A new Spyware product has hit the streets called C-Dilla. It is packaged with Unreal Tournament 2003, TurboTax, and a host of other programs. C-Dilla is installed on your system without your permission, and does not un-install when the software originally installed first is removed. It remains in the background monitoring your computer and reporting information back through your internet connection.
While information is still coming in about C-Dilla, it has been reported that C-Dilla once installed is a copy-prevention system. It makes CD copying harder, disables your ability to burn CD's, logs all your attempted burns and logs all your downloaded files. Word has it that it also halts your IMAPI CDROM burning service. People have even gone as far as to state that it is a blatent attempt by the music industry (RIAA and the MPAA) to try and prevent the exchange of audio and video files, although this has not yet been confirmed nor ever may be.
C-Dilla is also known as "SafeDisc", "SafeDisc HD" and "SafeCast Gold" marketed by MacroVision. MacroVision's definition to the market of C-Dilla is the following:
Spyware Weekly has posted the following article:
- Protects against unauthorized consumer copying of PC software sold through retail, distributor and reseller channels.
- Thwarts use of CD-recordable drives, re-mastering by professional pirates, and unauthorized Internet downloads.
- Boosts revenues, discourages copying and opens new markets.
- Increases retailer purchases of copy-protected titles and reduces store returns.
- Creates additional selling opportunities and effective customer support via enforced user-registration information.
- Incorporates anti-hacking technology that is effective against piracy.
- Easy to implement, compatible with standard hardware configurations and transparent to the consumer.
Do you use TurboTax by Quicken? Then you need to be aware that it has possibly installed a spyware trojan on your computer. We've had a thread running at the forums for a week or two about a third party application called C Dilla that is installed by TurboTax.One large problem here is that it is distributed with TurboTax. TurboTax uses parts of C-Dilla as registration identification to it'self. Unfortunately, the Spyware portion of C-Dilla cannot be removed.
According to an article at privacyandspying.com, C Dilla is a copy protection program that installs without disclosure with certain programs such as game demos. It disables your CD burner when copy protected software is on your computer, monitors what copy protected software you are using and how, disables "certain" internet downloads, and possibly sends user data off to a remote server without permission.
Quicken makes no mention of this software anywhere on their web site (that I could find), although possibly there is some disclosure in the click-through EULA. Considering that it is illegal in many places to provide customer financial data to third parties without the customer's consent, if you use TurboTax to do other people's taxes for a living, this third party software might actually be causing you to break the law. I'm sure the application doesn't send financial data back to .... wherever ... but since it isn't discussed anywhere on the Quicken web site, how can we be sure?
C Dilla is now a target of Spybot S&D. At first the developer was worried that removing it might actually break one of these ridiculous copyright protection laws that Hollywood keeps buying in Washington D.C. I pointed out at Spybot's support forums that there is nothing illegal about a third party uninstallation program. Or that if there were, Microsoft was breaking the law itself with its add/remove control panel applet. I'd like to think that my argument helped persuade him to include this trojan as a removal target and I hope all the other spyware removal companies also add detection for it. Just be aware that removing C Dilla will most likely disable whatever installed it, as is the case with many programs that install spyware. Make sure your documents are backed up in a standard format and is accessible by whatever you replace it with.
A recent reply to a user of TurboTax from Intuit was told the following concerning their knowledge of C-Dilla being installed along side TurboTax without the users permission:
Thank you for contacting Intuit Inc. regarding TurboTax® and C-Dilla.Copy proction may be a necessary evil, but the Macrovision/C-Dilla LMS system has gone too far when:
Intuit has an ongoing commitment to protect your privacy. That is why privacy was a key consideration when implementing the product activation technology in federal TurboTax for Windows desktop products for tax year 2002.
The Macrovision SAFECAST® product activation technology used by Intuit installs files on your computer when you install TurboTax. These files serve as your product license; in addition, they also manage and protect that license. These files interact only with TurboTax and with each other. Macrovision SAFECAST does not gather any personally identifiable information. It does not examine, modify, or gather information about your computer, your computer's contents, or your activities or behavior, nor does it transmit any such information to Intuit, Macrovision, or any other party.
C-Dilla is a company that was acquired by Macrovision in 1999. Some of the Macrovision SAFECAST technology used in TurboTax is derived from earlier C-Dilla products.
If you have additional questions, please visit us at www.turbotaxsupport.com. We appreciate your interest and look forward to serving you in the future.
