Why DVD Encryption Crack was a Cinch 513
Devastator writes " Wired has a good article how how the DVD encryption was cracked. The DVD industry is scared speechless about the news." Its actually an interesting little summary of the situation. I wonder what it means for the DVD industry.
Good Example... (Score:1)
But then again, I do believe this will spur the Industry to do a better job, which will inspire more creative hacking, which will inspire better security... Benefits for all.
Ramifications in Other Industries (Score:1)
5 Bytes? (Score:2)
On another note... I wouldn't like to be Xing/Real Networks right now. I think the MPIA could make a really good case for them being libel for a massive amount of money due to their negligence.
Big surprise? Not really (Score:2)
In all seriousness, I have no problem with copy-protecting DVD's. All the new-age zealotry regarding IP aside, as it stands moviemakers and DVD producers have the right to profit from their efforts. If they stop profiting, they stop making movies, and poof! no more "Matrix"-quality films.
OTOH, kudos to the hackers (in the traditional sense) who broke it. This is a rare case of white-hat hacking being beneficial. The original designers should probably be held liable somehow, and future efforts in this regard will be MUCH more careful.
Copyright Protection (Score:1)
This case is lamentable because it was defeated so easily, in a way that shouldn't have been allowed to happen.
Encryption isn't all its cracked up to be.
arent DVD recorders already avaiable??? (Score:1)
"I would expect it could also delay the advent of recordable DVD, because it'll give people a medium to write these hacked video files."
too late?
toshiba reply etc (Score:1)
blah blah blah
The fact is that very small percentage of the
users would be doing 'illegal copying', but those
surely would go to the furthest possible extent
to break through all the locks. The entertainment
industry is both paranoid and stupid.
Now I've been reading of digital watermarks on
DVD-Audio, which, in fact, are not entirely
transparent and somewhat degrade the quality of
sound. Don't you think the future of DVD-Audio
is sort of written on a wall?
Re:5 Bytes? (Score:3)
bytes (40 bits) because of export restrictions. It
has been proven that 40bit keys can be broken
quickly using today's computers. It was only a
matter of time until this happened.
Comment removed (Score:4)
Re:not much time left... (Score:2)
the law in other countries. Remember, we are
the last Super Bully
2) Unconstitutional? when has that stopped them
before?
Hell there is legislation being considered (its
passed the house and in the senate) to make
a certain drug illegal. Technically...it would
make the posession or sale of Red Meat illegal
in the US (since it contains it in small quantity)
(yea I know they wont enforce it in that manner
but...its just to illistrate the silliness of it..
technically...your brain is already illegal
to posess due to other chemicals it makes)
We do care, that it is not immoral (Score:1)
I, and many others, figured out how to STEAL dvds a long time ago. All you do is walk up to your local video store with a sledgehammer, break the glass, walk in and grab an armfull, and then run.
What these guys have done is taken the first step that will allow me to play dvds on my box.
I am happy. I am not stupid. I won't be wasting my valuable time copying and distributing dvds. It's MUCH easier and less expensive if you include the cost of your personal time to just go to the store and buy another disk rather than buy blanks, copy something onto them, find customers that will be willing to buy at a discounted price, sell, make sure that I'm not going to get stung by the law enforcers, etc. etc. etc.
To put it simply, pirating dvds will not be profitable for a long, long time.
The "old fashioned" method I described above is much more profitable than disk copying and a much greater risk to, and currently a greater drag on, the profits of the "dvd industry".
Re:link to the utility? (Score:1)
When will they learn... (Score:2)
If you can't solve a problem technologically, do it with legislation. Since encrypting DVDs didn't work it looks like they'll move to the next step, prosecuting the hell out of everyone they catch. Which will most likely be a bunch of kids trading the latest releases. Nothing like harassing kids for good PR.
Sorry, but the Internet makes the control of digital media IMPOSSIBLE. This is a fact, if you want to make big money with digital media you have to understand this fact and move from there. No major media companies have yet acknowledged this and they will fight it until they die or give in. Goes to show you, you can't teach an old dog how to use the Internet.
Re:Ramifications in Other Industries (Score:1)
The fact remains that corporations with limited resources are trying to go head to head with a planetful programmers with too much free time.
Re:So do slashdot folks care that this is immoral? (Score:2)
your medical records, my civil court records, their credit records, the movie industry's precious DVD keys... all this information is going to become publicly available, and there's really no way to stop it - the best we can hope to do is figure out how to live best with the fact that information is very hard to contain.
