Slashdot Mirror
Newest Audio CD DRM Proves Ineffective
The Importance of writes "As noted previously, a couple of weeks ago BMG released a new CD by Anthony Hamilton that included DRM. Slashdot readers speculated that the system wouldn't work. Now there is a report proving it doesn't work by Alex Halderman, a graduate student at Princeton's computer science department and the author of an earlier, definitive report (PDF, HTML version) on first generation CD copy protection. Famed computer scientist Ed Felten asks: "Is this the end of the road for CD copy protection?" His answer? "It ought to be.""
If you can read it, you can copy it.
As long as I have an audio-in port on my sound card and an external player, drm is a waste of their time and money.
Apparently this text is on the back of the CD:
THIS CD IS ENHANCED WITH MEDIAMAX SOFTWARE
Enhanced! Since when does taking functionality away from something mean you're enhancing it?
-- Dr. Eldarion --
So they rely on the autorun setting on cd's to load the device driver for them? that's pretty stupid -- on windows it's enabled by default (typical) but most companies disable it because it's a security risk.
The Mac got hit pretty hard with an autorun virus that ended up shipping on many cd's. As a result many Mac users disabled this in OS 9, and I believe OS X has it disabled by default.
This might be effective on most windows home computers whose owners don't change the default setting, but I'm wondering how long before that driver gets infected with a virus....
I guess the DRM crowd must be cheering.. but really its just a matter of time before their little tricks get that much harder to circumvent.. especially if the computer hardware is built for DRM.
What should be alarming is that these repetitive, albeit pointless efforts, are slowly making DRM a reality.
A couple of dozen security and cryptography expersts vs thousands of talented hackers and ameture tinkerers. I am not nocking the guys who made this protection but they and there bosses have to understand that they are going to push this rock up a hill for all eternity. Maybe thats there goal: 1. create a DRM scheme 2. Sell it to RIAA dolts 3. DRM broken day it comes out???? 4. Profit
Did Glenn Beck rape and kill a girl in 1990? gb1990.com
The bastards will never learn.
There will never be any copy protection scheme that will work.
If you can listen to it, you can copy it by just connecting the output to the input for another device.
Unless they make it so that nobody can listen to it, copy protection is an exersise in futility.
Death has been proven to be 99% fatal in lab rats.
It's not supposed to be uncrackable. I know it's crackable, you know it's crackable, they sure as hell know it's crackable. Just like any other protection mechanism on anything from a PC CDROM to the XBOX.
What it's supposed to do is limit casual piracy. Make it tougher for the average slob to make a copy with the EZ-CD Copier that shipped with his Dell and give it to his buddies. That's it. Most folks would just give up if it didnt work the first time they tried, they aren't going to jump through any hoops, scribble on it with a sharpie, open up a hex editor, solder a mod-chip into their player, run a distributed cracking engine to decode it, whatever. It sure as hell has nothing to do with preventing some geek from leaking it on the 'net.
That's a *large* chunk of the sales they actually lose. Bob Magoo who gets a copy from his buddy Turd Ferguson because he's too lazy or cheap to run down to Wal-Mart and get his own.
So just friggin relax already, and dont be so proud of yourself that you figured out how to "hack" the technical equivalent of the safety pin that keeps a babies diaper in place.
I don't need no instructions to know how to rock!!!!
> "Hey...I guess we can't do this."
then: "I wonder if I can download the song off kazaa"
At which point he spends about 30 seconds searching for the song, which some more technologically clued in person has kindly made available.
Users don't grok shift keys and drivers and EULA's. They do grok kazaa however.
I find it hilarious that they did this on a CD by someone who no one has ever heard of. 2 reasons. 1. If they were to do it to a big name person that someone actually listened to, odds are sooner or later the thing would muck up some little 13 year old's computer. You'd have the whole suing a 12 year old fiasco all over again. 2. If they were to do this with someone that people actually listened to, they would HAVE to realize that it would have been about 5 minutes until every 13 year old (whose computers weren't mucked up in situation one) knew how to circumvent copy protection and no longer grows up in a world just accepting that the RIAA owns them. Hmmmm...Not that the RIAA doesn't own them, but that's another story altogether...
Or, forget all this crap, and dont even bother holding down the shift key. Do what I've been doing for years, and disable autorun period right after you install windows. Heres how to do it in XP Pro(shamelessly stolen from the first site google gave me):
To Disable CD autoplay, completely, in Windows XP Pro
1) Click Start, Run and enter GPEDIT.MSC
2) Go to Computer Configuration, Administrative Templates, System.
3) Locate the entry for Turn autoplay off and modify it as you desire.
Turns out Microsoft has been shipping a circumvention device all these years. Anyone who lets a cd run whatever it pleases is a fool anyway.
"And oh, yeah, this work is a blatant DMCA violation."
Are you sure? I don't see this as reverse engineering. I see it as troubleshooting a broken computer.
"Derp de derp."
I rip every disc I attain (none in the past two years for boycott reasons) to secure my fair use right to a backup.
Even under the bullshit of the DMCA, one has the right to reverse engineer or bypass copy protection schemes to excersize his fair use rights.
The exception of course, occurs when one is a minor in a foreign nation that has extradition agreements to the USA.
You can't judge a book by the way it wears its hair.
