Heh. That's the fun thing about Internet scale when trying to keep information secret - even with a mass boycott by the open-souce community against a request for cracking or massive obedience to license restrictions on reverse-engineering, it only takes one skilled person (or in this case several) to totally shred the secrecy of a technically bad design. Copy protection is a fundamentally hard problem - if you've got a secure processor, with a built-in private key that can execute commands sent to it public-key encrypted, or that has a public key built in and only executes commands signed by the public key, that outputs directly in analog (or directly to a D/A converter if your threat model doesn't include people snarfing each tune from hardware) you can probably make it work. That's similar to what we'd need to do really secure voice communications. Or if you've got sound cards with different secret keys on each card that only play tunes individualized for that card (so you send your serial number, credit card, and tune request to PayRIAA.com and it gives you an E-MP3 for your player, not usable with any other player you've got. At 02:04 PM 10/13/00 -0400, Marcel Popescu wrote:
Yiihaaaa! Will they release SDMI knowing that it is broken? [Not that it wasn't a bad idea from the start.]
-------- Original Message -------- Subject: Markierte Musik: SDMI Crack Date: Fri, 13 Oct 2000 14:32:16 +0200 X-Loop: openpgp.net From: "q/depesche" <depesche@quintessenz.at> To: quintessenz-list@quintessenz.at
q/depesche 00.10.13/1
Markierte Musik: SDMI Crack
Wie Salon Magazine berichtet, wurde das von der Musikindustrie favorisierte Muik-Wasserzeichen System, die so genannte "Secure digital Music Initiative" einem Crack zugeführt. Was dieser zu bedeuten hat, ist noch nicht ganz sicher.
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- | Watch out -- recording industry executives are about to start running for cover. All of the Secure Digital Music Initiative's watermarks -- its much ballyhooed music protection scheme -- have been broken. A spokesperson for SDMI has denied the reports, but according to three off-the-record sources, the results of the Hack SDMI contest are in and not one single watermark resisted attack.
The hacking contest, which invited the general Net population to break the recording industry's watermarking system and win $10,000, ended Sunday; this week, SDMI members are meeting in Los Angeles to discuss the results. Although a core group of participants (including members of the Recording Industry Association of America) who coordinated the testing process are aware of the contest results, the larger SDMI consortium has yet to be informed.
The key issue is whether the breaks are meaningful or not -- in other words, could any hacker repeat the breaks, and is the quality of the music preserved even when the watermark is scrubbed out? According to one insider, all these hacks were, in fact, technically "solid." The hacker boycott of SDMI organized by members of the programming community who were suspicious of what they saw as an attempt to coopt their labor in the service of a corrupt industry has turned out to be effectively irrelevant.
According to one witness attending the SDMI conference, recording industry members held an emergency meeting at 6 a.m. PDT Thursday to discuss the results. SDMI members and the press will likely be informed Friday, several sources said, although most speculated that the record industry would try to downplay the results.
Voll Text <http://www.salon.com/tech/log/2000/10/12/sdmi_hacked/index.html? CP=SAL&DN=660>
Thanks! Bill Bill Stewart, bill.stewart@pobox.com PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639