Compact Disc and DVD copy protection
CD/DVD copy protection is a blanket term for various methods of copy protection for CDs and DVDs. Such methods include DRM, CD-checks, Dummy Files, illegal tables of contents, over-sizing or over-burning the CD, physical errors and bad sectors. Many protection schemes rely on breaking compliance with CD and DVD standards, leading to playback problems on some devices.
Protection schemes rely on distinctive features that:
- can be applied to a medium during the manufacturing process, so that a protected medium is distinguishable from an unprotected one.
- cannot be faked, copied, or retroactively applied to an unprotected medium using typical hardware and software.
Filesystems / Dummy files
Most CD-ROMs use the ISO9660 file system to organize the available storage space for use by a computer or player. This has the effect of establishing directories (i.e., folders) and files within those directories. Usually, the filesystem is modified to use extensions intended to overcome limitations in the ISO9660 filesystem design. These include Joliet, RockRidge and El Torito extensions. These are, however, compatible additions to the underlying ISO9660 structure, not complete replacements or modifications. The most basic approach for a distinctive feature is to purposely fake some information within the filesystem. Early generations of software copied every single file one by one from the original medium and re-created a new filesystem on the target medium.
A sector is the primary data structure on a CD-ROM accessible to external software (including the OS). On a Mode-1 CD-ROM, each sector contains 2048 bytes of user-data (content) and 304 bytes of structural information. Among other things, the structural information consists of
- the sector number, the sector's relative and absolute logical position
- an error detection code (EDC), which is an advanced checksum used to detect (if possible) read-errors
- an error correction code (ECC), an advanced method of detecting and correcting errors
Using the EDC and ECC information, the drive can detect and repair many (but not all) types of read-error.
Copy protections can use these fields as a distinctive feature by purposely crafting sectors with improper EDC/ECC fields during manufacture. The protection software tries to read those sectors, awaiting read-errors. As early generations of end-user soft/hardware were not able to generate sectors with illegal structural information, this feature could not be re-generated with such soft/hardware. If the sectors forming the distinctive feature have become readable, the medium is presumed to be a copy.
Modern soft/hardware is able to reproduce raw sectors, therefore this approach cannot be used to give protection any more.
A modification of this approach uses large regions of unreadable sectors with small islands of readable ones interspersed. Most software trying to copy protected media will skip intervals of sectors when confronted with unreadable ones, expecting them all to be bad. In contrast to the original approach, the protection scheme expects the sectors to be readable, supposing the medium to be a copy when read-errors occur.
Beside the main-channel which holds all of the user-data, a CD-ROM contains a set of eight sub-channels where certain meta-information can be stored. (For an audio CD, the user-data is the audio itself; for a data CD, it is the filesystem and file data.) One of the sub-channels — the Q-channel — states the drive's current position relative to the beginning of the CD and the current track. This was designed for Audio-CDs (which for a few years were the only CDs), where this information is used to keep the drive on track; nevertheless the Q-channel is filled even on Data-CDs. Another sub-channel, the P-channel (which is the first of the subchannels) carries even more primitive information—a sort of semaphore—indicating the points where each track starts.
As every Q-channel field contains a 16-bit checksum over its content, copy protection can yet again use this field to distinguish between an original medium and a copy. Early generations of end-user soft/hardware calculated the Q-channel by themselves, not expecting them to carry any valuable information.
Modern software and hardware are able to write any information given into the subchannels Q and P.
This technique exploits the way the sectors on a CD-ROM are addressed and how the drive seeks from one sector to another. On every CD-ROM the sectors state their logical absolute and relative position in the corresponding sector-headers. The drive can use this information when it is told to retrieve or seek to a certain sector. Note that such information is not physically "hard-wired" into the CD-ROM itself but part of user-controlled data.
A part of an unprotected CD-ROM may look like this (simplified):
|Sector's logical address||...||6551||6552||6553||6554||6555||6556||6557||...|
When the drive is told to read from or seek to sector 6553, it calculates the physical distance, moves the laser-diode and starts reading from the (spinning) disc, waiting for sector 6553 to come by.
A protected CD-ROM may look like this:
|Sector's logical address||...||6551||6552||6553||6553||6554||6555||6556||6557||...|
In this example, a sector was inserted ("Mary") with a sector-address identical to the one right before the insertion-point (6553). When the drive is told to read from or seek to sector 6553 on such a disc, the resulting sector-content depends on the position the drive starts seeking from.
- If the drive has to seek forwards, the sector's original content "Jill" is returned.
- If the drive has to seek backwards, the sector's twin "Mary" is returned.
A protected program can check whether the CD-ROM is original by positioning the drive behind sector 6553 and then reading from it — expecting the Mary version to appear. When a program tries to copy such a CD-ROM, it will miss the twin-sector as the drive skips the second 6553-sector, seeking for sector 6554.
