SunnComm Technologies, a developer of CD antipiracy technology, said Thursday that it will likely sue a Princeton student who early this week showed how to evade the company's copy protection by pushing a computer's Shift key.
Princeton Ph.D. student John "Alex" Halderman published a paper on his Web site on Monday that gave detailed instructions on how to disarm the SunnComm technology, which aims to block unauthorized CD copying and MP3 ripping. The technology is included on an album by Anthony Hamilton that was recently distributed by BMG Music. On Thursday, SunnComm CEO Peter Jacobs said the company plans legal action and is considering both criminal and civil suits. He said it may charge the student with maligning the company's reputation and, possibly, with violating copyright law that bans the distribution of tools for breaking through digital piracy safeguards.
"We feel we were the victim of an unannounced agenda and that the company has been wronged," Jacobs said. "I think the agenda is: 'Digital property should belong to everyone on the Internet.' I'm not sure that works in the marketplace." The cases are already being examined by some intellectual-property lawyers for their potential to test the extremes of a controversial copyright law that block the distribution of information or software that breaks or "circumvents" copy-protection technologies.
News source: C|Net News.com
Princeton Ph.D. student John "Alex" Halderman published a paper on his Web site on Monday that gave detailed instructions on how to disarm the SunnComm technology, which aims to block unauthorized CD copying and MP3 ripping. The technology is included on an album by Anthony Hamilton that was recently distributed by BMG Music. On Thursday, SunnComm CEO Peter Jacobs said the company plans legal action and is considering both criminal and civil suits. He said it may charge the student with maligning the company's reputation and, possibly, with violating copyright law that bans the distribution of tools for breaking through digital piracy safeguards.
"We feel we were the victim of an unannounced agenda and that the company has been wronged," Jacobs said. "I think the agenda is: 'Digital property should belong to everyone on the Internet.' I'm not sure that works in the marketplace." The cases are already being examined by some intellectual-property lawyers for their potential to test the extremes of a controversial copyright law that block the distribution of information or software that breaks or "circumvents" copy-protection technologies.
News source: C|Net News.com
He likened Microsoft's Securing the Perimeter plan to installing a fence around a compound, or a gated community for homeowners. Stepped-up security measures can't eliminate break-ins, but they can reduce or thwart attempts by robbers--or, in the case of software, hackers--he explained.
"You need to have multiple levels of security in a corporation, multiple levels of defense. It's like a gated community. You need additional levels of security, doors locked and alarms turned on, and additional defenses, countermeasures such as putting up a fence, to be protected," said Muglia. "It doesn't always work, but it's additional protection," said Muglia.
Sources speculate that Microsoft is working with top firewall vendors and antivirus ISVs to allow them to hook into the Microsoft Update and Software Update Services -- and tap into .Net -- to coordinate an industrywide response to an attack across the internet.
Muglia would not comment on speculation about a possible .Net-based shield, and denied speculation that the company is poised to acquire a major firewall vendor.
In July, Microsoft moved into beta testing its more enterprise-oriented Internet Security & Acceleration (ISA) Server 2004 upgrade, code-named Stingray, a Windows server firewall solution. "Not to my knowledge," Muglia said when asked about a possible buy in the firewall space.
However, even as the company will evolve its ISA platform, Microsoft will need partnerships with ISVs and solution providers for Securing the Perimeter for heterogeneous networks. "We think every customer needs a firewall. But we're not going to do a Linux firewall."
Microsoft's forthcoming management stack is expected to help matters. He said the availability of SMS 2003 in November will help enterprises deploy security patches in a more efficient way while the Windows Update service for consumers and SUS upgrade will help both midsize companies and enterprises automate their infrastructure security.
"A year from now you'll see additional countermeasures in place, as well as better firewalls," said Muglia. " We'll have SMS 2003 out there so there's a better tool for deploying software and the next release of SUS for the Windows server for companies that don't require SMS. "
In addition, Microsoft plans to ship management packs for its forthcoming Microsoft Operations Manager (MOM) 2004 next summer. "The next generation of management packs for MOM 2004 will have a broad understanding of security events, as will the next management pack for the Windows server," Muglia said.
Observers said Securing the Perimeter is a step in the right direction -- if executed well.
"Microsoft appears to be working to improve patching on several fronts and will be working to create new and improved perimeter defenses," said Michael Cherry, an analyst with Directions on Microsoft, a newsletter. "Both are reasonable and good moves, if they can accomplish them in a timely manner, and provide perimeter defenses that people can reasonably install and configure."
