Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Microsoft's New Audio Format Cracked 279

Barcode (JPB) was one of the first to send us the word from Wired that the new audio format Microsoft introduced (Two days ago), supposed to be a secure format (resricting playback) has already been cracked. Dimension Music first carried the news-and what a name the crack has *grin*.
This discussion has been archived. No new comments can be posted.

Microsoft's New Audio Format Cracked

Comments Filter:
  • tell me:

    why would one buy a song which you can only play
    in windows (on a computer with those noisy fans
    and harddisks) ? i only (if ever) would consider
    buying a song online if i had a chance of copying
    it to a cdr and listen to it without a computer.

    so... would joe dumb-user buy more songs over the
    net after his first "oops. windows blew up and all my songs are gone. (what's a backup?)"-experience?
    would joe dumb-user even find this "crack"???

    then the industry would have no chance to
    sell their music because no one would buy them.

    anyway... only my own opinion. :-)
  • retract. My bad. Their site was down so I couldn't get their side of the story 'till now. it appears to be a true crack. The encryption is broken, the song is left in the compressed format.
  • Yay, that is so great! Now we'll have to wait even longer for cheap singles to be sold on the Internet from legitamate sources. We are now left with three choices: 1) Going to MP3.COM and downloading music from guys whose studios are in their garage. 2) Going to Lycos and spending an hour trying to download an Mp3. 3) Or paying $16 for a CD with many songs we don't want or like. This is such great news indeed!

    honestly, couldn't agree more. I try to "download" some Sarah McLachian from NG (not loser ISP newsgroup,, but only getting the latest CD from the there, even with search utility. And I know I have no shot in hell getting them from ftp sites with my carppy modem (completes with you guys' T1? I can't even upload mp3 to those ftps for crying out loud.) Now I move to ebay, buying them and dumping them back to ebay. -I have my defends, there are a lot of movie soundtrack I would like to listen. And I know I can't afford 10% of them. At least it's somewhat legal.

    For example I don't care about Western but I'd like to put my hands on a couple of "How the West Was Won" soundtrack, and there's nothing short of paying amazon 26 bucks can I get them. These example shows that electronic music can really provide genre/niche music to broader audience. Just like what VHS did to movie. I say start electronic distribution from classical music and soundtrack, honor system works better in there. Or release the new songs to CD and release mp3 18 months later just like video tape. (If you can still remember "baby one more time..." 2 years later, the chance are you will pay it.


  • IMHO, the term 'great hacker' does not NECCESSARILY mean 'great programmer' ... ask anyone who's been formally taught software engineering or computer science.

    True though that intelligence does not guarantee programming talent, it might however allow one to express it and/or learn about it faster though.
  • FWIW: in a warped sort of way, ASF _IS_ MP3. ASF is a wrapper around almost ANY video or audio streaming compression method. One of the encoding options for ASF is MP3. It probably won't play in an MP3 player because of the wrapper, but the sound quality is exactly the same. The wrapper makes it easier for the system to stream it over the Net.
  • Well, the government can supply music producers with their public key. The producers would then encrypt a copy of the key to the music with the govt's public key and send it along with the music. Then, the govt could decrypt the music when ever they wanted to. This is called "key escrow", is a terrible idea, but it's better than using weak or no encryption.
  • All this is good in theory, but when it comes down to it the release of all the mpx encoding software into the internet there is almost no way for the companies to enforce such a standard. Given they coudl change some form of the encrytion but what's to stop Jow cracker out there from finding out the encrytion scheme? Many have tried this in the past, aka, MS, LINUX, IBM, the military, cellular phone companies, all are feasible attempts at putting out an encryption standard yet each one in time (some shorter than others had been cracked).
  • It seems to me that the sheep are the people who listen to the whole thing, in order, because that's the way they're meant to do it.

    I listen to music because I want to hear music I enjoy. If 80% of a CD doesn't interest me, why should I listen to it just because it's 'part of the composition'?

    The argument is partially valid. Art looks better when matted or framed. The frames/matte could be compared to the extra songs on a CD. But, nobody would say that the frame is as important as the art, just that it helps set it off.

    It comes down to, do I know my own tastes, or does some musician know them better than me?

    You may find that you can't arrange music in as enjoyable a way as the artists can, but I know my own tastes well enough to program music I want to listen to.

    Thus, I'll buy singles of the songs I like, or maybe a package deal on great albums, but once I have them, I'll delete the crap that I don't like. This composition thing is for sheep who can't decide what they like.
  • Questions are always informative, or didn't you know that?
  • Oh, they could prevent an analog copy - simply introduce a sound format that's so secure, you can't play it! Attempting to play one of these files would make the analyzer bounce up and down, but the sound it would actually produce would be the Microsoft Sound over and over again. But optionally, for a small fee, you could click an 'ActiveListen' button which would cause Microsoft agents to barge into your house and point a secret device at your computer that would (a) make the music play, (b) delete any copies of Netscape on your computer, "for security reasons", and (c) check for anything recording the audio. If anything was detected, your personal information (and your Pentium III ID, if applicable) would be sent to Microsoft's servers, also "for security reasons".
    Oh great, I probably just gave them ideas.
  • Did you post it as HTML or 'Plain Old Text'?

