Slashdot Mirror
Newest Audio CD DRM Proves Ineffective
The Importance of writes "As noted previously, a couple of weeks ago BMG released a new CD by Anthony Hamilton that included DRM. Slashdot readers speculated that the system wouldn't work. Now there is a report proving it doesn't work by Alex Halderman, a graduate student at Princeton's computer science department and the author of an earlier, definitive report (PDF, HTML version) on first generation CD copy protection. Famed computer scientist Ed Felten asks: "Is this the end of the road for CD copy protection?" His answer? "It ought to be.""
Start with a Windows 2000/XP system with empty CD drives. Be sure to reboot the computer first to ensure MediaMax is not running.
1. Click the Start button and select Control Panel from the Start Menu.
2. Double-click on the System control panel icon.
3. Select the Hardware tab and click the Device Manager button.
4. Configure Device Manager by clicking "Show hidden devices" and "Devices by connection," both from the View menu.
5. Insert the Anthony Hamilton CD into the computer and allow the SunnComm software to start. Observe that the SbcpHid device driver is added to the Device Manager list when MediaMax runs for the first time.
At this point you can attempt to copy tracks from the CD with applications like MusicMatch Jukebox or Windows Media Player. Copies made while the driver is active will sound badly garbled, as in this 9-second clip [10].
Next, follow these additional steps to disable MediaMax:
1. Select the SbcpHid driver from the Device Manager list and click "Properties" from the Action Menu.
2. Click the Driver tab and click the Stop button to disable the driver.
With the driver stopped, you can verify that the same applications copy every track successfully.
And oh, yeah, this work is a blatant DMCA violation.
It's marked on the back of the CD case that software will automatically install when you put the CD in the drive. It even tels you how to install it if it doesn't automatically install.
-- Dr. Eldarion --
1. INTRODUCTION
Several recent news reports (AFP [1], Washington Post [2], USA Today [3], AP [4], Arizona Republic [5], LA Times [6], CNet News [7]) describe a new copy-prevention method that has been applied to an album by Anthony Hamilton released by BMG on September 23. This system, called MediaMax CD3, was created by SunnComm Technologies, the producers of the first-generation copy-prevention system MediaCloQ. Discs manufactured with SunnComm's new technique include two versions of the music, each protected in a different way. One set of songs are CD audio tracks that play in standard CD players but are supposed to be difficult for computers to copy. The second set are compressed, encrypted Windows Media files that employ digital rights management (DRM) to restrict how they are used. Music producers hope that the combination of these technologies will help reduce illegal copying while still allowing legitimate customers to play songs on their PCs, but this can only be achieved if both components are secure.
In this report, I explain how MediaMax functions, analyze the weaknesses of its design, and discuss its implications for the debate about CD copy protection and the problem of copyright infringement. I find that although SunnComm has gone to great lengths to respond to criticisms of earlier systems, MediaMax still prohibits many uses of the recording that are allowed under law. At the same time, the system's protections are so weak that they are unlikely to cause any significant reduction in copying.
2. PHYSICAL DESCRIPTION
I bought the recording Comin' From Where I'm From by Anthony Hamilton (Arista Records/BMG) from Amazon.com and received it on September 25. The disc contains twelve tracks for approximately 52 minutes of listening time.
The album cover has a sticker with this message:
This CD is protected against unauthorized duplication. It is designed to play on standard playback devices and an appropriately configured computer (see system requirements on back). If you have questions or concerns visit www.sunncomm.com/support/bmg.
The hyperlink points to a FAQ that explains that the audio tracks are protected against copying and provides solutions for common problems accessing the disc's DRM-controlled content.
