Blu-ray Protection Bypassed 407
ReluctantRefactorer writes with an article in the Register reporting that Blu-ray copy-protection technology has been sidestepped by muslix64, the same hacker who bypassed the DRM technology of rival HD DVD discs last month. From the article: "muslix64's work has effectively sparked off a [cat]-and-mouse game between hackers and the entertainment industry, where consumers are likely to face compatibility problems while footing the bill for the entertainment industry's insistence on pushing ultimately flawed DRM technology on an unwilling public." WesleyTech also covers the crack and links the doom9 forum page where BackupBluRayv021 was announced.
One can hope..... (Score:5, Insightful)
One can dream that they'll come to there senses. There is nothing more annoying than petty restrictions on the content you buy..
Why shouldn't I be able to watch my dvd/hd movie on my ipod OR computer OR TV. This is getting stupid. The thing is the studios are unified in there stance by the MPAA, maybe consumers should start lobbying or just stop buying..
Re:This won't kill DRM (Score:5, Insightful)
Re:memory dump (Score:2, Insightful)
Key has to be decrypted somewhere. Where else do you want to put it?
Sure, a hardware player could put it in a reasonably tamper-proof ROM, but what's a software player going to do?
Piracy is a red herring (Score:4, Insightful)
"It's teh evil PIRATES wots doing this to you, not us honest content providers!"
Re:Oh well... (Score:4, Insightful)
It only lasted as long as it did because not enough people are using Blu-ray or HD-DVD to care.
Then it's good news for these formats, since it suggests there is more interest. And if I can ignore the DRM aspects of the formats, then I can use them, the same way I can play DVD's on Linux no problem. The formats are much less evil with their DRM fangs removed. The format owners should really pay those who crack their security for the improvement it represents, for making their formats much more accessible for everyone. That's a good thing.
Re:People can pick locks too... (Score:5, Insightful)
The only difference between some fair use and illegal copying is intent. Not a system in the world can discern that.
Re:This won't kill DRM (Score:2, Insightful)
Content industries don't care about this (Score:5, Insightful)
To call it a "cat-and-mouse game" is overstating I think. Why should the content sellers care about someone cracking Blu-Ray or HD-DVD encryption? They know that piracy is inevitable. They just want to keep it underground so the average consumer doesn't participate. And for that, under the DMCA any proprietary encryption system will do just fine. The DMCA gives them the permanent legal right to go after anybody who doesn't license their decryption technology, or who tries to circumvent it in an unauthorized way.
DVD is a great example. DeCSS has been around for years, but it hasn't had a material impact on DVD sales because DVD copying isn't widespread. (At least in the USA; parts of Asia like China are a different story.) Threat of legal action backed by the DMCA has kept DVD backup software generally unavailable to Joe Consumer, despite the widespread prevalence of DVD-R drives and media.
Bottom line: You could break their encryption and print up all the geeky De-AACS T-shirts you want, but it won't materially affect content sales.
Re:Could be good news for Sony. (Score:3, Insightful)
Basically, people having software issues with their $200 USB Xbox 360 HD-DVD drive because of DRM are going to benefit from the cracking of AACS. If/when Sony and the rest of the Blu-ray group create a similar product, this tweaked version that's Blu-ray compatible would affect them too. Not that you can't buy a Blu-ray drive for your PC already, but you're looking at spending the best part of a grand to do so.
So we'll see either of two outcomes here: Sony decides to add on BD+ to all future Blu-ray titles, requiring yet another crack. Media companies think that Blu-ray is the safer format because of the added copy protection. By the time it's also cracked (maybe a week), we'll have had all sorts of weird announcements going against market demand. OR the two consortiums finally give up on the draconian copy protection, and the market buys the cheaper format; like the VHS/Beta war, Sony loses again with a technically-superior format that costs too much.
Re:Oh well... (Score:2, Insightful)
Re:Oh well... (Score:4, Insightful)
Re:Oh well... (Score:5, Insightful)
Once they've done that, they can hack decryption keys out of a hardware player. These cannot be changed without ticking off a whole bunch of consumers. Working out the decryption code was probably the hard part of the process.
The DVD launchpad (Score:5, Insightful)
I'd say DVD took off once the Playstation 2 came out. Before that, DVD players had been expensive and VHS was good enough for most. PS2 put millions of DVD players in people's living rooms as a side-effect of something they were going to buy anyway. Before PS2, DVDs were confined to a small slice of shelf space in video stores; once PS2 came out, they increased very rapidly indeed.
Things may have gone differently elsewhere, but in the UK the Playstation 2 was a major force behind mass-market acceptance of the DVD format.