    Look at the selector box when you post again, that's probably your problem.
  • And the Microsoft employee was telling the truth in the same way that Bill Clinton was. (i.e. not).
    The encryption really was cracked.
  • Gurusamy Sarathy has the pumpkin for new work.

    Meanwhile, I'm keeping the pumpkin-fires burning for 5.004 and 5.005 maintenance.

  • Those of us who use laptops and/or crappy speakers certainly can't tell the difference between 16kbps mono and 128kbps stereo.

    Nor those of us who still listen to vinyl. (It DOES sound better, you know... :P )

  • Someone who is willing to actually buy a track or a CD or whatever that has been locked with this MS scheme and crack it with unfuck, or who has done it already.

    On one side [] I'm hearing that unfuck is a crack, on the other side MS says unfuck just samples the soundcard as the locked file is playing.

    Can anyone state for sure which one it is?

  • Um, this is an utterly spurious argument.

    It is capitalism. It is entirely compatible with laissez-faire capitalism that monopolies develop due to market forces, and preserve themselves and expand without recourse to force.

    And that is one of the bases for those of us who aren't laissez-faire capitalists for criticizing capitalism.
  • Seeing as I cant afford a portable MP3 solution and tend to listen to independant or obscure artists, not to mention that I dont have the best computer/internet connection, I still would rather buy a CD than use mp3's. I like being able to stick my CD in any CD player and it working, getting artwork and lyric sheets. Anyway, if I can mail order most CD's that I want for 12 dollars or less, i can't see paying for some mp3, or even spending the time downloading it. If you really like the artist you would support them by buying their album and not pirating it, especially if you dont listen to top 40 crapola.

    nuff said.
  • You can always try or for the latest .mp3-files.
  • Even if the decryption happens in the speaker, the signal has to be converted to analog to drive the individual speaker elements or the crossover. If the speaker enclosure were physically secure and shielded electromagnetically I suppose it could work. I have to go hug my turntable now!
  • I've never met a damn fine programmer who didn't.

    --This is my damn fine sig.
  • Every time I try to download mp3's, I run into a banner site, or a ratio site which doesn't accept [anything I have to] uploads, or the site is down, or the password doesn't work, or the site is forever full.

    Why can't I just *buy* mp3's? It would be a heck of a lot cheaper than the time I've wasted trying to download them for free.
  • It sounds like this crack can easily be applied to other secured formats. Just out of curiousity, how do you stop something like this?
  • MS's reaction to unfuck.exe now appears to be incorrect -- it does not intercept the audio stream, but is a true crack. No D-A/A-D loss, not even any loss of compressed file size.

    I wonder if MS's mistaken spin on this was intentional (i.e. make the crack seem as if it produces low-quality audio), or if they just sent a vacuous PR-drone to speak to the masses.
  • "The only truly uncopyable music is also unlistenable music."

    Then perhaps John Cage is the answer to all Microsoft's problems... ;-)
  • I mean, who would start using their pay format when a perfectly good free one was available?

    Actually, the cynical part of me thinks that mayhaps MS made this format easily crackible in order to assure acceptence and still seem above board. After all, only a small percentage of potential consumes will ever use a cracking tool. It may cost them millions or billions, but it has the potential to make them many times that much.


  • I think this is really good news.

    I mean, if I buy a cd, I am able to record it to other medias, such as minidisc, without loosing quality. Mp3 should be used for music sold over the net for the same reason.

    And also, imagine buying a song that could only be played in windows, with programs from ms.
  • Actually, albums as a 'concept' was short-lived anyhow. Albums started as singles surrounded by filler (often 80%) in the early 60s. Check out some of the pre-WHAT'S GOING ON stuff Motown put out - one amazing single, loads of rerecordings of other artists songs. And they weren't alone. I think the 'concept album' (really starting about 1965) still exists, but is currently much less successful commercially than the standard hits-and-filler format. There are exceptions (e.g., Radiohead's OK COMPUTER) but they are exceptions, much like they were in 1965.


  • ...the more music with liberal distribution rights will flourish.

    I for one welcome these restrictions. I don't think it should be _easy_ or _cheap_ to listen to someone like Celine Dion. Masochism is no fun if you don't have to work for it...

    Insecure, copyable, free Music []
    Total Human Solutions Inc.
  • It's just a numbers game. A few M$ programmers pitted against thousands of crackers. The crackers take it as a personal challenge, it's fun, they'll stay up all night just to do it.

    IMHO, I'm a damn fine programmer, but I know that there's some smarter programmers then me out there. On the other hand, there are many people who don't see the world this way. It's kind of funny, in a twisted kind of way, to see their code and their egos squashed like this. Maybe they deserve it...
  • by eddy ( 18759 )
    >So what? I'm not going to ever be using anything

    I believe the point is that MS once again show that they are incompetent when it comes to security.

