Custom DVDs & Players For Academy Members 266
xyankee writes "In an effort to curtail the piracy and bootlegging of DVD screeners, the Academy of Motion Picture Arts and Sciences has endorsed a plan to distribute about 6,000 special DVD players to members that will play specially encrypted screener discs that would be earmarked for a specific academy voter and would play only on that person's machine. The Associated Press has the full story, while Laurence Roth, VP and co-founder of Cinea, Inc., the company behind the technology, says 'the discs, by themselves, cannot be hacked.'"
Riiiiight.... (Score:5, Funny)
Re:Riiiiight.... (Score:5, Informative)
1. DVDs have one key for the disc, which is encrypted about 400 different times. One of the basic rules of cryptography is that you NEVER encrypt the same thing with different keys.
2. The DVD players are publicly available, so it's not too hard to take out a ROM chip and analyze it.
3. The key size was only 40 bits.
Suppose this new system has only one key per disc, coded for a particular private player, using 256-bit Rijndael encryption. It will indeed be uncrackable given only the disc, which is what the quote said.
Re:Riiiiight.... (Score:5, Insightful)
No it isn't. You are half remembering the rule for one time pads (not any time of encryption) that you should never use the a one time pad twice.
Re:Riiiiight.... (Score:3, Interesting)
Re:Riiiiight.... (Score:2)
Effectivly this makes the algorithm part of the key.
Something modern cryptotheory considers inadequate.
Not actually that modern, this aspect of cryptotheory dates from the 19th century.
Re:Riiiiight.... (Score:5, Insightful)
I suggest that if the academy is prepared to swallow the expense of handing out the players (+ the bitching of members who have to play movies on it when their home cinema systems already has a player), they'll have a very workable security system.
Re:Riiiiight.... (Score:3, Informative)
Re:Riiiiight.... (Score:4, Interesting)
While the RIAA would hardly like that either, the point in this case is to stop widespread distribution of a high quality print weeks or months before their official release date. Once a screener escapes into the wild (and many do) it takes a nanosecond to appear on hundreds of P2P networks. That's millions and millions of dollars in lost revenue (at least in theory).
This is what they want to stop. Personallized screeners with watermarking and dire threats would be an extremely effective way to do that.
Re:Riiiiight.... (Score:2)
Re:Riiiiight.... (Score:3, Insightful)
It gets easier the more discs you have, though, since then you end up in the realm of differential cryptanalysis.
Also, they seem to be most worried about the academy members themselves - and they still get to see the movies (plaintext!). Even if they're mostly worried about academy member's evil nieces
Re:Riiiiight.... (Score:2)
Or replace with white noise
This would probably be even easier to do when you (have to) depend on analogue outputs. It only makes the challenge greater.
How many "waterwatermarking" schemes will actually survive lossy compression and/or multiple D->A->
Re:Riiiiight.... (Score:3, Interesting)
That said, it is probably true that the watermarking could be defeated with access to several of the players. It would take a serious effort, at least as serious as what Felton and his group at Princeton put into cracking the audio watermarking scheme a few years ago. As you recall, he had the advantage that the watermarking scheme was disclosed very completely in a
Re:Riiiiight.... (Score:2)
It would probably be easier to use a public key encryption algorithm. Player contains the private key, disk creation is done with the public key. The difficult bit is the distribution, since making sure 6,000 pieces of physical media wind up where they should go is rather more difficult than using PGP/GPG for email.
It will indeed be uncrackable given only the disc, which is what th
Re:Riiiiight.... (Score:2)
You can watch the DVD, so it much be breakable, even if it means putting a video camera in front of the TV screen.
Re:Riiiiight.... (Score:3, Funny)
I thought it was never get into a land war in Asia, and only slightly less famous is never get into a battle of witts with a Sicillian when death is on the line.
PGP style (Score:3, Insightful)
Re:PGP style (Score:3, Interesting)
Re:PGP style (Score:3, Insightful)
lol (Score:3, Insightful)
Setting themselves up for a MONSTROUS fall there...
Re:lol (Score:2, Interesting)
Re:lol (Score:4, Insightful)
You might not be aware of this, but one reason for certain pay TV stations being hacked as easily as it was (and I'm not talking about analog "encryption") was that sufficient information leaked.
And as stated elsewhere: There's still the analog output. Sure, they might put have in some watermarking. They most likely did. But I frankly doubt that there is something like *robust* watermarking for audio and video without significantly impair the signal quality, thus causing noticeable artefacts. (If there is, I'd love to see a pointer to scientifical papers, cause I'm quite interested in such methods myself.)