P2P. He asks his friends, they set him up with a client. He has some respect for copyright, but his practical interest takes over, and he grabs the album off P2P. But now he has a client installed, so he's only three clicks and a sacrifice of morals (against a company that just screwed him) away from further downloading.
The moral of the story? DRM limitations fuel P2P. This story depends on a portable player that doesn't do WMA, but there are many other inconveniences. What if he doesn't use Windows or Mac (that's me)? What if he's an audiophile who can hear the difference between WMA and FLAC?
Besides, the article says you can burn the tracks a limited number of times. That's right, without any circumvention at all, the DRM is totally ineffective! I haven't checked, but I'm willing to bet the music is all over the P2P networks. DRM is completely worthless: if there were any competition (there isn't), the idea would have died years ago.
Litigious bastards
Exactly - it's my opinion that if a media product is broken by DRM restrictions, the products protected by the DRM become less valuable, and therefore, people will be less, not more, likely to seek out a legal method of acquisition. The music file trading underground won't be ended until proper unencumbered mp3's are made available legally for a small cost.
Excuse me, am I missing something here ?
But if you can play a CD in a CD-Player, then surely you could connect the Line-Out to Line-In of the PC sound card and use a sound app (such as Cool Edit) to record.
You could ALWAYS do that.
-573417h F16h73r
Yo retard! The constitution only affects how the gov't is run, and what they can (and cannot) do. It has no effect on what you as a private citizen, or RCA, Sony, etc can do.
I agree with you wholeheartedly about how the RIAA has made their own bed. However, your last comment leaves a little to be desired for me. While there aren't as many DVD rips out there, I don't think it is because of the warning label. People used to copy VHS movies all the time, and many copied the FBI warning right along with the movie itself. I even had a friend who had a tape with nothing but the various warnings he had seen and collected.
I don't know the full reason why there aren't as many DVD rips out there, but I do have a few guesses.
1. DVD rips are huge, and broadband isn't quite as popular with the non-Slashdot crowd. It takes about 20 minutes to download the average MP3 file over a 56K modem. I don't even want to think about a DVD rip.
2. You can easily (and cheaply) burn MP3s out to a CD and listen to it on your home and car stereo. DVDs are still relatively expensive to do so. Recorders are comming down, but they still aren't at the free-after-rebate price point from the large PC chains. And the media isn't literally dime a dozen yet. MP3s really took off when it became cheap to use them away from the PC. DVDs are not yet to that point.
3. DVD ripping software isn't as simple as MP3 software. Last time I tried to copy a trailer off of a DVD to take with me to work, there were 3 separate programs that had to be installed and each one had 5 or 6 settings I had to play with to make it work right. With MP3, half of the CD player software out there asks if you want to rip it when you insert it to play. And they all go into the same directory tree. Install your favorite file sharing software, it autoscans and finds the directory, and there is the huge assortment of rips. I know there have been software advances since I tried, but that is one of the reasons I haven't tried for so long. It took too much effort for too little reward (see #2 again.)
I'm sure the warning labels do deter a few people, but I believe the majority of them are detered for price or technical limitations.
The CD doesn't install anything. It is just passive media. Your computer is the one that is blindly executing untrusted foreign code, with your blessing. Why do you have your computer do that?
An Autorun will be effective against the vast majority of Windows and Mac users.
This doesn't matter. Who cares if you lock out all those people that aren't technically savvy enough to really use their computers to begin with? These people probably couldn't figure out how to even get on Kazaa anyway.
If you can't even lock out those who know well enough to use the shift key, or to simply disable auto-run to begin with (as the author rightly points out many people have already done), then there is absolutely no hope of keeping this music off of file-sharing networks, or out of black-market pirate CD rings. All this is doing is locking out people who don't need to be locked out, and keeping the music easily accessible to those who (in the record industry's eyes) do need to be locked out. It is therefore completely ineffective and arguably counterproductive.
In fact, it's no better than the pen trick on the old schemes. I mean, if you didn't read Slashdot or CDfreaks or whatever, you'd have had no idea that that worked either. The average consumer probably still knows nothing of the pen trick. But the fact that people who generally do a lot of copying did find out about it made that copy protection method completely useless to the record labels. The whole point is to stop people from copying (and sharing), not to punish those who just want to listen to their CD's (much as it seems otherwise so much of the time).
About the only good thing I could see coming out of this (for the record industry) is a conditioning among average consumers to begin to accept DRM. Over a long period of time, that may change prevailing attitudes among the public. But it won't stop people from copying that want to copy and know anything at all about PC's, which has to be the end goal of all this in the minds of the RIAA and their cohorts.
So, if I manage to sneak a virus onto a commercial audio CD that erases the contents of the hard drive whenever autorun, then I'm not liable, instead it's YOUR fault for being stupid enough to insert the CD in your computer? Aren't we setting sort of a dangerous precedent here?
"Freedom means freedom for everybody" -- Dick Cheney
While I like your argument, I can't agree with it.
What's the first thing a non-tech savvy user is going to do when confronted with a DRM scheme? They go online and find the workaround. Then, suddenly, you have a slightly more educated user.
Hell, did I know how to write DE-CSS software? Nope, but when I couldn't play my DVDs using linux, I went online and solved that problem in a matter of minutes.
I hate laws that try to stifle the free flow of information. End the end, a lot more than just the information gets squashed -- fair use, privacy, freedom of speech, etc.