    But then, I don't know the details about this format, it's entirely possible it weren't designed to withstand this kind of attack.

  • blah! you bored bastards!
  • An unknown option:

    I have the DishNetwork box that includes an all-digital variation on VHS (DVHS). On the music channels I can record at CD quality, with onscreen titling and everything, and no commercials. When I have a handful of songs I like, I can run them through the computer (never hits analog format) and.... hooray! Perfect MP3 files. Not the easiest way to do it, but I can leave it recording for 5 hours overnight when it's not in use (I'm paying for it; may as well get what I can out of it).
  • You can record the signal going to the sound card, but to store it in any reasonable amount of space, you'll have to compress it. mp3 is lossy, and I'd assume WMA's compression is as well. At best, the end results won't be as good as the original; At worst, artifacts in the original will trigger worst-case behavior in the mp3, leading to something noticably worse.

    This is similar to what happens when you convert a graphic from jpeg to a raw format and recompress it. The effects are bad enough that graphic artists keep uncompressed copies of their work in case any modifications are later needed.
  • It doesn;t matter

    How will buy it but a massive amount of fools!
  • Can someone explain to me how on earth music/video can *ever* be protected?

    If the media streams are watermarked (or whatever they call it), you can of course still decrypt and redistribute cracks, but all the cracks will contain identifiers that will point back to you. When law enforcers come over such cracks, you are in trouble...

    Watermarks can be removed if you know how/where they are inserted, but who knows if the watermarks you know about (the watermarks identified by e.g. law enforcer software, which will end up in some hackers hands before the law enforcers got it themselves) are all the watermarks the file contains? Later in court the movie distributer will pull out a piece of software that will still identify you as the copyright infringer even though you thought you removed the watermarks...

    Now, tell me - how many (potential) millions of dollars does a distributor lose because of one crack? My wallet isn't deep enough at least...

  • This approach DOES NOT require decompressing and recompressing.
    It is NOT a tap of the unencrypted stream.

    The following is a copy of
    a later article on [] refuting the misconception created by the Wired Article. I'm posting it here to quiet the flames, and because dmusic looks like they've been nearly slashdotted to death.

    Microsoft's response to UNFUCK.EXE
    by Angelo on August 18, 1999
    Microsoft's attempt at an encrypted format has been broken, and that's
    truely unfortunate but really not their fault. As explained in our previous
    article, the CIA and the NSA put limitations on how encrypted a format may be.

    To protect ourselves, and the integrity of our reports, we feel the need to
    respond to Microsoft when they say unfuck.exe is no different from a program
    named audiojacker or total recorder which takes audio from your sound card
    and converts it to a WAV file. This has nothing to do with what UNFUCK.EXE
    does! UNFUCK.EXE actaully breaks the protection on any file. There is no
    loss in quality, the file isn't re-recorded or captured in some way.

    A crack is just that, a crack. It's not manipulating the audio in such a
    way that it can be captured, it is actaully destroying the protected [sic] on
    an already recorded audio file.

    We just wanted to clear that up as to not cause any confusion and sustain
    our reputable name.
  • So if you have 500 hours of music, it will take you 500 hours to crack it all.

    Rewrite the sound-card driver. With some luck, all the timing is done by the card so you can get to the music as fast as your processor allows.

    Recompressing it in the MS format might not even be possible (is the compression software available), and if it is, being a lossy compression, would certainly degrade the music quality over the original copy.

    Lossy compression algorithms for audio are usually based on removing certain frequencies which we don't hear too well anyways. The quality loss will probably be concentrated on those frequency ranges, while the frequencies we do hear will be preserved pretty good.

  • Did you read the post you responded to? I mean all of it? It is several lines long; you may have decided to skip some of it. Or maybe you just don't know what watermarking is.
  • As long as sound waves exist you can record them.

    - Simmz
  • But that guy who wrote that MS Word macro virus (Melissa?) did get tracked down using a 'watermark' of sorts didn't he? They simply did a web search for other Word documents which had the same ID key as the one that was being distributed, and got the guy that way.


  • Actually, if you read the "response" on dmusic's site, you'll see that this is NOT how the crack is performed. That's what MS is claiming, but that isn't the case.
  • I'm going to assume, although I couldn't actually know (and tragically enough, I didn't read the 2 other [at the time of this writing] replies to the comment I'm replying to), that you won't really ever be able to encrypt something.. software or hardware wise, etc., etc. This is because, in my mind, since it was encrypted in the first place, that means that there exists a code somewhere (or some "code" somewhere) that is the key to its undoing. Whether or not anyone else knows this besides the maker of said code is not important. As long as it was encoded, it can be decoded. It's inevitable, therefore, that it will be "cracked," as long as the actual cracking of it will be worth the while. Therefore, I figure they might as well give up. It's a waste of time. Besides, who likes M$? ;-)
  • 'Plain Old Text' is broken on some browsers. Opera, for example, treats "POT" exactly the same as HTML, so I just use HTML as my default.
    - Sean
  • i read it.

    i disagree, the trick is *never to let microsoft get their foot in the door again*. mp3 has the potential to win because the internet has changed the rules and small companies can open wide distribution channels. artists (for the most part) would jump at the chance to rid themselves of the recording industry. here in the u.k. cd's are almost prohibitively expensive now (around seventeen pounds - twenty-five-ish dollars - for an album). artists would see more of the money they deserve if the likes of can just gain momentum...
  • Microsoft and the Record Industry both get screwed in one day.

