Feeds

T.13 hoses down CPRM fears

It was all a terrible dream...

  • alert
  • submit to reddit

Top 5 reasons to deploy VMware with Tegile

A compromise that the 4C Entity hopes will defuse the CPRM controversy could be agreed this week. The second draft of the revised proposal permits copy control mechanisms, but their use may be confined to removable devices.

Of course, that's what 4C members (Intel, IBM, Matsushita and Toshiba) insist it was all along - if it wasn't for those pesky facts. In fact CPRM was first proposed for industry standard ATA disk drives back in October, and was again presented to the T.13 committee, which oversees the ATA standard, in December - only with references to "CPRM" excised.

As the news spread, computer users reacted with outrage, with calls to boycott CPRM-compliant hardware. There was even serious talk among free software developers of boycotting IBM's much vaunted Linux initiatives.

But only after the San Jose Mercury made the story front page news on January 29, did we hear that a compromise was eagerly being sought.

In advance of the second draft, the T.13 committee has indulged in some ass-covering of its own. It has published an FAQ - the first it's ever produced - on the subject of CPRM on ATA drives.

It was all a terrible dream

"4C has never proposed that CPRM be included in the ATA/ATAPI standard," the document begins.

Excuse me? Rather damning evidence to the contrary can be found on the T.13's own website. You can see for yourself. The document "Content Protection for Recordable Media (CPRM) Proposal" dated 9 October 2000, for example.

Between the first and the second pitches, CPRM was made more "generic" ... with incriminating references to CRPM removed, as these minutes from the second, December T.13 meeting show:

"All subcommands and data structures now have generic names, rather than those of CPRM... Some editorial improvements were suggested, but no objections were raised to the technical content.

Paul Anderson moved to include this proposal with the noted minor corrections as a revision 3 into ATA/ATAPI-6, and Task Kasebayashi seconded. The vote was 4:2:11. This motion failed because the approvals did not exceed 50% of the membership, part of the "ANSI two-thirds" rule for late proposals. This proposal will remain on the agenda."

So here you have a Paul Anderson voting to move CPRM into the ATA spec version 6 (with the names changed, you'll note). While the Paul Anderson who authored the latest FAQ that denies this ever took place. Could they be related?

Always optional

"Will CPRM cripple the entire computer industry?" the document asks rhetorically. "No. Since copy protection is always optional, CPRM will only be utilized if there is consumer demand for exciting new entertainment content that is only made available in a copy protection framework."

Good-ee. But then...

"CPRM is not designed for nor applicable to fixed, captive hard drives," it asserts.

Let's remind ourselves of the context for this proposal. The ATA committee oversees the technical standard used by fixed hard drives. There is only one removable drive which uses this command set: Castlewood's Orb. Other removables such as Zip drives use the ATAPI standard.

And other media use specific supersets of ATA, but these don't require the ATA standard to be modified. The proposal was specifically designed to use ATA, rather than ATAPI (removable) semantics. Make no mistake, the CPRM proposal as first mooted, regardless of these parties protestations of innocence, was a torpedo aimed at the fixed hard drive standard.

That's why we figured you'd want to know about it sooner - when it was possible to make a difference - rather than later.

As the FAQ acknowledges:

"CPRM-protected files are only playable when they reside on CPRM-enabled devices." And in the case of backups:- "Restoring a protected file to a different piece of media would initially result in a un-playable file."

The document fairly also seeks to absolve the hard drive manufacturers of blame for the CPRM caper. Which is quite correct - as the T.13 committee has twice deferred attempts to have the 4C's CPRM copy control proposal adopted as part of the specification.

"Did CPRM arise by shadily influencing HDD vendors in back-room meetings?" asks the FAQ.

Well, of course CPRM didn't "arise" in meetings with vendors, it "arose" much earlier. Hard drive folks have plenty to worry about without cooking up schemes which restrict data movement. At some point CPRM had to be granted approval by hardware vendors, which is how, in this case, the world got to hear about it.

Interestingly the FAQ answers one of the most emblematic points made by John Gilmore in his essay What's Wrong With Copy Protection [translations also available in Portuguese and German (and not Dutch as we earlier said)]. Gilmore describes how stealth restrictions imposed by manufacturers can very quickly become personal:

"By private agreements among major companies, such as SDMI and CPRM (that later end up being "submitted" as fait accompli to accredited standards committees, requiring an effort by the affected public to derail them). By private agreements behind the laws and standards, such as the unwritten agreement that DAT and MiniDisc recorders will treat analog inputs as if they contained copyrighted materials which the user has no rights in. (My recording of my brother's wedding is uncopyable, because my MiniDisc decks act as if I and my brother don't own the copyright on it.)"

We ask the questions

Doubtless with this in mind, the FAQ asks: "If CPRM becomes ubiquitous, then I won't be able to use these new compliant recorders to record my baby's first words, right?"

And goes on to answer itself:

"A: You will absolutely be able to use CPRM-compliant recorders to record personal content. CPRM is used by applications that require its use and will not be used nor affect applications used to record personal content. Just like DVD video players play unprotected videos and SDMI players import unprotected music, all CPRM-enabled players and recorders will play/record unprotected content. This is not accidental. Going back to the original DVD video definition, the fundamental principle underlying copy protection has always been: "If the entertainment industry wants its content protected, it must take positive action, encrypting it and/or watermarking it at the source."
Representatives from various computer companies have
repeatedly gone on record as unwilling to protect content that was not already protected before it entered the computer system."

So with the help of CPRM, they'll be able to lock it down for good. ®

Related Stories

For our full CPRM on ATA coverage, click here.

Internet Security Threat Report 2014

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
DOUBLE BONK: Testy fanbois catch Apple Pay picking pockets
Users wail as tapcash transactions are duplicated
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
YARR! Pirates walk the plank: DMCA magnets sink in Google results
Spaffing copyrighted stuff over the web? No search ranking for you
In the next four weeks, 100 people will decide the future of the web
While America tucks into Thanksgiving turkey, the world will be taking over the net
Microsoft EU warns: If you have ties to the US, Feds can get your data
European corps can't afford to get complacent while American Big Biz battles Uncle Sam
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.