Feeds

Hacker research team disputes ‘hack SDMI’ results

Not going quietly back into box

  • alert
  • submit to reddit

Internet Security Threat Report 2014

The SDMI (Secure Digital Music Initiative) group has announced, despite earlier claims to the contrary, that practically all of the 447 entries to the 'Hack SDMI' challenge bounced off. This would mean all in the garden was lovely, if it weren't for the pesky Princeton University researchers led by Edward Felten, who stoutly maintains that SDMI is toast, and says the Princeton team will be publishing its results by the end of the week.

The Princeton team entered the first stage of the challenge, but declined to move onto phase two. The aim of the challenge had been to test candidate watermarking and non-watermarking protection technologies to be used in the distribution of digital music, so a complete whitewash - as claimed by Salon, a couple of Register sources and the Princeton team, would have been highly embarrassing, and would have visibly set back the music industry's protection plans some considerable distance.

Stage two of the challenge, as Princeton points out, was secretive. Anybody who submitted a likely looking crack at stage one could move on to two (and had to do so in order to stand a chance of winning the money), but by doing so would be NDAed into total obscurity, unable to say a thing about the hack or the processes. By not playing, Princeton left itself free to publish results and blow whistles as necessary.

The final SDMI hack testing seems to have placed considerable emphasis on "golden ears" - real humans judging whether or not the hack degraded audio quality. This is obviously very much a subjective judgement, and potentially allows the goalposts to be moved around to wherever best suits SDMI. Not that we're suggesting anything of the kind, of course.

SDMI's line is that two of its five technologies were successfully attacked, but that only one attack was repeatable. Princeton says its attacks weren't counted because it didn't enter phase two.

The Princeton team also seems to feel it's been on the receiving end of some kind of smear campaign though. It insists that "contrary to the statements of the SDMI, their oracles [the automated systems that checked stage one] did check the audio quality of the submitted music," and accuses the RIAA of falsely claiming it admitted some of its entries had poor audio quality. "We obtained a number successful results on all watermark technologies, using various techniques," says the team.

SDMI will no doubt be awaiting the team's technical report with some interest. ®

Related Stories

Uni team claims SDMI cracked, and 'inherently vulnerable'
How the hack SDMI challenge was run

Related Links

Princeton team's preliminary report

Providing a secure and efficient Helpdesk

More from The Register

next story
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
'Cowardly, venomous trolls' threatened with TWO-YEAR sentences for menacing posts
UK government: 'Taking a stand against a baying cyber-mob'
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Arab States make play for greater government control of the internet
Nerds told to get lost in last-minute power grab bid at UN meeting
Zippy one-liners, broken promises: Doctor Who on the Orient Express
Series finally hits stride, but Clara's U-turn is baffling
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
Apple SILENCES Bose, YANKS headphones from stores
The, er, Beats go on after noise-cancelling spat
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.