    There is a God !!!

  • Just because authors and the music industry made huge profits in the past does not mean that they *have* to continue doing so in the future as a law of nature.

    For several decades, replication and distribution of music was hard, something that only a well-funded mega-industry could do, and that process made people a lot of money. Now anyone can do it, for peanuts --- the rules that held before no longer apply, and the natural thing to happen to that money-making process and to the industry that goes with it is for it to die.

    The horse carriage industry used to be massive, a backbone of everyday life and a very important source of income for hundreds of thousands, yet now it's dead except as a niche tourist concern. So what? Times change, and just because you've been coining it in for decades doesn't mean that you have the intrinsic right to continue doing so.
  • Attempts at protecting digital recordings are doomed to failure. In the case of music, there's nothing that can stop me from putting a vampire tap on the damn stereo cables and recording the unencrypted data stream. Similar objections apply to video data.

    As far as watermarking the data files go, since the signal is analog (as it comes out my speakers), I can invalidate any watermarking that's encoded in the signal from the digital data file by the simple expedient of rerecording at a different sample rate than the original.
  • Remember folks, a crack like this would be illegal under UCITA because it purposefully circumvents a copy-prevention scheme.
    You must fight the implementation of UCITA in your state!

    Why? So people like you can get a free ride because you don't believe in intellectual property/copyright? No thanks... I prefer to reward people for their efforts, not rip them off.

  • Does Micro$oft honestly think that their new audio format will really take off? I have not heard it yet but people are not going to want to pay for music that they can get for free. And, if they think that they can release an updater that will get past the crack I am sure that a new version of the crack will be released. It is a complete waste of time.....
  • Being able to intercept the playback "is a reality of the music and PC industry," Unangst said. "It's like buying a pay-per-view movie and recording it on your VCR. People will still rent movies and buy CDs."

    If they still think people will by CDs, why are they trying to market a secure music format? Their whole selling point was that CD sales will go down because someone can buy a CD and distribute the mp3 which will reduce sales, but now they're saying that because someone can buy a wma file and distribute it that this won't reduce sales?
  • Unfuck.exe does NOT intercept the audio (MS made that claim), it actually breaks the encryption.

    There ARE other apps, namely "audiojacker" and "total recorder", that do capture the audio output.

    <hint> All this I learned by reading the links in the article. </hint>

  • I think I see something:
    • Microsoft is not stupid. Bullying, Vindictive, and Untruthful sure, but not stupid.
    • MP3s are very popular.
    • Microsoft will give anything to be popular. This is to benefit their shareholders. If the Microsoft player is as good as all other players, and supports many different formats, then people will use it.
    Therefore, Microsoft writes up a quick and dirty tool limit the play of music, but makes it so weak that the 1% who look at this stuff are able to crack it, do. This makes Microsoft look good to the Music Industry, who see that Microsoft is rooting for them. This makes the format look good to the populace, which will add it to their list of potential playable formats, and if it runs out, will run the cracker on it, and get themselves an mp3 to view. Microsoft wins and it's shares continue to go up.

  • I've never had to click banners or upload anything. All of the mp3's I haven't downloaded (because that would be illegal) I haven't downloaded (because that would be illegal) completely free: no hassle, no wasted time.

    You just seem to be looking in the wrong spot. I could tell you some of the places I have never been looking for MP3's, (because that would be illegal) but that wouldn't teach you anything. You must learn that there are other protocols besides HTTP and FTP. (none of which I have ever got MP3's from, since that would be illegal)

  • THats what the previous stuff did. Ripped the adio to a wav (right from your soundcad presumably). But unfuck.exe is coolificated because IT ACTUALLY CRACKS WMA. Sqaushes it dead.

  • to quote from trainspotting: "it's not bad, but it's not great either." I'm all for supporting new artists but honestly, I believe almost everything on is not worth the time it takes to listen to it. There are a few real gems there, but there's a reason there's so many unsigned bands out there.
  • ...the rebuttal to Microsoft's comments pretty much say "it doesn't interecept the outgoing data and rewrite it" - they claim it DOES actually strip the security settings from the WMA file itself. Wired is who claimed it intercepted/rewrote the data, Dimension says they're mistaken.
  • i love how the article quotes

    "Some guy will create an easy-to-use [cracking] application and send it out to the world because they get a kick out of it."

    reality check, dont you think most people would do this because they object to the restriction of free formats/music? rather than doing it for sport, granted people probabally do this just to spite micro$oft but i doubt that is the biggest reason. its all about freedom.

  • This is because, in my mind, since it was encrypted in the first place, that means that there exists a code somewhere (or some "code" somewhere) that is the key to its undoing.

