Circuit City, he's gonna kick and scream and holler and GET A REFUND.

Won't be long before Circuit City screams and yells at the manufacturers and distributors to take back these returns and stop sending this crippled crap. There will be an unholy immediate instantaneous backlash that will get Congre$$'s attention far faster than RIAA and MPAA cash.

See, it's like M$ and their licensing fiasco. These guys win a few early rounds, buy a few laws and judges, and get greedy. They push the pendulum way too far. DivX didn't teach them a damned thing. Joe Sixpack will.

Re:Joe Sixpack will stop 'em cold

[Amazing+Quantum+Man]

You're right. I was discussing this with some guys at work. We all agreed that the xxAA is evil.

My comment was exactly yours. The xxAA will get what they want, until... The broadcast flag goes into effect. When Joe Sixpack can't record whatever, and take it to his buddy's house or watch it on his other VCR in the other room, all the Congresscritters in the xxAA's pockets are going to have a new one ripped for themselves.

Software today, CDs and DVDs tomorrow . . .

[techstar25]

Damn, as if CD prices weren't high enough already, just think what they'll be if record companies start using this type of protection. The RIAA us just dumb enought to do it. If they use this protection for DVDs, we might see DVD movies actually cost more than their repective soundtrack CD.

Re:We've been over this...

[SIGFPE]

And I thought it was a porn-sharing network ;-)....

I think you're confusing it with USENET.

Doesn't work like that

[TFloore]

The smartcard will only need to supply a decryption key when you install the program. After the (special) installation program gets the key from the smartcard, it will use that key to decrypt the encrypted data on the CD, install the program on the harddrive, and then you won't need the cd any more. Just like installing programs now.

Except, of course, for the fact that you took the default install of MS Office, and it didn't install the Equation Editor, and you need to put the CD back in for that. Oh, and MS Photo Editor, which really isn't all that bad. Oh, and the extra import filter for those files in WordPerfect 5.1 that you thought you'd never need again.

This is just to control access to the data on the CD. It won't be required to run the program after it is installed, any more than the CD is needed to run programs now after you install them. This is just a key for installation, not a runtime dongle.

Re:Doesn't work like that

[TFloore]

Blockquoteth the poster:

Are you sure? Quote: "You can copy the CD, but without the card the software won't run." That sure sounds like it could be used as a runtime dongle to me.

I interpreted that as "the installation software won't run". But I have to agree, you can read it your way too.

Ick.

Depends on the desired purpose of the technology. Do you want to just prevent people from making copies to hand to friends, or do you want to ensure that the original CD is available every time the program is run?

Note that, at least for something like MS Office, it is more likely to be used only during installation. Too many large corporations don't even have original CDs near the office machines, the corporate IT people just image the machines' harddrives when they are received, and pay for licenses every year.

For software like Autodesk's AutoCAD, which has always required a dongle anyway... they might just use it that way.

That could make it lots of fun trying to open several programs at once. The CD had better only be required on initial program load, or it could get seriously annoying.

Re:Doesn't work like that

[GlassUser]

Actually the IT department would just get the enterprise edition that doesn't require this. Like I did (yes, we paid for the licenses).

That's what people will warez.

...and the dongle crack

[phorm]

And then there was the crack for the dongle... which similated dongle present on a virtual serial port... and allowed the program to run as normal. From what I read of this article... the content is on the CD as per normal, albeit in a form of encrypted format, and is then decrypted by the key on the card. Despite all the fancy theory (in which the decoded picks up a pulsed "wake up" signal and beams back the decoder as a standard light signal), so long as one can simulate the decoded, one can read the data. So, once somebody cracks the code (hopefully standardized, but otherwise by perhaps analysing the data between an encoded copy and the original CD)... an app to simulate the process, and protection becomes moot. As a personal side note, copying is still illegal, I don't support it as a general rule. If you get the warez and it enough to play it through or keep it, why not shell out a few bucks for something that's worth it? (whatever happened to shareware, like in the good ol Doom Ep1 days). Anyhow, that's my spiel... flamers ahoy! Can I get my silicon chips in Salt&Vinegar or dill - Phorm

metallic fingers

[Alien54]

Whippersnapper! You can have my GOTOs when you pry them from my cold, dead fingers! :)

Which for some reason brought to mind the image of AI Robots as programmers, with their metallic fingers whirring away at the keyboard.

totally nonsensical, of course. but it is a picture.

