Will the New CPRM / CPPM Specification End the Fair Trading of Media Files?
Just when you thought Big Brother might be taking a nap. The latest attempts at securing digital content are thus: "IBM, Intel, Matsushita and Toshiba are pleased to announce the availability of the 0.9 revision of the Content Protection for Recordable Media and Pre-Recorded Media (CPRM / CPPM) Specification. The CPRM / CPPM Specification defines a renewable cryptographic method for protecting entertainment content when recorded on physical media. The types of physical media supported include, but are not limited to, recordable DVD media and Flash memory (note that the available 0.9 revision includes only the portions of the specification covering DVD media)."
These bad boys are collectively known as the '4C', and their efforts to create a protection technology which is a combination of encryption and scrambling - like what the cable company does to the Playboy Channel, unless you pay for it, in theory - thereby preventing any unauthorized duplications.
Why the worry? This implementation, if standardized and implemented across the board, could draw to an expedient end all the new, exciting things ahead. What it would also do is prevent fair trading of media files - all media files - not just 'the pirated ones.' Who are these guys to decide what should and should not be authorized?
But The Register features another perspective. John Gilmore, co-founder of the Electronic Frontier Foundation (EFF), has urged users to boycott hardware containing CPRM copy-control mechanisms. If implemented, the initiative could rapidly end the use of the PC and new emerging devices for freely exchanging audio, video and information.
Users, says Gilmore, should demand a policy declaration from vendors that they eschew "covertly controlled hardware," and only buy products that are truly open, he argues in a post to the C2 crypto mailing list.
"No copy protection should exist ANYWHERE in generic computer hardware! It's up to the BUYER to determine what to use their product for," writes Gilmore. "It's not up to the vendors of generic hardware, and certainly not up to a record company that's shadily influencing those vendors in back-room meetings."
What Gilmore is complaining about is the same argument that has been posited all along in complaints against SDMI. If I buy a copy of MS FrontPage and I want to use it on my desktop and my laptop, I should be allowed to, right? Better yet, if I buy a copy of Macy Gray, am I only entitled to listen to it at home, through my stereo? What about my discman, my car (would that I had a car) stereo - or even the CD player in my computer - any of my computers?
Gilmore suggests that hardware vendors could profit if they gave customers the freedom to own or decide when they want to own digital media. ATA drives are not only used in PCs, but in the emerging digital video recorder business led by TiVo and Replay, and are also appearing in MP3 players such as Creative's Nomad portable jukebox. Under the CPRM scheme, local file ownership permissions are trumped by crypto keys issued by the "publisher" of the content, who strictly controls copying, moving and deletion of the data on the local device. The move will also cause immediate problems for PC RAID, backup and file optimization software, IBM acknowledged last week.
The full transcript of Gilmore's post:
Subject: IBM&Intel push copy protection into ordinary disk drives
Date: Thu, 21 Dec 2000 13:16:03 -0800
From: John Gilmore
The Register has broken a story of the latest tragedy of copyright mania in the computer industry. Intel and IBM have invented and are pushing a change to the standard spec for PC hard drives that would make each one enforce "copy protection" on the data stored on the hard drive. You wouldn't be able to copy data from your own hard drive to another drive, or back it up, without permission from some third party. Every drive would have a unique ID and unique keys, and would encrypt the data it stores -- not to protect YOU, the drive's owner, but to protect unnamed third parties AGAINST you.
The same guy who leads the DVD Copy Control Association is heading the organization that licenses this new technology -- John Hoy. He's a front-man for the movie and record companies, and a leading figure in the California DVD lawsuit. These people are lunatics, who would destroy the future of free expression and technological development, so they could sit in easy chairs at the top of the smoking ruins and light their cigars off 'em.
The folks at Intel and IBM who are letting themselves be led by the nose are even crazier. They've piled fortunes on fortunes by building machines that are better and better at copying and communicating WHATEVER collections of raw bits their customers' desire to copy. Now for some completely unfathomable reason, they're actively destroying that working business model. Instead they're building in circuitry that gives third parties enforceable veto power over which bits their customers can send where. (This disk drive stuff is just the tip of the iceberg; they're doing the same thing with LCD monitors, flash memory, digital cable interfaces, BIOSes, and the OS. Next week we'll probably hear of some new industry-wide copy protection spec, perhaps for network interface cards or DRAMs.) I don't know whether the movie moguls are holding compromising photos of Intel and IBM executives over their heads, or whether they have simply lost their minds. The only way they can succeed in imposing this on the buyers in the computer market is if those buyers have no honest vendors to turn to.
Or if those buyers honestly don't know what they are being sold.
So spread the word. No copy protection should exist ANYWHERE in generic computer hardware! It's up to the BUYER to determine what to use their product for. It's not up to the vendors of generic hardware, and certainly not up to a record company that's shadily influencing those vendors in back-room meetings. Demand a policy declaration from your vendor that they will build only open hardware, not covertly controlled hardware. Use your purchasing dollars to enforce that policy.
Our business should go to the honest vendors, who'll sell you a drive and an OS and a motherboard and a CPU and a monitor that YOU, the buyer, can determine what is a valid use of. Don't send your money to Intel or IBM or Sony. Give your money to the vendors who'll sell you a product that YOU control.
And Gilmore is not the only one complaining, nor should he be. Although their motives could be construed as pure - they're only trying to help protect copyrighted works-the damage that this technology can do and the unreasonable parameters of limitations are terrifying.
From the San Jose Mercury News: "[C]ritics say this latest effort, led by an IBM researcher at the company's Almaden Valley campus in San Jose, will prevent users from making even routine copies, such as backups, of files they legally have a right to copy.
"'I think it's disgraceful,' said Richard M. Stallman, a leader in the free software movement and author of The Hackers Dictionary. 'Everyone's rights are being trampled for the sake of these companies.'"
Who is the wunderkind who came up with this tragic potion? Jeffrey Lotspiech, is an IBM researcher. He developed this latest copy-protection technology by assigning-to each piece of 'blank' (ready to be recorded upon) media-a unique serial number. You buy the rights to make an 'authorized copy' and the software checks the serial number and then applies it to the transaction to create a 'key' that only the authorizee can use to unlock the protection.
"It uses the media - the dumb media - as the source of the key information that allows the two of them to come up with a common key - the recorder to make the recording and the player to play it in the future."
The infinite possibility of numeric equation keys make it supposedly impossible to hack.
Of course, there's no need to panic altogether. Current recordings and media are safe from the evil chastity belt - including any media obtained from Napster, Gnutella, Scour, Freenet, Aimster, a used CD or any other transaction that did not take place through some sort of officially condoned transaction. What it could mean, though, is that the very NEXT Britney Spears album that you can't live without, may not be copyable, even within the parameters of the Audio Home Recording Act.
Aimster - www.aimster.com
Creative - www.creative.com
EFF - www.eff.org
Freenet - freenet.sourceforge.net
Gnutella - http://gnutella.wego.com
IBM - www.ibm.com
Intel - www.intel.com
Matsushita - www.panasonic.com
Napster - www.napster.com
Replay - www.replay.com
San Jose Mercury News - www.sanjosemercurynews.com
Scour - www.scour.com
SDMI - www.sdmi.com
TiVo - www.tivo.com
Toshiba - www.toshiba.com
Related News from Mi2N:
» Content Protection For Recordable Media - CPRM / CPPM Specification Available