=====================================================================
THE INDUSTRY STANDARD'S
B E A T S H E E T
A Weekly Report on the Convergence of Music and the Net
=====================================================================
| http://www.thestandard.com |
Tuesday, October 17, 2000
TOP STORY:
* Cracking the 'Hack SDMI Challenge'
NET NOISE:
* Eyeofthehole.com
BEATS:
* It's a Bird! It's a Plane! It's Radiohead!
You can't turn around without tripping over the omnipresent Brits.
* Dot Dot Dot
RIAA's new project ... BET.com acquires 360Hiphop.com ... Brooks
leaves Napster for iMusic ... Cher who? ... Vanity Fair's music issue
SOUND OFF:
* Would you use an easy fix to bypass a CD's watermark? What if you
didn't think you'd get caught?
/=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= advertisement =-=-=
HIRE YOUR COMPANY'S NEXT STAR AT THE STANDARD'S JOB SHOP. List your
company's Internet opportunities today and the Job Shop's new Personal
Search Agent will email them to registered candidates, ensuring that
your jobs are seen by the right audience. Sign up for the Job Shop's new
Revolving Client Logos and the Job of the Day and distinguish your
message with prominent placement on the Job Shop homepage. Visit the Job
Shop at www.thestandard.com/jobshop/?njb=nhs.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/
TOP STORY
~~~~~~~~~
Cracking the 'Hack SDMI Challenge'
By Julene Snyder
When the Secure Digital Music Initiative invited the digital community
to test some of its proposed CD watermarking technologies last month,
much of the hacking community responded with derision.
After all, the SDMI is a consortium made up 200 companies and includes
all of the major music labels, firms like Aiwa, Liquid Audio and
Yamaha, along with the Recording Industry Association of America. The
very idea of helping the group develop technology designed to
"restrict fair use" of digital music was soundly repudiated,
especially by the Electronic Frontier Foundation, which urged hackers
to boycott the "Hack SDMI Challenge." (The $10,000 reward the
consortium offered for successfully breaking any of the six
technologies wasn't much of an incentive, either: Security experts,
many of whom can easily make $10,000 in less than a week, dismissed it
as "chump change.")
By the time the contest ended last week, the consortium had received
nearly 450 submissions, and according to Salon.com's Janelle Brown,
"three off-the-record sources" said "not one single watermark resisted
attack."
SDMI Executive Director Leonardo Chiariglione indignantly denied the
Salon story via telephone from his office in Italy yesterday, saying
it's too soon to tell whether there were successful hacks. In the 20
days until the next SDMI meeting - held Nov. 8-10 in Arlington, Va. -
a "testing managing committee" will process the submissions from the
challenge, the results of which will be presented to members of SDMI
before being made public. "It's not enough for someone to say, 'I have
cracked it.' We have to check and see if that information is true."
A larger issue emerging from the controversy is that if it is
impossible to develop an uncrackable code to prevent the unauthorized
copying, sharing and use of digital music, the SDMI may face an uphill
battle that can only resolved in court.
"BlueBoar," the moderator of e-mail list "VULN-DEV," says the "Hack
SDMI Challenge" was a hot topic of discussion among the "freelance
hackers" and security professionals who populate the list. (It should
be noted that the correct term for forcibly decrypting code is
"cracking," not "hacking.") One issue with SDMI is that it's unclear
exactly why watermarks are such a priority for the organization. The
consortium is developing a hardware device that will play all digital
music except files that have been illegally copied, but even those
will not be invulnerable to hackers, BlueBoar says. "Once you've sold
however many million players, you've given everybody a copy of the
algorithm embedded in the player. Once you can read the watermark, you
can modify it or take it out."
Although Chiariglione says it's too early to know where security holes
might be found in the various technologies, BlueBoar says that while
he himself didn't enter the contest, the consensus among his peers was
that "it didn't look too hard to crack any one of the watermarks." Of
course, it's generally accepted among the digerati that it's virtually
impossible to develop an unbreakable code.
In response to the EFF's calls for a boycott of the SDMI challenge,
members of the VULN-DEV community voiced arguments for both sides. One
member posted, "It is far better to take SDMI, not find the holes, let
them institute it, and then flood the market with the methodology to
crack it, forcing them to scrap the entire project and walk away with
egg on their faces." Another urged the opposite: "Hack it but good.
Hack it so good it can't be fixed ... hack it so good they have to go
back to the drawing board for a year or two."
In any case, BlueBoar says SDMI can't come up with a code that won't
be broken easily within a week. In his view, the very idea of the
SDMI's contest was ill-conceived, because it drew so much attention to
the watermark issue.
Chiariglione admits that there may be insurmountable problems with the
watermark technologies, but that's not necessarily bad news. "In
principle, everything can be cracked, whether it takes one month or
1,000 years," he says. "Even in the case that all six technologies
have been hacked, it doesn't necessarily mean anything. We may be able
to patch the algorithms to make them more powerful than they were
before."
