Blu-ray Protection Bypassed 407
ReluctantRefactorer writes with an article in the Register reporting that Blu-ray copy-protection technology has been sidestepped by muslix64, the same hacker who bypassed the DRM technology of rival HD DVD discs last month. From the article: "muslix64's work has effectively sparked off a [cat]-and-mouse game between hackers and the entertainment industry, where consumers are likely to face compatibility problems while footing the bill for the entertainment industry's insistence on pushing ultimately flawed DRM technology on an unwilling public." WesleyTech also covers the crack and links the doom9 forum page where BackupBluRayv021 was announced.
The CPS unit key must be know (Score:5, Informative)
Re:Oh well... (Score:5, Informative)
He didn't crack Blu Ray or HD DVD (Score:4, Informative)
Re:Oh well... (Score:5, Informative)
A DVD is a static medium and the players aren't normally connected to a source of data, so they can't update them so fast, and they can't invalidate the encryption without making your existing disks unplayable (=class action lawsuit)... so it's considerably easier to break (and re-break as they issue new disks).
Re:Unfixable (Score:3, Informative)
Almost right. Dedicated silicon would be one way.
Besides that, the only OTHER option would be for the entire system to be "secure" through things like so called "Trusted Computing" [wikipedia.org]. In parituclar check out the section on Memory Curtaining [wikipedia.org].
You'll notice that in this case, "Trusted Computing" has nothing to do with the User trusting the platform, but rather with the Media Companies Trusting the system to look after their interests above that of the users.
Re:Unfixable (Score:3, Informative)
TPM will hold the key in unreadable (to unauthorised applications) static memory. Once that gets on your PC you've got to crack TPM first.. and that's going to set you back *at least* half an hour
Re:Oh well... (Score:5, Informative)
At any point, the player can have its keys revoked and code changed, and we'll be back to square one.
This guy beat you to it: (Score:5, Informative)
Re:Oh well... (Score:3, Informative)
Ever heard of card serving and softCAM?
It completely bypasses the need to write in keys. Even if your keys get revoked while watching, the card client reauthenticates against the stream with new keys realtime.
All you need is someone with legit card and sat box with network connectivity.
No need to clone cards, when you can "clone" the entire authentication module.
Re:One can hope..... (Score:1, Informative)
Re:Oh well... (Score:5, Informative)
(A) the players are much less complicated to produce than VCRs, so the retail price rapidly dropped to the point where you virtually got a DVD player with your happy meal.
(B) The retail price of DVDs started low and got lower. I bought my first DVD for $20, and nowadays you can find B-list titles, used DVDs, etc. for $5 or less. VHS, on the other hand, started really expensive -- most titles were $90 or up in the early years -- and only started getting cheap when DVD arrived on the scene.
(C) There was already an established model and infrastructure for rental. It didn't take too long when VHS started, but it did take several years before 'renting a video' became a universal experience. With DVD, that happened pretty much from day one. People didn't hesitate to adopt a format when they could get content on it quickly and cheaply from the start. And Netflix has done more for the adoption of DVD than DeCSS.
Not to say that DeCSS hasn't been a boon, but even now most consumers don't have the expertise/wherewhithal/inclination to copy DVDs. Most of the pirated discs on the subway were initially mass-produced copies, not home pirated versions.
Re:Oh well... (Score:1, Informative)
Re:Oh well... (Score:2, Informative)
Well, it's when costs came down that it took off, really it was fairly recent that anybody was ripping DVD's.
personally I think it was cracked when it became popular. It wasn't very long into the cycle at all before bootleged DVD's were available (that would have more to do with affordable) actual ripping of disks is what I assume your refering to. That didn't have anything to do with any body I know buying their first DVD player (very un-scientific I know.)
they could have done it better. (Score:3, Informative)
So to make a quick analogy, which security measure should they they have choosen?
1. Leaving the door open to your house inviting someone that happens to be driving by to notice it and walk in...
2. Leaving your door closed but unlocked requiring them to select your door out of several on your block to open...
3. Locking your door with a 5-pin standard door lock that you would have to bump to open, but hoping the bad guys pick some other house to rob that choose security measure #1 or #2...
4. Living in a cave under a mountain with bars on your one entrance/exit...
Seems to me that they selected door #2, where selecting door #3 would have probably been a better choice in retrospect.
As a quick example, the key could have been xored with "0xdeadbeef" in memory and some inline code to un-xor it as needed into cpu registers could be done. Although this is essentially non-cryptographic scrambling, it would have required someone to find and disassemble the decryption subroutine instead of just search a 2G memory dump for a key...
