An anonymous reader writes "HD DVD and Blu-Ray were supposedly protected by an impenetrable fortress. However a programmer named "muslix64" discovered that this was not the case, and released BackupHDDVD. Now, Slyck.com has an interview with the individual responsible, who provides some interesting insight to his success."
Unlike old DVD-Video, HD DVD and BluRay have a bit -- so far not set -- that degrades all output unless it is via an HDCP connection. This means my older Sharp 720p projector will be degraded along with all early adapter's HD gear
This creates a powerful incentive to not just "backup" your HiDef DVD, rather to remove an onerous limitation -- it may violate the DCMA in the USA, but it is morally and legally sound to most of the world.
Hollywood shouldn't be worried about this hack. They really should be worried about people actually buying these discs. What are the early adopter customers with the "non-secure" HDTVs supposed to do? Throw out their HDTV, and buy a new one so they can watch HD content? It's a real slap in the face of the customers... I hope both formats fail, and a new, non-restrictive format appears.
You have found the very reason why they have not enabled the flag and will not for years to come - way too much old equipment and way too many customers to be pissed off.
In the technical rounds it was easy enough to add the flag, but once the marketing people realized what it would do they nixed the use of it.
So basically... "We're going to hold this gun to your head, here, but don't worry -- we're not going to use it! It's just easier to put the gun there, now, than it would be to do it later...but we don't want to deal with the mess it would make if we used it, so just forget it's even there. Trust us!"
We don't have to trust them. We have Blu-Ray/HD-DVD backup. I am just explaining what will happen, and why.
No, thanks. I think that as the media companies become more and more desperate, as it becomes painfull
From what I can tell, there's three camps of consumers when it comes to DRM:
The camp that can't stand it, won't buy it, and goes without the content.
The camp that doesn't like it all that much, but buys it anyway.
The camp that won't pay no matter what you do, and pirates the content instead.
Your second camp can be divided into the group that doesn't like it all that much, but buys it if the DRM can be bypassed, and the group that doesn't like it all that much, but sucks it up and deals with it. I conside
This can't be stoped. It's not like the first DeCSS that used stolen Xing keys and could only work for as long as the keys weren't revoked. This uses the keys specific for the DISC, which can't be changed anymore.
And the best part : In order to decrypt the movie and play it, every player *HAS* to have the volume ke in memory or SIMD register for a short period of time. No matter if players key are revoked, version upgraded, bugs fixed, etc... This technique doesn't rely on any bug that can be patched. It only rely to the fact that, whatever player you choose, at one moment it needs the volume key - which you can then grab and share on the net.
There's no way to patch this.
This is one more proof that the fundamental mechnics of the DRM - ie.: providing both the crypted data and the key in the same place - is flawed. You can't protect a content from the one who bought the disc. If data must be decrypted on the buyer's computer, then nothing cab prevent it from being circumvented.
You underestimate the movie companies. The next step is to encrypt the the data on the disc, and throw away all the keys. This way, no one can decrypt it. Not even the pirates! There is one side effect though, no one can watch the movie either. Oh well, it's a fair compromise.
Sorry, but I'm afraid you're thinking of Chuck Norris.
Sorry about that. I may be a grammar Nazi, but at least I'm an unbiased one.;)
Slow Down Cowboy! Slashdot requires you to wait between each successful posting of a comment to allow everyone a fair chance at posting a comment. (That is, unless you're Chuck Norris.)
Good. If the movie companies do an 'encrypt and throw away the key`, that would be great.
To be frank with you all, I am quite discouraged with the quality of the product that Hollywood is putting out now. No, not discouraged; appalled is more like it!
To put it bluntly, this stuff is not even worth the raw material in the darn DVD itself.
Lets take those permanently locked DVD's and burn them in a boiler to make steam to run a turbine to generate electricity for that community theater where some really decent
And the best part : In order to decrypt the movie and play it, every player *HAS* to have the volume ke in memory or SIMD register for a short period of time. No matter if players key are revoked, version upgraded, bugs fixed, etc... This technique doesn't rely on any bug that can be patched.
Hence Treacherous Computing. You really think Microsoft and the content industry haven't thought of this? Sooner or later Windows is going to start encrypting memory and running non-"Trusted" programs in a sandbox that prevents them from accessing the hardware directly, specifically to prevent this kind of attack.
running non-"Trusted" programs in a sandbox that prevents them from accessing the hardware directly, specifically to prevent this kind of attack.
Yes, and how Windows it self will know that it isn't running inside a "simulated" trusted computer (the TC chip is virtual and part of the emulator) running inside an actual regular computer (with no chip to prevent you from running whatever you want ?)...or running with a root kit hidden it self inside, like the Sony's one ? Treacherous Computing may work on the paper, but Microsoft isn't exactly known for perfect implementation of security tools. Root kits WILL be available.
