Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Blu-ray Protection Bypassed

Posted by kdawson on Tue Jan 23, 2007 04:13 PM
from the et-tu-Sony dept.
Encryption Security Media Sony
ReluctantRefactorer writes with an article in the Register reporting that Blu-ray copy-protection technology has been sidestepped by muslix64, the same hacker who bypassed the DRM technology of rival HD DVD discs last month. From the article: "muslix64's work has effectively sparked off a [cat]-and-mouse game between hackers and the entertainment industry, where consumers are likely to face compatibility problems while footing the bill for the entertainment industry's insistence on pushing ultimately flawed DRM technology on an unwilling public." WesleyTech also covers the crack and links the doom9 forum page where BackupBluRayv021 was announced.
+ -
story

Related Stories

[+] HD DVD's AACS Protection Bypassed 161 comments
Mr. BS writes "Playfuls.com is running a story how HD DVD's AACS protection has been compromised. Although the video of the hack leaves much to be desired, the source code has already been made available. Feel free to start backing up your HD DVD's whenever you feel the need."
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Blu-ray Protection Bypassed 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Oh well... (Score:5, Funny)

    by Pojut (1027544) on Tuesday January 23 2007, @04:18PM (#17727886) Homepage
    ...lasted a bit longer than CSS...maybe next time they might make it last a whole 6 months, maybe even ***gasp*** a whole YEAR before "pirates" start enjoying their blowjob while consumers just get a spiked dildo in the ass.

    • Re:Oh well... (Score:5, Funny)

      by Ryan Amos (16972) on Tuesday January 23 2007, @04:20PM (#17727924)
      It only lasted as long as it did because not enough people are using Blu-ray or HD-DVD to care.

          • Re:Oh well... (Score:5, Informative)

            by Ruprecht the Monkeyb (680597) * on Tuesday January 23 2007, @05:31PM (#17728894)
            Hardly. DVD had the fastest penetration of any consumer electronic device in history -- faster than cell phones, faster than VHS, faster than PCs. It had very little to do with DeCSS; it had to do with the three things.

            (A) the players are much less complicated to produce than VCRs, so the retail price rapidly dropped to the point where you virtually got a DVD player with your happy meal.

            (B) The retail price of DVDs started low and got lower. I bought my first DVD for $20, and nowadays you can find B-list titles, used DVDs, etc. for $5 or less. VHS, on the other hand, started really expensive -- most titles were $90 or up in the early years -- and only started getting cheap when DVD arrived on the scene.

            (C) There was already an established model and infrastructure for rental. It didn't take too long when VHS started, but it did take several years before 'renting a video' became a universal experience. With DVD, that happened pretty much from day one. People didn't hesitate to adopt a format when they could get content on it quickly and cheaply from the start. And Netflix has done more for the adoption of DVD than DeCSS.

            Not to say that DeCSS hasn't been a boon, but even now most consumers don't have the expertise/wherewhithal/inclination to copy DVDs. Most of the pirated discs on the subway were initially mass-produced copies, not home pirated versions.

          • The DVD launchpad (Score:5, Insightful)

            by meringuoid (568297) on Tuesday January 23 2007, @05:43PM (#17729044)
            I'm always curious though... DVD never really took off (it was popular, but not in-every-living-room popular) until CSS was cracked and people could copy their own DVDs (or rather buy copied DVD movies for $5 from the kid down the hall.) That was the real death knell for VHS.

            I'd say DVD took off once the Playstation 2 came out. Before that, DVD players had been expensive and VHS was good enough for most. PS2 put millions of DVD players in people's living rooms as a side-effect of something they were going to buy anyway. Before PS2, DVDs were confined to a small slice of shelf space in video stores; once PS2 came out, they increased very rapidly indeed.

            Things may have gone differently elsewhere, but in the UK the Playstation 2 was a major force behind mass-market acceptance of the DVD format.

            I used to think that the Playstation 3 would have the same effect for Blu-Ray, but now I'm far from sure. Quite apart from the price, it's just too late; it's this generation's N64. In the NES and SNES days I was a total Nintendo fanboy, but if my parents hadn't had a fit of generosity and got a PC, I'd have given up waiting for N64 and bought a Playstation, and I'm sure many others did the same. How many people have already given up waiting for PS3 and gone out and bought a 360?

      • Re:Oh well... (Score:5, Informative)

        by Tony Hoyle (11698) <tmh@nodomain.org> on Tuesday January 23 2007, @04:58PM (#17728444) Homepage
        Satellite TV encryption is dynamic. Got the keys? They just got revoked. Worked out the encryption? A download just changed it.

