AfterDawn: Tech news

Student uses Shift key, gets sued

Written by Petteri Pyyny (Google+) @ 09 Oct 2003 15:42 User comments (40)

Yet another prime example of this lovely New World Order: an American PhD student called Alex Halderman is being sued by copy-protection company SunnComm.
SunnComm and BMG released the first major copy-protected audio CD in the U.S. recently and Mr Halderman was studying the CD to find out how the copy-protection actually works. The disc can't be copied in Windows by normal means, SunnComm's press releases stated before the launch, and before Halderman's findings.

SunnComm's "advanced copy protection mechanism", called MediaMax CD3, actually simply had the autorun.ini added to the audio CD. This auto-ran then a small installer that installed a driver which claimed in its EULA text to be necessary in order to use the CD under Windows operating system. In reality, the driver itself was the entire copy protection.

So, Halderman's big finding was that the copy protection can be "bypassed" by holding down the shift-key when inserting the CD in a CD-ROM -drive. As most Windows-users already know, the shift-key instructs Windows to ignore the AutoRun feature found on the disc. When the autorun-feature is skipped, the driver installer never runs.

Now, SunnComm claims that Halderman's findings and the fact that he published his findings, have damaged SunnComm's market value by at least $10M and that he has violated against the DMCA law that makes it illegal to distribute instructions and tools that would allow circumventing copy-protection mechanism (as Linux doesn't launch autorun.ini anyway, does it mean that Linux is a tool that allows breaking the law as well?).

SunnComm stated: "SunnComm intends to refer this possible felony to authorities having jurisdiction over these matters because: 1. The author admits that he disabled the driver in order to make an unprotected copy of the disc's contents, and 2. SunnComm believes that the author's report was 'disseminated in a manner which facilitates infringement' in violation of the DMCA or other applicable law".

More information:

CBC
The Register

Previous Next  

40 user comments

19.10.2003 16:16

lol. what a load of crap. Any person could of figured this out, no point in hammering him just cos he found it first.


->E§F<-

29.10.2003 17:59

Oh for fuxk sake, o dont even know what to say now. In all fairness, its common sense that the shift key bypasses autorun so now are they going to sue micrsoft because of that too?

310.10.2003 0:10
wonderboy
Inactive

Cant you make a backup of a CD you own. its not like he made it with the Intent to distribute. If thats all it took to get pass there cd copy protection then they need to make a better copy protection. I think we should sue them what if I want to back up my cd , I already paid 14 bucks for it why shouldnt I be able to back it up.

410.10.2003 0:26

totally idiotic....I'll copy any CD I damn well please....


510.10.2003 0:26

totally idiotic....I'll copy any CD I damn well please....


610.10.2003 0:38

Word sithlord!


Shega
(adrenaline Is the closest Total freedom)

710.10.2003 2:36

Stupidity in a box.


ASUS A8V Deluxe, A64-3500 @ 2.65
1GB KingMax PC3700
640GB [4x160GB, 7200, 8MB]
XFX 6800GT 256MB
Rules and Policies: http://forums.afterdawn.com/thread_view.cfm/2487

810.10.2003 4:28

Looks as tho using the shift key is illegal, It's going to be a pain in the butt in the office then! Sue me too I used the shift key 6 times in this statement!

910.10.2003 5:23

next..they'll probably sue all the keyboard makers..for putting the shift key ian keyboard ..in the 1st place..what f..kin shite..


"i woulhd have stuck to sniffing coke-only the ice cubes tend to get stuck in my nose"
irc.addictz.net : #ad_buddies

1010.10.2003 5:41

Advanced indeed... what a joke.

1110.10.2003 5:52
Oopsla
Inactive

Gee? 10 million in sales lost? Somehow I think the artists that created the music wouldn't ever see a cent even if Mr. Halderman didn't pass on to the computer illiterate how WinOS works. They rape the artists and now us for their greed. Lucky for us the record industry will go the way of the dodo.

1210.10.2003 8:58

See the problem is their mentality, they think they are experts. And not only that but record labels think they are experts too just cause they have a stupid name! They dont realise there is people better then them out there, they think they are all that! its time for the record labels to wake up and realise they arent fighting dumbasses!

1310.10.2003 9:31
Jarpo
Inactive

Shit. Stupid RIAA and IFPI.

1410.10.2003 10:12

Right. Another user who has a problem with reading the article he is posting comments about.

