Feeds

On the Beastie Boys 'virus' CD

Does not attempt world domination

  • alert
  • submit to reddit

The Power of One Infographic

Review Widely-circulated claims that the Beastie Boys' new album To the 5 Boroughs exhibits virus-like copy-control behaviour are unfounded, according to tests. EMI's statement regarding these claims, however, is incorrect, since the album does install software if played on a Windows PC. The tests also show that the copy control system on the disc is so weak that Mac and Linux users won't even realize it's there. That's fine with us, say sources in the recording industry.

The allegations of virus-like behavior have been rampant because the US and UK versions of the Beastie Boys' album are not copy-controlled, so many users were unable to verify them first-hand and simply spread the rumour. I contacted EMI in Italy, where the record is protected by Macrovision's CDS 200. The company kindly sent a sample of the copy-controlled version of the album, which was tested under MacOS X, Windows XP and Linux.

The disc contains a data session and an audio session. It's not a CD, as it doesn't carry the Philips "Compact Disc" logo. The data session includes 128-kbps compressed versions of the tracks of the audio session, a custom player (player.exe) and some DLL files.

When inserted in a plain-vanilla Windows XP system, the file autorun.inf is run automatically, launching the player. The first time the player runs, a warning is displayed, stating that "a number of files need to be updated on your PC". Some files, including the DLLs, are then installed, as logged in the install.log file, which is also written to disk in the root directory.

This essentially contradicts EMI's initial statement that "CDS-200 does not install software applications of ANY KIND on a user's PC". However, one might argue that DLLs are not "applications", so perhaps EMI is left with some wiggle room.

In any case, this is clearly not virus-like behaviour. The user is warned, albeit tersely, that something will be installed. An uninstaller is also provided, in the form of the uninstallplayer.exe program on the disc. The record sleeve also bears a "Copy Controlled" logo and microscopic warnings, which may baffle non-English-speaking buyers.

The installed software, moreover, does not cripple the PC in any way, apart from raising CPU usage to a steady 100 per cent during disc playback (overclockers beware). The audio session of the disc can be accessed and played by simply pressing the Shift key during disc insertion or by using Microsoft's TweakUI or similar utilities to disable the Windows Autorun function. CD burning is not impaired in any way.

From a computer-security standpoint, the copy-control system would seem to be extremely ineffective. Nero 5.5 and a standard DVD/CD burner had no trouble ripping the audio tracks and burning a copy of the disc, which played without audible errors both on a Windows PC and on available home and car stereos. All the user needs to do is select the audio session for ripping after overriding the Autorun function, which is probably already disabled by most security-conscious users.

Life is even easier for Mac and Linux users. When inserted in a Mac OS X system, the disc simply plays in iTunes. No DRM warnings is displayed and no software is installed, and iTunes imports the tracks perfectly. On a Linux system (Mandrake 10.0 was used for the test), the user can simply choose between playing the audio session and browsing the data session. CD burning programs for Linux, such as k3b, are able to burn a copy of the audio tracks without errors. Essentially, the only way a Linux or Mac user will notice that the record is copy-controlled is by reading the warning on the sleeve.

When asked why they even bother with such an apparently ineffective copy control scheme, sources within EMI Italy had an interesting comment to make. Sure, it's weak DRM, but it's still good enough to make a difference, they claim. The reason is that most Windows users are not computer-savvy enough to know the Shift-to-kill-Autorun trick, so a significant number of buyers will not be able to copy the disc. Mac and Linux users are so few that they are essentially irrelevant.

The current copy control system, in other words, is not intended to block all copying, but simply to stop the average computer user from ripping the Beastie Boys for his friends. It will prevent only a few thousand illegal copies and do nothing against organized piracy, but that's all it takes, the EMI source claimed. Sales are now so low in some countries (Italian families, for example, buy less than two legitimate CDs per year, according to recording industry figures) that just a few thousand more copies sold thanks to weak copy control can carry an album to the top of the charts and spare a record company from having to fire employees.

© Paolo Attivissimo - www.attivissimo.net

Related stories

Beastie Boys claim no virus on crippled CD
Beastie Boys CD installs virus

Mobile application security vulnerability report

More from The Register

next story
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
Airbus promises Wi-Fi – yay – and 3D movies (meh) in new A330
If the person in front reclines their seat, this could get interesting
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
UK Parliament rubber-stamps EMERGENCY data grab 'n' keep bill
Just 49 MPs oppose Drip's rushed timetable
Want to beat Verizon's slow Netflix? Get a VPN
Exec finds stream speed climbs when smuggled out
Samsung threatens to cut ties with supplier over child labour allegations
Vows to uphold 'zero tolerance' policy on underage workers
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.