Copy Protection Makes A Comeback
What issues will mastering and replication facilities
face as they begin to manufacture discs with the latest
By Bob Olson
While most of us thought that we had seen the demise of copyprotection for consumer computer software with the 5.25-inch floppy diskette, recent events indicate that copy protection is making a comeback, and it looks as if technologies will be implemented in time for the holiday manufacturing season. Macrovision's recent agreement with computer game giant Electronic Arts indicates there will be copy-protected software under the Christmas tree this year.
Mastering and replication facilities worldwide will have to carefully evaluate their process as they prepare to produce these new titles. The bevy of copy protection systems on the market will impact all aspects of the manufacturing process including premastering, mastering and verification. Facilities that meet the challenge will get an opportunity to provide value-added service in a time of declining CD prices. I spent some time talking with the copy protection companies to see if I could better understand the issues facing mastering and replication facilities as they begin manufacturing discs with these new protections.
Copy Protection - Where We've Been
The software giants abandoned the copy protection of diskettes as users got frustrated with key disks. Manufacturers used sophisticated duplication systems to write errors in given sectors on the diskette, and the application software used the error codes as the cue to start the application. The idea was to produce a diskette that floppy drives could read but not write. The "bit copiers" defeated this strategy.
Software copy protection moved to the "high end" packages with the abandonment of key disks. Companies like Rainbow Technologies and Aladdin Knowledge Systems have been producing hardware dongles that have continued to ship on products from AutoDesk and SAP. Hardware dongles are a type of Application Specific Integrated Circuit (ASIC) that attach to the user's serial, parallel or USB port. The software communicates with the device, "unlocking" the application.
In many ways, the software publishers hailed the CD-ROM as a solution to their frustration with piracy. CD-ROMs were not easily copied, and hard drive sizes made it impractical to try to copy a CD-ROM to a hard drive. This was a brief hiatus. CD-R drives are under $300, 10GB hard drives are under $200 and CD-R media can be found for $1. The technology to easily copy CD-ROMs has proliferated, and publishers are again fighting back.
New Protection Strategies
The new CD-ROM protection strategies are reminiscent of the floppy strategy. The predominant idea is to make a CD-ROM that CD-ROM drives can read, but CD Writers can't write. Most of the new technology for protecting CD-ROMs today involves the use of a 'signature' or 'fingerprint' on the disc. This usually involves an area in which there is a concentration of errors or other deviation from expected CD-ROM data. Companies such as C-Dilla, Macrovision, TTR, MLS, Hide and Seek, VOB, Midbar and Sony DADC have pursued these strategies. The application 'reads' the anomaly on the disc and authenticates the disc as legitimate. While the systems vary in their application of this principle they are basically analogous. Two systems on the market - CD-Cops and Sheriff - use slightly different strategies that involve the use of an authentication key. These systems are more passive in their approach and involve analyzing the CD-ROM or CD-ROM/computer hardware configuration to generate a unique reference code that is then registered and/or used to generate an access or license key the user must enter to load or install the application. Lastly, the dongled solutions from Rainbow and Aladdin continue to be popular where the added cost of the hardware is not an issue.
What Have We Learned ?
I should emphasize that while the new technologies are in many ways analogous to past protection schemes, they are, I believe, much more than comparable. It seems that most of the companies have done their homework, and have taken precautions to avoid the pitfalls of the past. TTR, C-Dilla and Macro-vision have done extensive compatibility tests on their products; and MLS "has mastered close to 3000 titles with LaserLock," according to George Dougas MLS international marketing and sales manager. This is an important step to insure that users will not experience discs which fail to work in their CD-ROM drives - one lesson of the past is that copy protection should not inconvenience the user in any way when using the product as intended. Users have resisted dongles and authentication procedures in the past because they introduce additional restrictions on using software that is inconvenient to legitimate users. Most of the first generation copy protections are being used on games and multimedia products that utilize the CD-ROM in the drive. In this sense, the authentication is invisible to the user, as there is an expectation the disc will operate in the drive, a requirement for many protections.
There is also recognition on the part of the copy protection companies that security is a function of the sophistication of the software application layer that accesses the CD-ROM. The new 'signature' technologies rival dongles in their ability to provide a hard coded technology that should be difficult if not impossible to reproduce. Karl Schneck at Hide and Seek has referred to the disc signature as a 'bongle,' or a dongle on a disc. This emphasizes the strength of this new disc technology, one that many believe makes it superior to systems not tied to a hard coded disc signature. This technology will, however, only be as secure as the application layer used to implement it on the CD-ROM. C-Dilla and CD-Cops have many years of experience developing anti-hacking technology, and MLS emphasizes LaserLock's ability to defeat debugging software.
