Cracking codes
October 12, 2003
Sometimes all it takes is the Shift key to crack encryption software that takes a company a long time to design.
This is what John ‘Alex’ Halderman, a Princeton University graduate figured out and posted on his Web site.
MediaMax CD3 software developed by SunnComm Technologies Inc. disabled users from uploading a CD onto their computer. However, Halderman found it could be overridden simply by holding down the Shift key.
Halderman found the MediaMax CD3 software used by BMG Music to prevent people from uploading music CDs onto computers could be defeated on computers running the Windows operating system. By holding down the Shift key, users automatically disabled the feature that automatically launched the MediaMax CD3 program.
Computers running Linux and older versions of the Macintosh operating system are unable to run the MediaMax CD3 and are therefore able to copy a disc freely.
Halderman was able to override the MediaMax CD3 program on the CD “Coming From Where I’m From,” by Anthony Hamilton. The CD was released by BMG’s Arista label and was supposed to include the latest efforts to prevent music piracy.
Arun Somani, professor of electrical and computer engineering, said the ability to override such technology is something that can be very damaging to a company like SunnComm Technologies.
“This is information that you do not want to get out to the public,” Somani said.
Somani said he believes in the future, SunnComm Technologies will use a more coded sequence for the disabling feature on their software instead of just a keyboard feature.
Heath Walker, graduate student in materials science and engineering, said he is not sure a more coded sequence would offer companies more security.
“I believe no matter what type of security becomes available, there will always be a means to disable the security protection,” he said.
Difficulty arises because CDs must be able to be viewed and listened to, but companies like SunnComm want to make it impossible for users to upload these CDs on their computer.
“This is a battle that software companies are never going to win,” said Doug Jacobson, assistant professor of electrical and computer engineering.
Nick Ludwig, junior in mechanical engineering, said he believes there should be no security protection on CDs.
“When I buy a CD the first thing I do is copy it on my computer, then I use a burned disc and keep the original in a safe location,” he said.
Jacobson said there is a lot of development that goes into this software in hopes that it could become the recording industry standard.
“A lot of money could come from a software program that is used by the recording industry,” he said.
Spokespeople for Sunn-Comm and BMG were not available for comment on the report.
Somani said the cost for developing the software is very cheap, he believes that SunnComm will not start over on its software but rather add on to it and create improved encryption.
— The Associated Press
contributed to this article.