1

The Sony CD DRM The Sony CD DRM DebacleDebacle

A case study of digital rights A case study of digital rights managementmanagement

2

Overview:Overview:

DRM GoalsDRM Goals XCPXCP MediaMaxMediaMax DefeatingDefeating Software Engineering Code of Ethics Software Engineering Code of Ethics

and the principles that were brokenand the principles that were broken LawsuitLawsuit

3

Goals of DRMGoals of DRM

The primary goals of a DRM system The primary goals of a DRM system is to protect and enable the business is to protect and enable the business models of the record label and the models of the record label and the DRM vendor.DRM vendor.

Lessons from the Sony CD DRM Episode (pg 2)

4

Record label GoalsRecord label Goals

Overall purpose is to increase profit.Overall purpose is to increase profit. Increase salesIncrease sales

Limit disc-to-disc copyingLimit disc-to-disc copying Limit local copyingLimit local copying

Get software onto users computersGet software onto users computers Sell advertisingSell advertising Gather and sell information about usersGather and sell information about users

Lessons from the Sony CD DRM Episode (pg 2, 3)

5

DRM Vendor GoalsDRM Vendor Goals

Maximize price for DRM software by Maximize price for DRM software by creating value for the record labelcreating value for the record label

SurviveSurvive Smaller companies need to take more Smaller companies need to take more

riskrisk Maximize installed baseMaximize installed base

Need to get major recording labels on boardNeed to get major recording labels on board Become THE DRM used, beat out other Become THE DRM used, beat out other

vendorsvendors

Lessons from the Sony CD DRM Episode (pg 3)

6

CD DRM SystemsCD DRM Systems

Must play on ordinary CD playersMust play on ordinary CD players Limited readability by computersLimited readability by computers

Must prevent copying on computer without Must prevent copying on computer without permissionpermission

DRM’s software must give access to musicDRM’s software must give access to music DRM software must be installed somehowDRM software must be installed somehow

Autorun on windows computersAutorun on windows computers Must be intentionally run by user on MacMust be intentionally run by user on Mac

DRM software must recognize the DRM DRM software must recognize the DRM discsdiscs

Lessons from the Sony CD DRM Episode (pg 4)

7

XCPXCP

Relies on the autorun feature of windowsRelies on the autorun feature of windows Commands in autorun.inf on cd executedCommands in autorun.inf on cd executed Auturun commonly used to display splash Auturun commonly used to display splash

screens and initiate installation of programsscreens and initiate installation of programs MacOS does not use autorun, user must MacOS does not use autorun, user must

manually run installermanually run installer XCP protected discs contain two sessionsXCP protected discs contain two sessions

Music sessionMusic session DRM content sessionDRM content session

Lessons from the Sony CD DRM Episode (pg 5)

8

Two Session DiscTwo Session Disc

http://www.fadden.com/cdrpics/data-surface-3.jpg

9

XCP (continued)XCP (continued)

Unprotected time between disc Unprotected time between disc insertion and protection software insertion and protection software installedinstalled

User required to agree to End User User required to agree to End User License Agreement (EULA)License Agreement (EULA) Software is then installedSoftware is then installed CD can now be playedCD can now be played If user declines, CD immediately ejectedIf user declines, CD immediately ejected

Lessons from the Sony CD DRM Episode (pg 6,7)

10

XCP (continued)XCP (continued)

Temporary protection auto-loaded on Temporary protection auto-loaded on cd insertion – not installedcd insertion – not installed Uses blacklist of applications known for Uses blacklist of applications known for

burning/rippingburning/ripping Loads window displaying any blacklisted Loads window displaying any blacklisted

applications runningapplications running Will not continue until blacklisted apps Will not continue until blacklisted apps

are closedare closed

Lessons from the Sony CD DRM Episode (pg 7)

11

XCP (continued)XCP (continued)

Lessons from the Sony CD DRM Episode (pg 6)

12

MediaMaxMediaMax

Also uses autorunAlso uses autorun Also utilizes multi session discsAlso utilizes multi session discs Temporary protection more invasiveTemporary protection more invasive

Immediately installs protection softwareImmediately installs protection software Temporarily activates protection Temporarily activates protection

softwaresoftware This happens even if EULA is declinedThis happens even if EULA is declined