CD Media World is reporting the following:
- The Program being installed and Macrovision/C-Dilla DO NOT INFORM THE USER that this software is being installed,
- That Macrovision/C-Dilla in any manner ATTEMPS TO HIDE THEIR INSTALL from install monitoring or registry tracking software,
- That Macrovision/C-Dilla DOES NOT UNINSTALL with the original software, when it is removed/uninstalled from the system. Because C-dilla requires a separate uninstall, which in all likely hood, the user never knew existed.
IF YOU LIKE LISTENING to music CDs while working on your computer, New Scientist has some bad news: a company has found a way of preventing CDs being played on a computer's CD-ROM drive. The idea is not to increase productivity in the office, but to stop pirates copying CDs or sending CD-sourced music across the Internet. It is not yet clear, however, whether record companies will risk consumers' wrath by releasing discs they can't play on their PCs.For now I warn everyone about installing Turbo-Tax on their systems for 2003. Also users who downloaded or have installed any version of Unreal Tournament 2003. At the moment you can do a search for the following files on your system, but I do not currently recommend deleting any of them as you may disable software or even cause your computer to halt (NOTE that these files are unconfirmed!):
Software companies, including Micro- soft and IBM-owned Lotus, already use C-Dilla's SafeDisc system to stop people copying CD-ROM data discs. SafeDisc puts the program material in an encrypted "wrapper" which can only be unwrapped when a digital signature code pressed into the disc matches an authorisation code entered into the PC. While a ROM drive can read the authorisation code, a CD recorder cannot copy it, so copies of the CD-ROM will not run.
A CD-ROM disc stores data at three levels, and although a CD-ROM drive reads all three, it only passes the top level into a PC for copying. SafeDisc stores the key code signature at a lower level, so it can be read from the original CD-ROM disc but not copied onto a blank. Although a CD recorder can copy a protected disc, the copy will not run on a PC even when the correct authorisation code is entered.
The music industry has been dreaming of just such an anticopy system since it was claimed more than 30 years ago that the Beatles' vinyl album Sergeant Pepper could not be copied. In fact, as with the many systems that followed, the recording was as easy to copy as it was to play.
But now C-Dilla's founder Peter Newman, who invented SafeDisc, has found an answer for the CD generation. His Audio-Lok system takes advantage of the fact that the standard for the music CD format was set before the CD-ROM standard.
CD-ROM drives have a more powerful error-correction system than music CD players, which is activated by extra code on the CD-ROM discs. Newman's system adds false error codes to a music disc. An ordinary CD player doesn't notice the false codes, but a CD-ROM drive picks them up and ejects the disc as unplayable. This makes it impossible to copy the music onto a blank disc or "rip" it onto a computer so it can be compressed and sent over the Net.
A prototype AudioLok disc lent to New Scientist duly played on a CD music player but refused to play or copy on a PC. Newman says he is confident that his system will also stop consumer music CD recorders making a copy, because these devices are already designed not to copy CD-ROMs. He expects AudioLok to be ready for launch in a year.
TV and video companies already use a copy-protection system, developed by the American company Macrovision, to stop people pirating their programs and movies. Macrovision has bought C-Dilla for around $18 million so it can offer similar protection to the music industry.
But the breakthrough may have come at the wrong time. The music industry's Secure Digital Music Initiative group has just agreed with the electronics manufacturers to allow owners of CDs to make copies onto a PC, as there seemed to be no foolproof way to stop copying altogether.
So will music companies use AudioLok? "The recording industry welcomes people listening to CDs on computers," says Paul Jessop, director of technology at the International Federation of the Phonographic Industry, the music industry's world trade body. But he adds: "The ability to make discs that cannot be copied on computers may be of considerable interest to some record companies."
cdilla10.exeAs always, stay tuned and read SpywareInfo for updates.
Articles & References:
Privacy & Spying on the Internet: http://www.privacyandspying.com/privacy-c_dilla.htmlNet-Integration: http://www.net-integration.net/cgi-bin/forums/ikonboard.cgi?s=3e0fcd687098ffff;act=ST;f=28;t=939SpywareInfo: http://www.spywareinfo.com/newsletter/archives/december-2002/12252002.php#cdillaCDMediaWorld: http://www.cdmediaworld.com/hardware/cdrom
4/10/03 update to the above:
In response to the uproar about SafeCast, also known as C-Dilla, including allegations that it is also spyware and that it prevents CD burning, among other things, Intuit had an independent company, PCTest, evaluate SafeCast. Tom Allanson, senior vice president of Intuit's TurboTax division, told CNet News.com that in all its evaluations, PCTest "didn't find any appreciate deterioration in performance for any of the computer systems they tested." Copy and paste the website listed below into your browser, click on "removing C-Dilla from your computer" link for instructions for removing it once you have uninstalled TurboTax.