Cactus Data Shield (CDS) is a form of CD/DVD copy protection for audio compact discs developed by Israeli company Midbar Technologies.[1] It has been used extensively by EMI (subsequently acquired by Sony Music), BMG and their subsidiaries. CDS relies on two components: Erroneous Disc Navigation and Data Corruption.

As of September 2006, all of Macrovision's CD copy protection products, including CDS, had quietly disappeared from their website.[2] The December 2006 issue of Billboard announced that EMI had decided to abandon Copy Control worldwide.[3]

History

edit

Erroneous Disc Navigation

edit

CDS discs contain an initial audio session, similar to that of an unprotected disc. In addition the disc contains a second (data) session and a software player configured for auto-play with a lower-quality, compressed version of the audio for it to play.

The second session on the disc causes some CD/DVD players to hang, typically some car players (allegedly using CD-ROM drive mechanisms) and some MP3 capable players that can see but not understand the second data session.

The second session has been circumvented by another method, which is to either place masking tape around the disc near the edge, or mark a strip next to the edge with permanent marker. Because it is a multi-session disc, this method will hide the second session, leaving only the first audio session visible. This trivial circumvention of Macrovision's copy protection allows protected CDs to be copied using CD-ROMs or played in CD players that struggled to understand CDS multi-session discs.[4]

On older Windows operating systems, disabling auto-play either once when loading the disc, or permanently, can stop the software player from launching and may be all that is required to access the audio session for drives that recognise both sessions. Newer versions of Windows since Vista have fixed the auto-run vulnerability thus all the user needs to do is simply choose not to run the software.

A side effect of the second session containing the music in compressed form is that the maximum length of music on a CDS disc is reduced, being approximately 70 minutes. The remaining space is used for the compressed audio (and the player software and other files, though these are small by comparison).

Data Corruption

edit

The second aspect of Cactus Data Shield is careful corruption of the audio data, as described in the Midbar patent "Prevention of disk piracy" US patent number 6,425,098.[5]

In summary the method described detects during mastering when the waveform of the music comes close to being a straight line for at least the size of a "frame" (information on the disc is encoded in blocks or sectors, each sector contains 98 frames of music for a CDDA disc) and marks the frame and replaces it with erroneous data that violates the T.sub.max (according to the IEC 908) in which there is no transition between the high and low data levels (1 to 0 or 0 to 1). This results in a DSV (Digital Sum Value) error on the CD.

Additional data corruption described in the patent includes adding a duplicate entry of the TOC (Table of contents) from the audio session onto the second (data) session. Some older CD drives would only see the second session erroneous values (such as time and track type) and were not able to copy or play these. Another method is to change the start time of the Lead-Out (end of the disc) to an incorrect time in the TOC. Other patent processes include changing the time in the Q channel so it holds, speeds up or flows backwards.

Interpretation of Corrupted Data

edit

An old-fashioned CD player reading subcode correctly sees a missing audio frame and interpolates any missing information that it cannot correct using information from neighbouring frames. Because these missing frames occur at points where the waveform was nearly a straight line anyway, this interpolation is very accurate and generally transparent to the user.

What happens with computer drives is very specific to the hardware and firmware of the drive in question, assuming they have at least seen past the second data session and can play the audio session.

Some older drives simply ignore the subcode and "play" the data frames, resulting in loud audio glitches. Some are overwhelmed by the number of errors needing correction and interpolation, and these drives may then output occasional glitches. Ripping at the drive's minimum speed can reduce or eliminate this effect.

The majority of new drives can successfully correct and interpolate all missing audio even at maximum ripping speeds.

Impact

edit

The techniques used on Cactus Data Shield discs mean the discs do not conform to the red book Compact Disc Digital Audio standards, and they therefore do not bear the Redbook logo. For this reason they should not be referred to as CDDA (Compact Disc Digital Audio).

There are also ethical/legal issues surrounding the selling of discs that won't reliably play in all players, where added errors make the disc more easily affected by accumulated lifetime damage, and where actual audio data has been omitted.