For this to work you actually need TC-enabled computers. There aren't currently enough of them. So either Microsoft pisses of its customers with something like "HD DVD & BD can only played on Windows Vista running on special mother boards. The rest of 80% of you just can't play them at all" (and currently customers are already pissed enough because they can't always play in full HD when they don't have display systems that *are* getting popular those days). Or either microsofts accepts to let some player run outside it's protected models and you don't even need a virtual machine or root kit to extract the needed data from memory.
As said by another/.er : stoping to provide the decryption key is the only way to avoid circumventing protection... but won't be implemented for very obvious reasons.
How do you know that Intel has not been putting a TPC module in every CPU for the last five years? They've had this ring architecture for a decade, could there not be one more ring they never told us about? in five more years they could turn it on and surprise! every computer less than a decade old is TPC complient. The remaineder still run but can't use the new OS or must run in a reduced privledge mode.
Intel, like all corporations, likes money. I see it far more likely for them to use the space for a few more K of L1 cache than to implement some secret doomsday circuit so that someone else can make money.
The hit isn't that bad if you have dedicated encryption hardware, which clearly exists. And Microsoft aren't the only ones in on this thing. AMD, Intel, Infineon, and IBM are all TCG partners.
Linux is already able to encrypt swap [linux.org] and I haven't heard anything about that slowing the computer down too much. Besides, some CPUs already have hardware-accelerated cryptography engines [via.com.tw] anyway. Finally, all new computers will come with a TPM [wikipedia.org], if they don't already. Although I don't think it's strictly required that the TPM be a cryptography accelerator, it makes sense for it to be.
Can you imagine the huge hit on performance that would be? Every memory access has to be accompanied by a decrypt, every memory write accompanied with an encrypt. It will set back PC performance by many years.
...and this would be different from any other Windows release how, exactly?
And the best part : In order to decrypt the movie and play it, every player *HAS* to have the volume ke in memory or SIMD register for a short period of time.
Which is why Windows Vista adds a special type of processes: "protected processes": You can't look at the memory of those processes, you can't debug them, you can't do *anything* to them. Not even the antivirus software can look into them. And because the kernel can't load unsigned drivers, you can't do kernel tricks to jump the protections. Microsoft
It seems likely to me that MS has a trick to allow protected processes to be debugged. It's either a secret mode of Vista, or they have debug builds of Vista that allow this type of snooping to take place. I mean, in the perfect world, you develop non-protected, and then you turn it into a protected process once it's been debugged. But back in the real world, certain programs will break and you'll only be able to debug in "protected" mode.
If Hollywood is bright, they'll just ignore this. The DVD is certai
I wonder how much money is being made off DRM by companies like Microsoft that know it will never work. When the guys with the money (the media companies in this case) want something impossible, and want it badly enough, smart tech vendors can make a lot of money by playing along.
The original poster was incorrect in his explanation. The "bit" is implemented in the software, not in the disc. In Windows Vista, Microsoft is calling it the "tilt switch". Any attempt to "subvert" the Protected Media Path is supposed to flip the bit, causing degradation of the signal. This means things like "unsigned drivers" or home-grown ripper type activity.
The mandatory player quality degradation occurs over non-HDCP compliant *digital* (DVI/HDMI) connections. They don't deem it necessary to lower the rez for analog (Component) connections.
I don't think that's right (or if it is now, I don't think it will be for long). Windows XP Media Center Edition 2005 already refuses to play regular DVDs above 480i resolution when a TV-capable graphics adapter card is installed. I connect my Media Center PC to my HDTV via analog VGA. Since the graphics adapter is capable of S-Video and Component output, MCE will not play DVDs, even over VGA. The "resolution" of this issue (no pun intended) is to set your display resolution to 480i or lower. (Or allegedly
I'd be willing to bet that the cost to produce AACS was pretty high in the grand scheme of things. AACS was created by a consortium consisting of [aacsla.com] IBM, Intel, Microsoft, Panasonic, Sony, Toshiba, Disney, and Warner Brothers. Granted that huge corporations like those can afford to throw tons of money and resources at a project like AACS, but the bottom line is that it probably cost a pretty penny. Consider the person-hours involved in just high level meetings among all those companies to hash out the AACS
Well, the server is being bombed now. Here's the text from the page if you don't want to wait for 5 minutes per sentence.
The next generation of optical disc technology holds the promise to change the way we interact with and store digital media. Perhaps the most exciting change is the arrival of High Definition (HD) video, with its glorious 1920x1080 pixel resolution. It's a quantum leap forward in terms of watching digital content, as its vast resolution reveals a quality never seen before in such fine detail.
