Feeds

On the Beastie Boys 'virus' CD

Does not attempt world domination

  • alert
  • submit to reddit

High performance access to file storage

Review Widely-circulated claims that the Beastie Boys' new album To the 5 Boroughs exhibits virus-like copy-control behaviour are unfounded, according to tests. EMI's statement regarding these claims, however, is incorrect, since the album does install software if played on a Windows PC. The tests also show that the copy control system on the disc is so weak that Mac and Linux users won't even realize it's there. That's fine with us, say sources in the recording industry.

The allegations of virus-like behavior have been rampant because the US and UK versions of the Beastie Boys' album are not copy-controlled, so many users were unable to verify them first-hand and simply spread the rumour. I contacted EMI in Italy, where the record is protected by Macrovision's CDS 200. The company kindly sent a sample of the copy-controlled version of the album, which was tested under MacOS X, Windows XP and Linux.

The disc contains a data session and an audio session. It's not a CD, as it doesn't carry the Philips "Compact Disc" logo. The data session includes 128-kbps compressed versions of the tracks of the audio session, a custom player (player.exe) and some DLL files.

When inserted in a plain-vanilla Windows XP system, the file autorun.inf is run automatically, launching the player. The first time the player runs, a warning is displayed, stating that "a number of files need to be updated on your PC". Some files, including the DLLs, are then installed, as logged in the install.log file, which is also written to disk in the root directory.

This essentially contradicts EMI's initial statement that "CDS-200 does not install software applications of ANY KIND on a user's PC". However, one might argue that DLLs are not "applications", so perhaps EMI is left with some wiggle room.

In any case, this is clearly not virus-like behaviour. The user is warned, albeit tersely, that something will be installed. An uninstaller is also provided, in the form of the uninstallplayer.exe program on the disc. The record sleeve also bears a "Copy Controlled" logo and microscopic warnings, which may baffle non-English-speaking buyers.

The installed software, moreover, does not cripple the PC in any way, apart from raising CPU usage to a steady 100 per cent during disc playback (overclockers beware). The audio session of the disc can be accessed and played by simply pressing the Shift key during disc insertion or by using Microsoft's TweakUI or similar utilities to disable the Windows Autorun function. CD burning is not impaired in any way.

From a computer-security standpoint, the copy-control system would seem to be extremely ineffective. Nero 5.5 and a standard DVD/CD burner had no trouble ripping the audio tracks and burning a copy of the disc, which played without audible errors both on a Windows PC and on available home and car stereos. All the user needs to do is select the audio session for ripping after overriding the Autorun function, which is probably already disabled by most security-conscious users.

Life is even easier for Mac and Linux users. When inserted in a Mac OS X system, the disc simply plays in iTunes. No DRM warnings is displayed and no software is installed, and iTunes imports the tracks perfectly. On a Linux system (Mandrake 10.0 was used for the test), the user can simply choose between playing the audio session and browsing the data session. CD burning programs for Linux, such as k3b, are able to burn a copy of the audio tracks without errors. Essentially, the only way a Linux or Mac user will notice that the record is copy-controlled is by reading the warning on the sleeve.

When asked why they even bother with such an apparently ineffective copy control scheme, sources within EMI Italy had an interesting comment to make. Sure, it's weak DRM, but it's still good enough to make a difference, they claim. The reason is that most Windows users are not computer-savvy enough to know the Shift-to-kill-Autorun trick, so a significant number of buyers will not be able to copy the disc. Mac and Linux users are so few that they are essentially irrelevant.

The current copy control system, in other words, is not intended to block all copying, but simply to stop the average computer user from ripping the Beastie Boys for his friends. It will prevent only a few thousand illegal copies and do nothing against organized piracy, but that's all it takes, the EMI source claimed. Sales are now so low in some countries (Italian families, for example, buy less than two legitimate CDs per year, according to recording industry figures) that just a few thousand more copies sold thanks to weak copy control can carry an album to the top of the charts and spare a record company from having to fire employees.

© Paolo Attivissimo - www.attivissimo.net

Related stories

Beastie Boys claim no virus on crippled CD
Beastie Boys CD installs virus

High performance access to file storage

More from The Register

next story
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Nokia offers 'voluntary retirement' to 6,000+ Indian employees
India's 'predictability and stability' cited as mobe-maker's tax payment deadline nears
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
It may be ILLEGAL to run Heartbleed health checks – IT lawyer
Do the right thing, earn up to 10 years in clink
France bans managers from contacting workers outside business hours
«Email? Mais non ... il est plus tard que six heures du soir!»
Adrian Mole author Sue Townsend dies at 68
RIP Blighty's best-selling author of the 1980s
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Analysts: Bright future for smartphones, tablets, wearables
There's plenty of good money to be made if you stay out of the PC market
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.