        A DVD is a static medium and the players aren't normally connected to a source of data, so they can't update them so fast, and they can't invalidate the encryption without making your existing disks unplayable (=class action lawsuit)... so it's considerably easier to break (and re-break as they issue new disks).

      • Re:Oh well... (Score:5, Informative)

        by Goaway (82658) on Tuesday January 23 2007, @05:12PM (#17728684) Homepage
        This hasn't been "cracked" in any meaningful sense of the word. All they've done is implement a decrypter working from the format specs, and worked out a way to hack decrypted keys out of a software player.

        At any point, the player can have its keys revoked and code changed, and we'll be back to square one.

        • Re:Oh well... (Score:5, Insightful)

          by camperdave (969942) on Tuesday January 23 2007, @05:39PM (#17729020) Journal
          All they've done is implement a decrypter working from the format specs, and worked out a way to hack decrypted keys out of a software player.

          Once they've done that, they can hack decryption keys out of a hardware player. These cannot be changed without ticking off a whole bunch of consumers. Working out the decryption code was probably the hard part of the process.

  • Just doing his job (Score:5, Funny)

    by gEvil (beta) (945888) on Tuesday January 23 2007, @04:18PM (#17727890)
    Sounds like Muslix is doing his part to help keep the entertainment industry regular.

  • This won't kill DRM (Score:5, Interesting)

    by suv4x4 (956391) on Tuesday January 23 2007, @04:20PM (#17727918)
    Microsoft and Apple are smart. Disk based DRM is doomed since you can't actually upgrade disk drives and disk media that easily, even with encryption programs written dynamically on the disk.

    So as disk-based DRM is consistently wrecked, but can't be updated until the next hardware cycle (~7-8 years at least), which alternative becomes obvious?

    Software based DRM via network downloads. You can update the DRM-ed player in the next software patch, automated via Internet distribution. Apple is covered with their iTunes store, and Microsoft has been working frantically on heavy DRM in Vista and WMP.

    Now you know why.

    • Re:This won't kill DRM (Score:5, Insightful)

      by arodland (127775) on Tuesday January 23 2007, @04:36PM (#17728134)
      Interesting premise, but think about it. For that to be effective you need to tell people that they can't watch the latest movies or whatever on any sort of player that isn't connected to the internet. If you release anything on HD-DVD or Blu-Ray, it's going to hit this "hole", get converted to some unencumbered format, and away it goes. And "Rocky 9, available today on AppleMovieThing" is locking a lot of people out.

  • One can hope..... (Score:5, Insightful)

    by acomj (20611) on Tuesday January 23 2007, @04:20PM (#17727926) Homepage
    That these cracks and counter DRM attempts cause enough compatability problems that the Consumer electronics industry gives up on DRM, and the studios would have to follow if they wanted there content sold at hi def prices....

    One can dream that they'll come to there senses. There is nothing more annoying than petty restrictions on the content you buy..

    Why shouldn't I be able to watch my dvd/hd movie on my ipod OR computer OR TV. This is getting stupid. The thing is the studios are unified in there stance by the MPAA, maybe consumers should start lobbying or just stop buying..

  • The CPS unit key must be know (Score:5, Informative)

    by rminsk (831757) on Tuesday January 23 2007, @04:23PM (#17727962)
    From the article "The early version of this utility only supports the decryption of Blu-ray discs whose CPS unit key is known." ... "A powerful crypto attack was used to analyze the memory dump obtained from a Blu-ray Disc software player (such as WinDVD or PowerDVD). The crypto attack helped to identify the encryption keys that are needed for decrypting the video files." So it has not been cracked as the keys still need to be found. This just decodes the contents once the keys are found.

    • Yes it IS a crack (Score:5, Interesting)

      by ratboy666 (104074) <<fred_weigel> <at> <hotmail.com>> on Tuesday January 23 2007, @05:03PM (#17728538) Homepage Journal
      The crypto is only as strong as the algorithm, and the method used for key management.

      The argument that DRM is "workable" breaks down because the encrypted message is delivered to a party who is expected to BOTH decrypt the message, and NOT know the keys. But the keys had to be used to effect the decryption!

      Basically, it makes very little sense.

      The only way that DRM can work is if the playback device does not trust its user. Which means that it CANNOT be a general purpose computer.