Because of the rapid escalation of digital file-sharing - especially of video files - Hollywood has been working around the clock to protect HD content. This is especially relevant for one of its primary delivery mechanisms - HD DVD and Blu-Ray discs. These next generation discs, with capacities of 30 gigabytes and 50 gigabytes respectively, have their content protected with an array of DRM (Digital Rights Management.) Both are protected with a scheme called AACS, or Advanced Access Content System. This DRM is a great leap forward compared to the weak CSS, or Content Scrambling System, that currently "protects" DVDs. Thanks to Fox, Blu-Ray has an additional layer of protection, called BD+, although most discs have yet to support this protection.
Although Hollywood has constructed enough DRM architecture to rival the Pyramid of Giza, it has long been suspected that it would be only a matter of time before HD DVD and Blu-Ray content protection were compromised. Convinced the golden DRM egg had been laid, it seemed that nothing could penetrate the great AACS wall. And to this day, that great wall still stands.
But why crash through the main gates of Constantinople when you can just pick the lock of a long forgotten rear entrance?
On December 26, 2006, a member of the Doom9.com forums named muslix64 introduced himself as circumventing the content protection - not the copy protection - of HD DVD. Additionally, he made available an open source program named BackupHDDDVD. At the time, this program was a command line program that bypassed the content protection - providing the individual successfully obtained the title and volume keys associated with the HD DVD. Once the individual has the keys, the AACS protection can be sidestepped, and the HD movie content can be extracted. According to muslix64, it took all of eight days to successfully circumvent HD DVD content protection.
Much of the more difficult work, such as extracting the keys, has been alleviated as the once encrypted information has proliferated online. To understand where this stunning turn of events is heading, Slyck.com spoke with muslix64, who agreed to a PM (private message) interview.
The mainstream media tends to have many labels for you, i.e. hacker, cracker, pirate, etc., in response to your efforts. What would you call yourself and what would you label your efforts?
I'm just an upset customer. My efforts can be called "fair use enforcement"!
What motivated you to help circumvent the content protection scheme associated with HD DVD and Blu-Ray?
With the HD-DVD, I wasn't able to play my movie on my non-HDCP HD monitor. Not being able to play a movie that I have paid for, because some executive in Hollywood decided I cannot, made me mad...
After the HD-DVD crack, I realized that things where "unbalanced" by having just one format cracked, so I did Blu-Ray too.
Explain how decrypting the device and volume keys are critical to your success. Could you explain the difference between the two?
The device keys, are the keys associated to the player.
The volume key, is the key associated to the movie.
I don't care about device keys. I do care about volume keys, because by using volume keys instead of devices keys, I totally bypass the revocation system. There is no "volume key revocation". There is content revocation, but I really doubt they will ever use it. If you use device keys, they can revoke them. Having the volume key means that you can decrypt ti
Well, he didn't crack it in the same way. With DECSS, you can crack any disk by just putting it in a drive and running the program. With the AACS crack, you have to run some other player and extract the title key out of memory, probably by using a debugger or something. The CSS crack was harder because they actually cracked every disk, and reversed the encryption. The AACS crack doesn't accomplish the same thing. Although you can still decrypt disks, you can't just make program that does it automatically.
Ya, perhaps sidestep is a better term than crack. In all likelihood the cryptosystem itself can't be broken, it's AES. While we can never say for certain there's not an unknown weakness in a system, AES is one of the most studied ones out there and thus far it remains secure enough to use for classified data.
So, like the author said, you don't attack it you go around it. Obviously if the movie is being played back at some point things are being decrypted and you can get your hands on that key. That's precisely what he does. The player uses its key to decrypt the key that the volume is encrypted with. He then nabs that key and uses it to decrypt the volume.
I don't know why they bother. CSS was "easy" because the encryption didn't change, so once you'd broken it, it was done, unless they wanted to break the standard.
With AACS they "learned" something and used much beefier encryption, and mutable keys...Which makes the keys vulnerable. Some bright boy notices this, breaks the weak security on the keys, and voila! The system, while not broken, is seriously compromised.
It's all pointless though. The companies pushing the DRM have far fewer resources than the people who want to view the content, and the content itself cannot be truly secured because it's meant to be viewed! So they're just throwing away money, and, as Muselix64 himself cogently pointed out in the "interview", the turnaround for fixes from the companies is so long, that there is effectively no way they can stay ahead of the crackers.
It sure seems to me that the media companies chasing the people finding holes in their impenetrable fortress' is much like a dog that chases his own tail. Every once in a while he gets it, but then it hurts and he lets go, and then he off again chasing his tail. The time and money they spend protecting their stuff might be better spend on an ad campaign, or better yet drop the prices of the content so that maybe, just maybe they will sell a few more..
It seems the interviewer knows _NOTHING_ about the subject:
[...]if an individual were to download "Serenity", and play it successfully on his or her Power DVD player - and never updated the software - would it be immune from any Hollywood counterattack?