Lessons from the Sony CD DRM Episode (pg 5,7)

13

Defeating The Copy ProtectionDefeating The Copy Protection

Marker the DataMarker the Data Hold shift-key while insertingHold shift-key while inserting Disable auto-runDisable auto-run Use alternative Operating SystemUse alternative Operating System

LinuxLinux MacMac

Lessons from the Sony CD DRM Episode (pg 5)

14

Marking the CDMarking the CD

http://www.fadden.com/cdrpics/data-surface-3.jpg

15

Hold down shift-key while inserting Hold down shift-key while inserting diskdisk

16

Disabling Auto-RunDisabling Auto-Run

17

Alternative Operating SystemsAlternative Operating Systems

Apple image from: http://en.wikipedia.org/wiki/Image:Apple-logo.png

Tux image from: http://www.sjbaker.org/tux/Penguin.png

18

XCP RootkitXCP Rootkit

XCP detected as rootkitXCP detected as rootkit Hidden from detectionHidden from detection

FilesFiles Network accessNetwork access ProcessesProcesses Registry keysRegistry keys

Potentially allows root access to systemPotentially allows root access to system

Lessons from the Sony CD DRM Episode (pg 18,19)

19

XCP Detection as rootkitXCP Detection as rootkit

http://www.f-secure.com/weblog/archives/updated_xcp.gif

20

XCP VulnerabilitiesXCP Vulnerabilities

Installed and ran invisiblyInstalled and ran invisibly Undetectable by even virus softwareUndetectable by even virus software Hides itself and its processesHides itself and its processes

Hides anything starting with $sys$Hides anything starting with $sys$ Any malicious code can be hidden by $sys$Any malicious code can be hidden by $sys$ Exploited by at least two malicious Exploited by at least two malicious

programsprograms Also allows random crashing of system Also allows random crashing of system

via updated system filesvia updated system filesLessons from the Sony CD DRM Episode (pg 19)

21

MediaMax VulnerabilitiesMediaMax Vulnerabilities

Automatically installs on CD insertionAutomatically installs on CD insertion Permissions set so any user can Permissions set so any user can

modifymodify Allows malicious code to easily be Allows malicious code to easily be

installedinstalled Next time MediaMax protected cd inserted, Next time MediaMax protected cd inserted,

malicious code executedmalicious code executed

Lessons from the Sony CD DRM Episode (pg 17,19)

22

Vulnerabilities (continued)Vulnerabilities (continued)

Requires Power User privileges to runRequires Power User privileges to run Allows attacker’s code to have complete Allows attacker’s code to have complete

controlcontrol Aggressively updates installed code Aggressively updates installed code

with each protected CDwith each protected CD Patch to rectify attack initiated Patch to rectify attack initiated

attack codeattack code

Lessons from the Sony CD DRM Episode (pg 17,19)

23

Spyware-like ActivitiesSpyware-like Activities

Report user activities to label/vendorReport user activities to label/vendor Vendors said it did not, it infact doesVendors said it did not, it infact does

Retrieve images or adds to display Retrieve images or adds to display from webfrom web

Log user’s infoLog user’s info IP addressIP address Date and timeDate and time Identity of albumIdentity of album

Lessons from the Sony CD DRM Episode (pg 14)

24

Software Engineering Code of EthicsSoftware Engineering Code of Ethics(ACM/IEEE-CS Joint – shortened version)(ACM/IEEE-CS Joint – shortened version)

Software engineers shall commit themselves to Software engineers shall commit themselves to making the analysis, specification, design, making the analysis, specification, design, development, testing and maintenance of software development, testing and maintenance of software a beneficial and respected profession. In a beneficial and respected profession. In accordance with their commitment to the health, accordance with their commitment to the health, safety and welfare of the public, software engineers safety and welfare of the public, software engineers

shall adhere to the following Eight Principles:shall adhere to the following Eight Principles:

Info from: http://www.acm.org/serving/se/code.htm

25

1. PUBLIC - Software engineers shall act consistently with 1. PUBLIC - Software engineers shall act consistently with the public interest.the public interest.