    Yes and no. Breaking any one particular encrypted stream is one thing. Breaking the algorithm so that *ANY* stream can be decoded (quickly) is a totally different one. Cracking an RSA stream is possible (given enough effort), but cracking the entire algorithm is nearly impossible to do. (You could be rich if you could do that :) ).

    The pot of gold is not the any one particular stream, but rather the generic code-removal algorithm.

  • ...According to Dimension Music anyways.

    "To protect ourselves, and the integrity of our reports, we feel the need to respond to Microsoft when they say unfuck.exe is no different from a program named audiojacker or total recorder which takes audio from your sound card and converts it to a WAV file. This has nothing to do with what UNFUCK.EXE does! UNFUCK.EXE actaully breaks the protection on any file. There is no loss in quality, the file isn't re-recorded or captured in some way.
    A crack is just that, a crack. It's not manipulating the audio in such a way that it can be captured, it is actaully destroying the protected on an already recorded audio file."

    - DMusic's article

    Considering DMusic were the orginal people with the story,and adamantly profess unfuck.exe's effectiveness, i would assume that they are correct on this issue.

    -Zack Rosen

  • There is no such thing as an uncopyable sound.
    I can put my Mic near the speaker and record the thing as a wav as it plays, then compress it to Mp3. With a decent mic and speakers and no background noise you can get an excellent reproduction from this. And, Lo and Behold! It's impossible to prevent!

  • >The cracking file intercepts the audio data stream as the file is being sent to an output device -- such as a speaker -- according to Kevin Unangst, lead product manager in the streaming media division at Microsoft.

    HAH! I knew something like this would happen. If you can't defeat the system, just work around it.

    Face it folks. There is NO way to defeat this type of crack. I've said this many times. ANY system to protect the music has the fatal flaw that, at some point, it has to come out the speakers. :-)

    I'm waiting for a generic version of something like this. One that will defeat ANY audio protection scheme they care to create.

  • by jlb ( 78725 )
    To solve the environmental security issue, we need a company that will sell computers with no ports for input devices that are locked inside huge steel boxes and buried in cement. Then the world will be safe once again for the large corporations who want to charge you for everything. (They really do need the money, how else can they try to put each other out of business?)
  • Part of the reason there are so many unsigned bands isn't because their music isn't good enough, it's all about marketability and selling out. I know that sounds cheesy, but it's true. One reply Elbo Finn [] got from a major label was something along the lines of "These guys are songwriters" and not somebody who would be easily manipulated into changing to fit the current in thing. Take a look at Blondie. If you know their old stuff you could see the change from punk to some mainstream disco fluff. Heart of glass wasn't a soft dance hit until they were told it would sell better in it's current encarnation. Luckily Blondie rocks no matter what they do.
  • Oh yes, there are quite a number of songs you'll never hear on radio but that are still much better than mainstream.

    Or there are tracks, you can't even buy anymore. Just try to get your hands on a legal copy of "What evil lurks" by The Prodigy. Since I had no other choice but use MP3 I think it's kind of legitimate.

  • Guys whose studios are in their garage?

    Sigh. First of all, true as this may be, remember that some of your vaunted classic albums of all time have been recorded in garages or on tiny budgets, just like the guys on All of them were at one point virtual unknowns, just like the guys on

    I also infer from your comment that you believe the music quality (both technically and artistically) to be inferior because of this. A home studio can be whipped up with $35 shareware, a decent sound card, a lot of hard drive space for those tracks, and a couple of instruments. Also, if an artist is going to the trouble of creating an site, he or she most likely has something of some quality, has something to say, and is probably simply interested in a little feedback. OK, I acknowledge that is not really a forum for new artists to get "discovered", but just a interesting melting pot of the average musician looking for what any other musician is looking for--an audience, no matter how small.

    I like the wide variety of types of music. I wouldn't be inclined to run out to the store and buy a (for example) trance album, but I'll download such music from MP3 to give it a try. Also, there is truly some unclassifiable stuff on there (as in the industry today), which always makes for an interesting and different listening experience--this is starkly in contrast to listening to radio today!

    Give a try. Pick stuff at random. Broaden your horizons, and cast away the shackles of your A&R men and marketing directors telling you that "Baby One More Time" is what you want to hear.

    A4Joy (an artist)
  • they should have waited to crack it until it became some standard and there was tons of music distributed with it....

    i guess i'm just thinking like a criminal though.
  • Yes, but there was other evidence in that case, i.e. he had the viral code on his hard drive.

    And to answer someone else's statement, a watermark can be so designed so as to SURVIVE a Digital to Analog conversion, and back to Digital. Even several such conversions. At some point, depending on the quality of the watermark, You lose enough data to lose the watermark.

    I once had a really amazing demonstration of watermarking, as applied to pictures. A watermark was inserted into a GIF. The GIF was printed on a color inkjet (NOT a color laser). The printout was photographed with a Polaroid instant camera, and the picture was scanned back in. The watermark survived all this, and was readable from the file from the scanner. And trust me, the final picture looked REALLY bad after all this stuff. It wouldn't survive that twice in a row, but hey..