The following text is printed at the bottom of the back cover:
THIS CD IS ENHANCED WITH MEDIAMAX SOFTWARE. Windows Compatible Instructions: Insert disc into CD-ROM drive. Software will automatically install. If it doesn't, click on "LaunchCd.exe." MacOS Instructions: Insert disc into CD-ROM drive. Click on "Start." Usage of the CD on your computer requires your acceptance of the End User License Agreement and installation of specific software contained on the CD. Windows System Requirements: Windows 98/2000/XP, Internet Explorer 5.5 or later, Windows Media Player 7.1 or compatible player. Mac System Requirements: Mac OSX 10.1, Power Mac G3/G4, iMac, eMac, Powerbook G3/G4, iBook with 128 Mb of RAM, Windows Media Player for Mac OSX, Internet Explorer 5.2, Monitor capable of displaying 800x600 screen resolution & 256 colors (64K colors recommended), 12x or faster multi-session-enabled CD-ROM drive, Flash Player 6. Digital files on this CD will also play on portable devices supporting secure WMA files. Certain computers may not be able to access the enhanced portion of this disc. None of the manufacturers, developers, or distributor make any representation or warranty, or assumes any responsibility, with respect to the enhanced portion of this disc.
The "Compact Disc Digital Audio" logo is absent from the printed jacket and the face of the disc, but it is embossed in the plastic on the inside of the jewel case. The CD itself bears the warning: "This disc is protected against unauthorized duplication."
3. THE ANTI-COPY SYSTEM
One component of the MediaMax system is designed to make it difficult to extract CD audio tracks as unprotected audio files using a PC. Thwarting extraction would prevent users from copying the CD or upload
I believe anti-copy CD technologies will prove unfruitful, and will therefore eventually be abandoned by record companies. There firms may take a cue from the movie industry and increase the value of CDs by bundling interesting bonus features rather than restrictive copy-control software.
An interesting New York Times article today about exactly this can be found here. The article even mentions a band that includes a PlayStation 2 game on a DVD with their CD. Which just goes to show that CD prices have absolutely no relationship with marginal costs.
"If I could live to be several hundred
I could take a walk and really wander, really wonder."
MagnaTune
I believe they were mentioned a little while ago, but they're the
"We're a record company, but we're not evil" people.
Seriously. Asside from a few artists I absolutely love, I have started getting my music fix from mp3.com and magnatune. If you're gonna listen to them though, please do help them out financially. It takes a lot of bandwidth to stream mp3s.
no comment
What? You missed the RIAA hissyfits over consumer grade recordables (cassettes) back in the day. It was poised to doom the industry and noone would ever sing again!
What prevented it from happening, ultimately, was that it was a pain in the ass. Analog recordings degrade, especially from copy to copy. Digital ones dont. Joe Shmo can make a copy of the original for Bill Shmill, who makes a copy of the copy for Willee Maket, who makes a copy of the copy of the copy... All because it's easy with digital content.
Copy protecting digital content, to make this just enough of a pain in the ass to close the floodgates a little, has been around as long as I remember. I remember as a kid coming across games for my C64 that just wouldnt copy with Fast Hack'em. Not knowing where to go from there, I just shrugged and gave up, or bought my own copy if I wanted it so bad. Looking back, the schemes were sophomoric, but effective enough.
I don't need no instructions to know how to rock!!!!
This is what gets me: they already seem to have recognized the autorun vulnerability. How do I know? Because they're asking me to take steps to install their CD-breaking system in the event that the software doesn't automatically start! They might as well say,
I was going to put a sig here, but I had already submitted the message.
Well apparently some "new sources" have revealed some information.. probobly some slashdotters..
The page now shows this "Several sources brought a flaw in this paper to my attention. I'm presently revising it to reflect this new information. -- J A Halderman"
The other two 'options' are:
In short, always edit:HKLM\System\CurrentControlSet\Services\CDRom
Goto Folder options> file types tab> AudioCD filetype> advanced> select open> hit default.
Copied straight from MS:
Make sure that the AutoPlay feature is enabled in the registry:
Click Start, and then click Run.
Type regedit, and then click OK.
In Registry Editor, locate the following registry key:
In the right pane, go to step g if the value for Autorun is 1.
If the value for Autorun is 0, right-click Autorun, and then click Modify.
In the Edit DWORD Value dialog box, type 1 under Value data, and then click OK.
A value of 0xb5 in the following registry key turns off the AutoRun feature for CDs:
You must set the hexadecimal value to 91 to enable
the AutoRun feature.
On the File menu, click Exit.
Just do the reverse to turn it off. :-)
You need to restart your computer. Hold down the Power button for several seconds or press the Restart button.