      The next generation of "DRM Operating Systems" cannot support general purpose computing. Pretty much the only way to guarantee that DRM will work is for such a computer to not allow ANY non-DRM compliant software while DRM content is playing.

      In other words, while the DRM movie is playing, your spreadsheet won't.

      But, since music playback while working is common, we can safely predict that DRM restrictions will be lifted from music. Movies? The next generation may well support "single tasking while movie is playing" mode.

      If this is not done (as well as locking out all non-DRM approved drives and kernel extensions), the keyset can be recovered from the player software.

      This crack just demonstrates this particular weakness. When I probe a cryptosystem, I look at the algorithm used (are there errors in the implementation? is it a good crypto algorithm? etc.), the keys (key length, is brute force possible or is the key recoverable from a known encyrpted plaintext, was the key produced by someone sane, or an idiot, etc.) and key management (where and how are keys stored and published etc.).

      Remember "Spaceballs": the code is: "1", "2", "3", "4".

      It is also good to remember that once a single digital copy is "cracked", the work doesn't have to be done for that title again.

  • It's not cracked, not yet at least (Score:5, Interesting)

    by FlunkedFlank (737955) on Tuesday January 23 2007, @04:25PM (#17727992)
    Again, as with HD-DVD, all that's happened so far is: - he has implemented decryption using the fully public specs - he has recovered some per-disk keys (using a clever technique) by finding them in the memory of software players Neither format should be considered cracked until a standalone software player could play all disks (independent of an online key database) a la DeCSS. That said, major props to him for actually getting done what he got done. The plaintext attack he used to recover the software keys, as described in one of the forum posts, was a nice touch.
  • "Honey, I have to reboot the TV because it's just gotten a security bios update and TiVo won't record until it sees the update. Oh, and I'm sorry the DVD player doesn't work: the last automatic update turned it into a spam-bot and I had to turn it off or get sued under CAN-SPAM 2.1"

  • The network is now the problem... (Score:5, Funny)

    by plazman30 (531348) on Tuesday January 23 2007, @04:38PM (#17728162)
    With 20+ GB downloads of HD movies, we're going to need much faster pipes in order to continue to illegally download movies. Verizon should help fund these guys, as it will help sell the 15 Mbit FIOS intetnet option.

    Andy

  • The drawback people have spotted here (Score:5, Interesting)

    by goldcd (587052) on Tuesday January 23 2007, @04:58PM (#17728450) Homepage
    is that you can't just run the program to decrypt all your Blu-Ray(or HD-DVD) disks, you need to locate the key and use that to get the unprotected data.
    This sounds like a right pain in the arse. I'm used to buying DVDs willy-nilly and just shoving films onto servers, PSPs, iPods, XBMC etc as the mood takes me. It always works, I just press a couple of buttons and away I go.
    Reading these stories have made me think - I'm now even less likely to buy a HD disk than I am a standard DVD. I buy a HD disk in the shop and I've now got to worry, can I get the key for this disk? will it be for the right region? will it be the right version (you can be sure once a disk is cracked they'll shove new keys on all future pressings).
    I don't think I can be arsed with all this really.. much easier just to download un-encrypted and know it'll work on everything I own, forever. FFS I'd pay more for the pirate version than the legit one given the chance.
    My next prediction is the appearance of a site that'll serve keys. You put your HD disk in your machine, run a util that gets a hash from it, searches online and decrypts the disk automatically.
    *scampers off to register hd-keys.com*

  • Content industries don't care about this (Score:5, Insightful)

    by Stuntmonkey (557875) on Tuesday January 23 2007, @05:19PM (#17728766)

    To call it a "cat-and-mouse game" is overstating I think. Why should the content sellers care about someone cracking Blu-Ray or HD-DVD encryption? They know that piracy is inevitable. They just want to keep it underground so the average consumer doesn't participate. And for that, under the DMCA any proprietary encryption system will do just fine. The DMCA gives them the permanent legal right to go after anybody who doesn't license their decryption technology, or who tries to circumvent it in an unauthorized way.

    DVD is a great example. DeCSS has been around for years, but it hasn't had a material impact on DVD sales because DVD copying isn't widespread. (At least in the USA; parts of Asia like China are a different story.) Threat of legal action backed by the DMCA has kept DVD backup software generally unavailable to Joe Consumer, despite the widespread prevalence of DVD-R drives and media.

    Bottom line: You could break their encryption and print up all the geeky De-AACS T-shirts you want, but it won't materially affect content sales.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.