  • The problem with unfuck.exe is that it doesn't really give you access to the compressed data, but rather to the resulting decompressed stream. Any audio security stream can be "cracked" with something like unfuck, so I don't really consider it as such.

    I am not familiar with the microsoft compression algorithm, but I assume that it is lossy, similar to mp3. By decompressing the stream, and then re-compressing it in mp3 format, you are likely to lose a substantial amount of quality from the original recording. This is not unlike making a copy of a copy of a tape using crummy equipment.

    This is far from what you can achieve from a pure, lossless, digital to digital copy.

  • What have you been smoking? Microsoft is the epitemy of capitalism you retard. It's all of you people that would rather change the market by force (i.e. force of the government) rather than by voting with your dollars, that are closing in on communism!
    What do you know about the communism? Have you been there? Have you seen a world of One True Way, One Party, One Car, One TV, One Everything? No? Then keep quiet. You don't have a clue on what a communism is.

    I've been there, many years too long, and I'm telling you that if Microsoft resembles me something, than it would be a Communist Party of the Soviet Union. In a lot of ways.

    As a side note, if the people here just start thinking about the Open Source, the people there have grasped the concept long ago - look at the Netcraft stats on Apache - about 56% worldwide and up to 90% in some former SU republics.

  • Notice one of the quotes down low on the article where some exec is quoted to say that the people who release utilities like unf*ck are doing it just to get a kick out of it.

    I have to say, I can think of some pretty strong objections to that opinion myself. In classic political literature like Thoreau's (sp?) essay on civil disobedience, it is suggested basically, that if you morally object to some law or rule that it is incumbent upon you as a moral person to not abide by that rule. And I am not, AM NOT, saying that the person who cracked the MS format is doing this for that reason, but there are some principled and capable people who do things like this, testing security or routing around rules they feel are wrong.

    I think that the committed allies of record labels and proprietary standards need to realise they aren't just fighting a bunch of bored 12-year olds in a basement, some people out there are actually trying to do what they think is right, or abolish practices they disagree with.

    Perhaps this is one reason that "the man" is less effective at stopping such attacks, because in his heart he really believes that groups like cDc or the l0pht are just disenfranchised youths without any organizational abilities or communication skills. One of the CS profs here at the U is very active in his development on nmap because he believes in the open nature of security. I've known countless hackers and crackers that did what they did for more than "just some kicks..."

  • i was talking to a friend of mine who has a record label. we were looking over a vinyl of the new public enemy album and i was explaining to him that there is NO way to truly secure audio under windows (or any OS where peripherals are controled by OS-level drivers) because you can always swap your sound card driver for one that dumps data to the hard drive.

    just like there's no way to prevent a user from saving graphics he sees on the web, there's no way to prevent him from capturing sound played from his computer.

    my 0.02 euro
  • Hmm. I think it only reads from MP3 formats, but encodes in their own proprietary format, otherwise they wouldn't make claims that it is similar to MP3, but half the size. (I remember reading something similar to this at `` []", but there's nothing there left except for a download link to the encoder.) And, I just encoded an ASF with MP3 source, no MP3 output option. I suppose the ASF indexing is the 'wrapper' you're talking about that makes it easier (more efficient?) to stream.
  • Jeez, Dimension's site [] is crawling hard. Perhaps MS is taking out their embarassment on them.
  • Except currently AudioJacker only works on NT 4.0 ...

  • they didn't really 'crack' the encryption. all they did is circumvent the security. Nothing stops you from tapping the *uncompressed* and *unencrypted* digital stream to your speaker. if the format is lossy, a second lossy compression will less match the original sound quality. Not too much tho. :/

  • Or in the future pay $5 for a song you can only listen to while you are at home in front of your cmoputer (in Windows ONLY, cause MS won't make an ASF player for Linux.)
  • just put one end of a wire in "spk out", the other end in "line in" and start recording...

    Maybe you could even use a combination of a good mic and speakers...

    Point is, if you can listen to music, you can record/copy/distribute music. Same thing goes for movies, software, and information in general.

    The answer isn't encryption and copyrights. The answer is in new business models (and being the first one to do it.)

  • The only truly uncopyable music is also unlistenable music. Anyone who claims to have an encoder or player that can prevent copying is a liar.
  • by Zigg ( 64962 )
    IMO, probably not. It just demonstrates the fallacy of trying to close open technologies. You'll either utterly fail in closing it, or you'll kill the technology before it's out the door.

    Kevin Unangst's words from the Wired article ring true here:

    Being able to intercept the playback "is a reality of the music and PC industry," Unangst said. "It's like buying a pay-per-view movie and recording it on your VCR. People will still rent movies and buy CDs."
  • "Okay. Okay. I take it back. Un-fSck you." -- Full Metal Jacket
  • We won't know until someone demonstrates this one way or another. One way might be to try using this UNFUCK.EXE on a system that has no software that can read the protected file. Then it can't hijack the playback mechanism and siphon off the unencrypted bits.

