Cactus Data Shield

Cactus Data Shield (CDS) is a form of CD/DVD copy protection for audio compact discs developed by Israeli company Midbar Technologies. It has been used extensively by EMI (subsequently acquired by Sony Music), BMG and their subsidiaries. CDS relies on two components: Erroneous Disc Navigation and Data Corruption.

As of September 2006, all of Macrovision's CD copy protection products, including CDS, had quietly disappeared from their website. The December 2006 issue of Billboard announced that EMI had decided to abandon Copy Control worldwide.

Erroneous Disc Navigation
CDS discs contain an initial audio session, similar to that of an unprotected disc. In addition the disc contains a second (data) session and a software player configured for auto-play with a lower-quality, compressed version of the audio for it to play.

The second session on the disc causes some CD/DVD players to hang, typically some car players (allegedly using CD-ROM drive mechanisms) and some MP3 capable players that can see but not understand the second data session.

The second session has been circumvented by another method, which is to either place masking tape around the disc near the edge, or mark a strip next to the edge with permanent marker. Because it is a multi-session disc, this method will hide the second session, leaving only the first audio session visible. This trivial circumvention of Macrovision's copy protection allows protected CDs to be copied using CD-ROMs or played in CD players that struggled to understand CDS multi-session discs.

On older Windows operating systems, disabling auto-play either once when loading the disc, or permanently, can stop the software player from launching and may be all that is required to access the audio session for drives that recognise both sessions. Newer versions of Windows since Vista have fixed the auto-run vulnerability thus all the user needs to do is simply choose not to run the software.

A side effect of the second session containing the music in compressed form is that the maximum length of music on a CDS disc is reduced, being approximately 70 minutes. The remaining space is use for the compressed audio (and the player software and other files though these are small by comparison).

Data Corruption
The second aspect of Cactus Data Shield is careful corruption of the audio data, as described in the Midbar patent "Prevention of disk piracy" US patent number 6,425,098. As usual for patents this is freely available on the US Patent Office web site.

In summary the method described detects during mastering when the waveform of the music comes close to being a straight line for at least the size of a "frame" (information on the disc is encoded in blocks or sectors, each sector contains 98 frames of music for a CDDA disc) and marks the frame and replaces it with erroneous data that violates the T.sub.max (according to the IEC 908) in which there is no transition between the high and low data levels (1 to 0 or 0 to 1). This results in a DSV (Digital Sum Value) error on the CD.

Additional data corruption described in the patent includes adding a duplicate entry of the TOC (Table of contents) from the audio session onto the second (data) session. Some older CD drives would only see the second session erroneous values (such as time and track type) and were not able to copy or play these. Another method is to change the start time of the Lead-Out (end of the disc) to an incorrect time in the TOC. Other patent processes include changing the time in the Q channel so it holds, speeds up or flows backwards.

Interpretation of Corrupted Data
An old-fashioned CD player reading subcode correctly sees a missing audio frame and interpolates any missing information that it cannot correct using information from neighbouring frames. Because these missing frames occur at points where the waveform was nearly a straight line anyway, this interpolation is very accurate and generally transparent to the user.

What happens with computer drives is very specific to the hardware and firmware of the drive in question, assuming they have at least seen past the second data session and can play the audio session.

Some older drives simply ignore the subcode and "play" the data frames, resulting in loud audio glitches. Some are overwhelmed by the number of errors needing correction and interpolation, and these drives may then output occasional glitches. Ripping at the drive's minimum speed can reduce or eliminate this effect.

The majority of new drives can successfully correct and interpolate all missing audio even at maximum ripping speeds.

Impact
The techniques used on Cactus Data Shield discs mean the discs do not conform to the red book Compact Disc Digital Audio standards, and they therefore do not bear the Redbook logo. For this reason they should not be referred to as CDDA (Compact Disc Digital Audio).

There are also ethical/legal issues surrounding the selling of discs that won't reliably play in all players, where added errors make the disc more easily affected by accumulated lifetime damage, and where actual audio data has been omitted.

One of the earliest released CDs using Cactus Data Shield was White Lilies Island by Natalie Imbruglia, which was released in November 2001. With only a minor mention of the CDS in the small print of the CD case, the album was the subject of many complaints from consumers who found that they could not play the CD on non-Windows computers, games consoles and some other devices. Cases included the Xbox repeatedly playing only a small portion of track 1, while PlayStation 2 users could play track 2 but not track 1. BMG later provided uncorrupted copies of these CDs to consumers. Only the initial European release was copy-protected.

Controversy
Macrovision made a number of controversial claims about the software which were subsequently proven false:

"This Macrovision technology does NOT install spyware or vaporware of any kind on a users [sic] PC. In fact, CDS-200 does not install software applications of any kind on a user's PC. All the copy protection in CDS-200 is hardware based, meaning that it is dependent on the physical properties and the format of the CD. None of the copy protection in CDS-200 requires software applications to be installed onto a computer."

At the same time, widely circulated reports that the Macrovision software behaved in ways indistinguishable from a computer virus were also found to be false, as was the notion that the software provided any substantial copy-protection.

Macrovision CDS software existed principally in two versions: "CDS-200" and the subsequent "CDS-300."

Versions
The first versions of the system were CDS-100 and CDS-200. Later, a CDS-300 system that features an active software protection was introduced.