One of the earliest released CDs using Cactus Data Shield was White Lilies Island by Natalie Imbruglia, which was released in November 2001. With only a minor mention of the CDS in the small print of the CD case, the album was the subject of many complaints from consumers who found that they could not play the CD on non-Windows computers, games consoles and some other devices. Cases included the Xbox repeatedly playing only a small portion of track 1, while PlayStation 2 users could play track 2 but not track 1. BMG later provided uncorrupted copies of these CDs to consumers. Only the initial European release was copy-protected.[6]

Controversy

edit

Macrovision made a number of controversial claims about the software which were subsequently proven false:

"This Macrovision technology does NOT install spyware or vaporware of any kind on a users [sic] PC. In fact, CDS-200 does not install software applications of any kind on a user's PC. All the copy protection in CDS-200 is hardware based, meaning that it is dependent on the physical properties and the format of the CD. None of the copy protection in CDS-200 requires software applications to be installed onto a computer."[7][8]

At the same time, widely circulated reports that the Macrovision software behaved in ways indistinguishable from a computer virus were also found to be false, as was the notion that the software provided any substantial copy-protection.[9]

Macrovision CDS software existed principally in two versions: "CDS-200" and the subsequent "CDS-300."[10]

Versions

edit

The first versions of the system were CDS-100 and CDS-200. Later, a CDS-300 system that features an active software protection was introduced.[11]

See also

edit

References

edit
  1. ^ "Macrovision moves to acquire Midbar group". MusicWeek. November 11, 2002.
  2. ^ "Macrovision - Content Protection, Software Licensing, and Digital Rights Management". www.macrovision.com. Archived from the original on 9 September 2006. Retrieved 12 January 2022.
  3. ^ "EMI, Apple partner on DRM-free premium music". CNET News. April 2, 2007. Archived from the original on June 29, 2022.
  4. ^ Leyden, John. "Marker pens, sticky tape crack music CD protection". www.theregister.com. Retrieved 2022-08-30.
  5. ^ US6425098B1, Sinquin, Patrice; Selve, Philippe & Alcalay, Ran, "Prevention of disk piracy", issued 2002-07-23 
  6. ^ Fans get free replacement of copy-protected CD
  7. ^ Greene, Thomas C. (June 28, 2004). "Beastie Boys claim no virus on crippled CD: We'll be the judge of that". The Register. Retrieved 2009-09-22. The Beastie Boys website claims that the copy-control mechanism on the DRM-crippled CD To the 5 Boroughs does not install any files on the victim's computer.
  8. ^ Biever, Celeste (2004-06-23). "Claim of spyware on Beastie Boys CD denied". New Scientist. Archived from the original on 2004-07-05. Retrieved 30 June 2021. A posting on the bugtraq message board on SecurityFocus.com claimed that when a copy-protected version of the album is inserted in a PC, software installs itself 'automatically' and 'silently' and stays there even when the CD is removed. That 'sounds like viral malware behaviour to me', the user wrote. But EMI and Macrovision of Santa Clara, California, which developed the software, refute these claims. 'There is no spyware on the discs,' an EMI spokesperson told New Scientist.
  9. ^ Attivissimo, Paolo (2004-08-16). "On the Beastie Boys 'virus' CD: Does not attempt world domination". The Register. Retrieved 30 June 2021. Widely-circulated claims that the Beastie Boys' new album To the 5 Boroughs exhibits virus-like copy-control behaviour are unfounded, according to tests. EMI's statement regarding these claims, however, is incorrect, since the album does install software if played on a Windows PC. The tests also show that the copy control system on the disc is so weak that Mac and Linux users won't even realize it's there.
  10. ^ Smith, Tony (2004-07-26). "Macrovision preps '99% effective' CD lock-in tech". The Register. Retrieved 30 June 2021. Macrovision is set to roll out an updated version of its CDS-300 system that it claims can beat attempts to bypass Windows' auto-run feature. CDS-300 was launched earlier this year and like older versions blocks access to the CD audio, 'Red Book' portion of a disc when it's played on a PC. Instead, PC users are provided with compressed audio files on a data portion of the disc. While Macrovision initially provided its own playback software, CDS 300 relies on Windows' auto-run feature to fire up Windows Media Player, but this can be bypassed by holding down the Shift key. CDS 300 Version 7 has sufficent [sic] hardware protection - errors in the data, essentially - to block attempts to rip a protected disc's CD audio session.
  11. ^ "Macrovision preps '99% effective' CD lock-in tech". The Register.
edit