You can play an unencrypted movie wherever you want; an update of the encryption-scheme will not magicalle re-encrypt the movie. DUH!
Do you see Microsoft Vista's implementation of HDCP being an obstacle to playing compromised HD movies in high definition?
An unprotected movie does not require HDCP; HDCP has _NOTHING_ to do with this.
You can play an unencrypted movie wherever you want; an update of the encryption-scheme will not magicalle re-encrypt the movie. DUH! An unprotected movie does not require HDCP; HDCP has _NOTHING_ to do with this.
I don't think you read these questions the same way muslix64 did. You are incorrect, because the content industry could force future versions of PowerDVD to automatically downgrade the video quality of any unencrypted video it played. This would be a "Hollywood counterattack" that does not re-encrypt the video like you assumed. Likewise, because an unprotected movie does not require HDCP, Microsoft could force all video played on its operating system to be downgraded unless HDCP is enabled.
I know, neither PowerDVD nor Microsoft would ever actually do this. Even if they did, there are alternative open-source players, and alternative open-source operating systems, to which these changes would never be made. This is exactly what muslix64 says when he replies "Or you can use open-source player, like VideoLan, if a player like PowerDVD become more restrictive about playing decrypted movies."
If I understand it correctly, my output resolution will be degraded unless I buy a MPAA-approved display device?
Why would I bother upgrading from DVD if I'm not going to get any better quality?
Tip to Hollywood: Deliberately crippling technology doesn't boost sales. As far as I'm concerned, there's no point in buying into this. Why would I bother to spend a lot of money for something that won't work with my existing equipment, and likely won't work in the manner I intend to use it?
After the HD-DVD crack, I realized that things where "unbalanced" by having just one format cracked, so I did Blu-Ray too.
Bless you, muslix. Now the two formats can compete as true equals where it counts: in the ease of supplementing your legitimate media collection with illegal copies of things that you "kind of like".
Let's not pretend that there is one type of pirate. There are many levels of pirate, and by far the most common type (at least in my experience) is the "pirate" who buys plenty of legitimate media, but occasionally supplements their colleciton with an illegal copy of something that they don't care enough about to pay full price for. You can see the popularity of this line of thinking by watching people paw through the "bargain bin" at any major retailer. These are the movies that no one liked enough to pay full price for, but still maange to sell. This is more of a problem, as I see it, with the uniform pricing structure of DVDs. Let's not pretend that "Batman Begins" and "Sisterhood of the Travelling Pants" are worth the same amount of money to most people. They are simply not, and should be priced differently from the get-go. Sadly the media companies instead try to rake in bucks from the "gotta have it now" super-fans crowd by artificially inflating the price; the side-effect is piracy. I would wager that the media companies gain more money then they lose by this process; the convenience of the consumer does not enter into the equation (these companies have demonstrated, repeatedly and without a doubt, that the convenience of the consumer is a very, VERY low priority to them).
Of course I am deliberately discounting bring up That Guy. You know That Guy. He is the guy with the huge collection of pirated movies for the sake of having them. To be fair, unless That Guy has a lot of friends (and usually they do not) they are no real threat to media companies. That Guy would not have purchased the movies anyway, and his collection is (to put it bluntly) a dick-measuring contest to make himself feel better anyway. Every That Guy that I have ever met has had movies of laughably bad quality in their collection; their love is not for the cinema but rather, like a dragon, they hoard the wealth for it's own sake rather than an appreciation for it. And that might be the dorkiest thing I have ever written.
The *IAA wastes so much time, energy and ultimately money on various DRM implementations and the end result is always the same. The DRM is eventually cracked so those who want to pirate material can and do yet the DRM is cumbersome enough to upset and turn off a certain percentage of legitimate customers.
My roommate purchased an HDTV a few years ago before the HDCP standard emerged and he recently bought a Playstation 3. He was seriously pissed when he found out he couldn't watch Blue Ray Discs at the highest resolution because his TV wasn't compatible.
Things like this only serve to alienate legitimate consumers who are already inclined to pay for the product. The pirates just wait for the DRM to be cracked.
Since the DRM on these new formats is so insulting, I'll always be happy to see it suffering setbacks like this. However, I'd be slightly less happy if the person who cracked it was just some guy who wanted to be able to get everything for free and impress his mates by giving them free movies. Assuming this muslix64 character is telling the truth, he seems like a decent sort. His story is just that he wanted to be able to use his own purchased movies in the way that he wants to, in his own home. So consider him thoroughly endorsed!
On a different subject, this still leaves Linux (and BSD, ReactOS, Haiku etc., etc.) users in a spot of bother. I don't understand if having a movie key would allow you to watch something on the disc even without the right player software to access the HD-DVD/Blu-Ray drive, but even if you don't need special software it still looks like extraction of the movie keys can only be done with Windows software, and presumably OSX software in the future. I'd still really like to see a proper, Free Software, libdvdcss-style crack for these formats. I'd like to think it's only a matter of time...