Re:So do slashdot folks care that this is immoral? (Score:1)
The "immorality" of copying DVDs is right up there with the "immorality" of copying a magazine article. The truth is that the invention of the Xerox machine did not destroy the publishing business. Even though is is possible to copy all the interesting articles in a magazine for less than the cost of an issue, the magazine business is rolling along better than ever. Why? Is it possible that the people running the movie studios are insanely greedy?
The entire home video industry is gravy for the movie industry. Worst case, they'll have to go back to making their money off the the theatrical showing of their films instead of counting making as much again off the home video rights.
Re:DIVX was right (Score:1)
Seems to me that if you can defeat the DIVX scheme, you then get even cheaper movies that you don't have to pay to view at all, compared to DVD!
(I don't use DVD or DIVX, by the way.)
Country of origin? (Score:2)
of people have said that "Dissassembly isn't
illegal"
A) The Crackers were NOT in the US. Therefore
they are not under US law. This argument thus
means nothing.
B) Sony is not a US company (they are Japanese)
thus only their offices in the US are under US
law. Again...this statement means nothing.
C) The statment itself is also useless, since
the Crackers were not in Japan. So even if it is
illegal under Japanese law, it may not be illegal
where they are.
D) The statment was probably written by someone in
some PR department. Regardless of legality, they
want to make these actions SOUND illegal and "Bad"
E) People in PR departments may not be experts in
copyright law...international or not.
Re:DVD-R (Score:2)
So I hope there will be something more advanced soon.
What about re-encoding? (Score:2)
Storing the raw DVD video/audio data is foolish, yes. But the DVD video is of such high quality that it is feasible to downgrade it to, say, 400x300 or 512x384 pixels in truecolor and MPEG-1 it at a reasonable bitrate. That'll still result in higher quality video than what has been previously available to the w4r3z-keepers.
Re:Security through obscurity doesn't work! (Score:2)
The key's only 40 bits anyway. (Score:2)
Bottom line: It would've been cracked anyway eventually. Xing just hastened the process.
- A.P.
--
"One World, one Web, one Program" - Microsoft promotional ad
Re:Net Impact on Movie Industry: Zero (Score:3)
But the pace of smaller, faster, cheaper, better has show no sign of slowing. Disk space in $/Gig falls by a factor of 2 approximately every year. DVD-ROM readers will undoubtably go from 4X (or whatever) to 30X+, like CD-ROM did.
Will you arguments still be valid when it is cheap and fast (a few minutes) to copy a DVD on to a (small part of a 200 gig) hard drive?
Re:toshiba reply etc (Score:2)
It seems that watermarking should be a security-by-obscurity method, where if you knew the protocol by which the original was modified, you should be able to find where that code is stored in the source media, and remove, or scramble it.
By knowing where the data is stored, smaller changes should suffice to mask it then if you had to add whtie noise to the whole file in order to hope to kill the watermark.
Also, helping this, is that for any watermarking scheme to be effective, there has to be an easily available way to tell if a file is watermarked. For instance, in photoshop, loading a marked file produces a (c) symbol after the filename, and will display creator info. If you had to mail this file to the company to get an answer back, it would be so cumbersome that nobody would use it. This means that the watermark readers have to be visible, if only in binary form, to watch them work.
All systems that are watermarked and checked on client computers are as good as broken whenever someone compotent wants to try. Being that watermarking is the hiding of a secret key in a document, and that secret key can't be too secret, because you can watch it be generated (it is your computer, and you can use a debugger) you can also remove it, by applying the inverse of that secret key to the watermarked file.
This is complicated a bit by the fact that digital music watermarking could be done in secret, and with a key that we wouldn't know. As long as Sony music could send a copy of the MP3 to the marking company and have the key checked, it would satisfy their needs. And we're also prevented from using known-plaintext attacks unless someone gets an unmarked version of the song from pre-production, just before the watermarking.
But even this should be vulnerable. Even if we can't remove the watermark by applying the inverse, we could, if we knew how it was done, mask out just the relevant bits, and scramble the key beyond reading in a much more subtle way than by applying a strong white noise to the whole file.
The very fact that watermarks have to be robust also means that they can be found, if their format can be discovered, which makes them security by obscurity.
If watermarking was done in such a way that you could check if Company A owned the file by constructing a watermark for Company A, for that file, and then looking for it, it would be easier to hide. But, watermarking needs to be read without knowing the result, to see which company's mark is used, not simply to state if a known mark is there or not.
If the mark could not be read without knowing it, then more subtle ways of hiding the mark could be used that depended on the specific mark. (ie, if the first bit is 0, do this, else, if this, do that...) But, the mark must always be readable in a standard way. This means it has to be fairly easy to find. Sort of like using SYNC bytes on storage media to let you know where the data begins.