I used to think that the Playstation 3 would have the same effect for Blu-Ray, but now I'm far from sure. Quite apart from the price, it's just too late; it's this generation's N64. In the NES and SNES days I was a total Nintendo fanboy, but if my parents hadn't had a fit of generosity and got a PC, I'd have given up waiting for N64 and bought a Playstation, and I'm sure many others did the same. How many people have already given up waiting for PS3 and gone out and bought a 360?
Re:Oh well... (Score:4, Insightful)
Why I won't buy... (Score:4, Insightful)
But I'll be damned if I am going to go through all the hassle of taking my ITMS DRM crap and converting it to a stardard mp3 format so I can play it on my "other" players. Same with movies... Its TOO MUCH HASSLE...
I'll just grab the pre-decrypted, ready-to-use, no DRM, no hassle, play anywhere, play anytime torrents, ftp files, usenet d/ls, etc... (hell I can automate this with a few scripts for God's sake)..and deal with the guilty conscience of cheating an artist out of a penny...
Its not that I WANT to cheat the artist out of his/her penny, but if you strip everything away it comes down to a pretty simple economic equation:
H = Hours of MY time spent converting DRM'd crap
V = Value of my time
X = Number of content files
AEC = Artist earnings per content file
So... you end up comparing H*V*X vs. AEC*X, and in MY mind the answer is always:
H*V*X > AEC*X
You go ahead and plug in your own numbers, I have, and to me, its just not worth it. My time is money, and if you think you are going to not only charge me money to buy your content, but then turn around and charge me (indirectly) to modify your content for my purposes, you're nuckin futs!
Re:This won't kill DRM (Score:2, Insightful)
I'm sure the Best Buy blueshirts would love to be able to cross-sell a wireless router to everyone buying a new video player, but most people aren't going to like it. I realize that the early adopters are likely to already have a network setup to connect in to, but you aren't going to sell it to the mainstream.
The only way I can see something like this working is possibly by using a cellular connection for key exchange and validation. Maybe I should patent the idea.
Re:Oh well... (Score:3, Insightful)
Re:Oh well... (Score:3, Insightful)
Remember back when desktop publishing software like Word came out and everybody suddenly had access to a million different fonts? Everybody's documents started looking like ransom notes. I think we saw the same thing with DVDs. Just because the blink tag exists doesn't mean you have to use it.
Re:Oh well... (Score:2, Insightful)
The problem is, companies don't pay people to tell them things they don't want to hear. That's the unfortunate reality of the situation. They'd probably *gladly* pay you (or someone else) $100,000 to tell them a DRM scheme *works*... then they've got somebody to blame when it's cracked.
But tell them all DRM schemes are fatally flawed from the start, and that they shouldn't bother, and they'll probably sue you for breach of contract.
And if you do this as an employee, forget it. You'll be labeled a negative influence, and not a team player. It'll be the beginning of the end of your life at that company. Corporations don't want to hear that something can't be done, especially not from their employees. They're paying you to make happen what they want to happen. That's the whole point of your employment.
You can argue all day about how much better off we'd all be if dissent were tolerated and even encouraged in corporate America, but the truth is in most companies (and especially big media companies), it isn't.
So it's not a question that there aren't people who would love to tell these corporations how flawed DRM is as a concept; the corporations involved just don't have any interest in listening.
Re:Oh well... (Score:4, Insightful)
Irrelevant.
The publishers' problem is that there is ultimately nothing they can do to prevent the keys from being recovered from a hardware player.
Hackers just have to wait for one model of player to sell a few million units, then put in whatever effort is required to dig the key out of it. Once. It only takes once. It doesn't matter if the key is encrypted, because the player has to also have the key to decrypt it so that it can use it. They can make it hard, but not so hard that dedicated grad students with access to several million dollars worth of hardware (e.g. electron force probes) can't dig out the data.
Well, not and make cost-effective players that don't have a nasty tendency to suicide on a regular basis. See, high-end secure hardware that actually will hold secrets securely does it by being tamper-reactive -- actively trying to determine if it's being attacked and pro-actively zeroing its secrets if there appears to be a problem. Good for security, but it would tend to piss customers off if their Blu-Ray player broke every time they moved.
Even if they were to use serious hardware security, with its associated costs and problems, it only takes one defective device to blow the whole thing wide open.
By attacking a popular unit, the hackers achieve two things: first, they probably get an easy target, because the most popular models will be the cheap ones, and second, they make it nearly impossible for the publishers to invalidate that model's player key.
AACS, unlike CSS, is almost certainly not going to be broken cryptographically, but it doesn't matter. In order for people to watch movies, the players have to have the keys, and the players of necessity get placed under the complete control of very smart people who want to get those keys so they can use them themselves.
Until publishers move to a purely streaming distribution model, it's an unwinnable battle -- and it's far from clear that a streaming model will be workable, either.
Re:Oh well... (Score:4, Insightful)
Explain to me why the DVD of Blade Runner I legally bought off Amazon (new) wouldn't work in the DVD player.