There are more details about this technique (e.g. the twin-sectors need to be recorded in large extents, the SubQ-channel has to be modified etc.) that were omitted. If the twin sectors are right next to each other as shown, the reader would always read the first one, Jill; the twin sectors need to be farther apart on the disc.
Protection-vendors using this technique say it's "physically impossible" to copy this kind of protection. However, specialized software can produce perfect clones of such CD-ROMs, although the process is very time-consuming. What the vendors are thinking when they say "physically impossible" is probably that copying the protection requires technical features that the installed base of standard CD-ROM and CD-recorder drives do not have. Then, what they mean is "technically impossible with a typical drive," but that is still wrong, because with clever techniques it is technically possible, as the existence of programs that do it proves. No doubt, it would not even take excessive time if a specialized CD reader that made these workarounds unnecessary was available.
Data position measurement
Stamped CDs are perfect clones and have the data always at the same position, whereas writable media differ from each other. Data Position Measurement (DPM) detects these little physical differences to efficiently protect against duplicates. DPM was first used publicly in 1996 by Link Data Security's CD-Cops. SecuROM 4 and later uses this protection method, as do Nintendo optical discs.
Changes That Followed
The Red Book CD-DA audio specification does not include any copy protection mechanism other than a simple anti-copy flag. Starting in early 2002, attempts were made by record companies to market "copy-protected" non-standard compact discs. Philips stated that such discs were not permitted to bear the trademarked Compact Disc Digital Audio logo because they violate the Red Book specification. There was great public outcry over copy-protected discs because many saw it as a threat to fair use. For example, audio tracks on such media cannot be easily added to a personal music collection on a computer's hard disk or a portable (non-CD) music player. Also, many ordinary CD audio players (e.g. in car radios) had problems playing copy-protected media, mostly because they used hardware and firmware components also used in CD-ROM drives. The reason for this reuse is cost efficiency; the components meet the Red Book standard, so no valid reason existed not to use them. Other car stereos that supported CD-ROM discs containing compressed audio files (such as MP3, FLAC, or Windows Media) had to use some CD-ROM drive hardware (meeting the Yellow Book CD-ROM standard) in order to be capable of reading those discs.
In late 2005, Sony BMG Music sparked the Sony CD copy protection scandal when it included a form of copy protection called Extended Copy Protection ("XCP") on discs from 52 artists. Upon inserting such a disc in the CD drive of a computer running Microsoft Windows, the XCP software would be installed. If CD ripper software (or other software, such as a real-time effects program, that reads digital audio from the disc in the same way as a CD ripper) were to subsequently access the music tracks on the CD, XCP would substitute white noise for the audio on the disc.
Technically inclined users and computer security professionals found that XCP contains a rootkit component. After installation, XCP went to great lengths to disguise its existence, and it even attempted to disable the computer's CD drive if XCP was forcibly removed. XCP's efforts to cloak itself unfortunately allowed writers of malware to amplify the damage done by their software, hiding the malware under XCP's cloak if XCP had been installed on the victim's machine. Several publishers of antivirus and anti-spyware software updated their products to detect and remove XCP if found, on the grounds that it is a trojan horse or other malware; and an assistant secretary for the United States' Department of Homeland Security chastised companies that would cause security holes on customers' computers, reminding the companies that they do not own the computers.
Facing resentment and class action lawsuits Sony BMG issued a product recall for all discs including XCP, and announced it was suspending use of XCP on future discs. On November 21, 2005 the Texas Attorney General Greg Abbott sued Sony BMG for XCP and on December 21, 2005 sued Sony BMG for MediaMax copy protection.
United Kingdom Position
The provisions of law allow for redress to users of Audio CDs with Copyright-Protection. The Copyright, Designs and Patents Act 1988 contain provisions within section 296ZE part VII that allow for "remedy where effective technological measures prevent permitted acts". In practice, the consumer would put forward a complaint to the copyright holder of the Audio CD, usually a Record Label. The complaint would contain a request to the holder of the copyright to provide a "work-around" in order to make use of the copy-protected CD, in the nature that a non-copyright protected CD would be used lawfully. Where the consumer believes the copyright holder has not been reasonable in entertaining the request, they are within the rights of the act to make an application to the secretary of state to review the merits of the complaint and instruct the copyright holder to implement a work-around circumventing the copyright protection. Schedule 5A of the Copyright, Designs and Patent Act 1988 lists the permitted acts, to which the provisions of section 296ZE apply (where the consumer can use the remedy of copyright protection).
- "Archived copy". Archived from the original on 2008-12-24. Retrieved 2008-12-24.
- BBC NEWS | Technology | Sony sued over copy-protected CDs
- Texas Attorney General
- Texas Attorney General