is totally, absolutely, positively, 100% false.
A CD(audio) cannot insert a virus/bug in your computer (or please prove otherwise to me)
To call an encryption scheme a virus/bug is plain ludicrous and it cannot be installed without your knowledge when you play that Christina Aguilera CD.
If you want we can discuss the encryption schemes, the copy protection schemes, their legal rammifications, our personal opinions etc. But the OP is totally misleading and plain untrue.
Sailor, haven’t you heard of spyware? It was just in the last year that companies are acknowledging to consumers in the disclaimer that they have programs that ‘sends information about your computer to our site’. They are yet still not mandated to tell consumers that they are doing so. And yes, programs can be installed without your knowledge, unless you have safeguarded against it, and read all of those 10-page EULAs, as if we have time to read them all.
And then there are security holes in the common media players yet unknown that an intrepid record company can take advantage of to execute what I mentioned.
I am not talking about encryption, I am taling about the potential applications of the Digital Millenium Copyright Act as written.
And manhattan, what is wrong with writing hypotheticals, before they happen? In this day and age, and knowing the RIAA, what I mentioned before can happen in the next year.
Capacitor, I am beginning to wonder about you… A CD audio has no programs and installs nothing in your computer. If you really believe what you are saying you are just totally ignorant of the basics of CDs and computers. What do computer programs and EULAs have to do with a Christina Aguilera CD audio? Are you just trying to confuse me by throwing stuff around? Or are you just confused yourself?
Yes, I am fully aware of spyware, etc. but your OP is just plain nonsense.
So why don’t you say so instead of making up those vague and unfounded stories?
Tell us exactly and precisely what part of that law you wish to discuss and I, for one, will be happy to give you my opinion.
AFAIK the DMCA, which I have not read so please correct me if I am wrong, is concerned with protecting copyrights in digital media. This is achieved in a practical manner by using encryption and the act forbids the publication of ways to break the encryption so as to protect the copyrights.
Either I am missing something very big or I get the impression you really need to do your homework before you come out here with your made up stories of horror.
For now my opinion (in case it was not clear enough) is that there is NO way in the world an Audio CD is going to install a virus behind your back in your computer. You can rest very easy about that one.
I am not saying it is technically impossible. I guess you could put together a scenario where it could be done but it ain’t gonna happen. NO reputable firm is going to do anything like that. And if they did it would be totally useless. You really need to understand how the whole thing of copy prevention works before you continue.
His point about the hypotethical CSS-for-Linux software is quite putable, so I’ll assume you’re just ignoring it for now…
Re: audio CDs - you may not have bought a pop CD lately, but for at least two years record companies have been producing multisession CDs that have an ISO data track in addition to the Red Book layer. You may not have autorun turned on, but the millions of teenage girls that think AOL is cool are also in the habit of getting screensavers, exclusive photos, etc. with their new Backstreet Boys CDs.
Spyware is a major concern, but let’s consider an even simpler (if less likely) scenario: the RIAA gets Microsoft to remove the built-in ability to regulate autorun behavior. They start putting in short ads that run on insertion and can’t be bypassed (the way consumer DVDs are already). If you hacked the registry to turn autorun back off, you would be violating the DMCA (Apex was forced to pull its DVD players off the market when the MPAA discovered that they could do the same thing, as well as other consumer-friendly functions like PAL<->NTSC conversion).
I recall something about a group that included a virus on one of their CDs intentionally, as a joke. I seem to recall that the virus only worked on Macs. Does anyone know what I am talking about?
Please look at the OP, which refers to the RIAA. Please look at the posted links, describing how the RIAA has threatened litigation under the DMCA as a way of preventing people from publishing valid information.
You really aren’t concerned in the slightest that the RIAA now has a new stick to wave at anyone they want to?
Richard, Again, either I am totally missing something here or we are talking about everything and nothing at the same time.
