The Secure Digital Music Initiative (SDMI), two years in the making, is a system being created by a coalition of record and technology companies to prevent online piracy of digital music. Using a standardized watermarking and tracking system, SDMI will keep an eye on what you’re listening to and prevent you from transferring any naughty MP3s anywhere the music industry doesn’t think they should go.
It is, in other words, a kind of system that is antithetical to that old tenet that “information wants to be free.”
So it should be of little surprise that SDMI’s invitation to hackers to chip in and help hasn’t piqued the interest of the geek community.
The “Hack SDMI” challenge is an open invitation to the geek community to “attack the proposed technologies. Crack them.” The challenge officially begins Friday, but news of it has been making the rounds since last week, when SDMI chairman Leonardo Chiariglione posted an open letter offering any hacker who can successfully break into a piece of content that is protected by an SDMI watermark a chance not only to win up to $10,000 but to “play a role in determining what technology SDMI will adopt.”
So far, the response to this open challenge has been, well, eerily quiet; there’s not even a link on the always opinionated Slashdot. On Wednesday, in the Linux Journal, technical editor Don Marti spoke up to explain why, in a piece headlined “Boycott hacksdmi.org”: “Thanks, SDMI, but no thanks. I won’t do your dirty work for you … Hackers should not, and will not, offer free consulting services to an organization that is using technical means to destroy the customary balance of the interests of copyright holders and music listeners.”
Marti elaborated on his objections to the challenge in an interview. First of all, he says, the amount of money SDMI is offering for the hackers’ time and expertise is laughably inadequate. Corporations pay dearly for this kind of knowledge these days; as he puts it, “$10,000 is chump change for anyone who knows anything about encryption or reverse engineering.” Therefore, the kinds of people who will be drawn to the contest will probably be less experienced hackers who won’t be able to meet the challenge. As he posits, it’s just a P.R. ploy: “They are going to run the hack SDMI challenge and at the end they’ll put out a press release saying no one hacked SDMI, therefore it’s secure. All hail SDMI.”
Marti says he doesn’t plan to pirate music, but he’s also opposed to offering assistance to a system that wants to put new limits on where and how you can listen to music you already own. “SDMI is a blatant, unilateral attempt by the copyright holding industries to rewrite the balance of power between music listeners and copyright holders,” he explains. “It relies on an extraordinarily dangerous doctrine called ‘trusted client’ — in trusted client, your own devices, your computer or stereo, spy on you. It’s not a good idea to own a device that’s a black box that you aren’t allowed to open but which is allowed to watch you.”
Marti says that the response to his editorial has been terrific, and that while he’s received lots of e-mail agreeing with him about SDMI’s cluelessness, he has yet to hear from anyone who plans to participate in SDMI’s challenge.
And what did SDMI think of his response? Salon’s calls to SDMI’s press office went unreturned. But Marti says that he also e-mailed his open letter to the webmaster of HackSDMI.org — and guess what? It bounced.