Feeds

On the Beastie Boys 'virus' CD

Does not attempt world domination

  • alert
  • submit to reddit

Security for virtualized datacentres

Review Widely-circulated claims that the Beastie Boys' new album To the 5 Boroughs exhibits virus-like copy-control behaviour are unfounded, according to tests. EMI's statement regarding these claims, however, is incorrect, since the album does install software if played on a Windows PC. The tests also show that the copy control system on the disc is so weak that Mac and Linux users won't even realize it's there. That's fine with us, say sources in the recording industry.

The allegations of virus-like behavior have been rampant because the US and UK versions of the Beastie Boys' album are not copy-controlled, so many users were unable to verify them first-hand and simply spread the rumour. I contacted EMI in Italy, where the record is protected by Macrovision's CDS 200. The company kindly sent a sample of the copy-controlled version of the album, which was tested under MacOS X, Windows XP and Linux.

The disc contains a data session and an audio session. It's not a CD, as it doesn't carry the Philips "Compact Disc" logo. The data session includes 128-kbps compressed versions of the tracks of the audio session, a custom player (player.exe) and some DLL files.

When inserted in a plain-vanilla Windows XP system, the file autorun.inf is run automatically, launching the player. The first time the player runs, a warning is displayed, stating that "a number of files need to be updated on your PC". Some files, including the DLLs, are then installed, as logged in the install.log file, which is also written to disk in the root directory.

This essentially contradicts EMI's initial statement that "CDS-200 does not install software applications of ANY KIND on a user's PC". However, one might argue that DLLs are not "applications", so perhaps EMI is left with some wiggle room.

In any case, this is clearly not virus-like behaviour. The user is warned, albeit tersely, that something will be installed. An uninstaller is also provided, in the form of the uninstallplayer.exe program on the disc. The record sleeve also bears a "Copy Controlled" logo and microscopic warnings, which may baffle non-English-speaking buyers.

The installed software, moreover, does not cripple the PC in any way, apart from raising CPU usage to a steady 100 per cent during disc playback (overclockers beware). The audio session of the disc can be accessed and played by simply pressing the Shift key during disc insertion or by using Microsoft's TweakUI or similar utilities to disable the Windows Autorun function. CD burning is not impaired in any way.

From a computer-security standpoint, the copy-control system would seem to be extremely ineffective. Nero 5.5 and a standard DVD/CD burner had no trouble ripping the audio tracks and burning a copy of the disc, which played without audible errors both on a Windows PC and on available home and car stereos. All the user needs to do is select the audio session for ripping after overriding the Autorun function, which is probably already disabled by most security-conscious users.

Life is even easier for Mac and Linux users. When inserted in a Mac OS X system, the disc simply plays in iTunes. No DRM warnings is displayed and no software is installed, and iTunes imports the tracks perfectly. On a Linux system (Mandrake 10.0 was used for the test), the user can simply choose between playing the audio session and browsing the data session. CD burning programs for Linux, such as k3b, are able to burn a copy of the audio tracks without errors. Essentially, the only way a Linux or Mac user will notice that the record is copy-controlled is by reading the warning on the sleeve.

When asked why they even bother with such an apparently ineffective copy control scheme, sources within EMI Italy had an interesting comment to make. Sure, it's weak DRM, but it's still good enough to make a difference, they claim. The reason is that most Windows users are not computer-savvy enough to know the Shift-to-kill-Autorun trick, so a significant number of buyers will not be able to copy the disc. Mac and Linux users are so few that they are essentially irrelevant.

The current copy control system, in other words, is not intended to block all copying, but simply to stop the average computer user from ripping the Beastie Boys for his friends. It will prevent only a few thousand illegal copies and do nothing against organized piracy, but that's all it takes, the EMI source claimed. Sales are now so low in some countries (Italian families, for example, buy less than two legitimate CDs per year, according to recording industry figures) that just a few thousand more copies sold thanks to weak copy control can carry an album to the top of the charts and spare a record company from having to fire employees.

© Paolo Attivissimo - www.attivissimo.net

Related stories

Beastie Boys claim no virus on crippled CD
Beastie Boys CD installs virus

Choosing a cloud hosting partner with confidence

More from The Register

next story
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
'Cowardly, venomous trolls' threatened with TWO-YEAR sentences for menacing posts
UK government: 'Taking a stand against a baying cyber-mob'
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.