Well

[sulli]

If it decrypts on the disc, then it's just as rippable as any other disc. Sounds like crap to me.

Re:You're kidding, right?

[SirSlud]

I think when Jack Valenass compared VCRs to the boston strangler, all gloves were off. If they are going to compare their losses to real-world pain and suffering, well so will we.

Doesn't active circutry need power?

[Newer+Guy]

Last time I checked it did.... Or are they going to put a battery on every CD rom? I can see it now...after two years the battery goes dead and the disk won't work any more.

Let's take a quick vote on that

[Bastian]

How many people who are reading this post own DVD players and continue to purchase DVDs?

(massive show of hands)

How many of you are still holding out on your refusal to buy into this consumer-abusive technology?

(5 or 6 people, 10 tops, raise their hands)

How many of you are actuallly so radical that you refuse to purchase audio CD's controlled by the RIAA because you despise their business practises and treatment of artists? I answering this question, I only want to see the hands of people who would continue to not purchase CD's if all the filesharing networks in the whole world suddenly disappeared.

(hundreds of hands raise as I ask the question, but all of them go back down as I state the disclaimer.)

How many of your run Windows?

(Even most the hardass Slashdot-edition Linux Twinks, including me, are forced to admit they own and occasionally use at least one copy and leave their hands down.)

Nope, doesn't look like it's destroying the technology to me. Looks like it's just taking the technology in the direction large corporations with no respect for the rights of the consumer want it to go. Unfortunately, we all seem to value getting to see Yoda on methamphetamine and getting to play the Latest New Video Game that's exactly like the last Latest New Video Game only with Different Pictures more than we value our own dignity, so it's probably going to keep going that way.

A minor request...

[Mulletproof]

Slashdot Eds... Will you PLEASE stop posting stories from any person touting uncopiable CDs, especially when they can be read by a normal CDROM for cryin' out loud. You have a brain, right? I mean really, now. Those words alone should alert you that the author is woefully uninformed... On a side note, how much is it going to produce this sort of disc anyway?

How tough is this chip??

[Reziac]

That brings up another question: We know how much abuse a CD disk can take -- it's not harmed by much short of being melted. But will this "smart chip" stand up to electromagnetic fields (such as it might encounter from spending a couple hours atop your monitor)?? Or will it tend to become garbled or nonfunctional after a while??

I'd guess it will tend to deteriorate, and worse, may be DESIGNED to deteriorate, to make it attractive as part of a forced upgrade cycle. (See my other post where I talk about copy protection being used for exactly that -- with a real example.)

Re:Oh boy:: me not worried, it won't work

[gfxguy]

I agree... especially with your last line. As usual, it's the honest consumers who pay the price - and get aggravated at the stupid tricks the companies pull to try to prevent copying.

In essense, this is similar to the off-disk copy protection from days of yore - I remember Battle Chess and RailRoad Tycoon - both of which I legally purchased for my father and both of which I used a binary editor to crack so he didn't have to enter codes.

In the same vein, the program is asking the CD for a code instead of the user. All someone has to do is track where that code is being requested (through a debugger), and bypass that section of code.

They couldn't do it with off disk protection, and they're not going to be very successful with on disc protection - unless success is defined by how many people you can piss off.

The worst part about this whole deal, like every other protection scheme, is that the honest customer is the one paying for the research and development into the methods the company uses to make it harder to use the legal product. It truly is a case of them trying so hard to prevent copying that consumers are going to use copied media just to avoid the hassle associated with using legally purchased media.

Like the princess said to the dark lord, "The more you tighten your grip, the more systems will slip through your fingers."

It's already happened with a lot of us - I don't buy/use pirated software, but I don't buy commercial software anymore, either - except old bargain bin stuff, at least, and even then it's few and far between.

