September 19, 2020

Groundhog Day

Yesterday was Groundhog Day, the holiday. But for SunnComm, the embattled CD-DRM vendor, it may have been Groundhog Day, the movie, in which Bill Murray’s character is doomed to repeat the same unpleasant events until he learns certain lessons.

Yesterday SunnComm announced a new product. According to a Register story, the product fixes SunnComm’s infamous Shift Key problem. One has to wonder where the Reg got this idea, given that SunnComm’s press release is written oh so carefully to avoid saying that they have actually fixed the Shift Key problem.

The Shift Key problem, discovered by my student Alex Halderman, allows any computer user to defeat SunnComm’s previous anti-copying technology by holding down the computer’s Shift key while inserting the CD. (True story: When Alex first told me this, it took me a while to verify it because SunnComm’s technology had no effect at all on the first few computers I tried, even without use of the Shift Key.) In reality, the Shift Key behavior is not a “problem” but a security feature of Windows which keeps software on a CD from installing itself without the user’s permission.

Early CD-DRM technologies used passive measures, meaning that they encoded the music on the CD with deliberate errors. The goal was to find a kind of error that would be corrected (or not noticed) by ordinary CD players, but would cause computers’ CD drives to fail. The result would be that people could play the CD on an ordinary player but couldn’t rip it (or play it, for that matter) on a computer. This plan never quite worked, for two reasons. First, it relied on bugs in computer drives. Those bugs didn’t exist in some computer systems, and where they did exist they tended to be fixed. Second, some CD players are built from the same components as computer CD drives, so some encoded CDs were unplayable on some ordinary CD players.

Later CD-DRM technologies, like MediaMax CD3, the SunnComm system that suffered from the Shift Key problem, relied on active measures. The CD would contain software that would (try to) install itself the first time the user put the CD into the computer. This software would then actively interfere with attempts to rip the music from the CD. (The software would also provide some limited access to the music on the CD.) The problem with active measures is that they don’t work if the software never gets installed on the user’s computer, and there is no realistic way to force the user to install the software. The Shift Key trick was just one way for the user to prevent unauthorized software installation.

SunnComm’s new press release says that they are now adding passive measures (i.e., deliberate data encoding errors) to their MediaMax technology. They claim that, despite these deliberate errors, the CDs will be “100% playable in all consumer CD and DVD players”. This is very hard to believe. Mostly compatible, sure. 98% compatible, maybe. But 100% compatibility requires the CD to be playable on those CD or DVD players that are built with computer-drive components. How they could do that, while maintaining the required incompatibility with those same components in a computer, is a mystery.

Beyond this, the new passive measures, like the old ones, must rely on computer bugs that won’t exist on some systems, and will tend to be fixed on others. On many computers, then, the new passive measures will have no effect at all, leaving only the old active measures, which will fall to the Shift Key trick. Now we can see why SunnComm’s release stops short of claiming a Shift Key fix, and of claiming to prevent P2P infringement. We can see, too, why SunnComm’s investors and customers will be disappointed, yet again, when the product is released and its limitations become obvious.

And then, like the Bill Murray character, SunnComm will be doomed to relive the cycle yet again.

Comments

  1. Eric, your comment is almost unreadable, and looks off-topic. I don’t know what sort of markup that is, but I think only plain-jane HTML (and only a subset at that) works in the comment fields here — no bbcode or similar from forum sites you may have visited.

    [Note that I deleted the comment from “Eric” as spam. — Ed Felten]

  2. One thing I’ll never understand is why they keep trying this sort of thing. The only way to make sure it can’t be copied is to make it unreadable by all CD players. As soon as one CD player can play it, they’re stuffed — even if somehow it *does* magically work on all CD players but not in PCs, I can just attach the optical out connection from my CD player to my PC, press a couple of buttons, and bingo, a perfect copy. Even a line-out to line-in connection would give a good enough copy for most people, so the ability to play it is its greatest weakness. If they really want to make sure you can’t copy it they need to attack the CDs with sandpaper and render them unreadable in the factory. 🙂

    Presumably executives at record companies who buy in to this nonsense aren’t completely clueless and I can’t for a second believe that no-one at SunnComm is aware that essentially it’s a waste of time, so their sales execs must put on a mean PowerPoint slideshow to gloss over the whole “it’s actually useless” area…

    Still, I’m interested to see what they’ve come up with this time.

  3. One thing I’ll never understand is why they keep trying this sort of thing.

    Because they know that the record labels are so paranoid about unauthorized copying that they will pay good money even for DRM that demonstrably doesn’t work well and interferes with use of the product by legitimate purchasers.

    When things happen in the business world that don’t seem to make sense, they can almost always be explained if you follow the money.

  4. Scott Craver says:

    What I want to know is: will deliberate errors result in lawsuits from audiophiles?

    Someone buys a ridiculously expensive stereo, which happens to contain an atypical CD drive. That’s not hard to believe. The protected CD then induces errors which sound like shot noise on the audiophile’s ridiculously expensive speakers.

    Maybe this doesn’t damage the speakers, but audiophiles are the kind of people who hear things that aren’t there. After a very nasty and loud scaping sound, I’d expect plenty of audiophiles to believe that their systems have just sustained permanent damage. I predict at least some lawsuits will come of this technology.

    Caj

  5. Scott has a good point. The older passive strategies tended to add stuff alongside the CD-audio data, such as second sessions. Newer passive systems try to monkey with the CD-audio itself. In these systems, players that can’t cope with the errors get pops, clicks, and other distortion in the output signal. That might well blow out some audiophile’s zillion-dollar speakers.

  6. Wow, I can’t believe they are still at this. I heard Cary Sherman say “we are not persuing technical solutions” in Feb 04. I wonder what it’s like to be an engineer at this sort of place.

    Funniest headline out of quick Google search: SunnComm Says Pointing to Shift Key ‘Possible Felony’

    It’s hard to believe these people could still be in business if they had any competition — they must be counting their lucky stars for being able to hold this commerical monopoly on a basic art form.

  7. Having just read the press release Ed points to, I think you’ve all missed the point. The user, according to these guys, will now WANT to install their silly software because the software will allow them to get a (limited) version of the music from the CD onto the computer. Without installing the s/w, the audio from the CD will sound duff on most PCs, whereas the CD sounded perfect with their previous protection attempt.

  8. Martin Forssen says:

    The first comment, by Eric, looks like a template to generate blog comments. Complete with alternatives to customize it. I guess the whole point is adding the link, i.e. spam.

  9. “The first comment, by Eric, looks like a template to generate blog comments.”

    http://www.askbjoernhansen.com/archives/2005/02/03/001163.html

  10. … not to mention the questionable legality of installing software on my computer without authorization. I’m wondering whether someone couldn’t construct a strawman config that got trashed by the active measure’s installation, and then proceed to sue the company into oblivion.

  11. It’s not just SunnComm at it:

    http://www.theregister.co.uk/2005/02/15/macrovision_ripguard/

    I can’t even begin to imagine how this will work, and even if it functions “as advertised”, the 3% of rippers (and is this measured by number of users of a particular program, or as a percentage of the different programs available?) will become 100% of rippers in no time at all. If I find DVD Decrypt no longer serves my “put my DVDs on to my server so I can watch them on any PC in the house” needs I’ll switch to one that does, and presumably the 97% that don’t work will be fixed to do whatever the remaining 3% do…