    Another way would be for Dimension to actually release more details on how their "crack" works.

  • Since the approach requires decompressing (and then presumably recompressing in mp3) the audio format, this isn't what I would term a crack.

    I would not be suprised if this resulted in noticably lower audio quality.

  • It is good news. Microsoft is a mix between communism and viral marketing, and deserves to be shot down. It could have been a purposely crackable format, which I doubt, but it is still good news. And as for your comment, that is not the only three choices. Why would the release/crack of this format make everybody stop using MP3's? It just makes no sense. Yes, those three choices are some of the possible alternatives, but if you go into IRC, you can get mp3's quickly, Lycos is not the only source (in fact it is not really a source, most links are dead, and it is just leading you to other people's sites). Also, interesting fact, the file for cracking the format is called unfuck.exe, that's pretty cool. Well, with that said, I hope you see the error in your coments.
  • "As good" is very relative. It depends on the application. If your application is tape trading (as in Grateful Dead and Phish tapes), then digital beats the pants off of analog. Why? Because tape traders deal in high generation tapes. Make a 6th generation cassette, and a 6th generation DAT clone or CDR. The cassette will have hiss and distortion, and the DAT or CDR will be virtually indistinguishable from the original.

  • This is true for a very few, but good programmers don't have enough time to brag.

    "Good programmers walk everyone else talks."

  • MP3 is allready popular! I'm vacationing here in Kansas City and picked up a Diamond RIO MP3 player for $150 at one of these office supply stores. This thing is perfection down to the gold plated jack and the audio is equaly perfect. With something like this on the market, why wait for something proprietary that will break current ripped collections? cdparanioa and bladenc work great with it and the AA battery lasts 12 hours. Pick one up, these things are great!
  • As long as I've got an SB16 or similarly open-hardware card in my machine, there's no reason I can't basically write a driver to sit there and read what the card is getting, and save it to a raw file (which can later be mp3'd).

    My (vague) understanding of unfuck.exe is that it actually intercepts the audio somewhere in the windoze pipeline (therefore architecture independent) -- this is also pretty easy under Linux.

    On the (admittedly short) consideration I've given this, I just don't see a way around that problem for the secure music bastards of the world.

    Questions/comments/snide remarks?
  • Yes, but then the communication format would be documented- you could not have the stereo negotiate a connection with the speakers pretty much, because then someone could record the encrypted conversation. So basically there would have to be an encrypted audio file on the CD, with the decryption built into the speakers (and mounted in such a way tampering destroys the speaker), and an encrypted connection between the two based on a disk key, and individual keys negotiated from every speaker you have. You could devise something like Macrovision for direct re-recording possibly (although I don't see how). But you would still have to deal with people knowing how the system works (giving the potential to crack it), you would still have the audio available in the clear at two points (recording-time and playback time- someone could run off with the master tapes if they wanted an unencrypted copy bad enough). Even if you devised a perfect way to do it, it would be next to impossible to understand, expensive as anything (the speakers for such a system would probably have to be internally amplified, and all components and interconnections would need to be digital), and would cause a downright revolt among people who have gotten used to an in-the-open format and the violation of their 'implied' rights and freedoms they had before with an unsecure format.
  • Damn, this is really getting sloppy. No, what you described is not "key escrow" and not even particularly close. With public key cryptography it is crucial that the private key be kept entirely secret. If data were encrypted with a 'govt public key' then only someone with the corresponding 'govt private key' could decrypt it which would be approximately no one. Not much of a distribution scheme. If you include a session key which is encrypted with a 'govt public key' then a govt agent could use the govt private key to recover the session key which could be used to unencrypt the content which had been encrypted with a different algorithm (probably a stream cypher like RC5) by that session key.

    Anyhow the relevent fact from the world of cryptography is that Sony is shipping silicon that enables encrypted IEEE 1394 (aka firewire or links which might enable secure delivery down to the powered speaker level eventually. On the other hand the CSS key exchange mechanism for DVD-video has recently been cracked (or exposed) so there are no guarantees that such a scheme can remain uncompromised.
  • There is a Swedish system called Don't Bother Burn developed by a company called Wkit online which protects DVD and CDs among other things from being copied...they just got a big distribution contract. I'm looking forward to seeing how good it will be.
  • Yes, but then the communication format would be documented- you could not have the stereo negotiate a connection with the speakers pretty much, because then someone could record the encrypted conversation. So basically there would have to be an encrypted audio file on the CD, with the decryption built into the speakers (and mounted in such a way tampering destroys the speaker), and an encrypted connection between the two based on a disk key, and individual keys negotiated from every speaker you have.

    You could devise something like Macrovision for direct re-recording possibly (although I don't see how). But you would still have to deal with people knowing how the system works (giving the potential to crack it), you would still have the audio available in the clear at two points (recording-time and playback time- someone could run off with the master tapes if they wanted an unencrypted copy bad enough).

