by Andy McFadden
Copy protection (sometimes erroneously referred to as “copyright protection”) is a feature of a product that increases the difficulty of making an exact duplicate. The goal is not to make it impossible to copy—generally speaking, that can’t be done—but rather to discourage “casual copying” of software and music.
The goal is not to conceal information from prying eyes; see section (3-19) for information on encrypting data on a CD-ROM.
A separate but related issue is “counterfeit protection”, where the publisher wants to make it easy to detect mass-produced duplicates. An example of this is Microsoft’s placement of holograms on the hubs of their CD-ROMs. There are full CD pressing plants dedicated to creating counterfeit software (the worst offender being mainland China), so this is a serious concern for the larger software houses.
Copy protection on CD-ROMs used to be rare, but as the popularity of CD recorders grew, so did the popularity of copy protection. A large percentage of games released in the past few years have been protected.
A more recent innovation is copy protection for audio CDs, inspired by the rise of MP3 trading over the Internet. This is more difficult to do, because the protection must allow correct behavior on a CD player but altered playback when being read by a CD-ROM drive. The best that can be accomplished is to force the user to play the music in an analog format and then re-digitize it, resulting in an imperfect reproduction.
The article at http://news.cnet.com/news/0-1005-201-7320279-0.html is a nice introduction to the issues.
Some people have questioned whether copy protection is legal. In some countries it may not be. In the USA, the law allows “fair use” of copyrighted material, but does not require that the content provider make it easy for you to do so. So while making a copy of a song for your own private use may be legal, there is nothing in the law that requires the publisher to make the material available in an unprotected format. Copy protection has been around for many years—some of the schemes employed on the Apple II were remarkably elaborate—and has never been challenged on legal principle.
See http://overclockers.com/tips907/ for an article about why “fair use” is a legal right rather than a constitutional right in the USA, and what that means to you. The article also has some interesting quotes from the courts regarding the DMCA and DeCSS, notably this one: “We know of no authority for the proposition that fair use, as protected by the Copyright Act, much less the Constitution, guarantees copying by the optimum method or in the identical format of the original.” In other words, arguing that “fair use” means the publisher must allow you to make a perfect digital copy (as opposed to a lower-quality digital or analog copy) is without merit.
…on a data CD-ROM?
There are several approaches. An article with a good overview of some popular protection technologies can be found at http://www.tomshardware.com/storage/02q2/020617/index.html. Another source is the “CD Protections” articles on http://www.cdmediaworld.com/hardware/cdrom/cd_protections.shtml.
For anyone interested in protecting their own discs: don’t bother. Copy protection, on the whole, does not work. If you have a major application, such as a game or CAD package, you may want to consider one of the commercially licensed schemes listed later, or (heaven forbid) the use of a dongle. In general, though, if the disc can be read, then the contents can be copied. If you don’t want somebody to make a copy of your stuff, then you’d better encrypt it (3-19).
A simple and commonly seen technique is to increase the length of several files on the CD so that they appear to be hundreds of megabytes long. This is accomplished by setting the file length in the disc image to be much larger than it really is. The file actually overlaps with many other files. So long as the application knows the true file length, the software will work fine. If the user tries to copy the files onto their hard drive, or do a file-by-file disc copy, the attempt will fail because the CD will appear to hold a few GB of data. (In practice this doesn’t foil pirates, because they always do image copies. And, no, none of the standard software provides a way to create such discs.)
One possible implementation, given sufficient control over the reader and mastering software, is to write faulty data into the ECC portion of a data sector. Standard CD-ROM hardware will automatically correct the “errors”, writing a different set of data onto the target disc. The reader then loads the entire sector as raw data, without doing error correction. If it can’t find the original uncorrected data, it knows that it’s reading a “corrected” duplicate. This is really only viable on systems like game consoles, where the drive mechanism and firmware are well defined. This can be defeated by doing “raw” reads.
A more sophisticated approach is to write special patterns of data to the disc. The stream of data that results, after EFM encoding, is difficult for some recorders to reproduce successfully, apparently because they don’t choose correct values for the merging bits. This is often referred to on web sites as “writing regular EFM patterns” or “weak sectors”. See section (2-43) for details on EFM.
A less sophisticated—and no longer effective—method is to press a silver CD with data out beyond where a 74-minute CD can write. Copying the disc used to require hard-to-find CD-R blanks, but now it’s easy to use an overburned 80-minute disc (sections (3-8-1) and (3-8-3)).
The approach some PC software houses have taken is to use nonstandard gaps between audio tracks and leave index marks in unexpected places. These discs are uncopyable by most software, and it may be impossible to duplicate them on drives that don’t support disc-at-once recording (see section (2-9)). With the right reader and software, though, this isn’t much of a problem either.
