about me





Sam Hocevar’s .plan

This is an experimental blog engine. RSS feeds: everything | blog | Debian (DPL only) | VideoLAN | GNOME | Mono

The fuss about Sony’s DRM

Posted on Fri, 18 Nov 2005 15:07:55 +0100 - Keywords: devel, videolan

Apparently some GPL code written by Jon and me can be found in Sony’s XCP DRM software. I have not been able to confirm this by myself (I went through the EFF’s list of Sony-BMG XCP-encumbered discs and The Dead 60s’ album seemed worth buying, but the only copy I could find in France is distributed by Deltasonic Records 2002 and did not go through Sony-BMG’s hands). I will however assume that the disassembly chunks published here and there are genuine, though this is something anyone in their right mind should check more thoroughly before blindly copying the information from blog to blog.

By the way, if anyone owns such a CD that they are willing to give away or sell, I am interested in owning at least one of them.

Is there really VLC code in XCP?

The short answer is yes. I have little doubt that the code is a derivative of VLC’s drms.c. The idea of ROT13’ing the Apple copyright string was Jon’s, and I know of no other clean-room reimplementation of Apple’s DRM.

However, it could pretty well be the code of another application that itself uses the drms.c code. It is virtually impossible to track the usage of GPL code, so the code in XCP could come from anywhere. And that other application could or could not violate the GPL, we have no idea either. The only ones who could enlighten us are First4Internet.

Is it a GPL infringement?

The first question that absolutely anyone should ask before drawing conclusions is: “are the code copying and redistribution terms really done without the authors’ consent?”. No one should ever assume anything about what Jon and I do with our code without making sure we did not relicense it to third parties under different terms.

But just to reassure everyone: I did not relicense any code from VLC under a non-GPL license.

Sony’s “evilness”

Again, we have no idea who the real culprit is, so do not draw conclusions too early. It could be:

And unless they were heavily trolling, I would like to publicly laugh at the Slashdork who decided not to buy a PS3 because of this story involving Sony. As if Microsoft’s Xbox 360 or Nintendo’s Revolution deserved it more.

The Apple copyright string

Just to make sure no one accuses Sony of violating Apple’s copyright, here is a copy of a comment I did on Slashdot about the presence of the ROT13’d string "copyright (c) Apple Computer, Inc.  All Rights Reserved.":

I have to make sure everyone understands why this string is here. To be fair with Sony (or whoever they mandated), it is not an attempt from them to hide the code theft. Rather, it is an attempt by Apple to prevent not only code theft but also clean-room reimplementations.

Apple’s encryption scheme includes the generation of a key. The important parts of this key come from the machine’s unique hardware information. But to prevent (at least that’s my only plausible explanation for it) people from reimplementing the scheme by using the same information, they also add this copyright string to the key generation. Reimplementing their protocol means the string has to be used.

We just store it ROT13’ed in VLC because it would be confusing to have an Apple copyright in our code. Although technically the string itself is created by Apple, it is too short to qualify for copyright.

Why do Sony’s CDs need to unscramble Apple’s iTune music?

I don’t think they need to do that. I think they just needed a free or low-cost media or music player shipped with their CD, and either VLC or some other software happened to fill the gap. The drms.c code just happened to be in there and no one bothered to remove it.

What now?

For those who expect hot sweaty action now, I am afraid I may disappoint you. The whole affair already gives Sony a very bad name, it raises public awareness of the dangers of stealth DRM and of the “respect our IP because we’re bigger than you, but we fuck with your IP because we’re bigger than you” doublespeak.

Lawsuits, or even large, friendly lawyer letters written in all caps, require money, time and energy. And I do not have any of these to waste. I prefer getting money from people who like what I do rather than from people whose doings I don’t like.

Show the last 10 | 20 | 50 entries.