Will someone please correct me if I am wrong? The law is a protection of copyrights in digital media. Information would be protected by an encryption scheme and the law prohibits diseminating information on how to break that encryption. Right? Yes? OK
You may agree or disagree with that, it is not my point. But where does the law say you cannot talk about virus, spyware or my grandmother? Show me! Please!
If the record company puts photos, programs, spyware or not, on their Audio CDs is something totally outside of the scope of this law. This law has absolutely, nothing to do with that. That is a commercial thing which the record companies will have to decide if it pays or not. But you can talk about it all you want and nobody will come knocking on your door. Just like several companies (REAL AUDIO I believe was one) have backed out of spyware because of the backlash, I would think reputable CD manufacturers would too.
So, richard what you say is all very well but, I believe, and please correct me if I am mistaken, totally unconnected with the law we are discussing.
I will repeat, the OP is nonsense.
Gary, I am not going to take a position on that law as I do not know it well enough but, in that particular case the RIAA is suing the guy becuse he agreed to something and then breached the agreement. It is not like he was in his home minding his own business and they sued him. As I say, I take no position in this case as I do not have enough info. Whatever the courts decide is OK by me as I suppose they will look at it in depth. It’s not like we live in China where the courts are puppets.
On the larger picture of whether the law restricts speech which should be protected (and we could have started discussing this point intelligently if it had been presented intelligently from the beginning) I am really not too concerned and I’ll tell you why: I believe it is unenforceable no matter how hard the RIAA tries.
This is very similar to the PGP case. There is just no practical way for the government or the RIAA to stop the dissemination of any decryption information. I would not worry about that. You can be sure the information will become public and propagate like wildfire.
Isn’t this what capacitor is on about? Here’s the paragraph:
Home copying for personal use has always been allowed, but this technology would attempt to prevent that.
sailor, they can set it up so that spyware is part of the encryption, and claim that breaking the new encryption, spyware included, violates DMCA. A Microsoft-friendly federal court in the anti-trust case, that most likely will reverse Judge Jackson’s decision, will ironically enough give RIAA a basis of precendence to do this action (bundling software).
And kferr and Bill H, thanks for the news of the new Charlie Pride CD. My prediction about the ruthlessness of the RIAA seems to be 364 days off.
and sailor, despite the potential for backlash, they could resort to such intrusion into your own computer again and again, in the name of protecting copyright, until either the people surrender to it, or demand en masse that they go out of business. And if anyone protests or offers fixes, they the media companies don’t have to enforce the law. They just have to threaten the parties with it.
>> they can set it up so that spyware is part of the encryption
What??!! Please!! capacitor you keep throwing stuff around and you do not have a clue as to what you are talking about. Please provide us with some support for that assertion.
This thread is a total waste as far as seriously discussing the DMCA
capacitor we are trying to fight ignorance here and you are not helping. Please stop throwing stuff around which you do not understand and supply us with reputable sources which would support your points.
In case I have not made myself clear, let me say: “they can set it up so that spyware is part of the encryption” is just total and absolute nonsense
capacitor you need to learn the basic distinction between data and programs.
You are misinformed. Felten claims that he didn’t agree to their terms. (aparently it was a click-thru agreement that he bypassed somehow). Also it was the RIAA that mentioned the DMCA in their letters that threatened to sue, so the OP is on target (that is, if you give Cap the benefit of the doubt and address what he meant to say. His meaning is a bit unclear at first).
Of course, I’m sure they assumed that no-one could get access to the materials unless they first agreed to the terms. But they didn’t just threaten to sue for breach of contract. They ALSO called his paper a ‘circumvention device’ and threatened to use the DMCA. Then when he backed down and started getting press, they put out that press release claiming not to have meant to sue after all. :rolleyes:
As for an audio CD installing a virus. This is certainly possible. If the CD were in CDXA format, then there is an ISO data region as well as the songs. If you have a Window’s machine that is configured in the default way, then it WILL autorun that DATA track when you put the CD in your CDR drive.