Bottom line? "It only takes one person to get around watermarks and
publish their results," says BlueBoar. "Once the code is distributed,
it can be used by any number of people without their necessarily
understanding what it does." Whether or not Joe Schmoe can crack the
code is beside the point. "Most people can't get music off a CD and
convert it to MP3 without a program anyway," he says.
In any case, some see SDMI's stated mission to develop "secure"
digital music as a smokescreen: If there's no real possibility of
making any file uncrackable, it comes down to legalities. BlueBoar
believes it's just a matter of time before SDMI concludes that the
only way to prevent the unauthorized distribution of digital music is
to sue anybody who tries to bypass the watermark on a CD.
Under the Digital Music Copyright Act, it's illegal to try to bypass a
protection mechanism. And even though it may be relatively simple to
bypass the watermark or encryption, record companies may show they're
just as willing to go after those who bypass SDMI as they have been to
go after Napster.
Still, BlueBoar sees SDMI as fighting an uphill battle at best.
"Unless somebody figures out a way to make people use the SDMI stuff -
and I don't see how they're going to do that - they're going to fail
in the marketplace. That is, unless they can get a judge to declare
MP3s illegal."
And at press time, that was one lawsuit that hadn't yet been filed.
/=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= advertisement =-=-=
This is what happens when you spend ten years pursuing perfection.
The All New Lexus LS 430.
The most inspiring automotive experience in the world.
See it at http://www.lexus.com/banner.asp?b=289
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/
NET NOISE
~~~~~~~~~
Eyeofthehole.com
Confusingly, this site calls itself "Black Hole," without the URL
you'd expect from the name up top. (Don't go to "blackhole.com";
you'll end up at what appears to be an ISP in the Twin Cities.)
Instead, point your browser to "eyeofthehole.com" or
"yourblackhole.com" for a quick glance around the urban-music
landscape. Here, you'll find a biweekly Web zine that aims to cover
hip-hop, R&B, house and reggae music, along with the cultures that go
along with each genre. Both mainstream and underground artists get
their due, and political features also get coverage; you'll find
stories about controversial figures like Fred Hampton Jr., Geronimo
Pratt and Oscar Lopez Rivera. Album reviews seem to be written with
more passion than writing chops, but that's part of the charm that
permeates the place. (See Lady Zimma's take on reggae artist Lazah
Current: "I caught me some hip-hop flava, some R&B feel and good old
cultural drumming on this CD.") Overflowing with ideas and info,
you'll also find tour dates, newsy gossip, poetry, photo galleries and
a sense that the people behind this site are doing it as much for love
as any hope of money.
----------------------------------------------------------------------
BEATS
~~~~~
It's a Bird! It's a Plane! It's Radiohead!
You can't turn around without tripping over the omnipresent Brits.
You've got to give Capitol Records credit for promoting the bloody
heck out of Radiohead's latest album, "Kid A." Whether or not making
the album available online weeks before its release had much to do
with its debut at Billboard's top slot last week, somebody deserves a
big fat raise for getting the album an incredible amount of press.
A brief glance around the media landscape finds the band popping up
anywhere and everywhere - this without benefit of a video or a single,
just a mere three-date trek through the U.S., and sanctioned full
album streams available to everyone from BBC radio's Web site to
Heavy.com and MTV.com.
Online, interviews with the band pop up on MTV.com, Wall of Sound and
Jam Showbiz, and those sites that didn't sit down for a chat are
running superlative reviews of the album and recent live shows. In
print, the boys appear on the cover of Spin (the accompanying article
clues us in that Brad Pitt has called Radiohead "the Kafka and the
Beckett of our generation"). The band manages to evoke
uncharacteristically soaring prose from Time magazine ("Kid A arrives
like Mark Antony delivering Caesar's funeral oration: it comes not to
praise rock but to bury it"). They're featured in Vanity Fair's music
issue (sandwiched, implausibly, between B.B. King and Quincy Jones).
And as for TV, they did the obligatory stint on Saturday Night Live
last week.
At this point, debate about whether all the buzz comes from
word-of-mouth and P2P is moot; now, the question is whether any group
can avoid the "sell-out" stigma once they've been plastered with the
"critics' darling" sticker.
Dot Dot Dot
RIAA's new project ... BET.com acquires 360Hiphop.com ... Brooks
leaves Napster for iMusic ... Cher who? ... Vanity Fair's music issue
Last week brought a press release from the ubiquitous Recording
Industry Association of America announcing the launch of a project to
develop a "standardized system for identifying digital files of sound
recordings" that will "facilitate and accelerate the growth of digital
delivery of music on the Internet." Huh? Digging deeper, we find
further illumination from RIAA general counsel Cary Sherman, who says
that the idea is to be able to "specify each unique sound recording,
in all its forms." Just in case, oh, someone wants to see exactly who
released which copy of precisely what album to, oh, say Napster,
before said record officially hits the streets. ... Ever
Johnny-on-the-spot, Inside.com broke the news yesterday that Liz
Brooks, Napster's VP of marketing, is jumping ship to join up with
iCast Music, to become its senior VP of artist development and
marketing. ... BET.com acquired 360Hiphop.com last week, with the
latter's investors to receive an "undisclosed equity stake in
BET.com." We're assured that both sites will operate independently and
"retain their respective audiences." 360Hiphop.com's Russell Simmons'
new title will now be vice chairman of BET.com. ... In case anyone
cares, Cher announced that she'll release her next album, the
confusingly-named "Not.Comm.Ercial" strictly over the Internet via
Cher.com and Cherdirect.com, "in partnership with Artistdirect.com."
