|Microsoft sues over source code theft|
| 2:38 pm on Sep 28, 2006 (gmt 0)|
Microsoft has filed a federal lawsuit against an alleged hacker who broke through its copy protection technology, charging that the mystery developer somehow gained access to its copyrighted source code.
For more than a month, the Redmond, Wash., company has been combating a program released online called FairUse4WM, which successfully stripped anticopying guards from songs downloaded through subscription media services such as Napster or Yahoo Music.
Microsoft sues over source code theft [news.com.com]
| 2:50 pm on Sep 28, 2006 (gmt 0)|
Even MS don't think he actually "hacked" one of their servers - it's just a fishing expedition to try and identify all the people involved in the coding/distribution of his DRM-ripper.
| 12:37 am on Sep 29, 2006 (gmt 0)|
The problem with protecting video and audio is that even if the protection is 100% uncrackable, all you have to do is redigitize the analog output - it's tedious because it has to be done in real-time but it's not difficult and the loss of quality is likely to be very small - especially for audio.
| 1:35 am on Sep 29, 2006 (gmt 0)|
|all you have to do is redigitize the analog output |
Quite. Once that those who propose DRM to "protect" media files realize that people don't have digital ears or eyes, then perhaps they will start seeing the futility of the exercise. There is a good comment on the Slashdot story that says that media content has to be decoded on the client machine to be viewed or output, so forcibly the "private key" is accessible - and the rest is merely security by obscurity, or hiding that private key. So DRM is crackable by design.
As for the accusation that somehow the person must have cracked the source code, it is either proof of an arrogantly overconfident stance towards their own product's quality (ie. "our program is so good, it must be that the guy stole the source, certainly not that he found a weakness") or, more likely, a fishing expedition to try and uncover exactly how the hack functions and to use the pressure of criminal accusations to dissuade others from trying to break their technology.
| 10:07 am on Sep 29, 2006 (gmt 0)|
|... so forcibly the "private key" is accessible - and the rest is merely security by obscurity, or hiding that private key |
In any case, some bright spark could easily design and market a hardware solution (i.e. a plugin card) that simply recorded the decoded data stream. This would be trivial for audio - not sure about video.
Essentially, the reason the iPod is secure(ish) is that you can't plug in a monitor and keyboard, etc. and then fireup a debugger like SoftIce. Microsoft may have convinced various corporate big-wigs otherwise but that just goes to show how gullible/stupid/technically-ignorant your typical music/video CEO is.
| 1:55 pm on Sep 29, 2006 (gmt 0)|
|...the iPod is secure(ish)... |
The device is irrelevant - you just have to crack Apple's DRM scheme (FairPlay):
| 7:39 pm on Sep 29, 2006 (gmt 0)|
So where can I buy an ipod emulator?
|The device is irrelevant - you just have to crack Apple's DRM scheme |
Without being able to view the code, single-step through it, set breakpoints, inspect register and memory values, etc. cracking any security system is going to be decidedly tricky.
Further, I'm just guessing, but Apple probably have the ability to update the firmware, so they can move the goalposts whenever they wish.
| 8:30 pm on Sep 29, 2006 (gmt 0)|
Softice without frogsice and some other apps ..plus imagination , curiosity , dedication , knowledge of esotheric coding and lots of time etc hasn't been much use for a long while ..
The larger the slice of the multiple layers of middlemens cut of the final price of the original artistic work ..the more reason there is to investigate the tightness of the wrapping ( or lack thereof ) of most systems of DRM ..or whatever the reptiles ( sorry ..corporate lawyers ;-) want to call it ..
A mere cursory glance at the real world business practices of MS , Sony , Universal et al and even the algo god Google's actual ways of doing business and rewarding those who provide their product for their repackaging at massive markups shows how hollow and cynical their crusades against piracy and breach of copyright really are ..those who create are usually satisfied with a reasonable price for their labours ..the mega corps are merely attempting to make sure that the "milch cows" stay hobbled as long as possible in the confines of their personal stable ..
What they ( MS ) are doing is a diversion from the reality of why they are in business ,in the long term their action is futile.. no "protection" is inviolable ..but in the short term it does keep the reptiles in business ..which is perhaps the real intention ..after all what is the use of a lawyer in a world full of people who are truly honest and respectfull in their dealings ..
If they were to make the cost of the final product seriously reflect the payment made to the artist or creator and reduce the overwhelming percentage paid to the parasitic entities involved in the "distribution" of it ( said distribution mostly via their corruptly constructed monopoly distribution channels sanctioned by their paid for politicians in all societies )..few would bother investigating how weak their protections were ..