Audio pirates and device makers still dancing
Michelle Howell, Associate Editor
The music industry and device manufacturers can't agree on a single standard to prevent piracy. But would that be the best thing anyway?
You mean I actually have to buy a CD now? Who would've believed it would come back to this! While the traditionalist in me still reels with excitement at the thrill of visiting my local record store to purchase the latest CD, this may be the sentiment felt by those who choose to illegally burn copyrighted music.
With regulatory and standardization committees teaming up with the music industry and portable-device manufacturers, the future of music piracy may be shaking in its boots. But with no overall standard for what security measures portable designers should take to ensure that copyrighted materials are protected, the shaking may still include a little rattle and roll.
During the short-lived, but well-publicized reign of Napster, the music file-sharing service that tested the security ability of every designer's system, groups began to form to ensure this piracy couldn't continue. With portable MP3 music players fueling the downloadable content fire, inviting portable-device makers to these meetings seemed only natural. In 1999, the Secure Digital Music Initiative (SDMI) gathered the recording, consumer electronics, and information technology industries together to develop an open specification for protecting digital music distribution. In these meetings, the SDMI developed the SDMI Portable Device Specification Part 1, Version 1.0, a voluntary set of guidelines intended to provide a secure platform for the digital distribution of music and related content that's offered for sale on-line or through other Web distribution mediums. Although the over 200 members of the SDMI developed various ways of protecting content, and slapped that SDMI-compliant logo on their products, this specification eventually waned and other proprietary measures became the dominant means.
So, what exactly happened to SDMI and its idea of creating content-protection standards and specifications? Where did it all go wrong? Imagine, if you will, a room full of music industry associates and content makers, PC manufacturers, and portable-device makers trying to decide on a specification that works with everyone's devices and capabilities. Looking for the punch line? This is no joke, just a key impetus in the inactive status of SDMI. "The problem with SDMI was that it was made up of groups with very different goals and interests," says Randy Cole, chief technologist at Texas Instruments Internet Audio Group. "It was very hard to reach an agreement because you couldn't satisfy everybody."
What to do?
Approaches to what portable-device manufacturers should do to protect content and copyrighted materials vary widely among device manufacturers. Although there's no standard-issue means of guaranteeing the security of content on the portable platform, there are three key ways security can be applied: in storage technology, compression technology, and the player itself.
The type of security solution really depends on the type of audio decoder a manufacturer uses, the type of PC software, and the type of flash memory. Content Key, a digital rights management scheme for the portable media from DataPlay will let users download copyrighted materials from their PC to their device. But this content is then frozen, so to speak, in the users device. The ability to share that content ceases once it hits a device equipped with Content Key because of a zero copy rule. You can, however, take the disc out and give it to a friend, but you wouldn't be able to copy the content onto your friend's PC or another DataPlay disc. "If it's stolen or not is not important to us," says Steven Volk, vice president of corporate development at DataPlay. "We're just not going to let you take it to another space. You already have it on your PC." Content Key is, however, flexible enough to adapt to other security standards that come along.
Watermarking
Another approach is audio watermarking, which involves embedding a packet of digital data directly into the content signal. It's basically an inaudible signal that can be added to content, such as music. The watermarked data can contain rules, such as copy usage rules for the content, owner, distributor, or recipient. While computers or devices can read this signal, it's said to have no effect on listening quality. But if a user tries to remove the watermark from the content, it will destroy the content, making it inaudible.
Verance's audio watermarks can contain detailed information associated with the audio and audio-visual content through such means as monitoring and tracking its distribution and use, as well as controlling access to and usage of the content. To read this content, devices need to use a watermark detector, which filters through the rules embedded on the watermark and determines if this content is allowed to be legally played again or shared. In the same security aspect of Content Key, Verance's audio watermark doesn't stop a user from getting music onto his device. But if an illegal copy was made, of content that was both watermarked and encrypted, it would no longer be encrypted, but it would be watermarked. This watermark will stop that illegal copy from being sent to the device to start with.
Texas Instruments formed its Internet Audio Group specifically to focus on the portable audio device market. Its flagship product, the TMS320DA250 DSP, was developed as a platform for all potential audio protocols. Because the DSP is programmable, unlike other hard-wired solutions, it can work with any codec, such as MP3, WMA (Windows Media Audio), AAC, and numerous others. If a new protocol comes along, the DSP can easily work with it. Other non-programmable options build all the protocols needed into the hardware. But with new protocols popping up every day, this could potentially exclude emerging technologies. With this in mind, designers need to think long and hard about which protocols should be integrated in the hardware and which ones should be left out.
Standardization
There are, of course, other standards and standardization committees out there working to protect content. Content Protection for Recordable Media (CPRM) is a technology developed jointly by IBM, Intel, Matsushita, and Toshiba (the 4C entity). It was designed to meet the requirements of SDMI and extends CPRM and similar content protection schemes to ATA devices. This technology is, as with most other, completely optional. A group called the Copy Protection Technical Working Group (CPTWG), which includes Hitachi, Intel, Matsushita, Sony, and Toshiba also produced the Five Company (5C) Digital Transmission Content Protection (DTCP) specification. This aims to give manufacturers an easy-to-implement standard with a higher level of security than CPRM and moves into issues such as streaming digital movies and other content from digital appliances such as set-top boxes, DVRs (digital video recorders), DVD players, and satellite TV.
"One of the reasons why SDMI and 4C security hasn't been implemented yet is that the industry moved a little bit faster than the standardization," says Hans Fleurkens, marketing manager for portable devices at Philips Semiconductor. "You see a number of players being executed on relatively short notice with their own types of standards. For whatever standard is coming, it needs to have wide support within the industry," adds Fleurkens. But that may be further off than we think. Manufacturers have created proprietary measures for protecting content on devices. These measures may vary as widely as the content, but many are flexible enough to facilitate a universal standard, if one should arise. Although a universal standard sounds like the best solution to ensure interoperability and compliance throughout the market, the major downfall is Public Enemy No. 1, the hacker.
If there's a universal standard and it gets broken, then all that standardization work has been for nothing. The key to security in the portable realm right now will be a matter of implementing several different standards on a player. This, however, may add to development costs and implementation difficulties of devices. Once portable audio device makers tackle the issues of protecting copyrighted content on their devices, the security monster will rear its ugly head to streaming video and movies. But that's a whole other topic.
Portable Design April, 2002
Author(s) : Michelle Howell
