Lead with Knowledge

Learn to secure your PCs from new and unknown hacker attacks.

Free IDC White Paper - Discover Secure File Sharing for the Enterpriseattacks.

Home  //  Article
Print Article    Email Article
Window Manager
Brian Livingston
The watermark war

SUPPOSE YOU BECAME aware of a problem that was costing people millions of dollars without their knowledge. But just before you were about to present your findings at an international conference that had accepted your paper, you were threatened with a lawsuit by a consortium of large, self-interested companies and compelled to withhold your report.

You may think, "That couldn't happen! Americans demand intellectual freedom!" But something like that has just happened, and it strikes at the heart of the computer industry.

I'm referring, of course, to a squelched scientific presentation at the Fourth International Information Hiding Workshop, a respected security conference that was held on April 26.

Researchers from Princeton and Rice Universities and the Xerox Palo Alto Research Center (PARC) had preannounced that they had broken all four copy-protection methods called the "SDMI Public Challenge." But on the morning of the conference, the authors withdrew their paper. The Recording Industry Association of America (RIAA) -- the giant record labels that fund the Secure Digital Music Initiative -- had sent letters threatening lawsuits against the authors, their employers, and the conference sponsors (a good overview of the situation is available at

I was surprised that the preannouncement was fairly big news, but the quashing of the report was barely covered even though this action directly threatens the growth and innovation of the high-tech industry. Many people in the computer and consumer-electronics fields deeply desire a secure way to distribute digital information.

At the core of several nations' copyright laws is a balance between the right of the owner and the right of "fair use," especially the right of not-for-profit and educational institutions to make limited copies.

When someone visits a library and makes a Xerox copy of a chapter in Windows Secrets, am I outraged? Of course not. The library paid for the book, and the visitor wouldn't have bought a whole book just to get one chapter. The market was expanded for all concerned.

This is exactly the kind of "fair use" that the RIAA is now bludgeoning scientists to prevent.

This has nothing to do with Napster, which is accused of wholesale copying. Instead, it has everything to do with the public challenge that new technologies should be subjected to before investors mobilize their millions and consumers cough up their cash.

The academics who broke SDMI's inaudible digital signature, or "watermarking," technology in no way developed a program that would allow teenagers to steal CDs. Instead, they reportedly determined that, "No public watermarking scheme intended to thwart copying will succeed." I believe it is this unmasking of the futility of SDMI -- rather than the revelation of some secret decoder ring -- that panicked the RIAA.

A basic understanding of SDMI will help us understand why this is so. Audio files are playable in a variety of devices: computers, car stereos, portable players, and so on. Future SDMI-compliant devices will supposedly be designed to play exact copies of SDMI-encoded audio files, but not compressed copies (for example, MP3 files). Let's look at the "Three Rules of an SDMI Device."

1. An SDMI device must play any non-SDMI CD, because older CDs have no watermark.

2. An SDMI device must play any newer audio track that contains an SDMI watermark.

3. If an SDMI-encoded audio track is compressed, an SDMI device must detect the distorted watermark and refuse to play.

Because old CDs must play in an SDMI device (or no one would buy one), a hacker need not decode a digital signature, which would be extremely difficult. Instead, a hacker need only alter a song's watermark so an SDMI device can't detect that one is there.

Creating software to do this is trivial. SDMI could simply concede that its encoder has no clothes. Instead, the five conglomerates that largely fund the RIAA (which controls 90 percent of the music sold in the United States) decided to declare war on the computer industry and its need for free, scientific inquiry into proposed digital-security standards.

I support freedom of speech and thought, and I support RIAA's right to write letters. But make no mistake: When multibillion-dollar Goliaths threaten to sue professors and colleges, it's an act of unmitigated evil that civilized people everywhere should scorn. The RIAA's repressive strategy would best be abandoned in favor of win-win music-sharing technologies, such as's new, $4.95-per-month Radio MX. And computer pros, who stand to lose the most, should join public-minded groups such as the Electronic Frontier Foundation ( With a little effort, we can beat the intellectual poverty of the RIAA.


Business News
Web Technologies

SUBSCRIBE TO:    E-mail Newsletters  InfoWorld Mobile InfoWorld Magazine
Home  //  Article Print Article    Email Article
Back to Top


Gateway: Your Reliable IT Provider of Business Technology Solutions
Learn to secure your PCs from new and unknown hacker attacks.
Get FREE Hurwitz Report: Control Your App Dev Costs with TogetherSoft!
Click here to receive a FREE Success Kit from Oracle.

E-mail Newsletters
InfoWorld Mobile
Print Magazine

Web-based training

Copyright 2001 InfoWorld Media Group, Inc.