The disc hits Nov. 8. ... Much joy was found within the unlikely pages
of Vanity Fair this month. The November "music issue" may be light on
the Eminem/Limp Bizkit tip and heavy on the Keith Richards/Iggy Pop
old-fart beat, but there's enough dirt to keep a person up into the
wee hours reading under the covers with a flashlight. Especially
entertaining is the oral history-like chronicle of MTV's genesis and
this quote by Warner Bros. executive VP Stan Cornyn: "When it comes to
interest in new technology, the record business finishes just ahead of
the Amish."
----------------------------------------------------------------------
SOUND OFF
~~~~~~~~~
This week's question: Would you use an easy fix to bypass a CD's
watermark? What if you didn't think you'd get caught?
E-mail your opinions to julene@well.com with "sound off" in the
subject line, and we'll print a selection of the responses in next
week's newsletter. Letters may be edited for clarity and length, so
keep them short and include your name and affiliation, if any. Letters
may be edited for tone, clarity and length.
FEEDBACK:
Last week's question: Can a portal like Listen.com become to music
what Yahoo has become to navigating the Web?
Listen.com seems to have the most crucial element for surviving online
in place: financial backing (of course so did Priceline). They offer a
turn-key proposition, so for the majors, it's a matter coming to an
agreement. However, let's play devil's advocate and assume that the
Big Five have other plans: Then I'm afraid the boys at Listen.com may
end up becoming another dot-com casualty who bit off more than they
could chew.
- Ali Afkhami
Quite possibly. But it needs to be more democratic. Music can be an
intensely personal experience, and everyone gets something different
out of it. Listen.com is doing the right thing by not *reviewing* the
music, only *describing* it. But as a musician, I am worried about the
ability of a disinterested intermediary to describe my music in a way
that will "hook" my potential audience. If you said that my band
played instrumental music that sounds like it came from a spy movie,
you would get some of the feel of it. If you said that it was
funk/dance music, you would get another aspect of it. But is that what
a impartial third party is going to write? Probably not.
In comes the democratic part: The Listen.com gang does their thing,
and it gets the highest billing. Then the band gets to put in their
two cents worth. And then there is a Reviews section like they have
for books at Amazon.com. (Maybe the Listen.com gang could edit this.
They could take out all the "I LIKE IT!" comments, and only leave the
interesting ones. ...) Make all of this searchable with a Google or
AskJeeves-like engine, and I think Listen.com would be very sticky,
very valuable and something that would give something back to the
bands themselves. (As part of a band, it is surprisingly difficult to
get good feedback from a wide range of people ... and it would be very
helpful! As a musician, that is what I dream about.) And I think
Listen.com is on the right track!
- Christian Jacobsen
Budapest, Hungary
STAFF
~~~~~
Written by Julene Snyder (julene@well.com).
Editor: Steven Zeitchik (szeitchik@thestandard.com).
Deputy Editor: Michele Keller (mkeller@thestandard.com).
GET THE MAGAZINE
~~~~~~~~~~~~~~~~
4 RISK-FREE issues at this URL:
http://www.thestandard.com/account/magazine
GET MORE NEWSLETTERS
~~~~~~~~~~~~~~~~~~~~
The Industry Standard newsletters cover the media, stock market,
e-commerce, music, law and more. Enter your e-mail address at the
following URL and select the newsletters you wish to receive:
http://www.thestandard.com/newsletters/
To UNSUBSCRIBE to any newsletters, log in at the following URL and
select the newsletters you wish to cancel:
http://www.thestandard.com/account/newsletters/unsubscribe
GET MORE NEWS
~~~~~~~~~~~~~
Go to http://www.thestandard.com for more coverage on the Internet
Economy.
ADVERTISING INFORMATION
~~~~~~~~~~~~~~~~~~~~~~~
For more information on advertising in The Industry Standard
Newsletters, contact:
West Coast
Amy Kastrinos (mailto:akastrinos@thestandard.com)
East Coast
Norma Wesolowski (mailto:normaw@thestandard.com)
FEEDBACK AND PROBLEMS
~~~~~~~~~~~~~~~~~~~~~
Send letters to the editor to letters@thestandard.com.
Please contact us with any problems that arise:
http://www.thestandard.com/service
You can also contact us via phone or mail:
The Industry Standard, Customer Service
(402) 293-0386 (phone)
(402) 293-0794 (fax)
The Industry Standard, Production
315 Pacific Ave.
San Francisco, CA 94111
(415) 733-5400 (main)
(415) 733-5401 (fax)
Copyright 2000 The Industry Standard
|