Princeton Student Sued Over Paper on CD Copying

Princeton Student Sued Over Paper on CD Copying

Three days after a Princeton graduate student posted a paper on his Web site detailing how to defeat the copy-protection software on a new music CD by pressing a single computer key, the maker of the software said on Thursday it would sue him.

In a statement, SunnComm Technologies Inc. said it would sue Alex Halderman over the paper, which said SunnComm's MediaMax CD-3 software could be blocked by holding down the "Shift" key on a computer keyboard as a CD using the software was inserted into a disc drive.

"SunnComm believes that by making erroneous assumptions in putting together his critical review of the MediaMax CD-3 technology, Halderman came to false conclusions concerning the robustness and efficacy of SunnComm's MediaMax technology," it said.

SunnComm, which trades on the Over-the-Counter Bulletin Board, said it has lost more than $10 million of its market value since Halderman published his report.

<snip>

http://www.washingtonpost.com/ac2/wp-dyn/A5483-2003Oct9?language=printer

Since when is being clever and showing the shortcomings of someone's product a civil offense?

Jeeze, this 'coporate personhood' superceeding human personhood is getting tremdously annoying. Ah well, at least the lawyers aren't worried about being unemployed. :grr:

I hope he counter-sues for harrassment.

If he did really find a flaw then they haven't got a leg to stand on.

On the other hand, if his paper itself is flawed and the company has lost money and share value purely because he has, effectively, lied about them, then I say that they should go for it.

You've got to be accountable.

P.

"If he did really find a flaw then they haven't got a leg to stand on."

Current federal legislation makes it a crime to bypass electronic copyright protection. Even if it is an exploit of a flaw...

This why some people say the DMC Act goes way to far.

I don't know... it is pretty well known that pressing the shift key will bypass some of the auto-run functionality. He didn't do anything out of this world, he just had the balls to publish a paper about it.

It was just a matter of time before someone found out.

I agree that DMCA goes to far, but taking into account the simplicity of this "hack", I wonder if even DMCA would apply.

they're not going after him for bypassing copyright protection, they're going after him for publicly telling people that there's a flaw in their software, aren't they?

I mean, surely an industry magazine could review the product and say "It's shit - it doesn't work at all if users hold down the shift key, and they'll figure that out within 5 minutes"?

Or are US companies now allowed to say "This product cures cancer" and nobody is allowed to say it doesn't when it doesn't?

don't they hire him for debugging their software?

but thought that even with that glitch it would still deter many a pirate.

plain and simple. but the consequences are profound either way.

Is it Alex Halderman's responsibility to protect Sunncomm's programs? Did he really "hack" anything, when all it takes it one key? Isn't it Sunncomm's job to make it tough to copy CDs?

And, if it really is that simple, how can they prove than others didn't figure it out?

They sneak a kernel device driver onto every Windows box they are inserted on. All holding down SHIFT does is prevent Windows auto-insert notification from running the malware when the cd is inserted.

This is a normal part of how Windows operates... I think they are mostly pissed that someone found out they are installing software secretly on PC's without permission of the owners.

without your knowledge or consent.. Isn't that intrusion? Isn't that simular to introducing a virus of spying program?

Maybe it's companies like these that need to be hit with litagation... not users who are using products they bought in good faith and are rewarded with an unknown intrusion of their computer system.

that says the user gives permission to install, blah blah blah. It would be interesting to see it challenged in court though.

These guys are no doubt also cheesed off that they now look like blithering idiots to thier music industry customers. I mean, imagine how much money they collected for this 'technology' and the promises they may have made about its great security?

Does that mean these CDs would play fine without any keypress at all? And if so, since anyone who's burning CDs a lot would no doubt have this turned off anyway (it's required for my red book CD burning software to prevent buffer underrun errors), the whole thing is apparenly a racket to defraud investors of money for the 21st century equivalent of snake-oil.

I think the company concerned should spend more time worrying about a shareholder lawsuit than bothering this student.

Click Here To See Fair & Balanced Buttons, Stickers & Magnets!>

disable auto-insert, for those of us who aren't so Windoze savvy?

Welcome to DU!! :toast:

and thanks for the welcome! I've been lurking for a few months, finally registered and joined in.

I did find a useful site for those inclined to make their Windows better, answersthatwork.com. I fixed my startup so some useless routines no longer start and clog up my machine, things do seem to be running quicker.

:bounce:

made millions on a security feature that can be bypassed by the shift key. Somebody laughed their way to the bank on this one.

Maybe then these companies could figure out how to not let someone outsmart them.

Remember the teenager in Finland that hacked the movie industry's much touted DVD ecryption algorythm? The movie industry went ape and started suing any site that posted the code, they even sued one site in particular that posted a link to the the code. Too bad they lost millions of dollars because one smart teenager broke their weak encryption.

This is no different. SunnComm lost $10 million in market value because their programmers either thought they could outsmart everyone else, or they tried so hard that they missed the obvious flaws. They may as well shut it all down and start up under a new name. They are finished in the business now.

typical GOP lawsuit abuse.

The standard EULA for proproietary stoftware states that a program cannot be modified or reproduced in an illeagal way. If the shift key was pressed, this does not modify the software code, but does interfere with the way it processes information. I think it will all depend on how liberal the judge feels. My bet is that the case will get thrown out since the person is not truly providing the means. Holding the shift key to negate auto-insert notification is common knowledge and will generate many hits on any search engine. This is very different from open source decryption algorythims and so forth.

Oh yeah, to further illustrate my point, here's the registry entry to turn off auto play (Change last bit to 1 if you want it back on):

"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom"
"Autorun"=dword:00000000

I'm getting pissed the more i think about it....

I keep it shut off on my systems. Does that make me a bad guy?

Welcome to DU!! :toast:

It's like someone builds a "perpetual motion machine", a bunch of investors buy a ton of stock, and then some smartass kid comes along and points out the electromagnet hidden in the base. Of course, lots of people can see that it's a sham to begin with, but this guy actually has the gall to publish. What's the company going to do? It can't recoup its losses by actually making the machine work, so the next best thing is to sue the critic.

The FTC should be all over SunnComm for fraud and false advertising, but instead some college student is going to get a bill for 10 million dollars. What a stupid country we inhabit.

then there need to be some changes in the law to make it clear to said judges that these types of cases need to be thrown and laughed out of court. :puke:

I think they dropped the suit...

http://www.theinquirer.net/?article=12041