Go go gadget network install

[Darth+RadaR]

From their website

No More Sharing - The customer will be able to install no more computers than defined in the user agreement.

I'm not sure how sophisticated this toy may be, but my guess is that it might just read some sort of hardware address for the CD-ROM to prevent multiple installs. I wonder if all that's needed to defeat this would be to do your installs from a CD-ROM that's shared on a network?

It's patent pending? Well then....

[i_want_you_to_throw_]

Someone go to uspto.gov and get the specs. Then again maybe they aren't published yet.

The idea is a paradox, always were, always will be

[Kynde]

Copy protection is a paradox for one-way media (like CDs/DVDs/TV/Radio/etc... Plain and simple.

As long as the end-user, i.e. the viewer, cannot be trusted in all circumstances, there is no way on earth to protect it, because at some point along the line from the DVD to the TV electron cannon or LCD crystals the signal must be deciphered.

There will always be people that will capture that and put it out as an mp3 or DivX.

Re:Oh boy:: me not worried, it won't work

[tHiNk411]

It's not hardware, it's software on a smart chip. This will be just like the DSS cards I make all the time, that was "un-crackable" too. I give it 6 months before someone has a working fix.

Re:this is very limited in usability

[Jucius+Maximus]

"3. PR releases tend to hype (and even lie) about how many companies are "interested" in an attempt to lure the others in. We need to shine more light on this subject fast."

I think one missing link in the article is the concept of how the 'released' key is read by your computer. The 'smart card' in the protected CD will receive impulses from the CD drive's laser and then will 'release' the decryption key.

How, exactly?

The standard cd-rom drive can only get data from the CD by using its laser to read the pits and bumps. Does this 'smart card' change the laser's impression of the CD? And what prevents us from reading the 'released' code once it is 'released?' I think you are right and that there are serious holes in marketing's description of this product, and I believe that not all of the claims will hold up if this even gets mass produced.

Re:this is very limited in usability

[dasmegabyte]

I recently ran into the trouble that I could not reinstall Quark XPress 4.0x on my mac.

You see, they provided a license key on floppy, and I bought my mac after the Crusades. Ipso facto, no floppy drive.

I tried sticking it into the slot loading cd drive, but it doesn't go.

Quark's tech support was less than helpful. "You'll need to upgrade to 5," is not a valid answer to a developer who needs to test on 4.0.

Luckily, we have a warezkid in the office who was able to get me a cracked installer. So I could install software we paid for -- out the ass, too, considering Quark is little more than some boxes and perfectly calibrated text.

Unlikely

[Safety+Cap]

And Jon Katz writes an article ~

Sorry, but John Katz is MIA. Without a trace. And no smoking man!

Re:Oh boy:: me not worried, it won't work

[AdTropis]

what's funny is that you always see statistics estimating how much money is lost due to piracy yet never see statistics regarding how much money is lost by consumers not willing to mess with copy-protected CD's or how much money all of these copy-potection schemes save companies each year. how much money did blizzard lose due to people being unhappy with Diablo II's CD's not working all CD-ROM drives? how many customers did they lose after chasing the bnetd proejct? i'd love to see a report that said "CD protection schemes saved $2B last year... meanwhile, 20,000 customers demanded refunds due to inoperable discs.". maybe one day the companies will realize that they are just going through the motions and spending alot of money while doing it.

There are so may ways this could break....

[zerofoo]

"If the card deems the request legitimate"

How exactly is this possible? What authenticates the disc?

Anyway, there is a latency problem as the hardware gets faster. There will be latency in answering the above question...the chip has to decide if the requests are legitimate and then spit out data to the photosensor in the DVD/CD drive. What happens when spin rates get faster? The computational latency will be greater than the rotational speed of the drive....the drive will be waiting for the data, but the card stalls and doesn't produce the data. Current drives won't deal with these "read errors" very well.

This technology has "snake-oil" written all over it.

-ted

who cares about media, the drives will be hacked.