Re:lol (Score:4, Interesting)
Re:lol (Score:5, Insightful)
somebody just invented a good way to milk money off from mpaa..
.
Re:lol (Score:3, Insightful)
Cinea will invest several million dollars to make and distribute the DVD players to academy members and possibly to movie critics and other awards groups.
So, wait. The mpaa has millions to spend on this new way to prevent piracy? I thought they were losing money out the ass! (they'll have to reimburse Cinea somehow - so the mpaa is really paying the millions for the DVD players and the encryption)
Sounds like they need to read this [craphound.com].
Not really... (Score:2)
I'm sure that this time around they use a proper algorithm like AES at 128 bit+. Good luck breaking that with the discs by themselves. Unless you have access to one of the 6000 players as well, it's not going to happen.
With that said, they DO have access to the players, and even if not, they can compare several waterm
Re:Not really... (Score:3, Interesting)
How secure is AES 128+ bits anyway? MPEG streams have a pretty regular pattern that offers a lot hints to cryptanalysts. I wouldn't bet on the security of a system that encrypts 2-8 GB of data with such a regular pattern!
Re:Not really... (Score:3, Informative)
How secure is AES 128+ bits anyway? MPEG streams have a pretty regular pattern that offers a lot hints to cryptanalysts. I wouldn't bet on the security of a system that encrypts 2-8 GB of data with such a regular pattern!
If I gave you the transcript of everything ever said by every human that has ever lived and encrypted it with a random key and gave you the resulting cipher-text you'd still have to try 2^127 keys on average to recover the key .Knowing patterns in the plain-text doesn't help you at all!
Re:Not really... (Score:2, Insightful)
Why are you so sure?
Time and again people have chosen laughably weak crypto algorithms and then plastered them with impressive-sounding quotes like "the discs, by themselves, cannot be hacked."
They might have used a decent algorithm. But I'd put the odds at only about 50/50.
The OP is right; they're really setting themselves up for a fall.
Re:lol (Score:2, Funny)
They could sit at the end of the room and just rip it straight to DVD-R from the camera.
For the authenticity of a cinema rip however, it would be necessary to have people walk past the TV eating popcorn every few minutes, slurping sprite and coughing regularly through the soundtrack.
It would be a trivial task to add out of focus Japanese subtitles later using a standard mpeg editor.
Re:lol (Score:3, Insightful)
how long (Score:2, Interesting)
how long till the "discs that cannot be hacked themselves" will be hacked?
two hours, or two weeks? (remember de-CSS code printed on t-shirts?)
Re:how long (Score:4, Insightful)
They story says that they'd have on-screen indications of who's tape it was too. Probably something along the lines of a text across the screen somewhere saying "Screener serial# 123456".
Making a new disk isn't impossible. I've been toying with my DirecTiVo. It has wonderful outputs to go to my receiver, but not really good outputs for recording. I bought a DVD recorder, and got creative with the wiring. Now I get S-Video in, but I'm still lacking on the audio. The DirecTiVo has the choices of digital fiber optic, or L&R RCA jacks, and the DVD recorder doesn't have a digital fiber input (I couldn't find any with that). It still makes very nice DVD's.
Once I make the DVD, it's not a really hard task to take the resulting disk and edit as needed, such as blocking over whatever is indicating who's disk it is. That may be an unreasonable task, if the text is in the middle of the screen.
I can't imagine too many Academy Awards judges wanting to go through all the bother to release a bootlegged video though. I think their trouble comes when they loan it to friends, who make copies for friends, who make copies for friends (etc, etc).
It still doesn't remove the possibility of a slightly corrupt theater manager setting up a digital video camera in the booth beside the projector and hooking into their sound board, and getting an almost perfect copy of a movie though. They could still get a movie on the Internet the night before it's released to theaters.
Re:how long (Score:2)
Say you've got 16 scenes that aren't critcally timed. You delay the cut on some of them by 10 frames, not on others. That's a simple way to encode 16 bits of information into the film, and without multiple copies and a fair bit of time you'd never notice it. Encode the same 16 bits 4 times on 64 scene changes, and you've got redundancy. Or
Re:how long (Score:3, Interesting)
My ex-wife worked at a theater for years. The movies would come by truck shipment the day before release. The movies are delivered on multiple reels, so they have to be put together into one reel. You can spot the reel changes by a small black oval flashing in the top left corner. The first flash indicates the reel change is coming. The second one indicates it should happen now. They'd also need to make sure the aspect was set correctly.
To make sure that they put the reels together correctly, t
Security (Score:4, Insightful)
Re:Security (Score:2, Insightful)
Re:Security (Score:3, Interesting)
may actually benefit everyone..
