TELECOM Digest OnLine - Sorted: CD DRM: Unauthorized Deactivation Attacks


CD DRM: Unauthorized Deactivation Attacks


Monty Solomon (monty@roscom.com)
Mon, 30 Jan 2006 01:18:50 -0500

By Ed Felten

Alex and I are working on an academic paper, "Lessons from the Sony CD
DRM Episode", which will analyze several not-yet-discussed aspects of
the XCP and MediaMax CD copy protection technologies, and will try to
put the Sony CD episode in context and draw lessons for the
future. We'll post the complete paper here next week. Until then,
we'll post drafts of a few sections here. We have two reasons for
this: we hope the postings will be interesting in themselves, and we
hope your comments will help us improve the paper.

Today's section is part of the technical core of the paper.

Please note that this is a draft and should not be formally quoted or
cited. The final version of our entire paper will be posted here when
it is ready.

Unauthorized Deactivation Attacks

As described previously, active protection methods rely on installing
and running software components that interfere when ordinary software
tries to access the disc. If an adversary can remove or deactivate the
active protection software, then the DRM scheme will fail to prevent
arbitrary use or ripping of the music on the disc. In this section we
discuss such deactivation attacks.

One attack strategy is to manually deactivate or uninstall the active
protection software. This can be done by using standard system
administration tools, which are designed to find, characterize, and
control the programs installed on a machine. This attack is very
difficult to stop if the user has system administrator privileges on
the machine.

http://www.freedom-to-tinker.com/?p=964

Previous excerpts

CD DRM: Compatibility and Software Updates
Saturday January 28, 2006 by Ed Felten
http://www.freedom-to-tinker.com/?p=963

CD DRM: Attacks on Disc Recognition
Thursday January 26, 2006 by J. Alex Halderman
http://www.freedom-to-tinker.com/?p=960

CD DRM: Threat Models and Business Models
Tuesday January 24, 2006 by Ed Felten
http://www.freedom-to-tinker.com/?p=959

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Monty Solomon: "Hello, You're in the Dead Zone / Region's Cellphone Users Still"
Go to Previous message: Monty Solomon: "For Unlucky Ones, Sox Out of Sight"
Next in thread: Gordon Burditt: "Re: CD DRM: Unauthorized Deactivation Attacks"
May be reply: Gordon Burditt: "Re: CD DRM: Unauthorized Deactivation Attacks"
TELECOM Digest: Home Page