Home & Office

SDMI denies broken technologies

Is the Secure Digital Music Initiative on shaky ground? Not at all, says the consortium's leader, rumours and news reports to the contrary
Written by Robert Lemos, Contributor

A music industry consortium formed to secure the next generation of digital music denied Monday that hackers had successfully breached the security of six new technologies designed to protect music copyrights. "To think, that in 24 hours, that [the testing group] could analyse almost 450 submissions... then leak those results... it's simply ridiculous," said Leonardo Chiariglione, executive director of the the Secure Digital Music Initiative (SDMI).

On 18 September, the SDMI publicly challenged renegade hackers and mainstream security experts to attack six technologies created to identify copyrighted music -- any of which could be adopted as the future SDMI standard for digital music protection. The group promised to pay the "winners" up to $10,000 for each of the technologies that were compromised.

The challenge took the form of six songs posted on the HackSDMI Web site. Each song has one of six digitally embedded serial numbers that the new technologies use to keep track of music online. To be judged "flawed", each technology would have to have its digital ID tags removed without degrading the quality of the music. In addition, hackers would have to show that the compromised songs could be easily duplicated.

Despite a boycott by members of the open source and Linux communities, the firm collecting submissions to the SDMI Hacking Challenge turned over 447 potential breaches on 11 October, three days after the contest ended. A day later, Salon.com reported that all six technologies had been breached, citing anonymous sources.

Chiariglione refuted the article saying that, so far, no one had evaluated the attacks. It will take some time for the SDMI's six-member panel to determine whether a hacker has truly broken the copy protection on a particular song takes time, he added.

Even if the panel finds that each method has one or more flaws, SDMI will continue to develop, said SDMI member David Leibowitz, chairman of Verance. The company provided the watermarking technology used in Phase 1 of the SDMI standard and created one of the six digital security technologies currently under scrutiny.

"If, in fact, someone had develop some means to successfully attack it, our technology has a renewability feature in it," Leibowitz said. "It is likely that we would be able to make alterations on the detection side to fix the problem." Surviving the hacking challenge will also be lucrative for the technology creators. One source indicated that Verance collected $10,000 per song title using its watermarking technology.

With the SDMI announcing on Monday its intent to push the chosen technology into AM/FM and mobile applications, owning the last technology standing will mean hefty profits for the winner.

Take me to the MP3 Special

To have your say online click on the TalkBack button and go to the ZDNet News forum.

Let the editors know what you think in the Mailroom. And read what others have said.

Editorial standards