230 likes | 298 Vues
Evaluating New Copy-Prevention Techniques for Audio CDs. J. Alex Halderman Princeton University Department of Computer Science. Copy-Resistant CDs - Overview. Modified discs Play on CD players, hard to read on PCs Response to “consumer piracy” Deliberate errors Audio data / metadata
E N D
Evaluating New Copy-Prevention Techniques for Audio CDs J. Alex Halderman Princeton UniversityDepartment of Computer Science
Copy-Resistant CDs - Overview • Modified discs • Play on CD players, hard to read on PCs • Response to “consumer piracy” • Deliberate errors • Audio data / metadata • Variations from several vendors • Few discs today; many coming soon • BMG, EMI, etc.
Notable Drawbacks • Primarily affects legitimate CD owners • Confusing hardware/software errors • Violates standards, bad engineering practice • Effectiveness for reducing unlawful copying hasn’t been demonstrated
Interesting Questions for C.S. • Are they effective? • How do they work? • Can they be defeated? Who wants to know? Record companies, musicians, policy makers, software authors, music buyers, researchers
Tested Three Discs Music City, 2001 MediaCloQ(SunnComm) Universal, 2001 Cactus Data Shield (Midbar) Columbia/Sony, 2002 key2audio(Sony)
Not Addressed Why would anyone want to copy these discs?
Question 1 Are these techniques effective?
Test Configurations Covered range of deployed systems • Operating System • Windows, Linux • Hardware • Toshiba, Hitachi, IBM, Plextor drives • Software • CD Player, MusicMatch, Nero, CloneCD (Windows) • CDP, CD Paranoia, CDR-DAO (Linux)
Test Results • Variety of errors • disc not detected invalid datacrashes • Toshiba drive broken until reboot • Most tests failed (62/75) • Some successful • CD Paranoia, CloneCD(Plextor hardware)
Implications • Seemingly effective today against deployed hardware, typical applications • Some configurations already can play • Greater compatibility is possible • Different modes of failure • Schemes use slightly different measures(more detail later)
Question 2 How do these techniques work?
How Do These Schemes Work? • Exploit bugs, lack of robustness in hardware and software • Unexpected deviations from standards • Two levels of failure • Hardware: Drives reject the discs (firmware) • Software: Apps fail even on “working” drives
Normal CD Structure • Discs divided into tracks • Tracks listed in table of contents (TOC) • May be grouped into sessions • Drives read TOC from each session, return list of tracks • CD players only see session 1 • Observed two main categories of deviations Session 1 CD players TOC Track 1 Track 2 … Session 2 TOC CD drives Track Track … …
Fake TOC Entries - Software • Invalid TOC entries in session 2 • Bad track locations • Audio marked as data • Drive returns invalid listing, fools software • CD players only read first session, unaffected Session 1 CD players Real TOC Track 1 Track 2 … Session 2 Fake TOC Data Track CD drives
Fake Session Pointers - Hardware • Session 2 contains pointer to fake session near outer edge of disk • Incomplete TOC, no lead out • Fatal errors in some hardware (e.g. Toshiba) • Possible variations • No pointers to earlier sessions • Physical incompatibilities making earlier session hard to reach Session 1 CD players Real TOC Track 1 Track 2 … Session 2 Fake TOC CD drives Fake Session
Question 3 Can these techniques be defeated?
Felt-Tipped Pen Hack (Appeared on Chip.de early May 2002) • Hides last TOC containing invalid track/ session entries • Drives see only first TOC, so disc can be read normally Outlaw felt-tipped pens! Last TOC area obscured by marker
How to Adapt Hardware • Direct fix — “compatibility mode” • Emulates CD player • Not even necessary • Indirect fix — greater robustness • Fix bugs (firmware) • Better error reporting • More robust failure modes • Error interpolation
How to Adapt Software • Bug fixes, greater robustness • Ignore obvious errors (warnings, not failure) • Scan for track starts by binary search • Interpolate over missing samples • Changes ensure maximum compatibility with all faulty discs, not just copy-protected
Change is Underway • Software • Audiograbber, CloneCD, and EAC have modes for handling protected discs • Hardware • Plextor, others work today
Can They Be Defeated? • Yes! • Offer minimal protection today, but will be easily adapted to (already happening) • Rate of adaptation proportional to rate of deployment • Schemes ineffective against copying in the near future (by the time they are widespread)
Conclusions • Partial incompatibility with spec. won’t work • Software too easy to adapt and distribute • Takes advantage of HW/SW flaws • Prohibiting circumvention would be to mandate bugs! • Relies on stopping reading in most cases – but can be copied online if just some can read • True for tested discs • Circumvention easy, can’t be stopped everywhere
Conclusions • In present form, these schemes are worse than useless • “Bad hacks” • Won’t prevent illegal copying • Inconveniences legitimate music owners • May make people less willing to buy CDs • Further alienates public from music industry • Industry must find an alternative • DRM? New business model?