Securing the Perimeter is just one of a number of security initiatives under way at Microsoft and across various divisions in the company.
Sources in the analyst community say they expect Microsoft will announce significant improvements to the Internet Connection Firewall in Windows XP and add behavior-blocking capability from the technology it acquired from Pelican early in 2003.
One systems integrator who asked not to be named said Microsoft is busy reducing the attack surface aspect of Windows, IE and DirectX components, and is "hardening" the defensive aspects of .Net technologies. But the Windows configuration plans and enhanced SUS are key parts of the countermeasures Microsoft plans, he said.
This week at Momentum, the company's annual partner confab in New Orleans, Microsoft is expected to rally partners to its security cause. The company is poised to detail an updated security solution accelerator for its forthcoming Systems Management Server 2003 and a new security solution accelerator for SUS, Muglia said.
"These are handbooks for the VAR channel," said Muglia, noting that the deployment guides help channel partners lock up customer infrastructures. "The channel is very important because it supports so many small and midsize businesses, and enterprises are doing more and more outsourcing."
Later this month, at its Professional Developer's Conference, Microsoft is expected to announce the availability of the first software development kit for Microsoft's Next Generation Secure Computing Base, formerly code-named Palladium.
The software, to be embedded in the Longhorn version of Windows due in 2005-06, will exploit security advances in Intel's next generation 32-bit and 64-bit processors.
Security executives confirmed for CRN recently that Microsoft is working on a series of enterprise-oriented security products/services but would not discuss details.
Possible products in the lineup include intrusion-detection, firewall and antivirus products, according to information available on Microsoft's website.
Sources predict Microsoft will debut intrusion-detection technology and possibly antivirus technology into Windows following its acquisition of Romanian antivirus vendor GeCAD, which closed 3 September.
However, no decision is final, said Amy Carrolle, director of product management for Microsoft's Security Business Unit. She did note, however, that a subscription-based service is likely.
"The deal just closed. We're in the alpha testing phase, and it's too early to speculate, " she said. "Our plan is not make antivirus free but in a model similar to a subscription model."
Observers said it remains unclear how well Microsoft can execute on its ambitious plans, but its security woes are as big a threat to its business as was the antitrust case.
Numerous viruses and worms this summer have exploited flaws in Windows and have infected hundreds of thousands of computers worldwide.
The problems cost businesses millions of dollars in lost productivity and service fees. One report recently issued by five security analysts claimed the government's sole reliance on Windows on the desktop constitutes a threat to national security.
Both Muglia and Microsoft CEO Steve Ballmer admit it's a bigger worry than Linux.
"Microsoft has thrown a lot of resources at trying to be more secure," said John Pescatore, a vice president at Gartner. "We've seen progress on Windows Server 2003, but they haven't had a new desktop software product since they got security religion, and security problems on their desktop software is a bigger threat to Microsoft's dominance on the desktop than the antitrust [case] ever was. The lawsuit didn't cause enterprises to try out Mac and Linux desktops -- security problems in Windows have, though."
So this technology is running an autorun application!!! If I get my hands on these idiots I will kill them!!! When such things happens I want to throw my computer over the window. If I had such "protected" disk I will do the same as this student!!! And be sued? Hehe they cannot sue me for that in Bulgaria after all but who knows!!!
Had only 1 single in the UK afaik... was a duet with Robbie Williams... but all u could hear was Robbies voice and this Anthony loser miming on the video.
violating copyright laws that bans the distibution of tools for breaking thought digital piracy safeguards.?????????
You have got to be kidding me!! So, by saying hold down the shiftkey to stop them from installing a virus (actually a tojan), he's distrubuting TOOLS to break DPS?? What DPS (digital piracy safeguards)?! I should buy the CD, let it install, then sue them for installing software on my computer without telling me. That is the only thing illegal going on here.
Everyone go out and buy this sh1tty CD, then let it install it's virus... then we can sue SunnComm for infecting our computers (with knowlege) with software. It's very illegal for them to install the software without telling us. Make their stock go from it's insanely high 11 cent's down to 0! A 20% loss, yea, 2 cent's was a 20% loss in stock, but if they were to spend more money in the research department, and less in legal, they could develope some really nice DMR.
SunnComm, I plan on sueing you as soon as I go out and buy your CD tomorrow... so get ready! (a$$holes...)