1510.10.2003 10:50

These people need to get their heads outta their asses. I mean, autorun.ini doesn't even _run_ on Linux. So what, Linux users are circumventing the copy-protection too? Damn jackasses.

1610.10.2003 11:23

Yes. All Linux users are infact evil pirates! I would love to see SunnComm sue Linux-users, the countersuits would kill the company.

1710.10.2003 11:58

So they install stuff on my pc without me wanting it - can I sue them?

1810.10.2003 14:44

Oh crap - has anyone seen my bollocks. I think i just laughed them off after reading about this dosey company.....My girls gonnna kill me if it dont find them....

This message has been edited since its posting. Latest edit was made on 10 Oct 2003 @ 14:46

1910.10.2003 17:39

Oriphus, no problem man, ill sort her out till you find em ;-) hehe, j/k man Anyways, i dunno why people are dissing the RIAA here, the RIAA couldnt come up with a good copy protection if the entire planet depended on it, its not their job, they just represent major labels, you should be laughing at the dumbass security company, $10,000,000 over the shift key? well seriously guys, are so fucken dumb that you thought no-one would say it sooner or later?

2010.10.2003 22:46
Jarpo
Inactive

What I mean is: Those dmca-laws were lobbed by RIAA.

2111.10.2003 12:26

I just recently invented a new "house protectant device" that shields the ones you love from the evil and terrors of the outside world. It's roughly 6 1/2 feet tall, and 2 1/2 feet wide. It's propped up by "hinges" and can be made from various materials, such as wood, metal and sometimes even plastic. I am going to name it, "A Door". However, it can be easily bypassed by this built in feature called, "A Door Knob". You don't think it's common knowledge, let alone common sense, that Door Knob opens Door, do you? Well I sure as hell don't! But you see, I have an ace up my sleeve! Whomever discovers this secret method of bypassing my ingenius security device by-way of Door Knob, I am going to sue! SUE! SUEEEEE!!!

2211.10.2003 13:31

Awwww crap. *Praetor denies ever turning the door-knob*


ASUS A8V Deluxe, A64-3500 @ 2.65
1GB KingMax PC3700
640GB [4x160GB, 7200, 8MB]
XFX 6800GT 256MB
Rules and Policies: http://forums.afterdawn.com/thread_view.cfm/2487

2311.10.2003 14:57

just out of complete curiosity, do you guys *really* think that the shift key/autorun issue was what the problem was about? did anyone here bother to read past the first paragraph of any of the press releases/news articles? or for that matter does everyone here *really* believe everything they read/hear/see from the media? did anyone here do a little research and find out a *few* more facts about this whole thing *before* clicking the post button? do you guys *really* believe..and i mean **really** believe that the shift key 'escaped' notice, going thru the various dev cycles, testing 3rd party testing etc etc??? *especially* if the autorun feature was going to be used??? just a little FYI for all..the issue was about disclosing file names, locations and circumvention directions, which, if i read the DMCA correctly could be construed as a possible violation.. also: if the tech is indeed as bad as all that, then why aren't the record companies jumping ship? simple answer: they knew about it (shift key) before ever even signing a contract and releasing anything with the tech...correct? ok, now i have a question: how do you ensure everyone's rights at the same time? from the artist, to the ppl that typeset the liner notes etc, to the record companies to the users? simple answer: compromise.

2411.10.2003 17:09

Hehe they withdrew any suit against the dude. A PR minefield.


ASUS A8V Deluxe, A64-3500 @ 2.65
1GB KingMax PC3700
640GB [4x160GB, 7200, 8MB]
XFX 6800GT 256MB
Rules and Policies: http://forums.afterdawn.com/thread_view.cfm/2487

2511.10.2003 21:37

CdMnky, Question, then. If we are to "read past the first paragraph of any of the press releases/news articles" we would in essence "believe everything [we] read/hear/see from the media". So which is it? On the one hand, you want us to read deeper into the media, then on the other, it seems you don't want us to read so much into the media.

2612.10.2003 0:22

Quote:
just out of complete curiosity, do you guys *really* think that the shift key/autorun issue was what the problem was about? did anyone here bother to read past the first paragraph of any of the press releases/news articles? or for that matter does everyone here *really* believe everything they read/hear/see from the media? did anyone here do a little research and find out a *few* more facts about this whole thing *before* clicking the post button? do you guys *really* believe..and i mean **really** believe that the shift key 'escaped' notice, going thru the various dev cycles, testing 3rd party testing etc etc??? *especially* if the autorun feature was going to be used??? just a little FYI for all..the issue was about disclosing file names, locations and circumvention directions, which, if i read the DMCA correctly could be construed as a possible violation..
What?