If that autorun installed a permanent program that prevented the operation of your CD Burner whenever you had an audio CD in your CDR, then it would constitued a ‘copy protection’ mechanism and thus be protected from reverse-engineering and circumvention by the DMCA.
This could be considered a ‘Trojan’ virus and would certainly be not inconceivable for it to be listed with McAffee. (In fact, any autorun that didn’t stop and clean up when you removed the CD could be considered a virus).
It certainly is reasonable to believe that if McAffee tried to list it, the RIAA would threaten legal action.
Further, if the RIAA were to start depending on autorun as a part of their copy protection mechanism, they could sue MS to make them provide a type of autorun that couldn’t be turned off by ordinary users. All of this is within the realm of possibility, although it seems a bit unlikely. The public outcry that would result from such underhanded tactics would be HUGE, and quite damaging to the RIAA.
I have say, Capacitor that you should have spent a bit more time elaborating and explaining in your OP. I was able to read between the lines. But then again, I’m a professional programmer. I could write such a virus if I chose to.
I’m going to have to start thinking of audio CD’s as a bit like email attachments: untrusted code.
tj
tj
Sorry, I should have been more detailed in my explanations, as I am a programmer/troubleshooter myself.
Yes sailor, I know the difference between data and programs very well, thank you. And how can reading data in one program can trigger other programs you don’t expect. However, I did not say anything in my OP about an ‘Audio CD’, which would make my scenario impossible. That is the trap many would-be customers would fall into as well. They thought that they just bought an Audio CD of Aguilera, not knowing of the added ‘features’ until its too late.
Yes, the risks of doing such an outrage are terribly high to a reputation of a company; however, the advocacy of the RIAA and MPAA over copyright protection is treading into virtually total content and distribution control. Slippery slope argument?
We’re not getting anywhere. This is pointless.
Ok sailor, let’s take this to area you are more willing to engage in, that of the cryptography itself, SDMI, and how it can prevent copying data, and protect copyrght. However, there is one problem. As mentioned before, the data itself not protected from being copied. The cryptography is there just to prevent unauthorized reading of the data, and it may not, in its current implementation, do that adequately enough (it was cracked before it was even released). So the question is: why should a product that is not adequate for the task at hand be given such a high legal protection status that its flaws must not be disserted? Stifling research has proven to be baneful to many companies.
And just what is the difference? Do programs use a different type of bits or something? I mostly use my modem for downloading data. If I want to download programs, should I get a new modem?
OK, point by point.
[list=1]
[li] CD’s can most definitely store programs as well as music Most Windows systems will run an ‘autorun’ file by default[/li][li] The RIAA is determined to prevent music copying.[/li][li] The RIAA has shown itself to be particularly willing to threaten litigation if anyone dares to discuss their security systems[/li][/list=1]
A problem with computers is that they make manipulating data easy. Funny that - it’s what they were designed to do, after all.
Trying to stop people copying a data file is a difficult trick. It wouldn’t surprise me at all if one of the methods they look at for doing this is an autorunning program that looks to prevent you running other programs on the CD drive than just a known cd player. If such a technique was used, the RIAA would be eager to keep its details as secret as possible. Yup, I keep coming to the same conclusion - the OP is a valid hypothesis.
As an aside, has anyone else had a look at the claims that Sunncom make for their cd protection system? Anyone care to hazard a guess what technique they’re using? Can’t just be a water mark on the data file, that wouldn’t equate to their boast of “a compact disc that cannot be digitally copied”.
Thank you Tejota and The Ryan for being so clear. It is obvious sailor is misinformed and/or confused.
IMHO it’s more likely that such restrictions will be implemented in hardware (remember Digital Audio Tape?). Hardware is much more difficult to circumvent, and has a much more solid legal standing. There’s also the benefit that the user “voluntarily” installs the hardware, even if only hardware with those restrictions is available.
Tominator, thanks for the link to that Register story. I hadn’t heard about CPRM before, but now I’m thoroughly depressed.