Implications For Manufacturers Producing Copy-Protected Discs
The ramifications for disc manufacturing are numerous. In the premastering area, it will require a close cooperation between the disc manufacturer and the software publisher. Most protections require a premastering step to create a secure application layer, as this will link the publisher's executable files to the disc signature.
There are two predominant ways in which the publishers executable files are linked to the disc signature access key, or dongle. The first is to insert code, or a Dynamic Linking Library (DLL), directly into the publishers source code. The other is to create an application layer that wraps or envelopes the publisher's executable files. While many publishers do not want a DLL inserted into their executable files, other believe that this makes the application more secure. Some systems offer the publisher either option depending on their preference. The publisher usually handles this initial premastering, during which the application layer wraps the publisher's executable files. Several companies, however, allow the disc manufacturer to offer this premastering as a service to the publisher by making Software Development Kits (SDKs) available to disc manufacturers as well as publishers. Some also require that the disc manufacturer perform an additional premastering step after the publisher has implemented the protection in their executable file.
Once the disc is premastered and a CD-R is produced, there are various ways that the disc is mastered depending on the signal processing technology integrated by the copy protection company. C-Dilla, Macrovision, TTR and LaserLock all implement the signature generation through Doug Carson and Associates Mastering Interface System (MIS) Version 6. MIS V6 implements the signature from information on the input CD-R as an integrated part of the mastering process. Hide and Seek is implemented in a similar fashion through Media Morphics' CD Data Processor. SecurROM is implemented through SONY signal processing, while Midbar uses its proprietary Cactus Data Shield system that interfaces between the signal processing and the LBR. Yariv Bar-Yam, vice president of sales and marketing, believes that the "strength of the Midbar system is that discs require no premastering as all processing for the copy protection of CD-ROM, CD Audio and DVD is handled by its proprietary hardware and its patent pending 'Embedded Masking Technology.'" VOB's ProtectCD will work on any signal processing system that implements DDP allowing it the capability to integrate on most mastering systems. "This makes it an extremely flexible solution for mastering," says Volkmar Breitfeld, VOB president.
Once discs are mastered and replicated, a solid program for verification is required. As many copy-protected discs have errors and other anomalies on them, it is important that the verification systems can make the determination as to what is a result from the disc's signature and separate that from other disc errors. There are two important tests that must be performed on the media. The data on the replica must be verified against the input source, and the physical characteristics of the discs need to be evaluated. C-Dilla, Macrovision and TTR can also be verified on DCA's Data Verifi-cation System (DVS+). This system accounts for the signature written by the MIS V6 mastering system and verifies the disc's data. Hide and Seek, Midbar, MLS and VOB provide software utilities for verifying discs made with their system - focusing predominantly on validating the signature.
The replica testers that measure the disc's physical parameters also pose a problem in verification. Systems from CD Associates, Koch, and Audio Development will report uncorrectable errors when reading many disc signatures. Some companies train the manufacturer as to which errors compose the signature, while others have software utilities to mask the errors. C-Dilla has been working with several tester manufacturers to implement software to allow users to easily verify their SafeDisc replicas. "Our goal has always been to insure smooth handling of copy protected discs at each stage of the manufacturing process," says C-Dilla director of development, Peter Newman. Other companies, such as TTR and MLS, are developing software utilities that will help mask errors on the replica testers. SecuROM's technology allows the discs to be verified on data verification systems and physical testers without modification. Dieter Daum, Sony DADC executive vice president of manufacturing and sales sees the ability of SecuROM discs to be verified without special handling as "one of the powerful features of the product."
The chart on pages 48-49 summarizes the features of the different copy protection systems, and their impact on the various stages of the manufacturing process. The Web sites of all companies are shown on page 46 and include valuable information on the various products and information on software piracy.
Copy protection has definitely made a comeback. The technology looks to be solid, and is gaining acceptance from major publishers. It is expected that most manufacturing facilities will be implementing systems this year as the demand increases. Manufacturers will need to adjust their processes to account for protected discs, and if even a small part of the claimed lost software revenues are recovered; copy protection should be a very profitable business for all involved.
Bob Olson is an industry consultant and freelance writer. He can be reached at Tel: 918-299-8010; or Email: email@example.com
|Copyright © 2002 PBI Media, LLC. All rights reserved.|