2712.10.2003 4:51

A valid point indeed lol. Dela - i found them - i wont need to call upon your services lol ;-)


2812.10.2003 6:54

Cheeck and chung


Shega
(adrenaline Is the closest Total freedom)

2912.10.2003 9:50

@Praetor..yes, it's a PR minefield, however, it was goin to be anyway.. @jimmyjojo..i was also intending on including a reference to the 'report' by halderman, but i forgot to mention it in my post.. ok, so what you're saying is that any facts or additional info really doesn't matter..right? i was just wondering if it really matters for ppl to have an 'informed' opinion vs just jumping on the bandwagon and flaming just because everyone else is.. @ghostdog..what...what? what part shall i explain?

3012.10.2003 11:38

Well, I kinda didn´t understand what you were trying to say.

3112.10.2003 12:23

@ghostdog..np ;) i'll lay it out..basically, we (as musicians/artists etc ourselves) didn't want to impede playability one iota, by crapping out the TOC on the cd, which many companies have spent millions & millions developing, just to have it defeated by things like a felt-tip pen, and which offered *no* user rights to even back it up... we even went down that road in our first iteration of software, 'MediaCloq', but in the end it just wasn't a viable solution. so *unlike* a lot of other companies, we looked at other alternatives..one of which was to give the users choices, using a software solution..granted the current rights might seem a bit limited, but there has to be a compromise on all sides...right? at least there are options now.. i mean seiously, how many 'backup' copies does anyone *really* need? 20? 30? that's where the users' compromise comes in. the record companies' compromise comes in by allowing the content to be duped, and how many times etc.. our 'compromise', if-you-will comes in the form of allowing as much playability and portability as absolutely possible (not just wma, but mp3 & other formats as well, SDMI devices etc etc), while staying within the guidelines of the 2 other 'compromises'.. so in the end, our huge 'corporation' (less than 20 ppl) is being attacked for sticking up for the users' rights as well as the industries' rights, not to mention that we're a smaller company trying to do some good, so that everyone might be able to pay a little less for a cd, or show etc.. see, every time a cd is ripped and uploaded, the record companies lose money, which means the artist loses money, as well as the engineers and grips, and covers artists and and..so how can they make that money back, so that they can still discover and promote new talent? one way might be to raise the money with inflated cd prices, or higher ticket prices at shows..i mean, if this was happening to your company, how much would you have to lose before you did something about it? what would you do? did you know that currently, without even our attempt to curtail rampant ripping, that a new cd has a life of about 1 week or so? in many cases the songs are ripped and up on kazaa etc, even *before* the album even hits the stores. what do you think thats gonna do to the prices? i mean they have to make that money up somewhere, right? anyway, i'm digressing..back to what i was talking about.. were we *ever* gonna sue over the shift key? jeez..are you guys serious? that makes us laugh every time we see it, in big bold headline stories, such as at the top of this one.. btw, he didn't get sued, we decided not to go after him, and not because of the shift key, but because ultimately, the media's 'spin' would eventually become bigger (and badder) than the actual inital problem. just as it *has* become, thus not only making *our* efforts to help reign in an out-of-control situation, but other companies' efforts as well.. are we idiots? did we 'forget' about the shift key? is it a great big bug in our software? again..jeez..let's get serious a minute..it has *nothing* to do with the .ini file, nor the shift key..we also know about linux, unix, mac, etc etc etc, so before the next 'story' comes out saying 'suncomm's been *hacked* again' you guys might know a bit better..at least that's why i'm even writing this.. was halderman in any way bias? could he have been? could he have had his own agenda? since the references to our tech contain *nothing* about the workings of the actual driver? why not? i thought 'research' was supposed to be non-biased and complete? right? why didn't we get a 'courtesy' copy of the released 'research' paper *before* it hit a zillion new agencies and websites, *all* with their own spin on it? why didn't halderman even call us to ask questions? and as a side note..we've been told we're 'un-american', 'a$$holes' etc etc and ppl even went so far as to take the picture of one of our employees (a female) and then proceed to post that right beside their spin of the storys' headline mentioning her by name. they even went so far as to then open up a topic on their board to talk about her in a sexual way etc which is low even if you don't like us..she saw it and it freaked her out, badly.. she has nothing to do with the actual code..she is the SQL admin and DRM admin..thats' it..that's all she does.. so if anyone here knows anyone involved in that, let em know from me..*totally uncool*.. we're just like you guys, real ppl behind these typed words.. anyway, i've ranted etc long enuff..i appreciate you guys allowing me access here to voice my opinion etc.. btw, if you guys have any questions at all about *any* of this..by all means, *please* call us or shoot us an email and ask. Don’t just blindly read a headline and assume it's the truth, because in this case...it's not..

