Recording Industry Asks Hackers for Help

$10,000 will go to anyone who can break SDMI's encryption code, but some hackers aren't happy about it.

Sam Costello, IDG News Service

• Email
• RSS
• 0 Comments

SDMI is offering $10,000 to hackers who can break SDMI's encryption code. SDMI will then patch the holes poked by the hackers, thus, presumably, making better technology. The only problem is that the hackers don't appear willing to help.

The Secure Digital Music Initiative is one of the recording industry's responses to the copyright and payment challenges posed by digital music. Created in early 1999, SDMI embeds a "watermark" in every digital music file, designed to manage the copying of those files. Watermarked music will play only on SDMI-compliant devices. The SDMI standard, compliance with which is voluntary, has so far failed to meet with much acceptance.

Hackers will have the chance to break the security systems of six different SDMI technologies, says Matt Oppenheim, a member of the SDMI foundation. There will be a total of $60,000 available, with $10,000 allocated for each technology.

Not a Warm Welcome

But the challenge has not been received favorably in the community SDMI is counting on. Hackers have called for a boycott.

"Thanks, SDMI, but no thanks. I won't do your dirty work for you," writes Don Marti, the technical editor of Linux Journal, a magazine devoted to the development of the open-source operating system Linux, in an open letter posted on the magazine's Web site.

"I will not participate in your organization's plan to seize total control over recorded music," Marti writes, adding, "I will not help test programs or devices that...interfere with the right of fair use."

Many who post messages on the open-source news Web site Slashdot agree with Marti.

"Ever since the fiasco with DeCSS (the DVD decryption program at the center of a number of court cases), will us hackers listen to the SDMI? Of course not. There was no need to call for such a boycott. I don't think even the hungriest hacker...would even think of touching that offer with a ten-meter cattle prod. We've all seen what happened with DeCSS. Now these corporate SOBs have got the gall to ask us for our help?" writes "dido."

The challenge has also raised concerns that information gained by SDMI and the recording industry will later be used to prosecute hackers.

SDMI's Oppenheim says that is not true. Rather, he says, the only personal information that will be required is the basic biographical information legally required by states in any contest: name, address, date of birth, and in this case, e-mail address. Files can be downloaded from the site without offering any personal information, he says.

The necessary materials will be available through the Hack SDMI Web site by late Friday, according to Oppenheim.

Only after the site has been updated will it start to become clear if the hacker boycott has held and if SDMI will have $60,000 extra with which to prosecute piracy in the future.

• Email
• Print
• RSS