Chaky 191 Posting Virtuoso

I think ppl should read this post.

Short story:

I was installing and reinstalling windows, troubleshooting some hardware incompatibility issues that I'm experiencing. I wanted to preserve my AV software as it is now, so I wouldn't have to download upgrades (~10 MB) via modem again. I've opened registry editor to track down the uninstall log for it. As I was getting to it, I've noticed something out of place in "HKLM/SOFTWARE" branch. It was key named "C07ft5Y" and it had default value set to "SafeDisc RefCount".

That "C07ft5Y" looked suspicious, so I've goggled it and found this:


C-Dilla! "Copy Protection or Spyware?"
Copy protection maker covertly installs monitoring and CD-Rom copy prevention software on personal computers!!
Copy Protection--SafeDisc, SafeDisc HD™ and SafeCast Gold™
Key benefits:

  1. Protects against unauthorized consumer copying of PC software sold through retail, distributor and reseller channels.
  2. Thwarts use of CD-recordable drives, re-mastering by professional pirates, and unauthorized Internet downloads.
  3. Boosts revenues, discourages copying and opens new markets.
  4. Increases retailer purchases of copy-protected titles and reduces store returns.
  5. Creates additional selling opportunities and effective customer support via enforced user-registration information.
  6. Incorporates anti-hacking technology that is effective against piracy.
  7. Easy to implement, compatible with standard hardware configurations and transparent to the consumer.


For convenience I changed the list dots . to a numbered list.

1- OK protects against unauthorized copying, fair enough, as long as the registered owner is able to create a backup.

2- If you read this line as comma separated values then each item is a separate function, which means "Thwarts use of CD-recordable drives..." is a separate function from "re-mastering by professional pirates, and unauthorized Internet downloads."
So what does all this mean to the consumer (read computer owner)? First it means they (Macrovision/C-Dilla) have installed software to monitor what I copy with my CD drive. OK.. Maybe not that drastic!! Well what in effect they have done is place a software program on Your Computer System that can be triggered by copy protected software to disable your CD drive and prevent it/you from copying a CD-Disc, which can be either a program or music CD. And prevent unauthorized internet downloads! Just how are they going to monitor what I download? Hmmm... without spying on my download activities...
3- "Boosts revenues, discourages copying and opens new markets." I think this is marketing hype! Plus it's the same argument used by the Music Industry to justify shutting down Napster.. (I use Napster and recently took the time to test the alternatives, and believe me, the FreeNet server system is probably the way to go, as it is untraceable. User-to-user ever moving and changing..)
4- "Increases retailer purchases of copy-protected titles and reduces store returns." What they're saying here is it creates retail sales of copy protected products. That maybe true till the computer user community finds out what is happening/being done to their computers, than the s%&^ will hit the fan and the backlash against these companies will put them outa business!!
5- "Creates additional selling opportunities and effective customer support via enforced user-registration information." More marketing hype!!
6- "Incorporates anti-hacking technology that is effective against piracy." LOL (Laughing Out Loud)... I've been around computers since the mid-70's and every new copy protection scheme has more or less made the same statement. And in most cases all they managed to do is is frustrate users and watch their competitors, who didn't use copy protection, take the lead in sales/revenue... Anyone who dates back to the game culture of the early 80's can tell ya about the games, some very good, that died because of key-disks, hidden sectors on the hard drive and of course the red plastic (decoder ring stuff) lookup scheme's...
Psst!! Word of advice... The more convolted and intrusive the copy protection, the more people you piss-off, and the bigger the challenge for the crackers to hack it. So instead of developing customer/user loyalty and creating marketing opportunities you run the serious risk of protecting yourself all the way to Chapter 11...
7- "Easy to implement, compatible with standard hardware configurations and transparent to the consumer." This section is open to major interpretation. "Easy to implement", could that mean, once Macrovision/C-Dilla has covertly installed the LMS/CD copy protection/Download spoiler software on your computer system it's easy to implement it's functions by calls from an Install program or a Cookie from a web site.
"compatible with standard hardware configurations" which I take to mean that it works with the majority, if not all CD-Rom Drives to prevent them from copying any CD Disc that it has been told or suspects is Copy-Protected.. Gee, how does that work?
"and transparent to the consumer." I bet I know what this means!! It means that the Consumer/Computer Owner/User has absolutely no idea that this copy protection/spy software was installed on their computer.
This last point (#7) raises a whole lotta issues with me, the first but not the least is the Macrovision/C-Dilla LMS software was installed without my knowledge, all you see when you run the program executable is a small popup dialog box informing you that "a" License Management System is being installed. No name that I saw.
Second it was not uninstalled when I removed the original program it came with, C-Dilla - License Management System is a separate install, that is of course, if you realize that something was installed and check Start Settings Add/Remove.
Why wasn't it installed with the main program and uninstalled with the main program? Well.. There could be any number of reasons,
1. the programmers who wrote the software don't know how to use or setup the install/uninstall software to totally remove all installed program components,
2. everyone has big hard drives, why bother or,
3. Macrovision/C-Dilla is using these trialware/demo programs to get the LMS (License Management System) onto as many computers as possible to demonstrate the effectiveness of their particular copy protection scheme at foiling piracy but more importantly the ability to prevent the illegal copying of DATA AND MUSIC CD's by shutting down the CD-RW installed on the offending computer. Why not!
For the sake of a good conspiracy, let's say I'm right. So, has Macrovision/C-Dilla made their Specifications for shutting down/preventing Your CD-RW Drive from making copies of Data and Music CD's known to the CD-Rom Drive manufacturers and the after market CD-RW software companies??
I hope so!! Because I'd hate to be on the Help Desk at HP or Sony when the calls start pouring in, complaining my CD-Rom Drive won't work, "I can't copy a CD Disc...." Unless, of course, there is a message! That's right. A big red dialog box jumps up and informs ya, "It is Illegal to make copies of this Disc, Data, Program, Music, whatever!"
Copy protection may be a necessary evil, but the Macrovision/C-Dilla LMS system has gone too far when;
1. The Program being installed and Macrovision/C-Dilla DO NOT INFORM THE USER that this software is being installed,
2. That Macrovision/C-Dilla in any manner ATTEMPTS TO HIDE THEIR INSTALL from install monitoring or registry tracking software,
3. That Macrovision/C-Dilla DOES NOT UNINSTALL with the original software, when it is removed/uninstalled from the system. Because C-Dilla requires a separate uninstall, which in all likely hood, the user never knew existed.
As a 4th point I was going to include a reference to the Interference with the users CD-RW but I don't understand all the calls being made by the C-Dilla software/dll's so I am arranging to send them to Steve Gibson at GRC for analysis. Should there be, any illegal calls/interference with the operation of an installed CD-RW Drive, that information will be posted here.
Steve is/was extremely busy with his own work and couldn't devote any time to this project. Since I originally wrote this, an article at Canada.Com has appeared and disappeared (I created a shortcut to it, but when I next tried to access it, it was gone) that related CD Drive issues after installing c-Dilla protected software. As of yet I can not say for sure that c-Dilla interferes with the operation of your CD-Writer. "But I believe it has the ability too." The question of how it remains on your computer's Hard Drive after uninstalling both the original program and c-Dilla has been answered. It was known that c-Dilla could not be removed from your hard drive, I suspected it wrote directly to the hard drive. One of my more enterprising readers learned it wrote to Sectors S32 through S64 and he wrote Rewinder designed to erase these sectors, although you could get rid of c-Dilla it could cause other problems, if you were not completely reformatting your drive.
Article from the Spyware Weekly Newsletter
and link to article/test by ExtremeTECH
(note from Chaky: I've redirected second link to another relevant article. Original wasn't there)


