This website does readability filtering of other pages. All styles, scripts, forms and ads are stripped. If you want your website excluded or have other feedback, use this form.

Schneier on Security: Another Failed Copy-Protection System

success fail Mar NOV Jul 05 2005 2006 2008 70 captures 18 Jun 2005 - 01 Dec 2018 About this capture COLLECTED BY Organization: Alexa Crawls Starting in 1996, Alexa Internet has been donating their crawl data to the Internet Archive. Flowing in every day, these data are added to the Wayback Machine after an embargo period. Collection: 32_crawl this data is currently not publicly accessible. TIMESTAMPS

Bruce Schneier

Home

Weblog

Crypto-Gram Newsletter

Books

Essays and Op Eds

Computer Security Articles

In the News

Speaking Schedule

Password Safe

Cryptography and Computer Security Resources

Contact Information

Schneier on Security

A weblog covering security and security technology.

« Password Safe | Main | Write Down Your Password »

June 16, 2005

Another Failed Copy-Protection System

This is from 2003, but I had not seen it before: "Analysis of the MediaMax CD3 Copy-Prevention System."

Posted on June 16, 2005 at 07:57 AM

Comments

The company responsible for this protection scheme issued a press release claiming this paper was based on erroneous assumptions.

Full text:
[web.archive.org]

Memorable quote:
--begin quote--
Based on several of these incorrect assumptions, Mr. Halderman and Princeton University have significantly damaged SunnComm’s reputation and caused the market value of SunnComm to drop by over $10 million.

In addition, SunnComm believes that Mr. Halderman has violated the Digital Millennium Copyright Act (DMCA) by disclosing unpublished MediaMax management files placed on a user’s computer after user approval is granted.
--end quote--

Posted by: Jules at June 16, 2005 09:21 AM


The comments to PasswordSafe entry are closed, but I'd like to point to one thing: the last time I checked the PasswordSafe, the passwords were copied to the clipboard in order to be used. And the clipboard was (or is it even now?)

[web.archive.org]

accessible from the javascript executed in the browser. Therefore maybe it's not the best solution. The better trick would be to have to point to the window which expects the password and that then the program uses API to emulate typing. That way, the password would never come to or remain in the clipboard.

Posted by: AC at June 16, 2005 09:22 AM


I remember seeing this the first time around. The DMCA is not a defense against incompetence.

Posted by: Jarrod at June 16, 2005 09:35 AM


Yes the password safe! My preference is to encrypt my passwords file with a one time pad, ripped from a heavily encrpyted CD or DVD from one of the above company's products, and then using steganography embed the encrpyted password file into an MP3 ripped from a CD under Linux, in which the above mentioned copy protection doesn't function.

Linux is always left out. ;)

Posted by: LinuxUser at June 16, 2005 10:05 AM


(Do you really mean to cut off comments to articles after only a day? If so, sorry for posting about PasswordSafe on this article.)

Do you have an opinion about the security of Apple's Keychains included in Mac OS X? It's a similar sort of thing to your Password Safe. I can't say I've been able to find much analysis of its security.

Posted by: glasser at June 16, 2005 10:10 AM


"by disclosing unpublished MediaMax management files placed on a user’s computer after user approval is granted." ... well, heck if you put a file on my computer, I consider it published.

Posted by: Ian Eiloart at June 16, 2005 10:24 AM


No copy protection scheme can work when it comes to audio because of a little piece of hardware available on every computer - the line in port.

Once the data on the disk is decrypted, descrambled, or whatever, it's free reign. The line in port can capture the audio at CD PCM rate (44.1 Khz, 16 bit) or better (depending on the card) and record it to a WAV file. While this isn't as quick as ripping it straight from the disk, it's still quite easy to do. It's about the same as copying a tape using a dual-deck stereo.

The only thing that these copy protection schemes will do is prevent the ripping of the audio straight from the disk. Okay, so we go back to recording via the line-in port. Instead of taking about 15 minutes to convert the file (depending on your computer and several other factors), it'll take over an hour. Will it stop most people? Probably not.