2. CLIENT AND EMPLOYER - Software engineers shall act in 2. CLIENT AND EMPLOYER - Software engineers shall act in a manner that is in the best interests of their client and a manner that is in the best interests of their client and employer and consistent with the public interest.employer and consistent with the public interest.

3. PRODUCT - Software engineers shall ensure that their 3. PRODUCT - Software engineers shall ensure that their products and related modifications meet the highest products and related modifications meet the highest professional standards possible.professional standards possible.

4. JUDGMENT - Software engineers shall maintain integrity 4. JUDGMENT - Software engineers shall maintain integrity and independence in their professional judgment.and independence in their professional judgment.

Software Engineering Code of EthicsSoftware Engineering Code of Ethics(continued)(continued)

Info from: http://www.acm.org/serving/se/code.htm

26

Software Engineering Code of EthicsSoftware Engineering Code of Ethics(Continued)(Continued)

5. MANAGEMENT - Software engineering managers and 5. MANAGEMENT - Software engineering managers and leaders shall subscribe to and promote an ethical approach leaders shall subscribe to and promote an ethical approach to the management of software development and to the management of software development and maintenance.maintenance.

6. PROFESSION - Software engineers shall advance the 6. PROFESSION - Software engineers shall advance the integrity and reputation of the profession consistent with integrity and reputation of the profession consistent with the public interest.the public interest.

7. COLLEAGUES - Software engineers shall be fair to and 7. COLLEAGUES - Software engineers shall be fair to and supportive of their colleagues.supportive of their colleagues.

8. SELF - Software engineers shall participate in lifelong 8. SELF - Software engineers shall participate in lifelong learning regarding the practice of their profession and shall learning regarding the practice of their profession and shall promote an ethical approach to the practice of the promote an ethical approach to the practice of the profession.profession.

Info from: http://www.acm.org/serving/se/code.htm

27

Ethical IssuesEthical Issues

Install without user permissionInstall without user permission Users left vulnerable to malwareUsers left vulnerable to malware After uninstall, user still vulnerableAfter uninstall, user still vulnerable Spyware tactics usedSpyware tactics used Prevents fair usePrevents fair use Damages the reputation of software Damages the reputation of software

manufacturersmanufacturers Sony refused to deny wrong-doingSony refused to deny wrong-doing

28

Class Action against SonyClass Action against Sony

Requests from Electronic Frontier Requests from Electronic Frontier Foundation (EFF)Foundation (EFF) Stop production of CDs with bad DRMStop production of CDs with bad DRM Get people non-DRM’d versions of musicGet people non-DRM’d versions of music Do this quicklyDo this quickly Get people free music or money in case of XCPGet people free music or money in case of XCP Ensure independent security testing pre-launch Ensure independent security testing pre-launch

of any new DRMof any new DRM Agree to quick response by Sony BMG in future Agree to quick response by Sony BMG in future

security flaws of DRMsecurity flaws of DRM

http://www.eff.org/IP/DRM/Sony-BMG/settlement_faq.php

29

SettlementSettlement

Sony agreed to EFF’s requestsSony agreed to EFF’s requests Never admitted to wrong doingNever admitted to wrong doing No reparations for crashed systemsNo reparations for crashed systems At present no criminal cases At present no criminal cases

Sony still left open to future law suits, Sony still left open to future law suits, but EFF’s case overbut EFF’s case over

http://www.eff.org/IP/DRM/Sony-BMG/settlement_faq.php

30

Sources:Sources: 1. 1. http://www.acm.org/serving/se/code.htmhttp://www.acm.org/serving/se/code.htm 2. Lessons from the Sony CD DRM

Episode, Authors: J. Alex Halderman and Edward W. FeltenCenter for Information Technology Policy, Department of Computer Science,Princeton University, Extended Version. February 14, 2006

3. http://www.eff.org/IP/DRM/Sony-BMG/mediamaxfaq.php

4. http://www.eff.org/IP/DRM/Sony-BMG/ 5. http://www.f-secure.com/weblog/archives/updated_xcp.gif 6. http://www.sjbaker.org/tux/Penguin.png 7. http://en.wikipedia.org/wiki/Image:Apple-logo.png 8. http://www.fadden.com/cdrpics/data-surface-3.jpg