By now you're probably wondering how this all got started..?
I test a lot of software in the run of a year. Always being asked to recommend programs, I have to keep up-to-date on what's new and improved... (Which is almost impossible, but I try anyway!) Actually, I was asked how "I" would provide 60 seconds of video, in a presentation form, that could be e-mail as an attachment (preferred method), viewed from the web and downloaded as part of a promotional package with Word .doc's, and/or distributed on 3.5 disk. After a few questions I had an idea what they wanted but was of the opinion the email attachment would be greater than 1meg which (my opinion) wouldn't be appropriate.
Give me a couple days and I'll see what I can come up with. I said.
I looked at the .AVI and considered some options like install and run, self running .exe, Real Networks SMIL, DemoShield, Ulead Video card, autorun software front end... Gee it's still BIG!! And not that I didn't like some of the options it's just they weren't right somehow.
So I decided to take a look at the latest version of DemoShield by the InstallShield. I have a previous demo version installed and wanted to see what had changed. WOW! Was I in for a shock!!
DemoShield installs easy enough, but when you run the program executable for the first time, Macrovision/C-Dilla install their LMS which caught me off-guard. So I decided to uninstall DemoShield and check to see it All Uninstalled. Which it didn't! As I had monitored the first install I could compare it with the second install report. They were identical.
Then I monitored the what was going on when I tried to run the program .exe for the first time, the report showed the installation of the Macrovision/C-Dilla software and registry entries. I did a quick search for "c-Dilla" and get their url and surfed on over to see who they were, this lead me to the Macrovision site where I copied the above material on the key benefits of using the SafeDisc, SafeDisc HD™ and SafeCast Gold™ copy protection schemes.
After reading the benefits a few times, I began to wonder just what they were up to, and just how are they going to accomplish some of these features without spying on my system or worse My Activities.
Next I uninstalled DemoShield (2nd time) and started the process of comparing the install report against the actual contents of my hard drive and registry.
DemoShield used the Microsoft Installer (MSI) option which leaves CSLID entries under installed components in registry that have to be removed. And creates these four files in the /AppLog/ directory which have to be deleted.
C:\WINDOWS\APPLOG\DEMO32.1.LGC
C:\WINDOWS\APPLOG\DEMO32.1.LGD
C:\WINDOWS\APPLOG\DEMO32.2.LGC
C:\WINDOWS\APPLOG\DEMO32.2.LGD Macrovision/C-Dilla creates the following file in the /AppLog/ directory, C:\WINDOWS\APPLOG\CDILLA64.LGC
C:\WINDOWS\APPLOG\CDUNIN16.LGC
And what is the ".LGC" extension you ask? A quick check of common file extensions says it's associated with MS Excel. Well, it's a password protected Excel Comparison file saved as a ".LGC" file. The example I was given goes like this; you create a calculation/formula to say determine if too much chlorine is in a water sample by analyzing the test results supplied to the Excel spreadsheet by the test equipment. These number are tested by the formula which is then compared by the password protected comparison .LGC file. (probably not exact, but you get the drift)..

This article if from year 2000. I don't know if I'm the last one to learn about C-Dilla, but I do know that I've searched the daniweb for the term "C-Dilla" and found it in ppl's hijackthis logs posted here, but nobody suggested any action against it.

I don't know about you guys, but I, kind of, sense major collective lawsuit coming against Macrovision.