Why is the audio industry spending so much money doing this when it'll fail anyway, no matter what system is used?

The line-in port on any computer bypasses any copy protection implemented. Sure it takes longer to convert the CD and you may not get a perfect copy of the song, but you'll get pretty darn close.

Why spend millions of dollars on a system that may tick off people if it doesn't work properly and is going to fail anyway? It doesn't make sense.

Posted by: Kenneth Ballard at June 16, 2005 10:34 AM


@AC:
"The better trick would be to have to point to the window which expects the password and that then the program uses API to emulate typing..."

Recent versions of Password Safe already have that. It's called Auto Type. From the help file:
"Auto Type provides a means for users to easily and quickly enter user name and password information. With a single click, the user name, and password are entered and the form submitted to the host for approval. By default, the formula followed by the automated keystrokes is as follows: the user name, followed by a tab key, followed by the password, another tab, and then the enter key (username TAB password TAB ENTER).

Most, though not all, web forms will operate with the Auto Type feature. For those that don't, it is possible to tailor the autotype behaviour as described in the Customizing Auto Type section below."

Posted by: Roger at June 16, 2005 10:35 AM


Re: PasswordSafe

Version 2.11 is listest as the latest on SourceForge:
[web.archive.org]

Posted by: Dennis Jackson at June 16, 2005 11:10 AM


@Kenneth Ballard

"No copy protection scheme can work when it comes to audio because of a little piece of hardware available on every computer - the line in port."

I would generalize your comment to: No copy protection scheme can work because the content must be exposed to the user - and the user can record video with a camera, record audio with a microphone, and so on.

"Why is the audio industry spending so much money doing this when it'll fail anyway, no matter what system is used?"

Beats me...

Posted by: Anonymous at June 16, 2005 11:31 AM


@Kenneth Ballard & Anonymous

Just one point all "off line" copy protection mechanisums are bound to fail.

Basically however they are "encrypted" the key has to be eitehr on the disk or in the media player. Sooner (rather than later) somebody will find,

1, The "encryption mechanisum"
2, The "master key"

And eventually the information will find it's way into the public domain.

For instance DeCSS for DVD's, and Sky's perenial battle with their pay-2-view cards are two that imediatly spring to mind.

We have also seen the majority of digital watermark systems (maybe all) fail for one reason or another.

The only practical way to do DRM is to have it so deeply embeded into the very core of a product that it cannot be got around in a sensible way. However as Microsoft found with the X-Box people will even get at systems if it's not quite in the core.

I guess this is one of the reasons Intel are getting into embeded DRM in their CPU's that BS posted about a few days ago,

[web.archive.org]

Posted by: Clive Robinson at June 16, 2005 11:51 AM


I'd like to line up all these copy-protection idiots, and kick them in the face, one-by-one.

I just had a big hassle with a "DualDisc" CD I had bought. Neither of the two CD/DVD drives in my computer would play it. Since 99.5% of my music listening is done while at the computer, this made the $15 purchase a waste.

Do you know how aggravating it is to insert a CD you just bought, only to hear your CD drive whirring and grinding, and making noises that leave you wondering if the drive is actually being damaged?

Well, not quite. I had to go back to the store the next day, and exchange the DualDisc piece of crap for a regular audio version--which, fortunately, they had. I'm sure that they're just testing the waters right now, and regular audio CDs will become a thing of the past.

At that point, I'll stop buying CDs altogether.

I did copy the DVD portion of the DualDisc, and keep it on my hard drive, just to make the hassle a tiny bit more worth my while.

Posted by: x at June 16, 2005 12:16 PM


Audio CDs have always been impulse purchases for me. I'm hanging around town somewhere, decide to browse a music store because it's fun, and buy something. This happened fairly often -- a couple of CDs a month, on average.

