0018-9162/01/$10.00 2001 IEEE48 Computer
Copy ProtectionTechnology IsDoomed
At some fundamental level, seemingly asaxiomatic as the speed of light or the con-servation of energy, copying informationstrings of bitswill always be easy.Historically, systems intended to restrict this
fundamental property have always been defeated, andthere is no reason they wont continue to be defeated.
Copying has always been easy, whether it was myjunior high school computer buddies running Copy][+ to pirate games in our schools computer lab or kidstoday swapping MP3 files on Internet chat systems andburning them to CD-ROMs. But vendors continue sell-ing content and people continue to buy it, even whenthey can get that content illegally.
HISTORICALLY UNFOUNDED CONCERNSCopyright concerns have persisted for as long as the
media for making copies have existed. Some earlymusicians refused to record their work, fearful thatnobody would attend their live shows. When radioappeared, record companies feared that it would can-nibalize record sales. These fears never materialized.Instead, with analog music technology, copying musicalways entailed generational loss. For that matter,every time you played a record, the quality declined asthe needle wore down the records surface. To have thebest fidelity, consumers would purchase their owncopies. Radio play served as an advertisement for con-sumers to buy record albums, which in turn createdfans to attend live performances. Existing copyrightlaw proved quite sufficient to shut down attempts toproduce pirated copies.
The introduction of the compact disc initially reducedmusic piracy because duplicating CDs required expen-sive equipment and because CDs provided features notavailable with analog technology, such as instant trackskipping and improved resistance to wear and harsh
environments. Because CDs were a fundamental ad-vance over earlier analog technology, consumers hadless incentive to copy digital music to analog media.
SNAKE-OIL CURESWith the ubiquity of CD burners, technology has
again advanced, making copying audio CDs bit for bittrivial. The record companies could address this situ-ation by creating fundamental advances in how theydeliver music to consumers. Instead, technology com-panies are offering the record companies a wide vari-ety of snake-oil schemes to help them maintain theirprevious business models. These schemes can bedefeateddoing so only requires that somebody studyhow they work.
Watermark woesSome copy-protection systems focus on water-
marking music by adding largely inaudible distortionsto it before the content reaches the consumer.
Watermarks can encode digital information, whetherthey are as simple as a single bitthis music is or isnot copyrightedor as complex as the purchasersuser ID. Likewise, watermarks can be either fragile orrobust. Even modest changes in the music generallydestroy fragile watermarks, whether by convertingfrom digital to analog and back, or through a lossycompression scheme like MP3which compressesaudio by removing sounds inaudible to most listeners.
Robust watermarks are engineered to survive thesetransformations. Some schemes use a robust water-mark to identify a tunes original purchaser. If that tunelater appears in wide distribution, the purchaser couldbe held liable for damages. Imagine the reaction if arecord company dragged a 13-year-old girl into courtbecause she gave her friends a track from the latestboy band.
Those determined to bypass copy-protection technologies have alwaysfound ways to do soand always will. A copyright holders best protectionlies in creating an attractive business model.
Dan S.WallachRice University
C O V E R F E A T U R E
Other schemes combine a fragile watermark with arobust one to indicate two bits. The robust water-marks presence indicates that a copyright protects themusic, while the fragile watermark indicates the musicis still in its original form. Every CD player, computersound card, and music-reading or -playing device inthe world would be required to detect these bits. If acopyrighted song had been tampered with, the devicemight refuse to play it. If a song remains in its originalform, it might then be subject to some kind of securitypolicy, perhaps a rule that only compliant devicescan handle the track and that these devices allow mak-ing only a few copies before deleting the original.
Not a bit safeRather than focusing on watermark schemes
which have all been defeated, anywaydevices suchas digital-audiotape drives and other more recent sys-tems simply embed copy-protection bits in the meta-data. If the bits say this is a first-generation copy,the device might allow creation of a backup labeledsecond generation but might disallow backups ofthe second-generation copy.
These schemes only work when device manufactur-ers uniformly follow the standard. Once a deviantdevice becomes available, or existing devices firmwarehas been reverse-engineered and suitably modified,these bits become merely advisory and can be casuallyignored. The movie industry discovered this phenom-enon when the freely available DeCSS software tool,using information reverse-engineered from a normalDVD playback package, chose not to follow the rules.
Even in a world of truly uniform devices, such asgame consoles or satellite TV receivers, these schemesare still easily defeated. The Sony PlayStation providesa great example. The PlayStation stores its games onstandard compact discs, but Sony arranged for sometracks to have invalid checksums. No self-respectingCD burner would ever write invalid checksums, so thePlayStation only needs to validate that the checksumsare, in fact, invalid to abort the game-loading process.
Its easy to defeat the PlayStations protection sys-tem by using a low-cost embeddable microprocessorand soldering a few traces onto the PlayStationsmotherboard. The new chip watches the host com-puter as it reads data from the CD. When it sees arequest for the invalid block, it clocks out the invaliddata to the host computer, regardless of what is on theCD. You can download code for these chips for free,or you can ship your PlayStation to vendors who willchip it for a small fee.
Revocation schemesSome vendors propose a revocation scheme in which
all shipped content would include device-specific cryp-tographic keys. When hacking instructions appear
online, subsequent content releases would deletethe cryptographic keys for the hacked device.Consequently, future content releases would notplay properly on these devices. The vendorwould then be forced to replace confused con-sumers once-working devices. Alternatively,consumers could reverse-engineer the device-specific keys from some other device and installthose keys inside their device.
Further, once pirates have extracted the nec-essary secrets, they can program their PCs toperform the decryption, yielding unencryptedcontent that they can easily share over theInternet or via other means. Laws that might restrictcommercial companies from producing such softwarewill have little practical effect on the free-softwarecommunity.
IP WANTS TO BE FREERather than giving up, the snake-oil salesmen now
seek to buttress their broken technologies by leverag-ing the legal system, using various combinations ofpatent law, trade secrecy, and new laws that banreverse engineering. These new laws, including theDigital Millennium Copyright Act in the US and com-parable laws elsewhere, make a farce of free-speechrights and of essential legal balances like the right offair use. Pending US legislation, including the SecuritySystems Standards and Certification Act, might actu-ally mandate that all content-playing devices havecertified security technologies. Might the US gov-ernment ban Linux? Hopefully, the SSSCA will bewithdrawn and challenges against the DMCA willsucceed.
H istory tells us that the ease of digitally copyingmusic, video, and any other media wontdestroy the copyright holders. It also tells usthat attempts to restrict copying will uniformly fail.The only way to prevent teenage girls from freelysharing boy-band MP3s will be to provide reason-ably priced service thats irresistibly better than freefile sharing. Some vendors, such as eMusic.com, arebeginning to offer flat-rate subscription services thatappear to be a step in the right direction. Any othertechnology, business model, or legal framework issimply doomed.
Dan S. Wallach is an assistant professor at Rice Uni-versity. His research interests include a variety of secu-rity topics. Wallach received a PhD in computerscience from Princeton University. He is a member ofthe IEEE, the ACM, and Usenix. Contact him firstname.lastname@example.org.
October 2001 49
Devices such as digital-audiotapedrives and other
more recent systemssimply embed
copy-protection bitsin the metadata.