I don't mean to flame your.sig... but you've got it exactly wrong. Laws about tech will always be bad, until enough techies become lawyers.
Hmm, person X is a lawyer. She makes mid six figures and works 80 hours a week. She have a staff to handle IT issues. Her motivation to 'become a techie' is...? I, on the other hand, got sick of the fact that other people were writing the rules that controlled my industry. So I left off being a netadmin and now I'm in law school. You want the laws to be sane? Start writing them, rather than leaving that to people who don't have a clue, and don't have the slightest reason to care.
Since, based on the past, none of the studios will license a key for a linux player, I propose we create a player that, as part of playback, incorporates this "crack".
To get around this, the player will prompt for the disc key before playback. Then, the disc is decrypted as playpack is performed, thereby bypassing the "Player Key".
I don't care about device keys. I do care about volume keys, because by using volume keys instead of devices keys, I totally bypass the revocation system. There is no "volume key revocation". There is content revocation, but I really doubt they will ever use it. If you use device keys, they can revoke them.
Which is why I will never "upgrade" to HD. When my lowdef stuff stops working, I'll simply opt out of the rat race and not buy anything. Books are still good.
I will not pour thousands of dollars into a HD system only to have some jerk in a corner office somewhere decide that my investment constitutes a risk to his profits, and be able to take it away from me without consequence, without my consent, and without buying me new geegaws. F'em. They don't generate ANY content I'd be willing to pay that much to watch.
But that's just me. Feel free to pour $BUCKs into their profiteering maws if you wish. It's your money... well, your's and mostly THEIRs, since they can decide to take it away from you.
Degrading Quality May Boost Cracking (Score:5, Interesting)
This creates a powerful incentive to not just "backup" your HiDef DVD, rather to remove an onerous limitation -- it may violate the DCMA in the USA, but it is morally and legally sound to most of the world.
Re:Degrading Quality May Boost Cracking (Score:5, Interesting)
Parent
That's why they have not, and will not, enable (Score:5, Insightful)
In the technical rounds it was easy enough to add the flag, but once the marketing people realized what it would do they nixed the use of it.
Parent
Re: (Score:3, Interesting)
We don't have to trust them. We have Blu-Ray/HD-DVD backup. I am just explaining what will happen, and why.
No, thanks. I think that as the media companies become more and more desperate, as it becomes painfull
Re: (Score:3, Insightful)
That could be, but I'm hoping it's something more than that.
From what I can tell, there's three camps of consumers when it comes to DRM:
I know the recording industry is losing out on sales th
Re: (Score:3, Interesting)
Your second camp can be divided into the group that doesn't like it all that much, but buys it if the DRM can be bypassed, and the group that doesn't like it all that much, but sucks it up and deals with it. I conside
And the best part is... (Score:5, Informative)
This uses the keys specific for the DISC, which can't be changed anymore.
And the best part : In order to decrypt the movie and play it, every player *HAS* to have the volume ke in memory or SIMD register for a short period of time. No matter if players key are revoked, version upgraded, bugs fixed, etc... This technique doesn't rely on any bug that can be patched. It only rely to the fact that, whatever player you choose, at one moment it needs the volume key - which you can then grab and share on the net.
There's no way to patch this.
This is one more proof that the fundamental mechnics of the DRM - ie.: providing both the crypted data and the key in the same place - is flawed. You can't protect a content from the one who bought the disc. If data must be decrypted on the buyer's computer, then nothing cab prevent it from being circumvented.
Parent
Re:And the best part is... (Score:5, Funny)
Parent
Re:And the best part is... (Score:5, Funny)
Parent
Re: (Score:3, Funny)
Re: (Score:3, Interesting)
If the movie companies do an 'encrypt and throw away the key`, that would be great.
To be frank with you all, I am quite discouraged with the quality of the product that Hollywood is putting out now. No, not discouraged; appalled is more like it!
To put it bluntly, this stuff is not even worth the raw material in the darn DVD itself.
Lets take those permanently locked DVD's and burn them in a boiler to make steam to run a turbine to generate electricity for that community theater where some really decent
Re:And the best part is... (Score:5, Informative)
Hence Treacherous Computing. You really think Microsoft and the content industry haven't thought of this? Sooner or later Windows is going to start encrypting memory and running non-"Trusted" programs in a sandbox that prevents them from accessing the hardware directly, specifically to prevent this kind of attack.
Parent
Russian dolls. (Score:5, Interesting)
Yes, and how Windows it self will know that it isn't running inside a "simulated" trusted computer (the TC chip is virtual and part of the emulator) running inside an actual regular computer (with no chip to prevent you from running whatever you want ?)