Now that I can't trust that audio CDs are actually usable for me, I don't buy them at all anymore. I could check online or something, there are databases that list the bad ones, but that just doesn't fit the way I buy music. So I don't. Bookstores get my browsing money now :)

The frustrating thing is that the RIAA then blames these lost sales on "piracy", when it's directly due to their own stupid tricks.

Posted by: Richard Braakman at June 16, 2005 02:43 PM


I would be interested to know what happens if the user attempting to play the CD does so from a non-administrative account without the ability to install drivers. Would the DRM version refuse to load, forcing the user to rip the tracks normally, or would the CD just eject itself?

Posted by: Quadro at June 16, 2005 03:26 PM


I find my self wondering if a better interpretation of

> Mr. Halderman and Princeton University have significantly damaged
> SunnComm's reputation and caused the market value of SunnComm to
> drop by over $10 million.

isn't along the lines of

"Mr. Halderman and Princeton University have exposed our efforts
to inflate the value of our stock options with bogus (and
possibly fraudulent?) claims about the capability of our
product."

Just a thought.

Posted by: Anonymous at June 16, 2005 05:02 PM


@AC
Passwordsafe as of about version 2.03 has code to type the password into the window behind it.

Posted by: Dave at June 16, 2005 06:15 PM


@Quadro,

"Would the DRM version refuse to load, forcing the user to rip the tracks normally, or would the CD just eject itself?"

DRM will create another access level above administrator. This access level, controlled via the DRM policy servers at the vendors headquaters, will have ultimate control over your system.

Whatever program is contained on the CD would have adigital signature approved by the vendor. The OS would then trust the executable, even though you might not.

Posted by: Thomas Sprinkmeier at June 16, 2005 06:39 PM


So the system and the vendor will have ultimate control over features even administrator (or root) can't access? Wow. All it will take is one flaw in DRM, and we can say goodbye to functional anti-virus software, software firewalls and IDS. Unless, of course, those are managed by (and have the privileges of) the DRM system too. Which will make DRM more complex and create more weaknesses.

Of course, no virus writer or hacker will ever be able to exploit flaws in DRM, right?

Posted by: Francois Kashy at June 16, 2005 06:48 PM


Even if the music/software/any industry create a completely incompatable media that only works in their equally incompatable media player, someone somewhere will crack it, and completely ruin the money invested in the protection. I thought the idea of DRM was for prevention of loss.

Posted by: jammit at June 16, 2005 10:36 PM


For spahish-speakers, here's my two cents (Nov 2003): [web.archive.org]

Great work, SunnComm! A copy-protection system that can be switched off by pressing the Shift key. Compared to that, the Ice Cream Lock is state-of-the-art!

Posted by: Arturo Quirantes at June 17, 2005 02:28 AM


@jammit

It doesn't have to be perfect to be profitable.

Posted by: Thomas Sprinkmeier at June 17, 2005 02:57 AM


Aloha!

When I look at the future more darkly than normally, I imagine systems that disallows playing/executing anything (media, files, programs etc) that _does not_ have any DRM tags associates/embedded into it.

I sure there will be ways to technically circumvent these schemes too (forged DRM tags, hw and sw hacks to the system for example), but I bet you that doing this will then be illegal.

Yes, very much an Orwellian imagination where "free" is closed and bad. But by the looks of it law-wise, that's where we're headed...

And naturally, booting *BSD and Linux will be a pain in the butt since all motherboards, CPUs, memories and all devices expect the OS to be talking DRM authentication before being accessed.

Posted by: Joachim at June 17, 2005 03:50 AM


@Joachim

DRM on it's own is bad news but one US senetor has actually fielded laws to make the inclusion of DRM in all electronic items (media players etc) a legal requirment.

This quickly became known as the "Fritz Chip" in honour of the senetor. He is also known as the "Micky Mouse senetor" or the "Disney senetor" (amongst the names you can print in public).

Why he has taken this stance I cannot say but it has made him very unpopular in quite a number of places.

