[ISN] MS digital rights management scheme cracked

From: InfoSec News (isnat_private)
Date: Mon Oct 22 2001 - 01:21:54 PDT

  • Next message: InfoSec News: "[ISN] Secrecy surrounds 25m Barclaycard blackmail case"

    By Thomas C Greene in Washington
    Posted: 19/10/2001 at 09:19 GMT
    An anonymous coder named 'Beale Screamer' claims to have broken the
    Version-2 Microsoft digital rights management (DRM) scheme, and has
    produced the source code and a DOS utility to un-protect .WMA audio
    The author's zipped file http://www.theregister.co.uk/media/657.zip
    contains a well-written and lengthy description of the MS DRM
    weaknesses, a philosophical tract explaining why he thinks it
    necessary to crack, the source code, and the command-line utility.
    The alias Beale Screamer, incidentally, derives from the lines of
    'Howard Beale' in the movie 'Network', we're told. "Just yell to the
    publishers 'I'm mad as hell, and I'm not going to take this anymore!'"
    The motive here is said to be an assertion of fair use and a check
    against the abuse of copyright for purposes of consumer extortion.
    A DRM scheme "used to give the consumer more possibilities than
    existed before," Screamer tells us. "I think the idea of limited time,
    full-length previews, or time-limited Internet-based rentals is
    excellent. If DRM was only used for this, in order to give us more
    options than we previously had, I would not have taken the effort to
    break the scheme. What is bad is the use of DRM to restrict the
    traditional form of music sale. When I buy a piece of music (not rent
    it, and not preview it), I expect (and demand!) my traditional fair
    use rights to the material. I should be able to take that content,
    copy it onto all my computers at home, my laptop, my portable MP3
    player....basically anything I use to listen to the music that I have
    Well said; a tremendous amount of thought and effort has obviously
    gone into all this, and we have to wonder who this crusader is. A
    university connection seems all but certain. We've got a few feelers
    out, and hope very much that he'll submit to an interview soon.
    There's clearly more to this story than meets the eye. For one thing,
    the quality of writing in the text files exceeds that in the code
    files, suggesting more than one actor. Readers are encouraged to share
    their insights as they read through the texts and fiddle with the
    code, using the link above.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Mon Oct 22 2001 - 05:43:45 PDT