For this to work you actually need TC-enabled computers. There aren't currently enough of them.
So either Microsoft pisses of its customers with something like "HD DVD & BD can only played on Windows Vista running on special mother boards. The rest of 80% of you just can't play them at all" (and currently customers are already pissed enough because they can't always play in full HD when they don't have display systems that *are* getting popular those days). Or either microsofts accepts to let some player run outside it's protected models and you don't even need a virtual machine or root kit to extract the needed data from memory.
As said by another
Parent
LATENT TPC (Score:3, Insightful)
Re: (Score:3, Insightful)
Re:And the best part is... (Score:4, Informative)
Parent
Re:And the best part is... (Score:5, Informative)
Linux is already able to encrypt swap [linux.org] and I haven't heard anything about that slowing the computer down too much. Besides, some CPUs already have hardware-accelerated cryptography engines [via.com.tw] anyway. Finally, all new computers will come with a TPM [wikipedia.org], if they don't already. Although I don't think it's strictly required that the TPM be a cryptography accelerator, it makes sense for it to be.
Parent
Re:And the best part is... (Score:4, Funny)
Parent
Re: (Score:3, Interesting)
Which is why Windows Vista adds a special type of processes: "protected processes": You can't look at the memory of those processes, you can't debug them, you can't do *anything* to them. Not even the antivirus software can look into them. And because the kernel can't load unsigned drivers, you can't do kernel tricks to jump the protections. Microsoft
I'll bet... (Score:3, Insightful)
I mean, in the perfect world, you develop non-protected, and then you turn it into a protected process once it's been debugged. But back in the real world, certain programs will break and you'll only be able to debug in "protected" mode.
If Hollywood is bright, they'll just ignore this. The DVD is certai
Re: (Score:3, Interesting)
Re: (Score:3, Informative)
Re: (Score:3, Informative)
The mandatory player quality degradation occurs over non-HDCP compliant *digital* (DVI/HDMI) connections. They don't deem it necessary to lower the rez for analog (Component) connections.
I don't think that's right (or if it is now, I don't think it will be for long). Windows XP Media Center Edition 2005 already refuses to play regular DVDs above 480i resolution when a TV-capable graphics adapter card is installed. I connect my Media Center PC to my HDTV via analog VGA. Since the graphics adapter is capable of S-Video and Component output, MCE will not play DVDs, even over VGA. The "resolution" of this issue (no pun intended) is to set your display resolution to 480i or lower. (Or allegedly
Investment in DRM vs. Investment to crack (Score:5, Funny)
Mij
Re: (Score:3, Funny)
Re: (Score:3, Insightful)
I'd be willing to bet that the cost to produce AACS was pretty high in the grand scheme of things. AACS was created by a consortium consisting of [aacsla.com] IBM, Intel, Microsoft, Panasonic, Sony, Toshiba, Disney, and Warner Brothers. Granted that huge corporations like those can afford to throw tons of money and resources at a project like AACS, but the bottom line is that it probably cost a pretty penny. Consider the person-hours involved in just high level meetings among all those companies to hash out the AACS
Server Bombed (Score:5, Informative)
The next generation of optical disc technology holds the promise to change the way we interact with and store digital media. Perhaps the most exciting change is the arrival of High Definition (HD) video, with its glorious 1920x1080 pixel resolution. It's a quantum leap forward in terms of watching digital content, as its vast resolution reveals a quality never seen before in such fine detail.
Because of the rapid escalation of digital file-sharing - especially of video files - Hollywood has been working around the clock to protect HD content. This is especially relevant for one of its primary delivery mechanisms - HD DVD and Blu-Ray discs. These next generation discs, with capacities of 30 gigabytes and 50 gigabytes respectively, have their content protected with an array of DRM (Digital Rights Management.) Both are protected with a scheme called AACS, or Advanced Access Content System. This DRM is a great leap forward compared to the weak CSS, or Content Scrambling System, that currently "protects" DVDs. Thanks to Fox, Blu-Ray has an additional layer of protection, called BD+, although most discs have yet to support this protection.
Although Hollywood has constructed enough DRM architecture to rival the Pyramid of Giza, it has long been suspected that it would be only a matter of time before HD DVD and Blu-Ray content protection were compromised. Convinced the golden DRM egg had been laid, it seemed that nothing could penetrate the great AACS wall. And to this day, that great wall still stands.
But why crash through the main gates of Constantinople when you can just pick the lock of a long forgotten rear entrance?
On December 26, 2006, a member of the Doom9.com forums named muslix64 introduced himself as circumventing the content protection - not the copy protection - of HD DVD. Additionally, he made available an open source program named BackupHDDDVD. At the time, this program was a command line program that bypassed the content protection - providing the individual successfully obtained the title and volume keys associated with the HD DVD. Once the individual has the keys, the AACS protection can be sidestepped, and the HD movie content can be extracted. According to muslix64, it took all of eight days to successfully circumvent HD DVD content protection.