- DVD player running uClinux, enabled with
- GPG private/public keys, and a
- Web of Trust of the
Academy of Motion Picture Arts and Sciences
This would enable encryped DVDs to be distributed
securely. What happens after they are decrypted
and played
trust the people with the screener DVD's.
Re:Security (Score:5, Insightful)
I think this has quite a good chance of being secure.
Anybody that starts with that assumption, or the stated and equally unlikely "cannot be hacked" has already lost whatever battle they imagined they were fighting. There are probably more holes in making the discs than there are in distributing them. How many hands does a film pass through before it even gets to be a master copy waiting to be encrypted?
Re:Security (Score:2)
You'd think someone would have learned from RMS Titanic (the ship, not the movie).
There are probably more holes in making the discs than there are in distributing them. How many hands does a film pass through before it even gets to be a master copy waiting to be encrypted?
You've also got the same issues surrounding the manufacturing of the DV
Alirght (Score:5, Funny)
Someone give that Johanson kid a call.
Re:Alirght (Score:2, Informative)
Probably gonna be redundant.. but.. (Score:5, Insightful)
Re:Probably gonna be redundant.. but.. (Score:5, Informative)
Has everyone forgotten that you still have this kind of copy protection?
Steve.
(actually, two seconds of googling showed up this gem [quicknet.com.au].
Re:Probably gonna be redundant.. but.. (Score:5, Insightful)
(hell, I would be VERY surprised if piracy hurt major mpaa members more than what the license costs for macrovisions shit protections have cost them over the years)
Re:Probably gonna be redundant.. but.. (Score:5, Funny)
Ahhhhh! Curse You Macrovision!!! Your almighty copy protection cannot be stripped out by anyone! Arrrrrgggghhhh!!
Re:Probably gonna be redundant.. but.. (Score:4, Insightful)
Has everyone forgotten that all you need to get around it is a TV monitor with video out as well?
KFG
Re:Probably gonna be redundant.. but.. (Score:4, Interesting)
Re:Probably gonna be redundant.. but.. (Score:5, Interesting)
image:
- flat screen display
- tripod
- good camcorder
sound:
- grab stream from the entertainment center
put them back together... voila.
Re:Probably gonna be redundant.. but.. (Score:2)
ReplayTV 4000 series units (and I believe the newer ones as well) do not have Macrovision circuitry on board. So that means that even a Macrovision encoded DVD will not be distorted if routed through a ReplayTV unit. So, all one needs to do is run the video into the ReplayTV, runDVArchive [dvarchive.org] to transfer the video, and voila - one MPEG 2 stream.
The only down side is you'll lose the 5.1 channel audio, which IMHO is the best part about DVD's.
Re:Probably gonna be redundant.. but.. (Score:2)
Re:Probably gonna be redundant.. but.. (Score:2)
Dunno... but given how fast some DRM is being circumvented here, it wouldn't be surprising if that escalation hadn't been foreseen.
Re:Probably gonna be redundant.. but.. (Score:2)
Re:Probably gonna be redundant.. but.. (Score:2)
Possibly even a better source, since with an integrated display there is no point at all in the signal ever being converted to YUV or composite video.
Re:Probably gonna be redundant.. but.. (Score:2)
Even then there are multiple methods of circumvention.
One word... (Score:5, Insightful)
Famous last words... (Score:5, Funny)
I hope that quote gets used a little later on down the line, when some 14 year old writes a few lines of code that circumvents yet another uncrackable encryption / protection system...
ha. (Score:5, Funny)
uh huh.
In related news, "That gun isn't loaded" , "The dog doesnt bite" and "The Titanic is unsinkable"
Took em long enough... (Score:5, Insightful)
Yes, it isn't foolproof, but at least they're trying a reasonable solution, instead of poking everybody's eyes out with lawyers.
is this actually going to help? (Score:5, Interesting)
Of course, they could just say they were doing this, and then send everyone an el-cheapo DVD player with a special decal on the front. That might be enough to psych out someone.
Re:is this actually going to help? (Score:2)
Re:is this actually going to help? (Score:3, Insightful)
Re:is this actually going to help? (Score:3, Insightful)
Re:is this actually going to help? (Score:2)
correct me if I'm wrong (Score:5, Interesting)
Re:correct me if I'm wrong (Score:4, Informative)
That was how decss was cracked, but it wasn't possible only because of that. There are other methods. This was simply a very convenient one to take. It would have been cracked eventually anyway.
6000 members of the Academy... (Score:5, Interesting)
These are all bandaids on a huge wound.
Re:6000 members of the Academy... (Score:2)
Every 'problem' a given member has with seeing a movie will reduce its chances come Oscar night.