Being an average sensible joe if I was going to follow a policy that would make me so unpopular it would probably effect my ability to get re-elected (ie lose my job), I would need a very large cash incentive or some other assuratiy of continued income. Either that or I would have to be some kind of zelot (and as we know zelots in the US are regarded as a threat to national security).

Posted by: Clive Robinson at June 17, 2005 04:43 AM


What makes you thing your Line-In port will be enabled when running Trusted Windows ?
Or, to put it another way, what makes you think it will be availiable to non-Trusted applications ?
Remember Intel now controls this from the Mobo BIOS...

Posted by: Tom Chiverton at June 17, 2005 09:53 AM


"The OS would then trust the executable, even though you might not."
Yes, the essence of "Trusted Computing" - but it's not here yet, fortunately, so what happens in the mean time?

"DRM will create another access level above administrator."
When you really think about it, there won't be an "administrator" in a TC environment, because what does it mean to be an administrator? It means that the owner of the system believes you capable of making good judgments about what to do with the system. But if anybody could actually be trusted to make these decisions, we wouldn't need TC, right? Being an administrator also means that you can do (almost) anything you want on the system:

"Administrators have complete and unrestricted access to the computer/domain" (Windows 2000's description of the Administrators group)

And that can't be allowed, because then an administrator could bypass DRM and cause an end to the free world!

"zelots in the US are regarded as a threat to national security"
Unless they're Christian zealots.

Posted by: Quadro at June 17, 2005 12:44 PM


No matter what they do, i'll still be able to record the music, while it plays, with a microphone attached to my stereo (similarly for movies, but with a video recorder).

Posted by: Anonymous at June 20, 2005 11:34 AM


Until they outlaw stereos and video recorders. Hollywood already wants to but can't get it past Congress... yet.

Posted by: Quadro at June 20, 2005 12:40 PM


@Quadro
They don't have to outlaw them, just make the audio fingerprinting technology mandatory. I believe they tried a while ago and failed.

Sort of like the printers that are reported not to print a certain shade of green.

Too bad if you have a home-movie of a talentless high-pitched green-clad performer, your PC will never let you digitize it (then again, that may be a good thing :-)

Posted by: Thomas Sprinkmeier at June 22, 2005 03:46 AM


"DRM will create another access level above administrator."
The person who controls what may or may not be installed on a computer is the owner of that computer. If some DRM scheme comes along and controls what I may or may not have on my computer, it better be the one paying for that computer, it better be the one paying property taxes on the computer.

"What makes you thing your Line-In port will be enabled when running Trusted Windows?"
You are describing what is affectionately known as "the audio hole." If the device makes sound that can be heard, it cannot possibly be secured from copying. Music companies used to ship CDs to reviewers. But those songs ended up on the internet before they hit the stores, so now they ship the CDs inside (glued shut) CD players and the audio cables are glued onto the player.

The goal of TCPA is to have everything digital, even out to the speakers, with digital certificates everywhere. I predict a future supervirus that inserts revocation certificates all over the place (or corrupts your certificate store) rendering your hardware useless, since one of the key misfeatures of TCPA is that everything has a certificate, including the motherboard (in order to boot the operating system).

Posted by: Peter at June 22, 2005 10:34 AM


"They don't have to outlaw them, just make the audio fingerprinting technology mandatory."

Basically the same thing. With the fingerprinting technology, it's not really a recorder, just a crippled Hollywood money machine.

Posted by: Quadro at June 22, 2005 07:22 PM


Post a comment

Powered by Movable Type 3.2. Photo at top by Steve Woit.

Schneier.com is a personal website. Opinions expressed are not necessarily those of Counterpane Internet Security, Inc.

Weblog Menu

Search

Recent Entries

Comments

Archives

Syndication RSS 1.0 (full text)
RSS 2.0 (excerpts) Crypto-Gram Newsletter If you prefer to receive Bruce Schneier's comments on security as a monthly e-mail digest, subscribe to Schneier on Security's sister publication, Crypto-Gram.
read more