Finding the Golden Path
And such technologies mark just the first phase of the recording industry’s larger copy-protection campaign. Consumers, as industry executives well know, want the flexibility and portability of digital-audio files. They want to listen to the new Beck recording on their living-room stereos, their computers, and their portable MP3 players. The recording companies go along with that, but they want to retain the power to control how those digital files are used. The answer: CDs that include two sets of the same songs, one set (which can be played without restriction) for the stereo, and another set (which is restricted) for the computer.This year both Macrovision and Midbar will be rolling out products that take this dual approach. In Macrovision’s scheme, the stereo tracks will continue to be protected by SafeAudio. The computer tracks, however, will be created using a technology called SafeAuthenticate, which implants an encrypted “digital signature” onto the disc. This identifying code goes further than a watermark. Not only does it verify the authenticity of the recording, it also enables a record company to set limitations on the use of the music. For instance, the code can be set to allow only a certain number of exports to a PC for playback.
Midbar’s Cactus Data Shield allows listeners to play YellowBook tracks on a CD-ROM. Later this year the company will introduce a version of the software that allows listeners to copy the music to hard drives as well. But these will be curtailed freedoms; control over its use belongs to the record company, not the consumer. A song might be playable only a certain number of times, for example.
The goal of all this technology, says Eyal Shavit, Midbar’s vice president for R&D, is “to find the golden path between compatibility and protection.” But that’s easier said than done. In 2000 Midbar tested 130,000 dual-approach CDs in Europe only to discover that because of a flaw in the Cactus scheme, 3 percent of listeners could not play the discs on their stereos. That might sound like a small percentage, but it was more than enough to sully the credibility of the emerging copy-protection wares.
More recently in Europe, some 1,000 consumers who purchased Cactus-encoded copies of Natalie Imbruglia’s White Lilies Islands CD complained about playability problems. And in Los Angeles, two consumers filed a lawsuit against each of the major record companies (including Bertelsmann Music Group, EMI Music Publishing, Sony Music Entertainment, Universal Music Group, and Warner Music Group) after purchasing what they contend are defective products. The plaintiffs have a point: because copy-protected discs improvise on the Red Book standard, they do not technically fit the definition of a CD.
As the copy protection technologies emerge, the politicians are entering the fray. Their concern is fair use-that is, consumers’ legally protected right to make copies of purchased content for their own enjoyment. Earlier this year, Representative Rick Boucher (D-Virginia) wrote a highly critical letter to Recording Industry Association of America chairman and CEO Hilary Rosen, challenging the industry’s adoption of copy-protected CDs. Boucher asked what steps were being taken to inform consumers that discs were being altered, whether such technologies would detract from sound quality, and whether the software breaks any laws.
Even if the technologies do not violate fair-use laws, they face another obstacle: hacker ingenuity. CDfreaks.com, a haven for audio geeks, has posted detailed instructions for cracking Macrovision’s SafeAudio. And hackers in Germany have revealed a technique that they claim disables Sony’s key2audio copy-protection scheme. The very simplicity of their hack shows the magnitude of the task the recording industry faces.
Unlike copyproof systems that embed the copy protection coding right in the music bits, key2audio adds a physically distinct data track to audio CDs. When a CD-ROM reads this track, it assumes the disc is a data CD and gives up looking for music to play.
The German hackers found they could disable that protection simply by covering the data track, which resides near the outer edge of the disc, with ink from a felt-tip marker or even a piece of paper. No sooner did the news spread, than Macrovision, Midbar, and other companies posted bulletins saying that future versions of their products would be impervious to such tricks. But judging from the outcome of similar battles in the past, the hackers have the upper hand: there always seems to be another way to get around a digital fence. It is possible, for instance, to rip songs using an alternative CD-ROM software driver that allows consumers to convert a CD’s songs into a file that eludes existing copy-protection schemes.
Analysts, in fact, don’t believe that anything is truly immune in this digital age. “No matter how secure the music is on a CD, it can always be hacked,” says the Gartner Group’s McNealy. “All you have to do is put two microphones in front of your computer speakers.” For someone with high-end recording equipment, the results aren’t at all shabby.