IBM, Intel push for encryption standard

IBM Corp. is backing a standards proposal that would allow generic functions to be programmed into removable media such as DVDs, flash memory and Zip drives that, among other things, could limit what a user copies to or from his computer.

IBM had previously proposed the controversial Copy Protection for Recordable Media (CPRM) standard to the T13 committee of the Washington-based National Committee for Information Technology Standards, which oversees Advanced Technology Attachment (ATA) interfaces. Such interfaces are used by a computer's motherboard to communicate with its disk storage devices.

But IBM said it pulled its backing of CPRM in favor of a "generic functionality" proposal submitted by Curtis Stevens, a technical editor at Phoenix Technologies Ltd. in San Jose, at the T13 group's meeting late last month.

IBM - along with Intel Corp., Matsushita Electronic Components Co. and Toshiba Corp. - formed a consortium called 4C Entity LLC in Morgan, Calif., to push the T13 committee to adopt first the CPRM and now Stevens' code into its ATA standard.

The Web site of the T13 committee contains many e-mails criticizing CPRM as a threat to civil liberties because it would allow an original equipment manufacturer to control what computers can copy or read. Some of those same critics are charging that the new "generic" proposal is nothing but a red herring that would still allow third parties to control computer copy functionality.

Bruce Schneier, founder and chief technology officer of Counterpane Internet Security Inc. in San Jose and a vocal critic of copyright protection standards, said that while the new standard proposed by Stevens is targeted at removable media, it easily migrates to fixed or hard disk drives.

"I think the whole idea of a third party dictating what goes on in your home or on your computer in your personal life is wrong," Schneier said. "They're making rules about what happens on your hard drive."

CPRM uses a serial number as a key to encrypt the content on a disk drive so that it can't be copied to another disk or through another drive unless it's code-compliant.

The generic functionality proposal would instead let an ATA device manufacturer use a fixed set of command codes to dictate how a drive functions. The new standard would also allow up to eight specific parameters to be set for a variety of purposes, from streaming media or read/write commands to drive or content protection.

The inability to share codes among various ATA vendors has been a problem in the past. The new standard uses a Global Unique Identifier created by the vendor to disclose the command codes.

IBM insists that the technologies are intended only for copyright protection of removable media, not hard disks. The new proposal, IBM said, is optional and must be activated by the copyright owner.

John Gilmore, co-founder of the Electronic Frontier Foundation (EFF), a nonprofit citizens rights organization in San Francisco, said if the T13 group's 14 members approve the standard, it will eventually be used in removable media and all disk drives.

Results of the vote are due April 12.