Much of the more difficult work, such as extracting the keys, has been alleviated as the once encrypted information has proliferated online. To understand where this stunning turn of events is heading, Slyck.com spoke with muslix64, who agreed to a PM (private message) interview.
The mainstream media tends to have many labels for you, i.e. hacker, cracker, pirate, etc., in response to your efforts. What would you call yourself and what would you label your efforts?
I'm just an upset customer. My efforts can be called "fair use enforcement"!
What motivated you to help circumvent the content protection scheme associated with HD DVD and Blu-Ray?
With the HD-DVD, I wasn't able to play my movie on my non-HDCP HD monitor. Not being able to play a movie that I have paid for, because some executive in Hollywood decided I cannot, made me mad...
After the HD-DVD crack, I realized that things where "unbalanced" by having just one format cracked, so I did Blu-Ray too.
Explain how decrypting the device and volume keys are critical to your success. Could you explain the difference between the two?
The device keys, are the keys associated to the player.
The volume key, is the key associated to the movie.
I don't care about device keys. I do care about volume keys, because by using volume keys instead of devices keys, I totally bypass the revocation system. There is no "volume key revocation". There is content revocation, but I really doubt they will ever use it. If you use device keys, they can revoke them. Having the volume key means that you can decrypt ti
AACS Easier to Crack Than CSS (Score:5, Funny)
Re:AACS Easier to Crack Than CSS (Score:5, Informative)
Parent
Re:AACS Easier to Crack Than CSS (Score:5, Interesting)
So, like the author said, you don't attack it you go around it. Obviously if the movie is being played back at some point things are being decrypted and you can get your hands on that key. That's precisely what he does. The player uses its key to decrypt the key that the volume is encrypted with. He then nabs that key and uses it to decrypt the volume.
Parent
Re:AACS Easier to Crack Than CSS (Score:5, Insightful)
Parent
Re:AACS Easier to Crack Than CSS (Score:5, Insightful)
With AACS they "learned" something and used much beefier encryption, and mutable keys...Which makes the keys vulnerable. Some bright boy notices this, breaks the weak security on the keys, and voila! The system, while not broken, is seriously compromised.
It's all pointless though. The companies pushing the DRM have far fewer resources than the people who want to view the content, and the content itself cannot be truly secured because it's meant to be viewed! So they're just throwing away money, and, as Muselix64 himself cogently pointed out in the "interview", the turnaround for fixes from the companies is so long, that there is effectively no way they can stay ahead of the crackers.
Parent
Re: (Score:3, Funny)
Obligatory Star Trek quote:
"The more they overthink the plumbing, the easier it is to stop up the drain."
--Chief Engineer Montgomery Scott, Star Trak III
Like a dog chasing it's own tail (Score:5, Insightful)
Worst interview ever? (Score:4, Insightful)
It seems the interviewer knows _NOTHING_ about the subject:
You can play an unencrypted movie wherever you want; an update of the encryption-scheme will not magicalle re-encrypt the movie. DUH!
An unprotected movie does not require HDCP; HDCP has _NOTHING_ to do with this.
Re:Worst interview ever? (Score:5, Informative)
An unprotected movie does not require HDCP; HDCP has _NOTHING_ to do with this.
I don't think you read these questions the same way muslix64 did. You are incorrect, because the content industry could force future versions of PowerDVD to automatically downgrade the video quality of any unencrypted video it played. This would be a "Hollywood counterattack" that does not re-encrypt the video like you assumed. Likewise, because an unprotected movie does not require HDCP, Microsoft could force all video played on its operating system to be downgraded unless HDCP is enabled.
I know, neither PowerDVD nor Microsoft would ever actually do this. Even if they did, there are alternative open-source players, and alternative open-source operating systems, to which these changes would never be made. This is exactly what muslix64 says when he replies "Or you can use open-source player, like VideoLan, if a player like PowerDVD become more restrictive about playing decrypted movies."
Parent
So let me get this straight... (Score:5, Insightful)
If I understand it correctly, my output resolution will be degraded unless I buy a MPAA-approved display device?
Why would I bother upgrading from DVD if I'm not going to get any better quality?
Tip to Hollywood: Deliberately crippling technology doesn't boost sales. As far as I'm concerned, there's no point in buying into this. Why would I bother to spend a lot of money for something that won't work with my existing equipment, and likely won't work in the manner I intend to use it?
I love this guy... (Score:5, Insightful)
After the HD-DVD crack, I realized that things where "unbalanced" by having just one format cracked, so I did Blu-Ray too.
Bless you, muslix. Now the two formats can compete as true equals where it counts: in the ease of supplementing your legitimate media collection with illegal copies of things that you "kind of like".