You're assuming that only a select few will be encrypted like this -- I was immediately thinking all of the screeners distributed would. Then no special movie would suffer from any disadvantage.
Is it such a big de
Re:6000 members of the Academy... (Score:2)
The thing is, when you're trying to get your critically acclaimed lower-budget movie into the oscars, do you go with the encrypted screeners? No, you release an unencrypted screener, and everybody sees it. Boom, you've got an underdog success... and we're back to e
Re:6000 members of the Academy... (Score:2)
Re:6000 members of the Academy... (Score:2)
Re:6000 members of the Academy... (Score:3, Insightful)
most of them are decept people who only get paid ONCE for a movie - its just a tiny group who keep getting paid over and over and over for a job done once. They are rich. The others, not so much.
And how many among those 6000, who are has-beens with an expensive coke habit and a penchant for high-priced hookers, will have a problem with letting somebody hack their copy and dvd player?
On Hacking (Score:5, Interesting)
I thin this is the beginning of a new stratagem: In principle one could sell DVD players with individual signatures that can somehow burn a tag on an individual DVD, which makes it impossible to be read and played by any other player. Now THAT's DRM for you.
Re:On Hacking (Score:2)
duh... (Score:2, Funny)
Won't stop a thing! (Score:4, Insightful)
Re:Won't stop a thing! (Score:4, Informative)
I hope you mean third world from the sun, otherwise I think you've missed the main target group for western movies.
Ka-ching (Score:3, Interesting)
Your movie-ticket dollars at work.
Just give 'em a private streaming video website...
<grrr>
A solution in 1 second (Score:4, Insightful)
DRM... MacroVision... special players & MAYBE one day special TVs... totally useless as long as the ultimate goal is to watch the movie... with unprotected human eyes
just take a digital camera, point it at the TV screen... et voila! Sure, won't be DVD quality, but, in home conditions, the quality will beat telesync =)
oh yea right like this will work.. (Score:2)
Cheaper solution (Score:3, Interesting)
I don't really see why they need to go to the trouble of making each disc specific to one player, because that would just increase the cost of making a run of discs. There really shouldn't be a problem with playing a disc on another member's player. Adding a unique watermark to each player though, that shouldn't be much of a problem. But watch them screw things up so that the player firmware can be copied to a budget player.
DIVX does make sense (Score:5, Insightful)
The Big Studios should love it.... (Score:4, Insightful)
"So you are a small indie studio with that incredible good movie (just picked up all prizes in the european festivals).
Sorry, if you can't pay a few megabucks for the license & machines and some more kilobucks for making a few thousand individual watermarked DVDs, then the academy award is not for you.
We hope for your understanding, but we have to protect the interests of our good clients from the MPAA who are in in for business and have no problem of paying these small academy consideration fees. Thank you!
Best Regards,
Mr. Big Boss of Academy of Motion Picture Arts and Sciences.
Re:The Big Studios should love it.... (Score:2)
Re:The Big Studios should love it.... (Score:3, Interesting)
Only if they make it a requirement that you must distribute your movie
Cannot be hacked?!?!?! (Score:3, Interesting)
You gotta be kidding. If I were some sort of technology bigwig and I wanted to buy a product and someone said those words to me I would do an about face and try real hard to not let the door hit my ass on the way out.
I would be much more impressed with the figures of what it would take to hack the discs. Cause in my opinion - encryption is made to be broken.
Now if he is saying that it cannot legally be hacked. Well that is probably true....
Secure yet waste of money (Score:4, Insightful)
My understanding is that the DVD and player are matched. Each DVD can only be played on one player. This means that even if a DVD escapes, it likely cannot easily be played elsewhere. If a copy of the movie is made, then it was probably off the Academy Member's machine, and there is probably some way to identifiy the member based on artifacts within the movie.. This is quite different from the current situation in which a member can just claim that the disk was 'lost',
And yet one must wonder about the reason to go through such expense. Buying $6,0000 customizable DVD player that are hardened against attack cannot be cheap. Making sure that none of the unassigned DVD players hit the street must be expensive. Producing 60000 custom DVD cannot be cheap. From a bidness point of view, is there a real ROI from these costs? The theaters continue to rack up sales at astronimical rates. DVD sales continue at equal an equal nerve wrenching pace. But for some reason the Academy wants to concentrate on the management of custom DVD players rather than the creative act of making film. Madness.
Re:Secure yet waste of money (Score:2)
Translation... (Score:3, Informative)
He let something slip right there. My guess is that they're using a much longer encryption key, and that the key is not stored on the disc, but in the player. So to crack as easily as CSS was cracked you'd have to disassemble the player as well, and even that might not help unless you can read the code out from the inside of the chip, which may or may not be possible.