3212.10.2003 19:07

*Whats with the *asterisks*?* :-P


ASUS A8V Deluxe, A64-3500 @ 2.65
1GB KingMax PC3700
640GB [4x160GB, 7200, 8MB]
XFX 6800GT 256MB
Rules and Policies: http://forums.afterdawn.com/thread_view.cfm/2487

3312.10.2003 19:21

heheh nuttin, i just got a lil passionate about stuff and got carried away lol ;)

3412.10.2003 19:37

Fair enough :P


ASUS A8V Deluxe, A64-3500 @ 2.65
1GB KingMax PC3700
640GB [4x160GB, 7200, 8MB]
XFX 6800GT 256MB
Rules and Policies: http://forums.afterdawn.com/thread_view.cfm/2487

3513.10.2003 4:58

Wow, I didn´t even realize you worked at SunnComm. Thanks for giving someinsite to what you guys are trying to do. But I have to ask about this, your software doesn´t really work, does it? If it´s trying to please both the record labels and the users (a nice idea - to not just side with the big suits) by not totally controling the usage of the music but implementing some kind of restrictions and it still allows content to be ripped and distributed in any way - well it doesn´t really please the labels, does it?

3613.10.2003 9:05

the software does work, and works excellent.. it works exactly to the spec presented to the labels before anything was ever signed..including the shift key/autorun issue the labels are actually ecstatic about the fact that they can provide a bit more 'user experience' to their products..believe it or not, the labels aren't the big bad corps that they've been given the rep for.. btw, if ppl use the shift key they miss out on additional stuff, like videos, our promoplay stuff, secureburn (soon) and other swag, possibly reduced tickets, backstage passes etc etc.. (btw don't quote me on what kind of swag might be there, i'm simply suggesting what could be there) we're trying to give an incentive not to rip it.. if ppl will give us a chance, i personally promise to make sure it's as right as we can make it..no spyware (i hate that crap), ability to backup, share, SDMI devices, additional formats (soon) etc..

3714.10.2003 5:23

Quote:
btw, if ppl use the shift key they miss out on additional stuff, like videos, our promoplay stuff, secureburn (soon) and other swag, possibly reduced tickets, backstage passes etc etc.. (btw don't quote me on what kind of swag might be there, i'm simply suggesting what could be there)
Sounds cool, but you didn´t really answer my question. If the software´s partial task is to restrict unlawful duplication (IE mass-production of copies for distribution to whoever) it doesn´t really fulfill that task.

3814.10.2003 7:32

it fullfills the task as much as possible at the current stage that it's in [the software], but you have to remember, being a software solution instead of a hardware solution we can always easily update it..so if it does get 'hacked' (which we're under no illusions that it could and/or probably will be) we can adjust accordingly.. btw, there was already a new version for our next major release that addressed all of the issues (except for the shift key for now) that halderman so elloquently researched.. my suggestion? buy an anthony hamilton cd and try it for yourself (without the shift key) ;) proof's in the pudding, right? the main point is that we trying to help provide a framework with which the music industry can change it's strategies..it might take a bit, but at least we've got something out there that might help..

3915.10.2003 5:11

OK CdMnky. I think/hope that the industry could really use a digital content management company that manages to think a bit differently than all the other ones, because the current cd-protection schemes aren´t that good in my opinion. Example: The new album by Blur was supposedly copy controlled. In practice this meant that I couldn´t record the album to minidisc until I had copied the CD with Nero. Recording the backup to minidisc worked fine.

4015.10.2003 23:24

The blur album Was supposed to be protected, I had the exact same experiance, Worked after i had copied it.


Shega
(adrenaline Is the closest Total freedom)

Comments have been disabled for this article.

News archive