Security standards could make anti-piracy easier
18:35 16 September 03
NewScientist.com news service
The US music industry's legal clampdown on online music piracy could soon be supplemented by technical measures that will make it harder to make unauthorised copies of digital files.
A new set of programming standards, released by a consortium of the world's largest software and hardware companies on Tuesday, specify methods for developing software for hardware security modules increasingly being built into many personal computers.
The Trusted Computing Group's new security standards promise to shore up personal computer security by linking software to tamper-resistant hardware modules in which cryptographic keys and other tools are stored. This could be used to increase the security of files or authenticate messages.
A new version of Microsoft's Windows operating system, scheduled for release in 2004, will incorporate the ability to use these hardware modules. The first computer systems to include the hardware were released by IBM in April and Hewlett Packard in May 2003.
Experts say the standards will enable the development of more robust Digital Rights Management (DRM) software to restrict unauthorised copying of digital files. A music file would only play on a machine if it had the correct key.
Raising the bar
Julian Midgley of the UK's Campaign for Digital Rights says this will "raise the bar significantly" for someone trying to defeat a copy prevention system. Software-only systems have so far proven vulnerable to circumvention.
But Midgley says "it will be well outside the bounds of your average user" to break a DRM system based on the new standards, as this would involve having to physically break into the security chip.
The TCG and Microsoft maintain the system was not created specifically to prevent piracy. But spokesperson TCG Anne Price concedes that the standards could be used to develop DRM software. "It is certainly possible," she told New Scientist, but "it's really up to the application developers."
Legal battle
Last week, the Recording Industry Association of America (RIAA) began legal action on behalf of the world's largest record companies against 261 file-swappers accused of sharing copyrighted music illegally.
The RIAA has all but exhausted technical efforts to clamp down on unauthorised copying. These included altering CDs so that they will not play at all in a computer's CD-ROM drive or releasing music in software-protected formats. But such controls have proven either easy to get around or too complicated for many to use.
File-sharing is reported to have dropped since the RIAA announced its legal action. But the suits have also attracted negative publicity, most noticeably after a 12-year-old girl was sued for downloading a handful of songs.
Record companies accuse file-sharing networks of facilitating massive copyright infringement and contributing to a year-on-year fall in US music sales. Critics say the industry should better embrace this distribution mechanism by developing attractive alternatives that compensate artists.
File-sharing networks connect individual computers to create a giant searchable database of files. The trend began in 1999 with the release of Napster, but this service was successfully sued for assisting with copyright infringement. Services that have sprung up in Napster's wake have escaped legal pressure by removing the requirement for an index kept on a centralised server.
Will Knight