    Even if you devised a perfect way to do it, it would be next to impossible to understand, expensive as anything (the speakers for such a system would probably have to be internally amplified, and all components and interconnections would need to be digital), and would cause a downright revolt among people who have gotten used to an in-the-open format and the violation of their 'implied' rights and freedoms they had before with an unsecure format.
  • Despite your anti-geek flavor, you're pretty much right. My question is, why is the rest of the world so obsessed about this? Ever since I could buy a dual-deck tape recorder, I could dub tapes. Hell, a four-year-old can dub tapes. Not to mention duplicate videos (granted the quality goes to hell), and all of my point-click-drool friends copy cd's routinely. There's absolutely no copy-protection on any other media format I can think of, so what gives? I mean, it's a pain in the ass to get on the web and find all the mp3's you might want (if you're not a member of the juarez und3rgr0nd, that is), and most people, if they wanted mp3's, would pay a buck for the latest single IF THEY COULD. That's the really dumb part, IMHO. Jesus. Why isn't the RIAA out there selling MP3's while they ponder what to do about evil music hax0rs? There's such a huge market going to waste.

    Rant. Part 2, I guess :-)

  • i'm too lazy to check all the sub-posts on this topic, so this might be already mentioned. anyways, even if they embedded a watermark into an audio file, it still would not matter because the mp3 file format already exists. why would someone go for something that can be traced back to you, costs money, and is probably very restrictive, when they can just get an mp3 encoder and rip some tracks off that?
  • If
    • You're not allowed to replace the audio device interface.
    • The interface only accepts normal, raw audio data.
    • It is possible, by virtue of the operating system design, to capture data going to the interface.

    then it can be intercepted, it would seem. So, break one of the assumptions: require audio devices that can handle the protected data, or block all forms of interception (which might be tricky if one includes attacks on the physical connection?). Ugh.

    Well, perhaps there's a more elegant way, but it's not as obvious as a giant mutant glowing crow in a snowfield.
  • Erm, Guys...

    Why on earth was it decided that this was bad enough to warrant moderation to -1 and redundant? I dislike First Post! as much as anyone, but only when the poster has nothing else to say. This guy's making a valid point and the only possible crime is a silghtly OTT bias against MS, but I've seen far worse from many people.

    Moderation's useful, but if too many people don't think about the grades the post is given, it's just going to be ignored becuase no-one will trust it.

  • This sounds like an urban legend in the making to me. I was a record producer for twelve years, and I can tell you no label would ever do something like that to a debut artist. They want that artist to recoup (be able to pay back the advance and recording costs) and no A&R guy is so sure of him/herself that they would call songs 'too good' for immediate release, especially with a new artist. One hit single on an album is no assurance of platinum, and unfortunately, unless a record goes gold or platinum, recouping the advance is very difficult.

    In addition, Jewel's publisher (the company that publishes her songs, as opposed to master recordings of those songs) would scream blue murder if an A&R person ever suggested such a crazy scheme. Today's 'too good' song is tomorrow's boring yawner.

    But I agree...albums have become collections of singles rather than the 'concept' album of 20 years ago. Marketing has done that. MP3 is fixing it. B)
  • sure, way back when artists like Pink Floyd were around and

    a) actually cared enough to make a whole album that was good
    b) had a record label that LET THEM put a bunch of good songs on one album.

    I have a friend who is friends with Jewel. She told him (this is heresy, but it rings true) that she went to her record label with the songs that she wanted to put on her album (her debut album) and they told her that all these songs were too good and that she should "save" them for layer albums and just put a few of them on her debut album and write some "filler" songs to fill out the rest of her debut album.

    So even if a band does have 15 great songs, the record labels won't let them put "all thier eggs in one (good) basket"

    This is one of the many many reasons why the major record lables must go.

    long live MP3 and indie label distrobution!

  • I know I'm going to be drawn out and quartered for telling people this - but secure music is most likely to succeed by using PKI (Public Key Infrastructure) & watermarking.

    By encoding each file with somebody's personal key, or any "tag" that uniquely identifies the person, if the file is released it can be traced back to the individual. I'll leave it to future posters to describe the shortcomings of each, but it's a helluva lot better than the current approach. The main problem is coming up with a way to keep the watermark even after filtering the data. I'm not sure how far they've gotten on this, but I know it can be difficult to remove them from image files.

    Since everything would be maintained by the record companies (ie: the distribution servers), they would force you to register w/ them before downloading. The PKI could be used to tell the user where/who it was downloaded from. You could also use symetric keys.. although the NSA might get upset with you if you use any non-trivial size. :)


  • For those of us who like having a few hundred (or a few thousand) songs on our hard drives to listen to without the annoyance of switching CDs, compression is a good solution. Buying 100 gigs of hard drive space is not.
  • Dimension has now posted a response [] to Microsoft saying that unfuck IS a crack.

    From Dimension article: "UNFUCK.EXE actaully breaks the protection on any file. There is no loss in quality, the file isn't re-recorded or captured in some way."

    So MS says it captures and Dimension says it doesn't.

    Which is it??

Don't tell me how hard you work. Tell me how much you get done. -- James J. Ling