Microsoft's solution to having its DRM hacked: sue

Microsoft's solution to having its DRM hacked: sue

Summary: When it comes to keeping Microsoft's digital rights management technology from getting hacked -- a situation that recently provoked one of the fastest patches ever to be turned around by the Redmond-based company (because of the stakes) -- the company has already shown how its technological options are limited.

TOPICS: Piracy

When it comes to keeping Microsoft's digital rights management technology from getting hacked -- a situation that recently provoked one of the fastest patches ever to be turned around by the Redmond-based company (because of the stakes) -- the company has already shown how its technological options are limited. Within 24 hours of fixing one hacked version of Microsoft's DRM, the same hackers -- the developers of FairUse4WM (the utility that strips content of any Microsoft DRM that might have been applied to it) -- released a new version of the utility as a countermeasure to the patch. Now, Microsoft is suing those developers. It'll be an interesting test case since the hackers aren't being accused of pirating content. They're being sued for creating the tools that enable piracy which will be a harder case to make.  Sure, that case was successfully made with Napster. But the Napster network also facilitated and carried information that was critical to successfully pirating music.  But the developers of FairUse4WM play far less of an active role in any acts of piracy once "a pirate" has their tool.

Wrote Bill Rosenblatt at DRM Watch of the news:

Microsoft has filed suit against the unidentified programmers who created FairUse4WM, a hack to versions 10 and 11 of Windows Media DRM (WM DRM). In the action, Microsoft alleges that the programmers -- who are known only by the nom de keyboard "viodentia" -- infringed copyright by using some of the company's unpublished source code for WM DRM. The source code presumably includes an indication of where Microsoft hides encryption keys for WM DRM....It is interesting that Microsoft should sue these hackers for stealing source code rather than for circumventing DRM under the DMCA (17 USC 12.01)...suing under the DMCA would be a tacit acknowledgement that WM DRM is hackable -- an acknowledgement that Microsoft clearly would not care to make.

The move certainly raises the question of whether such legal options are the last resort to protecting software-based DRM.  If they are, they won't survive the international test of time (and Internet). Meanwhile, the Secure Video Processor Alliance is already out politicking, saying that hardware-based DRM is the only way to do DRM. It may be right (not that that makes DRM right).

Topic: Piracy

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Wrong Precedent

    The better example of precedent here is [i]Reimerdes[/i], the [i]2600 Magazine[/i] case, although neither really applies.

    My read is that Microsoft isn't trying to claim DMCA on this because the DMCA is strictly US law. Copyright, on the other hand, is easier to enforce internationally. At a wild guess, their "he had to have had access to our code" theory is just an excuse to start the Dance of the Lawyers and bankrupt him in the process -- it doesn't really matter whether he did or not since the legal costs are the main objective.
    Yagotta B. Kidding
  • This is a much worse admission

    During the Anti-trust cases Microsoft contended that they could not disclose their source code less it jeopardize national security.

    In essence what they are admitting is much worse. They claim that someone has stolen their source code. This means Microsoft is unable to control and keep its own source code, which they contend would threaten public safety if disclosed, secret.

    Isn't that a cheerful thought. I'd rather they just claim their DRM got cracked.

    This way not only is their DRM cracked but they admit they can not keep their source code, which they claim public safety requires to be kept secret, secret. What's worse is they don't know who has their code, hence the John Doe case. If they have this section what else do they have?

    If they can't keep their own source code secret, a matter of national security according to them, how can we expect them to keep something slightly less important like their customer info secure?? Let alone how can we trust them to create a computer platform that will keep our confidential data safe.
    Edward Meyers
  • Copyright infringement?

    So they are asserting copyright infringement. Yeah, that's the ticket. If I decompile some code and read it, and lord knows I've done that all too many times over the years trying to support things, how is that copyright infringement? It can, and almost certainly is, a violation of the license agreement but that's another kettle of fish entirely (and I'm still waiting to see one of these abortions get tested in court). The only way it "might" be copyright infringement is if the John Does in the case copied the original, human readable, source code; the source code included a copyright notice (always prominent in my code before the release of rights statement); and it violates "fair use" which has never been tested in court with respect to software so far as I know. Does Microsoft really want to open up this can of worms? What if the court rules "fair use" includes decompilation, modification, and recompilation? Or worse, from their perspective, declares "fair use" to include snippets, patches, or modifications to code in the customers hands as with other digital media. Not that I find it likely but the courts have done stranger things in the past. Wither their environment, and all proprietary environments, then? Ouch.