Re:He didn't crack Blu Ray or HD DVD (Score:3, Informative)
Re:Oh well... (Score:4, Informative)
(D) It had features that made it significantly better than VHS
(i) The seperation of a film into chapters coupled with the ability to the jump to said chapters.
(ii) Able to store multiple sound tracks and/or cuts of the film.
(iii) No rewinding.
Re:Content industries don't care about this (Score:1, Informative)
Admittedly it could be that both sides are lying, but ostensibly, neither side cares about content sales. More to the point, it's been shown that "pirates" buy (as in pay money for) more content than non-"pirates", so if there is an effect in content sales, shouldn't they MPAA studios be getting MORE money?
Re:Oh well... (Score:3, Informative)
(D) With random-access to scenes, Director's Commentaries and other bonus features, the DVD was more than just an evolutionary extension of the technology it replaced.
Re:Could be good news for Sony. (Score:4, Informative)
You can get Blu-ray *burners* for your PC for under $500.
Decryption algorithm needs an experts touch... (Score:2, Informative)
Read this forum post for a detailed explanation of the current revision:
http://forum.doom9.org/showthread.php?p=941169#po
See Professor Ed Felten's excellent blog explaining AACS in detail:
http://www.freedom-to-tinker.com/ [freedom-to-tinker.com]
The official AACS specifications, straight from the source:
http://www.aacsla.com/specifications/ [aacsla.com]
Your contributions will apply to both HDDVD and BluRay, of course.
Re:Oh well... (Score:5, Informative)
You can buy on ebay a china Mpeg2 reciever with a firmware on it that receives all Dish network programming without paying. and every time it stops working you get the new key on your PC via one of the rss feeds out there. IT is brain dead easy and dirt cheap.
Sattelite Tv has been broken hard for a really long time, longer than DVD... I remember helping a friend pull the epoxy off a VideoCipherII board in college to mod the prom so it would descramble everything (Playboy channel is what we were after)
The sattelite TV hack stuff is so pervasive it makes guys like me that are into FTA mpeg2 TV fight to find real info for our hobby. Every search turns up 60% hack and crack and 40% real FTA info.
Re:Oh well... (Score:3, Informative)
Andrew "Bunnie" Huang was a grad student when he reverse engineered the Xbox.
Re:Content industries don't care about this (Score:2, Informative)
I disagree, Netflix + dvdshrink = a great american past time.
It's right up there with lemonade and apple pie.
Re:Oh well... (Score:0, Informative)
Re:Oh well... (Score:5, Informative)
Re:And which player would that be? (Score:3, Informative)
The only reason the software player used is visible at all right now is because the people involved are still working out the process. Once that gets nailed down and the scene goes completely underground, there will be people who crack disks and release the volume keys into the wild, and no one will have any idea how they got them. When one visits a Warez size to find out a serial number to install software, did you learn anything about the disassembler used to crack the key? Nope. Same thing will happen here.
AACS is as secure as it gets. It uses proper crypto, unlike CSS. Copy protection is a fundamentally unsolvable problem, but apart from that there is nothing wrong with AACS.
It's as secure as it gets, except for the fact that it's fundamentally flawed. I'm with you here.
And what does "implement revocation securely" even mean?
Examples of the kind of thing I think about:
a) You have two copies of a disc from successive mastering runs. The only difference between them is that the later generation pressing has removed a player key that existed on the previous version. Can you learn anything from comparing the two, given that you know how to decrypt the earlier one? Here I'd imagine AACS is genuinely secure.
b) The maker of your software player has been found guilty of releasing a hackable player whose keys can be extracted. They revoke that key and release an update with a new one. How much easier is it to find out that new key, given that you already broke the previous version and know its player key? Presumably the new release still shares a lot of code with the broken one, which reduces how many bytes need to be sorted through to discover where the new key and its related decryption code are at considerably. Each time a new player update comes out that is known to have a different key from the previous one, a bit more will be exposed about what part of the player does the decryption, making future cracks even easier.
And here's a slightly different idea to chew on, from the business side:
c) The key issuers of the content providers get so desperate that they start revoking keys given any provocation. A player manufacturer feels their key was revoked unfairly, because their player was secure (cough); they then sue the key authority for the hardship they and their customers were put through by this unfair revocation. What happens? I'm sure there's a clause about this in the licensing agreement, but this is America; we sue people in ridiculous fashion all the time here with unpredictable outcome.