Let's not pretend that there is one type of pirate. There are many levels of pirate, and by far the most common type (at least in my experience) is the "pirate" who buys plenty of legitimate media, but occasionally supplements their colleciton with an illegal copy of something that they don't care enough about to pay full price for. You can see the popularity of this line of thinking by watching people paw through the "bargain bin" at any major retailer. These are the movies that no one liked enough to pay full price for, but still maange to sell. This is more of a problem, as I see it, with the uniform pricing structure of DVDs. Let's not pretend that "Batman Begins" and "Sisterhood of the Travelling Pants" are worth the same amount of money to most people. They are simply not, and should be priced differently from the get-go. Sadly the media companies instead try to rake in bucks from the "gotta have it now" super-fans crowd by artificially inflating the price; the side-effect is piracy. I would wager that the media companies gain more money then they lose by this process; the convenience of the consumer does not enter into the equation (these companies have demonstrated, repeatedly and without a doubt, that the convenience of the consumer is a very, VERY low priority to them).
Of course I am deliberately discounting bring up That Guy. You know That Guy. He is the guy with the huge collection of pirated movies for the sake of having them. To be fair, unless That Guy has a lot of friends (and usually they do not) they are no real threat to media companies. That Guy would not have purchased the movies anyway, and his collection is (to put it bluntly) a dick-measuring contest to make himself feel better anyway. Every That Guy that I have ever met has had movies of laughably bad quality in their collection; their love is not for the cinema but rather, like a dragon, they hoard the wealth for it's own sake rather than an appreciation for it. And that might be the dorkiest thing I have ever written.
Re: (Score:3, Funny)
When will the *IAA learn? (Score:4, Insightful)
My roommate purchased an HDTV a few years ago before the HDCP standard emerged and he recently bought a Playstation 3. He was seriously pissed when he found out he couldn't watch Blue Ray Discs at the highest resolution because his TV wasn't compatible.
Things like this only serve to alienate legitimate consumers who are already inclined to pay for the product. The pirates just wait for the DRM to be cracked.
Seems like a decent guy (Score:5, Interesting)
On a different subject, this still leaves Linux (and BSD, ReactOS, Haiku etc., etc.) users in a spot of bother. I don't understand if having a movie key would allow you to watch something on the disc even without the right player software to access the HD-DVD/Blu-Ray drive, but even if you don't need special software it still looks like extraction of the movie keys can only be done with Windows software, and presumably OSX software in the future. I'd still really like to see a proper, Free Software, libdvdcss-style crack for these formats. I'd like to think it's only a matter of time...
DRM Cracking Quiz (Score:5, Funny)
Q: What is the fastest way to crack a DRM scheme?
A: Label it as uncrackable.
Thank you, thank you. I'll be here all week. The 9:00 show is completely different from the 7:00 show. Be sure to tip your bartenders and waitresses.
Re:DRM Cracking Quiz (Score:4, Insightful)
Hmm, person X is a lawyer. She makes mid six figures and works 80 hours a week. She have a staff to handle IT issues. Her motivation to 'become a techie' is...? I, on the other hand, got sick of the fact that other people were writing the rules that controlled my industry. So I left off being a netadmin and now I'm in law school. You want the laws to be sane? Start writing them, rather than leaving that to people who don't have a clue, and don't have the slightest reason to care.
Parent
Linux HDDVD/BR Software Player (Score:4, Interesting)
Since, based on the past, none of the studios will license a key for a linux player, I propose we create a player that, as part of playback, incorporates this "crack".
To get around this, the player will prompt for the disc key before playback. Then, the disc is decrypted as playpack is performed, thereby bypassing the "Player Key".
If you use device keys, they can revoke them (Score:4, Insightful)
Which is why I will never "upgrade" to HD. When my lowdef stuff stops working, I'll simply opt out of the rat race and not buy anything. Books are still good.
I will not pour thousands of dollars into a HD system only to have some jerk in a corner office somewhere decide that my investment constitutes a risk to his profits, and be able to take it away from me without consequence, without my consent, and without buying me new geegaws. F'em. They don't generate ANY content I'd be willing to pay that much to watch.
But that's just me. Feel free to pour $BUCKs into their profiteering maws if you wish. It's your money... well, your's and mostly THEIRs, since they can decide to take it away from you.
I'm glad he's not (Score:5, Interesting)
If he was a native English speaker, he'd probably be in a country that has some sort of DMCA-type law. And he'd probably be in custody by now.
Parent
Re:He is obviously not a native English speaker... (Score:5, Funny)
Parent
Re:He is obviously not a native English speaker... (Score:5, Funny)
Parent
Re: (Score:3, Insightful)
Sheesh, and they make fun of his English!
Re:He is obviously not a native English speaker... (Score:4, Funny)
Parent