Again I will say. I cannot believe that the companies are soooooo stupid!!! I thought they invented brand new technology to stop CD ripping. But they just made combined CD (Audio and Data) and put a program which made something on your computer to stop you from ripping the CD. Well why you do not asked me? I will do the same technology for $100 even cheaper.
But they do not have right to install something which you do not want, unless there is license agreement which you have to agree.
In Bulgaria there are no CDs. But you can buy one if there is no license agreement and they install a software on your computer sue them!!!
WTF!!!! I bought a computer and one stupid and idiotic company wants to install something to stop me from doing something???
The common people need to unite to stop this bullying NOW!
I think this guy did get a lot unnecessary attention. They make him seem like a genius. Most people here know to hold the shift key to stop the autorun feature. I do it all the time to prevent a DVD from loading the crappy player that's on the disk.
SH*T!!!
I'm gonna get sued now!
It'll never work
1) Create easily crackable drm technology
2) hire lawyer
3) ???
4) PROFIT!!!!
Last edited by 22902 on 10 Oct 2003 - 09:15
He's distributing tools to prevent CD copy protection??? That's hillarious. Gee, remind me to give him my order for a bag of shift keys and a printed Windows Help file.
so the user does have to acknowledge it.
Unbelievable. Nobody wants to work anymore, they would rather half-ass everything and then try to sue people.
Never heard of this company but I feel a david and a "short golliath" situation happening here.
If this was happening in the UK the student concerned could sue for malicious prosecution and defamation (not to mention the right to academic freedom to criticise dimwits masquerading as software specialists). I hope he can countersue in the USA. Only one problem, though - by the time his trial is over, SunComm won't be worth sueing.
BTW do take a look at their remarkably juvenile web site. By the time you have penetrated the sad flash presentation and the unwanted music (is unsolicited installation their trademark?) you will be pretty bored. But it's worth it for a look at their "products" section. It describes without a hint of irony their great strategy for copyright protection: getting the user to install it unwittingly.
This is simple deception, where the user does unknowingly install the software on a PC. But anyone planning to copy a CD is entirely likely to know what to do to circumvent the "plot". Not that it is much of a plot. It ranks with the advert in a Delhi newspaper for a guaranteed method of killing bed bugs, 10 Rupees. When the package finally arrives it contains two blocks of wood and an instruction sheet. "Place bed bug on lower block. Strike with upper block."
Last edited by 7773 on 10 Oct 2003 - 09:05
Last edited by 98 on 10 Oct 2003 - 13:37
They can't sue anyone for using the shift key because it's out of their duristriction, apart from their software to block the ripping being illegal because of it's invasion of privacy(executing unauthorized code), the shift key isn't affecting THEIR software, in fact it's doing exactly the opposite, it's affecting WINDOWS, which is NOT their software, and it's a well documented part of the OS. I doubt that it will even get to court because they simply don't have a case, I don't think that they can even get the RIAA on their side either because they are stupid, but not that stupid, and wouldn't want to be pulled down with crap like that
oh, and another thing, How can they sue for evading copy protection when there is no proof, nor anything to remotely suggest that the CD is going to be copied. We have a right to Accept or Declaine what code is executed on OUR computers, they cant force us. Sue everyone with autorun off/cdrom drives that don't support autorun(no insert notification) or users that Don't use an OS that has autorun.ini (Mac, BSD, Solaris and LINUX users)
Now you just go sit in front of the TV like a good little Zombie (copy righted SunnComm and other dumb*** people), but for God's sake DON'T use your VCR or you may be breaking DCMA! [/sarcasm]
They are FAR smarter and have better manners than SunnComm!
C/O Shifty Copy Protection
668 N.44st
suite 248
phoenix, az 85008
send your shift keys to this fine company to help protect yourself from being sued.
please make a statment about how you wont use your shift key along with your keys
sue microsoft for putting the ****ing key assignments in the OS
I reckon, we get the email address of this twatting company and all email them with abuse and threats... er advice
This guy doesn't deserve to be taken to court because of this.
I mean, even AOHell users know about the Shift key.....
Isnt that called a Hacker?? How the hell they think they could put s software to spy us? EFF, please, sue this retarded guy
This whole thing is stupid and I really don't know why they are pursuing this as a possible legal case. Can't understand what they could possibly gain out of taking him to court, getting there, being told they can't sue him and then having lost money through legal costs.
If they succeed with this, there will be an uproar - and rightly so. What right do they have to sue someone who provides general information on an operating system? The OS itself actually provides the same information. I honestly find this all beyond belief.