09 December 2005 Blog Home : December 2005 : Permalink
Was anybody surprised at Tuesday’s announcement that the MediaMax copy protection software on SonyBMG CDs had a serious security flaw? I sure wasn’t. The folks at iSEC Partners were clever to find the flaw, and the details they uncovered were interesting, but it was pretty predictable that a problem like this would turn up.
Security is all about risk management. If you’re careful to avoid unnecessary risks, to manage the risks you must accept, and to have a recovery plan for when things go wrong, you can keep your security under control. If you plunge ahead, heedless of the risks, you’ll be sorry.
If you’re a parent, you’ll surely remember the time your kid left an overfull glass of juice on the corner of a table and, after the inevitable spill, said, “It was an accident. It’s not my fault.” And so the kid had to learn why we don’t set glasses at the very edges of tables, or balance paintbrushes on the top of the easel, or leave roller skates on the stairs. The accident won’t happen every time, or even most of the time, but it will happen eventually.
However one curiousity remains from the previous brouhaha, namely why did SonyBMG and/or its partner First4Internet apparently violate the GPL and/or LGPL by incorporating LAME code? and particularly why did they borrow code to do with Apple's iTunes DRM and thereby apparently violate the DMCA as well? Well it looks like the Freedom to Tinker crowd have come up with a plausible explanation or two:The answer is that XCP utilizes the DRMS code not to remove Apple DRM but to add it. I’ve discovered that XCP uses code from DRMS as part of a hidden XCP feature that provides iTunes and iPod compatibility. This functionality has shipped on nearly every XCP CD, but it has never been enabled or made visible in the XCP user interface. Despite being inactive, the code appears to be fully functional and was compatible with the current version of iTunes when the first XCP CDs were released. This strongly suggests that the infringing DRMS code was deliberately copied by XCP’s creator, First4Internet, rather than accidentally included as part of a more general purpose media library used for other functions in the copy protection system.
...
Intriguingly, the FairPlay compatibility code in XCP is not limited to converting files from XCP CDs. The code appears to support conversion into FairPlay of files in a wide variety of input formats — MP3s, WAV files, raw audio files, and standard unprotected audio CDs — in addition to XCP-protected discs. It’s also strange that the FairPlay compatibility code is shipped but not made available for use by applications, not even XCP’s own player software. (Technically, the code is not exported from the shared library where it is stored.) This might indicate that First4Internet decided to remove the feature at the very last minute, shortly before XCP CDs started to ship.
What this boils down to is SonyBMG appears to have thought that, since Apple is unwilling to license its iTunes FairPly DRM code, it was OK to reverse engineer it so that SonyBMG CDs could be played on customer's iPods. Worse, having made that decision they then seem to have decided that it would be easier to steal someone else's reverse engineered code than do it themselves. This "relaxed" attitude to other people's intellectual assets, not to mention the DMCA, may possibly have struck someone in SonyBMG as bad at the last minute, hence the removal of the UI to use the code. However as the other article points out SonyBMG and Apple have been sparing about iPod DRM for a while and SonyBMG has tried to put pressure on Apple to open up its DRM, something that remains in its FAQ on copy protection:Apple's proprietary technology doesn't support secure music formats other than their own and therefore the music on this disc can't be directly imported into iTunes or iPods.
Sony BMG wants music to be easily transferable to any device that supports secure music. Currently, music from our protected CDs may be transferred to hundreds of such devices, as both Microsoft and Sony have assisted to make the user experience on our discs as seamless as possible with their secure formats.
Unfortunately, in order to directly and smoothly rip content into iTunes it requires the assistance of Apple. To date, Apple has not been willing to cooperate with our protection vendors to make ripping to iTunes and to the iPod a simple experience.
If you believe that you should be able to easily move tracks from your protected CD to your iPod then we encourage you to use the following link to contact Apple directly and tell them so. http://www.apple.com/feedback/ipod.html
That said, while there is no direct support on the disc for iTunes or iPod, SONY BMG has worked out an indirect way for consumers to move content into these environments, despite the challenges noted above. If you'd like more information on how to move content to iTunes please CLICK HERE.
This makes it hard to disagree with this conclusion from Freedon to Tinker:Running through this whole convoluted tale are two consistent threads. DRM is used as a weapon not against infringers but against market rivals. And when companies use DRM to undermine compatibility, law-abiding customers lose.
DRM is not being used to benefit consumers, or even benefit artists, it is being used by publishers to battle each other for market share.