Once you know the format of the sync data, and can use that to find the specific areas that the watermark would change, even if you can't determine what the data was before being changed, you could write over it with random data, along with the sync data you used to find it, the hopefully rendering the watermark unreadable.
Any problems with this theory?
Re:blaming those who break security (Score:2)
But then, assuming the distributors of keys for DVD players had criminal intentions is rather silly too. Personally, I like the fact that I can now play the discs on my Linux system (Which does not have Windows on it) and may actually end up buying a player now. This also enables other aspects of "Fair Use" which phrase Hollywood would like to stamp out in exchage for "Pay Per View."
Frankly I find the greed of Hollywood and the RIAA to be disgusting and would like to give economic preference to independent artists who do aren't in bed with that lot. Is there a web site with links to music and films (Old or upcoming) which aren't associated with those groups?
Net Impact on Blockbuster: 100 (Score:4)
The movie industry is in serious need of a housecleaning anyway. Whoa, look 3 new crappy movies, yippee!! (repeat every week). Personally I think this is poetic justice for the music/movie industries, they screw consumers when production costs go down and prices stay the same (but promotion costs seem to keep going up, maybe to offset the quality of the product..), we screw them when price and reproduction costs both move to zero. Serves them right for making me watch COMMERCIALS when I PAY to see a movie.
They will still have the box office and sales (a permanent physical backup for critical info is always a good idea) but I see no place for the present day rental system in the next millenium.
yep, it works great... (Score:2)
Commercial pirates aren't affected by much of anything so I think the movie industry should realize that most of us BUY our movies even when we can download them. I want to support the artists involved in the production of my entertainment. They earned the money.
new project for distributed.net ? (Score:2)
Sounds like an excellent new project for distributed.net... they've been doing distributed brute force encryption cracking for how long, with how much computing power ?
230 left to go....
Piracy is from thier own Duplicators (Score:2)
The people with the duplication equipment are the ones that can create thousands of DVD's. They can make Pirate DVD's of rencent movies.
Many times, these duplicators are doing duplication for the major movie studios.
The movie industry should have just made sure that only they had access to the duplication equipment. Instead, they went cheap. They let anyone with a duplicator bid for the duplication contract.
Think how many "Pirate" CPU's would exist if Intel contracted out the production of all of it's CPU's to other companies for production (and they charged $1000 for a celeron).
They were warned about this years ago! (Score:3)
Re:The article is gone !! (Score:2)
No. [wired.com]
let me get this straight... (Score:2)
If I watch this disk under an operating system other than Windows - that's "immoral?"
If I demonstrate, with examples, to the public how an encryption scheme is weak - that's "immoral?"
You have some interesting ideas about morality. If you're worried about moral decline, I think there are better issues on which to focus.
tapes are rather fragile too, however (Score:2)
Certainly scratches are a big problem for optical media, but I think it's no less a problem than fragile tapes that have been wound/rewound several dozen times by the time your VCR gets them. And when DVDs are treated properly, the picture quality will be identical to the first viewing.
In a perfect world, we wouldn't have to put up with rental media at all. Simply get movies with digital quality on demand, watch once, and get on with our lives (probably with better cared-for DVD-type media for the movies we want to own).
I feel your rental pain, but think also that your DVD player was unaffected even by a crapped-out poorly cared-for disc. That's worth something too.
Re:How can breaking trade secret be "illegal"? (Score:2)
"From the article:
""The circulation through the Internet of the illegal and inappropriate software is against the stream of copyright protection."
Thank you Clinton, Thank you DMCA, and Thank you Congress. Considering that it starts to take effect as of 1/1/2000. I expect the lawsuits to be hurled at Livid, and anyone who's even sniffed the source code around 1/3/2000.
The only saving grace of this entire mess?
From the text of the DMCA.
"Reverse Engineering Exception. Section 1201(f) allows software developers to circumvent technological protection measures of a lawfully obtained computer program in order to identify the elements necessary to achieve interoperability of an independently created computer program with other programs. A person may reverse engineer the lawfully acquired program only where the elements necessary to achieve interoperability are not readily available and reverse engineering is otherwise permitted under the copyright law.7 Furthermore, a person may develop and employ technological means to circumvent and make available to others the information or means for the purpose of achieving interoperability"
It means that while every DVD maker can try to sue to stop things like this, it means that as long as the project is attempting to add functionality (insert Play DVD's under Linux here), they are cool. Unless they've amended the act, again.