A method that enjoyed some popularity was non-standard discs with a track shorter than 4 seconds. Most recording software, and in fact some recorders, will either refuse to copy a disc with such a track, or will attempt to do so and fail. A protected application would check for the presence and size of the track in question. Some recorders may succeed, however, so this isn’t foolproof. (In one case, a recorder could write tracks that were slightly over three seconds, but refused to write tracks that were only one second. There may be a limit below which no recorder will write.) In such cases, the pirates need to remove the explicit check from the software itself.
Putting multiple data tracks interleaved with audio tracks on a CD will confuse some disc copiers. However, it’s difficult to actually use the data on those additional tracks.
Sometimes the copy of a disc will have a different volume label. This usually only happens with file-by-file copies, not disc image copies, so checking the disc name is marginally useful but not very effective.
Modifying the TOC so that the disc appears to be larger than it really is will convince some copy programs that the source disc is too large.
Some of the fancier technologies use non-standard pit geometry that cause players to read the data differently on consecutive attempts. Sometimes the player sees a “1”, sometimes a “0”. If, when reading the track, the CD-ROM drive sees different data each time, the software knows that the disc is an original. A duplicate disc will return the same data reliably. (So too will some CD-ROM drives… this technology is not without problems.)
Some programs will examine the disc to try to determine if it’s a CD-R. This doesn’t work on all readers, and it’s possible to disguise discs, so this isn’t very effective.
CloneCD (section (6-1-49)) can copy many copy protected discs without trouble, given the right combination of reader and writer. Its main feature is “raw” reads and writes, which not all drives support.
The Laserlok system from http://www.diskxpress.com/ claims to be able to prevent unauthorized disc duplication at a low cost. It can be copied by CloneCD.
An unrelated product called LaserLock, from MLS LaserLock International (http://www.laserlock.com/) has similar features. It can be copied by CloneCD.
TTR Technology’s DiscGuard (http://www.ttr.co.il/ or http://www.ttrtech.com/ claims to be able to write a signature onto pressed CDs and CD-Rs that is detectable by all CD-ROM drives but isn’t reproducible without special hardware. A program could use this for copy protection by checking for the presence of the signature, and refusing to run if it’s not there.
Sony DADC is promoting a simliar product called Securom. Some information is at http://www.sonydadc.com/hotnews/secu_fra.htm.
Yet another variant is C-Dilla’s SafeDisc. They were bought by Macrovision (http://www.macrovision.com/). Their more recent product, SafeDisc 2, was the first to feature “weak sectors”.
Yet another variant is CD Cops from Link Data Security (http://www.linkdata.com/).
…on an audio CD?
The challenge here is to create a disc that will play on a standard audio CD player but be difficult to copy or “rip” into an MP3. The techniques making headlines in mid-2001 were developed by Macrovision (2-4-3) and SunnComm (2-4-4).
The earliest form of audio CD copy protection was SCMS. This only works on recorders that support SCMS, specifically consumer-grade stand-alone audio CD recorders. “Professional” recorders, and recorders that attach to computers, do not support SCMS. See section (2-25).
Some CDs used a damaged TOC (Table of Contents—see section (2-27)) that confused some CD-ROM drives and ripping software. More recent schemes attempt to modify the audio samples in ways that confuse CD-ROM drives into playing static. The next few sections describe these approaches in detail.
A web site at www.fatchucks.com used to have a list of suspected copy-protected discs and some tips on what you can do to let the industry know that copy protection isn’t appreciated. The web site appears to be gone, but you can see an archived copy of it here: http://web.archive.org/web/20031206075520/www.fatchucks.com/corruptcds/
Many forms of copy protection violate the CD-DA standard, and so the discs aren’t allowed to use the official CD logo art. However, many CDs don’t have the logo anywhere, so its absence doesn’t prove anything.
A paper entitled “Evaluating New Copy-Prevention Techniques for Audio CDs” by J.A. Halderman (available only in PostScript format) can be found at…
The paper was submitted to the 2002 ACM Workshop on Digital Rights Management (http://crypto.stanford.edu/DRM2002/prog.html).
Incidentally, if you’re convinced that record companies and artists are raking in huge piles of cash from every CD they sell, you might want to take a look at an Electronic Musician article that talks about where the money comes from and where it goes. See:
(You may need to use IE; Netscape 4.7 for Linux couldn’t view the site.)
Interesting figures: only about 16% of CDs sold make enough money for the publishers to break even. The ones that do make enough money have to pay for the rest. For the recording artists, only about 3% sell enough music to get any royalties. With figures like these, it’s not surprising that the industry is taking steps to combat piracy.
For more news & commentary, see:
For some messages about Sony’s discs that can crash computers, see http://slashdot.org/article.pl?sid=02/04/03/226233&mode=nested. A later article in MacUser noted that the Celine Dion disc A New Day Has Come will lock up iMacs and require physically disassembling parts of the machine to get the disc back out. The article is… http://www.macuser.co.uk/macsurfer/php3/openframe.php3?page=/newnews/