Feeds

On the Beastie Boys 'virus' CD

Does not attempt world domination

  • alert
  • submit to reddit

Security for virtualized datacentres

Review Widely-circulated claims that the Beastie Boys' new album To the 5 Boroughs exhibits virus-like copy-control behaviour are unfounded, according to tests. EMI's statement regarding these claims, however, is incorrect, since the album does install software if played on a Windows PC. The tests also show that the copy control system on the disc is so weak that Mac and Linux users won't even realize it's there. That's fine with us, say sources in the recording industry.

The allegations of virus-like behavior have been rampant because the US and UK versions of the Beastie Boys' album are not copy-controlled, so many users were unable to verify them first-hand and simply spread the rumour. I contacted EMI in Italy, where the record is protected by Macrovision's CDS 200. The company kindly sent a sample of the copy-controlled version of the album, which was tested under MacOS X, Windows XP and Linux.

The disc contains a data session and an audio session. It's not a CD, as it doesn't carry the Philips "Compact Disc" logo. The data session includes 128-kbps compressed versions of the tracks of the audio session, a custom player (player.exe) and some DLL files.

When inserted in a plain-vanilla Windows XP system, the file autorun.inf is run automatically, launching the player. The first time the player runs, a warning is displayed, stating that "a number of files need to be updated on your PC". Some files, including the DLLs, are then installed, as logged in the install.log file, which is also written to disk in the root directory.

This essentially contradicts EMI's initial statement that "CDS-200 does not install software applications of ANY KIND on a user's PC". However, one might argue that DLLs are not "applications", so perhaps EMI is left with some wiggle room.

In any case, this is clearly not virus-like behaviour. The user is warned, albeit tersely, that something will be installed. An uninstaller is also provided, in the form of the uninstallplayer.exe program on the disc. The record sleeve also bears a "Copy Controlled" logo and microscopic warnings, which may baffle non-English-speaking buyers.

The installed software, moreover, does not cripple the PC in any way, apart from raising CPU usage to a steady 100 per cent during disc playback (overclockers beware). The audio session of the disc can be accessed and played by simply pressing the Shift key during disc insertion or by using Microsoft's TweakUI or similar utilities to disable the Windows Autorun function. CD burning is not impaired in any way.

From a computer-security standpoint, the copy-control system would seem to be extremely ineffective. Nero 5.5 and a standard DVD/CD burner had no trouble ripping the audio tracks and burning a copy of the disc, which played without audible errors both on a Windows PC and on available home and car stereos. All the user needs to do is select the audio session for ripping after overriding the Autorun function, which is probably already disabled by most security-conscious users.

Life is even easier for Mac and Linux users. When inserted in a Mac OS X system, the disc simply plays in iTunes. No DRM warnings is displayed and no software is installed, and iTunes imports the tracks perfectly. On a Linux system (Mandrake 10.0 was used for the test), the user can simply choose between playing the audio session and browsing the data session. CD burning programs for Linux, such as k3b, are able to burn a copy of the audio tracks without errors. Essentially, the only way a Linux or Mac user will notice that the record is copy-controlled is by reading the warning on the sleeve.

When asked why they even bother with such an apparently ineffective copy control scheme, sources within EMI Italy had an interesting comment to make. Sure, it's weak DRM, but it's still good enough to make a difference, they claim. The reason is that most Windows users are not computer-savvy enough to know the Shift-to-kill-Autorun trick, so a significant number of buyers will not be able to copy the disc. Mac and Linux users are so few that they are essentially irrelevant.

The current copy control system, in other words, is not intended to block all copying, but simply to stop the average computer user from ripping the Beastie Boys for his friends. It will prevent only a few thousand illegal copies and do nothing against organized piracy, but that's all it takes, the EMI source claimed. Sales are now so low in some countries (Italian families, for example, buy less than two legitimate CDs per year, according to recording industry figures) that just a few thousand more copies sold thanks to weak copy control can carry an album to the top of the charts and spare a record company from having to fire employees.

© Paolo Attivissimo - www.attivissimo.net

Related stories

Beastie Boys claim no virus on crippled CD
Beastie Boys CD installs virus

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
DOUBLE BONK: Testy fanbois catch Apple Pay picking pockets
Users wail as tapcash transactions are duplicated
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Google Glassholes are UNDATEABLE – HP exec
You need an emotional connection, says touchy-feely MD... We can do that
YARR! Pirates walk the plank: DMCA magnets sink in Google results
Spaffing copyrighted stuff over the web? No search ranking for you
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.