[roman_mir]

Will the drives be backward compatible to play normal CDs DVDs? If yes, then there will be no problem ripping the damn security card off your CD, DVD and copying the software, music, video to your computer, where a simple decoder program will decifer the contents.

I personally think...

[Dirtside]

...that schemes like this should be cracked. Why? Because such blindingly stupid methods of "protection" are an insult to even a basic understanding of computer security and data flow, and deserve to be annihilated. This protection isn't going to actually help anyone; it might make a few people feel better (assuming it's even for real; my vaporware sense is tingling), but it's not actually going to stop any serious cracker from getting through it.

Cost

[uncoveror]

This method would make CDs and DVDs cost more. IF they implement this, and CDs cost $30.00, DVDs $40.00, nobody will buy them, and they will still try to blame "piracy," and try to get Congress to give them corporate welfare. This is a stupid idea. The main reason people today don't buy CDs is because of the outrageously marked up prices.

Even the analog degradation can be beaten

[xant]

I don't remember the name of the technique, but it's so simple it hardly needs a name. Rip it via analog over and over and over again. 8 times, 50 times, whatever you have the patience for. Then merge the copies. The "true" bits will be in the ripped version more often than erroroneous bits, so you just take the most frequent bits. Works best if the rips are done from multiple systems. A dedicated CD ripper could have the exact copy that was encrypted on the CD. Burn to mp3, distribute, enjoy with milk or non-dairy creamer.

Re:Even the analog degradation can be beaten

[zCyl]

apt-get install cdparanoia

Well...

[BlackGriffen]

It would, of course, be possible to just ignore the smart chip (unless it somehow obscures the data physically while not in use). Then just strip a reader from a drive and write some extraction software to get any encryption keys or whatnot you might need.

Ooops, did I just violate the DMCA with this post? Well, I can at least say that I didn't get in to specifics since I haven't even read the article ;).

BlackGriffen

Re:Well...

[Alsee]

possible to just ignore the smart chip (unless it somehow obscures the data physically while not in use)

Right. The data is encrypted. The smart chip passes the encryption key to the loader program.

You can't just ignore the smart chip. You just have to tweak the exe and possibly decrypt the data using the key it gives you.

-

RE: LEGAL

[aaarrrgggh]

Mod 'im up!

Fair use isn't a valid argument against copy protection. It might be a valid argument against being sued by the DMCA, I would hope

Re:Oh boy:: me not worried, it won't work

[Alsee]

It's trying to make it easy to use for those with lesser abilities, and harder to use for those with greater abilities, which is impossible. That's like trying to come up with a math problem that an elementary student can answer, but a college math professor cannot.

Impossible?

-

It's Sharpie time

[ka9dgx]

Warning - Speculation Ahead

The default mode of an LCD is transmissive, so the power off mode will be to allow the data to be read... use a sharpie to prevent the photoreceptor from seeing the laser, and all should be done. It won't see the light, and won't wake up the smart chip.

If the sharpie ink isn't opaque enough, a piece of black electrical tape should do nicely.

--Mike--

Re:Standard drives?

[geekoid]

s/anymore/ever/

Re:We've been over this...

[Sheetrock]

They could, by requiring that the 'CD' be in the drive at program launch only but permitting regular operation for the rest of the time. Not that it wouldn't be aggravating, but when has that stopped them?

My gut feeling is that this is intended to be a more active form of copy-control. If you can read/write to the smart card in the plastic wafer (they say you can), imagine the following design:

Portion 1 of the disc is plainly visible as an ISO track and contains the installation binaries + AUTORUN (under Windows). Portion 2 could be in any format readable by the drive but containing the program in encrypted form.

Upon running the install binaries, the smart card in the device is checked by the program. Assuming the card permits installation, it will relinquish the decryption key and the install program will unpack the binaries.

They make a point of the ability to write back to the card. This could be part of a more complex authentication scheme, but I'd bet it's something simpler like "The third time someone tries to start an install, refuse to give them the key."

Yes, that's pretty serious...

[Gordonjcp]

Better get on that one folks, it's better to fight the fire while it's still small...