Updated 2001-01-23 for clarification... Forgive my ignorance =)

SDMI (Secure Digital Music Initiative) is the organization responsible for developing and creating a music format that suits RIAA's needs. ("Time to throw away those MP3s and use what we want you to use, punks." well, that's not the actual message they use - the real one is "Sure, the players play MP3s and normal CDs, but our format is much better, so use it!")

SDMI's music format uses watermarking to "protect" the data; If you don't have a correct watermark on the file, the player won't play it. The watermark is supposedly not audible but I guess it will lower the signal quality anyway.

Furthermore, SDMI requires that you use sound card driver that's approved by them (Driver has calls to mute recording when you're playing SDMI-encoder-coded data, and it's cryptographically signed by trusted source - Microsoft has a solution for this called "Secure Audio Path"). This will most likely mean that free software world will never see (at least "official") players for, say, Linux. Apparently no one at SDMI has ever heard of hardware abstraction either...

Basically, SDMI watermark isn't any more "secure" than any other music format, because when the system is finally released, it will be cracked in matter of milliseconds. They already did that to early previews of the technology.

Nor is this about "copy protection", it's merely "access protection". Sure, you can't play the file if you haven't bought it (this approach has other inherent problems too, but I'm not listing them here), but you can record it to DAT or tape, or use other means to get the signal (theoretically it's possible to detect this by looking at voltage drop in speaker output, but it's likely to cause too many problems with different speaker configurations).

We await in horror, wishing SDMI won't publish anything even more hideous...


I might as well mention the "Hack SDMI" contest here.

SDMI ran a cracking contest in late 2000, and results and methods were not to be published (that was part of contest rules).

This was a blatant attempt at trying to cracker-proof the algorithm against "obvious" attacks before it's released, and many open-source advocates said it was a Bad Thing, calling for boycott.

The watermarks were broken by both contest participants and independent researchers, though there was some confusion and conflicting news about whether or not all required watermarks were broken by the participants.

SDMI's web page: http://www.sdmi.org/

Oh yeah, a smallish update: SDMI's music format appears to be more or less dead right now. Dr. Edward Felten, who led this famous "independent" SDMI crack team in Princeton, will apparently present his team's research papers in USENIX security conference today (2001-08-15), despite of RIAA's previous harassment...

A group of ethically bankrupt charlatans who hoodwinked the music industry into thinking that there was such a thing as an uncrackable code, devised a wholly inadequate set of protection mechanisms and then issued a challenge to find if anyone could break them. Wait, it gets better.

Researchers at Princeton University succeeded in breaking the protection, and have been legally threatened by the SDMI (citing that wholly unconstitutional law the DMCA) not to publish their findings. It's fairly sickening that a bunch of snake-oil peddling fuckwads can claim to have the legal imperative over an academic institution, and worse still that they have so little shame as to put their deeply deranged, greed-driven argument into the public arena.

Of course, even with a clueless puppet-man like Bush holding the reigns, the SDMI don't have a legal leg to stand on. If they do manage to buy a favourable result, they've still already lost: their algorithms have been cracked, and the rest of the world laughs in the face of the DMCA. Maybe the music industry can get on with imploding now.

The paper sums it up best:

"Ultimately, if it is possible for a consumer to hear or see protected content, then it will be technically possible for the consumer to copy that content. "

Log in or registerto write something here or to contact authors.