How to produce pirate-proof pop

Listening to music on your MP3 player might be getting more difficult

By BBC News Online internet reporter Mark Ward

The music industry is denying reports that the technology it has chosen to protect music online has been rendered useless.

Early reports suggested that a competition to crack the protection systems had ended with experts breaking through all the measures used to secure music files.

But the music industry organisation behind the competition said it did not yet know whether the technology had withstood an assault by hackers or had crumbled when attacked.

A spokesman said that the music industry was not relying on the technologies tested in the competition and it is working on other methods to protect pop music online.

Call to crack

Last month, the Secure Digital Music Initiative (SDMI) invited computer experts and crackers, hackers who specialise in brute force attacks on technologies, to try to break the system it was planning to use to protect digital music.

The SDMI was set up by the music industry and works on behalf of its 200 members on ways to protect music placed on websites. The music industry is currently scrambling to find a way to stop sites such as Napster that let people swap pirated pop.

The system that the SDMI has already produced makes it much harder to produce unauthorised copies of music tracks, but the technology has been widely criticised for restricting what people can do with the music they own.

The competition was set up to test the Phase II technology that attempts to remove these restrictions while keeping those that make it hard for music to be copied illegally.

File mangler

The SDMI placed six files on a website and invited anyone interested to try to break the secure wrappers protecting the music. It offered $10,000 for every successful crack of the files. Four files were protected with watermarking systems and the other two were encrypted.

Many security experts and hackers called for the competition to be boycotted because of the music industry's legal action against Napster, and the feeling that any help they gave to SDMI would limit access to music.

But the SDMI reported that by the close of the competition it had received almost 450 files back from crackers and hackers.

Now it is sifting through them to see if the protections were broken, how serious any flaws in its protection systems are, how easy the flaws are to exploit and what effect the cracking had on the quality of the music being protected.

Embedded ID

"The submitted attacks are currently undergoing tests to see whether they successfully attacked one or more of the six proposed technologies," said Leonardo Chiariglione, executive director of the SDMI.

He said early reports that the technology had been broken were premature. The results will be released in November.

The SDMI is not the only music industry body working on security technologies.

The Recording Industry Association of America is working on a system that will embed identification information within tracks that will make it harder to pirate pop.