||Miércoles 7 de Diciembre de 2005, Ip nº 138
Por TOM ZELLER Jr.
The latest album from Johnny and Donnie Van Zant, "Get Right With the Man," delivers "anthems with the sort of conviction that will inevitably inspire raised fists and chorus sing-a-longs," says Amazon.com's official music reviewer.
Fists are raised all right, but not in the way the Van Zants would have hoped.
After years of battling users of free peer-to-peer file-sharing networks (and the software companies that support them), the recording industry now identifies "casual piracy" - the simple copying and sharing of CD's with friends -as the biggest threat to its bottom line.
And in one company's haste to limit the ripping and burning of CD's, a hornet's nest has been stirred. By the end of last week, that company, Sony BMG, which had embedded aggressive copy-protection software on the Van Zant CD and at least 19 others, suspended the use of that software after security companies classified it as malicious.
At least two Internet-borne worms were discovered attempting to take advantage of the program, which the CD's transferred to computers that played them. And the company was facing lawsuits accusing it of fraud and computer tampering in its efforts at digital rights management, or D.R.M.
"Look, what we do is write music; we make music," said Donnie Van Zant, who like most artists had no had no idea what sort of security features, if any, his label would place on the album. "I really don't even know what D.R.M. means, to be honest with you."
The entertainment industry has complained that in the digital world, wanton piracy can bleed revenues. Along with lawsuits and legislative lobbying, infusing digital media with tricked-out code to limit how, when and by whom it is used is one way copyright holders have sought to keep control of their products.
It is not foolproof (for every lock, a pick), and tight controls are not what customers want. But it is something they might tolerate - so long as it does not go too far.
"I think they've set the whole D.R.M. thing back at least a year or two," Todd Chanko, a television and entertainment industry analyst with Jupiter Research in New York, said of the Sony BMG situation.
One angry "customer reviewer" of Van Zant's album put it another way on Amazon.com: "Boycott Sony! It looks like it's now safer to download pirated copies than to buy CD's!"
For its part, Sony BMG, along with First 4 Internet, the British software company that developed the D.R.M. code, issued a software patch to address the security concerns. It also publicized a convoluted "uninstall" process for the software that requires users to provide their e-mail addresses and make multiple visits to a Sony BMG Web site - a move that further angered consumers.
On Friday, Sony BMG, a joint venture of Sony of Japan and Bertelsmann of Germany, announced that it would suspend manufacture of CD's containing First 4 Internet's software and that it would re-examine its content-protection initiatives. The company said about 4.7 million CD's containing the software had been shipped, and about 2.1 million had been sold.
"The consumer experience is our primary concern, and our one and only goal is to help bring our artists' music to as broad an audience as possible," John McKay, a Sony BMG spokesman, said late last week. "As a result, we're constantly identifying new ways to meet consumers' demand for flexibility in how they listen to music, while at the same time protecting the rights of artists."
But the industry's mad dash to protect artists - or more accurately, its profits - may have led Sony BMG to move so aggressively, and disastrously, on the D.R.M. front.
In a PowerPoint presentation before the National Association of Recording Merchandisers in San Diego in August, Mitch Bainwol, the chief executive of the Recording Industry Association of America, underlined the urgency: "Key point: Burning and ripping are becoming a greater threat than P2P," a reference to peer-to-peer file sharing.
That assertion was predicated on numbers compiled by the market research firm NPD Group. They showed that in 2004, only about 55 percent of consumers acquired their music by legal means: either buying a CD (51 percent) or downloading it from a paid online music site (4 percent). About 16 percent acquired music from peer-to-peer networks, according to the survey. And the remainder - 29 percent - reported acquiring their music either on CD's burned by friends or family, or by borrowing legally purchased CD's and "ripping" the tracks to their computers.
Copy-protection technology, Mr. Bainwol told The Associated Press at the August conference, "is an answer to the problem that clearly the marketplace is going to see more of."
In fact, record labels have been cautiously experimenting with such technology for some time - mostly in the European and Asian markets, and on a more limited basis in the United States, with mixed results. Early copy-protection schemes developed by companies like SunnComm International of Phoenix and Macrovision of Santa Clara, Calif., were often too restrictive, intermittently buggy and sometimes embarrassingly easy to circumvent - despite the outlawing of such circumventions by the Digital Millennium Copyright Act of 1998.
