This move was prompted by researchers from these institutions announcing that they had broken all four copy-protection methods called the "SDMI Public Challenge."

Read Brian Livingston's Editorial on Infoworld.com.

Here is the complete Text of the article (in case it gets moved).

THE WATERMARK WAR

Posted at May 18, 2001 01:01 PM PST Pacific

SUPPOSE YOU BECAME aware of a problem that was costing people millions of dollars without their knowledge. But just before you were about to present your findings at an international conference that had accepted your paper, you were threatened with a lawsuit by a consortium of large, self-interested companies and compelled to withhold your report.

You may think, "That couldn't happen! Americans demand intellectual freedom!" But something like that has just happened, and it strikes at the heart of the computer industry.

I'm referring, of course, to a squelched scientific presentation at the Fourth International Information Hiding Workshop, a respected security conference that was held on April 26.

Researchers from Princeton and Rice Universities and the Xerox Palo Alto Research Center (PARC) had preannounced that they had broken all four copy-protection methods called the "SDMI Public Challenge." But on the morning of the conference, the authors withdrew their paper. The Recording Industry Association of America (RIAA) -- the giant record labels that fund the Secure Digital Music Initiative -- had sent letters threatening lawsuits against the authors, their employers, and the conference sponsors (a good overview of the situation is available at www.cryptome.org/sdmi-attack.htm).

I was surprised that the preannouncement was fairly big news, but the quashing of the report was barely covered even though this action directly threatens the growth and innovation of the high-tech industry. Many people in the computer and consumer-electronics fields deeply desire a secure way to distribute digital information.

At the core of several nations' copyright laws is a balance between the right of the owner and the right of "fair use," especially the right of not-for-profit and educational institutions to make limited copies.

When someone visits a library and makes a Xerox copy of a chapter in Windows Secrets, am I outraged? Of course not. The library paid for the book, and the visitor wouldn't have bought a whole book just to get one chapter. The market was expanded for all concerned.

This is exactly the kind of "fair use" that the RIAA is now bludgeoning scientists to prevent.

This has nothing to do with Napster, which is accused of wholesale copying. Instead, it has everything to do with the public challenge that new technologies should be subjected to before investors mobilize their millions and consumers cough up their cash.

The academics who broke SDMI's inaudible digital signature, or "watermarking," technology in no way developed a program that would allow teenagers to steal CDs. Instead, they reportedly determined that, "No public watermarking scheme intended to thwart copying will succeed." I believe it is this unmasking of the futility of SDMI -- rather than the revelation of some secret decoder ring -- that panicked the RIAA.

A basic understanding of SDMI will help us understand why this is so. Audio files are playable in a variety of devices: computers, car stereos, portable players, and so on. Future SDMI-compliant devices will supposedly be designed to play exact copies of SDMI-encoded audio files, but not compressed copies (for example, MP3 files). Let's look at the "Three Rules of an SDMI Device."

1. An SDMI device must play any non-SDMI CD, because older CDs have no watermark.

2. An SDMI device must play any newer audio track that contains an SDMI watermark.

3. If an SDMI-encoded audio track is compressed, an SDMI device must detect the distorted watermark and refuse to play.

Because old CDs must play in an SDMI device (or no one would buy one), a hacker need not decode a digital signature, which would be extremely difficult. Instead, a hacker need only alter a song's watermark so an SDMI device can't detect that one is there.

Creating software to do this is trivial. SDMI could simply concede that its encoder has no clothes. Instead, the five conglomerates that largely fund the RIAA (which controls 90 percent of the music sold in the United States) decided to declare war on the computer industry and its need for free, scientific inquiry into proposed digital-security standards.