Slashdot Mirror
JVC Announces Technology To Prevent Software Copying
An anonymous reader writes: "JVC and Hudson soft Co. of Japan have created a technology that they claim to have tested on 200 CD-ROM devices that prevents users from copying software CDs. They plan to have special encryption keys hidden in software and which are pressed onto CD-ROMs and which can not be read with ordinary procedures. They claim that the location, length and number of embedded keys can vary making it more difficult to hack."
Nothing. Didn't you know that copy prevention isn't there to stop pirates, it's there to annoy legit users :)
DVDs have a similar copy-protection scheme. The CSS decryption keys are located on sectors of the DVD that are unwritable in the DVD-R (or +R, or RAM, etc.) media formats. So, if you copy a CSSed DVD, you get an encrypted copy with no accompanying keys.
So, a hacker group would have to gerry-rig a CD burner that could write to these "unwritable" areas of the CD-R, so that keys could be copied along with the encrypted software. Very difficult thing to do.
Frankly, I'm surprised something like this hasn't been tried already.
This reminds me of the 3D Studio Max hardware dongle issue. To protect the software from piracy, the authors of 3DS Max had the program check for a dongle on the serial port of the computer. The dongle would return a unique key requested by the program, depending on the activity you were doing in the program at the time. The thought was with all the combinations that the dongle/software combo could possibly have, it would be impossible to emulate with software, thus keeping 3DS secure.
What happened?? 3DS was one of the fastest-cracked pieces of software I've ever seen. Instead of trying to emulate the dongle, crackers simply went through the program and removed all the calls to the dongle! 3DS was circulating around the internet in less than a week after it's official commercial release, paired with a fully-functional crack.
I expect this technology to be no different. People won't try to copy the original, they will figure out a way to get around the checking mechanism, then copy the cracked version. As the saying goes, where there is a will, there is a way.
Hah! I have actually read some EULAs, and many state that you may KEEP your CD as a backup, not make a copy of your CD as a backup, unless the original media is required in order to actually use the software. Arguably, you may make a backup copy of something like Office or Windows, as they often ask for the CD to support new things (especially office now adays).
Relevant spot from W98 license:
After installation of one copy of the SOFTWARE PRODUCT pursuant to this EULA, you may keep the original media on which the SOFTWARE PRODUCT was provided by Microsoft solely for backup or archival purposes. If the original media is required to use the SOFTWARE PRODUCT on the COMPUTER, you may make one copy of the SOFTWARE PRODUCT solely for backup or archival purposes. Except as expressly provided in this EULA, you may not otherwise make copies of the SOFTWARE PRODUCT or the printed materials accompanying the SOFTWARE PRODUCT.
(from http://nl.linux.org/geldterug/license.html)
Optical disc for a master key, and a method and apparatus for optical-disc information management which inhibit and permit reproduction of main information from an illegal copy disc by using physical and logical security information
Inventors: Ozaki; Kazuhisa (Yokosuka, JP); Kayanuma; Kanji (Hadano, JP)
Assignee: Victor Company of Japan, Ltd. (Yokohama, JP)
Filed: September 12, 1995 Issued: September 15, 1998
nobody
parturiunt montes, nascetur ridiculus mus
Yeah, these ideas are all great right up until the point that the key has to be loaded into memory to decrypt the content on the cd (into memory).
People will just use Softice to either get the key (since it will be an app key, not a unique one), or to just get the decrypted data. (and replace the decrypt routines with a load from raw file routine).
This is a classic example of people not understanding the trusted client problem, namely that you can't trust the PC as a client, ever!
There's no mystical energy field that controls my destiny. It's all a lot of simple tricks and nonsense.
Frankly, I'm surprised something like this hasn't been tried already.
JVC isn't the only company doing this.
I've got reliable sources that say that SONY is damned close on similar technology.
And the nice folks at Smarte Solutions have a whole suite of products coming online for just this sort of thing.
I'm not sure how easily this will be broken, truthfully. The software can be configured to all sorts of different levels, and the encryption can be linked to unique hardware identifiers and such. I'm no expert, but there are some that believe that this could be very tough.
Actually, this isn't as far from the truth as you think it is. Everyones favorite anonymous Perl KU (kwalitee usherance) developer, chromatic, manged to turn the Bill of Rights into a circumvention device.
--
What they are doing is hiding encryption information in the subcode channels of the CD-ROM.
Nearly all drives can happily read subchannels off CD-ROMs but very few CD-R/RW drives can actually write this extended information, as it isn't part of the user data stream.
This subchannel information is used for things like index marks within a track for audio, embedding CD+G graphics (low res, 4096 colour graphics) positioning information and ECC/EDC.
All they are doing is embedding extra information within these channels where writing it back to a CD-R, your burner simply isn't capable of reproducing it.
-- k
Specialist Mac support for creative pros, Melbourne