    This should be at least as much fun to watch as the SCO courtroom contortions!
    • Before the DCMA ...

      ... Fair Use (17 USC 107) provided most anybody not doing so 'for profit' the right to copy, in part, most any copyrighted work. Claiming copyright infringement on source code which was not re-sold or shared could be difficult. License infringement -- or outright theft of source code -- might be easier to prove.
      M Wagner
  • By claiming that the hackers ...

    ... violated the DCMA, wouldn't M$ turn this into a crminal matter, not a civil one?

    Wouldn't that take any opportunity for damages out of M$ control?

    Hackers aren't aftraid of the government -- so why wouldn't M$ rather make sure the hackers are afraid of Microsoft's deep pockets and litigation-happy legal team?

    It's time to return responsibility for copyright infringement back over to those who would do so for profit and leave the rest of us, who just want to choose how we watch and listen to the materials we have purchase, alone.
    M Wagner
    • No

      They are not claiming DMCA anti-circumvention yet. What they did was file a DMCA safe harbour take-down notice to the web space provider that they are violating their copyright.

      The DMCA is a complicated act that made changes to multiple sections of the Copyright Act.

      You are talking about the Chapter 12 copyright DMCA anti-circumvention clause when what they filed so far is the take-down notice found in section 512.
      Edward Meyers
  • Code theft a critical red herring

    Posted in similar forum, edited a little for this one. The DMCA law is the only one which applies if the code was NOT stolen. If ONLY reverse engineering was used, DMCA applies, however, it failed completely when DMCA arbitraily eliminates fair use for no good reason (outside the US where $ don't rule the roost). This is EXACTLY the same case as DVD Jon. There is a developer who wants to listen/watch their legally purchased DVDs/Online content in any way they desire on any piece fo their legally owned and purchased equipment.

    The RIAA went voracoiusly after DVD Jon, when DVD Jon deliveratly cracked DeCSS to be allowed to play DVDs he owned in Linux. The RIAA failed, TWICE. That's why a bogus source code copyright default judgement is the best way for MS to move forward.


    As the story indicated, MS is claiming that he stole code to get the copyright infringement into the case. Without it, it is pure and simple a reverse engineering exercise (that is against the DMCA laws). If MS turns it into a "copyright" victory, they can pursue civil $s against anyone who uses it. MS watched as DVD Jon WON his case, despite DMCA with DeCSS because fair use (not the program, actual fair use) won, and that would likely happen to MS. If it ever came to be that fair use was legally alllowed, despite DMCA laws, poof, DRM is dead dead dead and according to the MPAA/RIAA, the world implodes.

    I also believe it is a huge PR stunt because they have realized that fixing their "flexible and robust and easily updateable" DRM is not quite so easy. They may also simply not want to bother, to help finish nailing the coffin shut on MaybePlays, just in time for all content providers to pull "DRM free" content in time for Zune.
  • the reasoning...

    the reasoning behind sueing claiming the source code was stolen is so that M$ can claim OWNERSHIP of the anti-DRM program, and then legally demand it's removal from the open market.
    If it's simply an anti-DRM program, then having a copy, but not using it, is legal
    go hackers! down with DRM!
  • With any luck the hacker will die in prison

    Hacking is a crime and with any luck this scumbag will die in prison - one way or another.
    • Crackers, not Hackers

      Hackers are just technical geeks/guru's, etc. Crackers who crack into systems for their own profit, scams, identity theft, I agree, throw away the key. Since I define this developer as a hacker, I think he should be supported and commended.

      How is hacking the code that prevents your OWN legally purchased content on your OWN legally purchased equipment wrong? How is telling other people how to use their legally purchased content on their own machines wrong. If I tell you that you can save 25% by buying your fruit at XYZ instead of where you normally shop, can your normal shop sue me?

      If someone uses this and then ILLEGALLY shares their content, as opposed to creating a CD for themselves to listen to in their car, or GOD FORBID, listen to their music while booted into Linux, I agree with you. Piracy is wrong, illegally sharing music is wrong.

      Cracking is a crime, hacking is fun. Ever edited your registry by hand? Ever use an editor or command prompt to change a setting as OPPOSED to the GUI? If so, you sir are a hacker, turn yourself in.