While nothing's "uncrackable", a disc encrypted with a 256-bit key that you don't have would take a while. And even if you did crack it, the odds are that the contents is watermarked, and they'd know who the release came through, and prosecute him. Then you'd have to get another source for the next disc.
Bottom line would be, you'd not get any more discs, if everyone who supplied a review copy to pirates got busted immediately. And that's assuming they CAN be hacked.
Another Screen/Recording Unit (Score:2, Insightful)
Re:Another Screen/Recording Unit (Score:3, Informative)
While they're at it.. (Score:2)
Translation: (Score:2)
In other words it just takes one unscrupulous reviewer with a disc and a machine; to duplicate the film using the audio and video out connectors. Great for the companies that are heralding this technology; but in practice it is going to do little to curtail piracy; lets face it most of the decent pre-release films on the net have come from someone inside the business;
Give the customer another incentive (Score:2, Interesting)
A smarter move would be to offer the customer something extra that the pirates would find much harder to offer.
How about a few little freebies to go with the actual DVD? A free poster or stickers, interactive content such as a mini-game (which wouldn't be copied using the method of copying the film via a video-output or using a videocamera), a username and password to the official website so you can access online content an
Cannot be hacked, eh? (Score:2)
Re:Cannot be hacked, eh? (Score:4, Informative)
It is called "One-Time Pad encryption", and is what the NSA and CIA use when they really are paranoid about somebody trying to read some of their communications. Basically, you get a random noise source (often background microware radiation hiss or even more often some radioactive source and using the unpredictible nature of individual decay particles, that way producing true random numbers) and then with that source of numbers you produce something that would go into a custom player. Each person with this special player could recieve discs that could only be played on that individual player, and anybody else would litterally see just random noise on an individual DVD-disc.
Now here is the nasty part of that system: If you produce more than one DVD using the same one-time pad, the code can be cracked. That is why it is called one-time pad, because once used it can never be used again. The NSA has usually a pile of CD-ROMs or DVDs with these codes on them (or some other digital medium), and they burn/destroy the discs as soon as they use one, with a duplicate of that disc available with the person sending/receiving a message, who either decodes/encodes the data and then similary destroys the disk.
Now a modified version of this could in theory be able to stop a random hacker from getting a disc from the U.S. Postal Service and decoding it, but there is still one more place of vunerability:
The player itself must decode the movie. I think most Academy members would object to the disc being destroyed in the process of watching it (perhaps they got a phone call in the middle of watching a scene and want to back it up for a moment to catch what was going on), and then there is one other vunerability.
The movie must be viewed at some point, and regardless of what other encryption schemes are done, it must be decoded to some very simple colorspace (RGB or with video usually YUV triplet pixel values) that can then be displayed on some viewing system. The whole point of this is that Robert Redford or Tom Hanks can watch a nominated movie at home, in their underware, whenever or however they feel like it. Or with a few friends if they so choose. Even then what is stopping somebody from pulling out a camcorder and filming the TV/projection screen that is showing the movie, and don't get me to rattle on about Macrovision or watermarking... that doesn't work and ruins the image anyway.
I gave the most plausable system from somebody who has worked with multimedia systems before, and even with this hyper-paranoid system it can still be cracked.
Copyright violation acts are an inner ethics issue, like not killing somebody or not shoplifting. Some things can be done to help discourage breaking the law or stopping people from doing things like this, but if you are really interested in accomplishing the goal (like killing the President of the USA), there really isn't anything that can be done to stop it from happening. All security does in these cases is to simply put up "speed bumps" to make it harder to accomplish, and weed out the rank amatures from the professionals. Unfortunately in this world there are people who totally lack ethics and would do anything and say anything, sometimes just for fun, like feeding your grandmother to the Ravanous Bugblatter Beast of Traal.
The point isn't that it might be hacked (Score:5, Insightful)
'the discs, by themselves, cannot be hacked.' (Score:2)
Can they be watched? (Score:2)
Sheesh, if these industires would put 1/2 the funds they waste with this garbage into creating better products and lowering costs, their troubles would go away...
Nothing is hacker proof (Score:2)
Unless they want to pay $millions and millions of dollars to constantly upgrade, re-engineer and upgrade this stuff on an annual (or even more frequent) basis, common PC computer technology will out accelerate it and eventually make it possible for Joe Hacker with his dual-core Athlon 64 PC that he has less than $1,000 in to crack the disc's encryption.
Every time... (Score:3, Insightful)