Fans quickly found, for instance, that the copy protection on Celine Dion's 2002 Sony release "A New Day Has Come" could be overcome by inking the edges of the disc with a black felt-tip pen.
A year later, BMG deployed technology from SunnComm on an album by the soul artist Anthony Hamilton. Within days a Princeton student discovered that simply holding the shift key while inserting the disc foiled the restrictions.
"I think we're still waiting for the development of D.R.M. that finds ways to satisfy both consumers' needs and producers' needs," said David Sohn, general counsel with the Center for Democracy and Technology in Washington.
Some claim it is a fool's errand.
"It's abundantly clear by now that no D.R.M. system can stop serious pirates," wrote Edward W. Felten, a professor of computer science and public policy at Princeton University, on his blog, Freedom-To-Tinker.com. "A D.R.M. system that stops serious pirates, and simultaneously gives broad leeway to ordinary users, is even harder to imagine."
Still, from the Microsoft Corporation's own Windows Media D.R.M. and Apple Computer's proprietary FairPlay technology to next-generation disc protection schemes like Macrovision's Total Play, SunnComm's MediaMax and even Sony's own DADC technology, a forest of overlapping and sometimes conflicting copy-protection and rights-management systems now attempt to govern the digital media experience.
Many technologies that allow limited CD ripping do not permit the creation of the popular MP3 file format, prompting some artists, including Switchfoot and Dave Matthews, to begin publishing instructions for circumventing their albums' copy protections on the Web, so that fans can move tracks that are nominally incompatible with Apple's FairPlay, onto the popular iPod music player.
Even Sony BMG, which is not licensed to distribute FairPlay-compatible tracks on its discs, posts such instructions on its Web site.
Of course, that is the kind of flexibility that fans want, Mr. Chanko of Jupiter Research said, and the challenge of digital rights management, he added, "is to engage the consumer in a way that makes them an ally."
Sony BMG seems to have failed that test when, in seeking to limit consumers to making three copies of its CD's, it embedded the First 4 Internet software, which penetrates deeply into the PC's of users with a program that introduced a real, if minor, security risk.
It all began unraveling early last month, after an American customer notified F-Secure, a Finnish antivirus company, of some files attempting to hide themselves on his computer. F-Secure deduced that the Van Zant CD had deposited a program that looked a lot like a "rootkit" - typically a dirty word in computer security circles because it describes software tools used to hack the deepest level of a computer system and hide the footprints of an intruder.
That might have been bad enough, said Mikko H. Hypponen, the chief research officer of F-Secure, but the rootkit also proved capable not just of hiding itself, but any file, folder or process on the computer that used a five-character string as part of its name.
No other file on a typical computer would have that string in its name. But if an enterprising virus writer managed to figure out the system, named his bug appropriately, and somehow got it onto the machine of a consumer whose only real sin was listening to Celine Dion's "On ne Change Pas" on his PC, Sony BMG's copy-protection software would cloak the worm.
In computer security terms, it is a tiny vulnerability, but as of last week it was clear that at least a few virus writers were attempting to exploit it.
"It was designed to be speed-bump technology," said Mathew Gilliat-Smith, the chief executive of First 4 Internet, meaning it would slow down those seeking to circumvent the copy restrictions.
F-secure quietly contacted Sony BMG and First 4 Internet with its concerns, but on Oct. 31, Mark Russinovich, a security expert at SysInternals.com, published his own discovery of the rootkit on his blog. Public outrage followed on the Internet as the program was further examined, the end user license agreement deconstructed, and Sony BMG's response scrutinized.
"We deeply regret any possible inconvenience this may cause," the company said in a statement on Friday. "We stand by content protection technology as an important tool to protect our intellectual property rights and those of our artists."
Unfortunately, the artists are suffering the fallout, too.
"Take your rootkit and shove it," was one angry message that Ross Schilling, the Van Zant manager, said was left on his voicemail.
"The Internet, downloading, file-sharing - it's a whole new Wild West for the music business," a somewhat weary Mr. Schilling said, adding that while he supports the idea of protecting content, he regrets that Van Zant has become the poster child for bad D.R.M. schemes.
"To some degree the labels have been slow to embrace things, and are now playing catch-up," he said. "They'll continue to tweak these systems, and everyone will have to pay attention more closely."
|| 15/11/2005. The New York Times.