Full Disclosure mailing list archives
Is the record industry turning to Trojan horse programs to copy-protect CDs?
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Wed, 8 Oct 2003 14:38:28 -0400
Analysis of the MediaMax CD3 Copy-Prevention System http://www.cs.princeton.edu/~jhalderm/cd3/ Abstract. MediaMax CD3 is a new copy-prevention technique from SunnComm Technologies that is designed to prevent unauthorized copying of audio CDs using personal computers. SunnComm claims its product facilitates "a verifiable and commendable level of security," but in tests on a newly-released album, I find that the protections may have no effect on a large fraction of deployed PCs, and that most users who would be affected can bypass the system entirely by holding the shift key every time they insert the CD. I explain that MediaMax interferes with audio copying by installing a device driver the first time software from the CD is executed, but I show that this provides only minimal protection because the driver can easily be disabled. I also examine the digital rights management system used to control access to a set of encrypted, compressed audio files distributed on the CD. Although restrictions on these files are more relaxed than in prior copy protected discs, they still prohibit many uses permitted by the law. I conclude that MediaMax and similar copy-prevention systems are irreparably flawed but predict that record companies will find success with more customer-friendly alternatives for reducing infringement. Windows has a feature called "autorun" that automatically starts programs from CDs when they are inserted into the computer. If a MediaMax-protected CD is placed in a PC that has autorun enabled, Windows runs a file called LaunchCD.exe located on the disc. This program provides access to the DRM-controlled encrypted content, but it also loads a special device driver into the system's memory. On Windows 2000/XP, this driver is called SbcpHid. The LaunchCD.exe program also presents an end user license agreement (EULA). If the user ever clicks Accept to agree to the terms of the license, the MediaMax driver is set to remains active even after the computer is rebooted. The driver examines each CD placed in the machine, and when it recognizes the protected title, it actively interferes with read operations on the audio content. Similar methods are used to protect the tracks on Windows 98/ME and Mac OSX systems. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Is the record industry turning to Trojan horse programs to copy-protect CDs? Richard M. Smith (Oct 08)
- Re: Is the record industry turning to Trojan horse programs to copy-protect CDs? Jonathan A. Zdziarski (Oct 08)
- Re: Is the record industry turning to Trojan horse programs to copy-protect CDs? Juraj Ziegler (Oct 08)
- Re: Is the record industry turning to Trojan horse programs to copy-protect CDs? Jonathan A. Zdziarski (Oct 08)
- Re: Is the record industry turning to Trojan horse programs to copy-protect CDs? Sebastian Herbst (Oct 08)
- Re: Is the record industry turning to Trojan horse programs to copy-protect CDs? (!DSPAM:3f849a9217188983316675!) Jonathan A. Zdziarski (Oct 08)
- Re: Is the record industry turning to Trojan horse programs to copy-protect CDs? Juraj Ziegler (Oct 08)
- Re: Is the record industry turning to Trojan horse programs to copy-protect CDs? Juraj Ziegler (Oct 08)
- Re: Is the record industry turning to Trojan horse programs to copy-protect CDs? Jonathan A. Zdziarski (Oct 08)
- Re: Is the record industry turning to Trojan horse programs to copy-protect CDs? Cael Abal (Oct 09)
- Re: Is the record industry turning to Trojan horse programs to copy-protect CDs? Valdis . Kletnieks (Oct 09)