If anything? I'd be worried more about WIPO. http://www.wipo.org/eng/. DMCA is merely the first step in more laws intended to modify American Legistlation to be more friendly towards WIPO in general. Honestly? I can't say it's a bad thing, because some of the laws need to be amended, but in this hostile climate of anti-everyone, and anti-anything-that's-bad. I'm sure a great deal of shitty law will be passed.
When in doubt? Write your congressman, write your senator. See if they even have a clue on this issue.
Comp USA has plenty of software on shelf ... (Score:2)
There is a presumption in the post to which he responded that in fact CD-Rs have made a significant dent in software profits. I see two reasons that make me doubt they have, with the possible exception of MS operating systems.
1) Software makers make the big money by selling software to businesses, including universities. Businesses (esp. ones that are over 4 or 5 people big) can't afford piracy, long term. Does it go on? Sure, but CD-R only makes this process easier, it isn't the start of it. Businesses like support, and docs
2)People like documentation and accountability. That the accountability may be illusory for most users, the documentation is not. And it's considerably more inconvenient to make high-quality copies of documentation to accompany software. Folks will no doubt continue to exchange software, but the software industry will continue to sell boxed software for the advantages it offers. Note how well even boxed Linux distib.s sell! That's software which is free -- so someone could download it without even the risk / discomfort of illegality.
Re:Kill the smart people (Score:2)
There are a number of good encryption schemes out there and, in fact, CSS didn't have any problems with it. It was the fact that the coders left the key unencrypted that was the glaring hole. Don't blame the mathematicians for a coders mistake :)
-----------
"You can't shake the Devil's hand and say you're only kidding."
Consumers have been copying movies since the 80's (Score:5)
- consumers have had the capability of recording and copying movies to their hearts' content since the advent of the VCR. Videophile and audiophiles may not be happy with the quality, but as far as the average consumer is concerned the quality is "close enough" to perfect. Despite this, movie makers have been selling and renting movies like hotcakes. Being able to copy DVDs will not change this at all
- commercial pirates, for whome the "infinite perfect copy" does make a difference, could already do this by using $5,000 DVD-Rs or buying their own DVD production equipment. One analog copy, reconverted to digital format, and they could produce an infinite supply of nearly perfect DVD copies for sale on the black market. This is a problem, but one which the cracking of the pathetically week css algorithm will not significantly affect.
- high-end consumers do not like having their technology "messed with." The destruction of DAT is an example of consumers refusing to buy into crippled technology. Likewise, DVD playback which is limited to Windows, or by region, is not only an invitation to hack, but worse, creates unnecessary bad relations between the seller and the consumer.
- finally, unlike the RIAA member companies, movie studios are not parasitical entities acting as a paid go-between between artists and their customers. They provide the capital, resources, and equipment for shooting films and play a very necessary role of the art form. Contrast this to the music industry, whose contribution to the art form, beyond providing a distribution channel they happen to enjoy a monopoly on, and perhaps a place to record and master (which any technically savvy musician can do in their own home), is negligable at best and quite often destructive. This suggests that the movie studios aren't nearly as vulnerable to artists switching to an internet medium and cutting them out of the loop as the RIAA member companies are, and have a lot less to fear from open internet standards and distribution channels than their record company counterparts.
Even with copyable DVDs the film industry has little to fear. The target they should be most worried about -- the professional "industrial strength" pirates -- is the group least affected by these developments. The fear that the grassroots mp3 warez phenominon will happen with DVDs is unwarrented, not only because of bandwidth and storage limitations, but also because of a difference in consumer habits, and a fundamental difference in the relationship of the affected artists and consumers with the movie studios vs. the music industry.
Movie Industry will need to tackle this soon. (Score:2)
Re:Forced Format Switch for Security(CD -> DVD Aud (Score:2)
So... why not tell me where you live then? It wouldn't be my fault for breaking in if, say, you were stupid enough to have windows in your house, would it? I mean, everyone knows that glass shatters incredibly easily, and therefore anyone with glass windows is just asking for it, right?
The industry followed what they thought was their best option. They used 40-bit crypto so as to not have to have a US edition and international edition. What would the point be to using 128 bit crypto when you can still pump the DVD's output into a video capture card? You don't get all the neato things (multiple aspect ratios, etc...) but the point is the movie has been copied.
And no matter what, no one is going to be able to market a DVD recorder with a key cracker in it, so the 40-bit crypto pretty much stop 95% of the copies that could be made otherwise.
Re:Hurray! (Score:2)
Don't worry, pretty soon they're be a new DVD format, with new keys, and probably a new cipher, put together by a new company. And they won't forget to encrypt the key this time.
Maybe that will be cracked too... who knows. But this really wasn't a matter of closed standards or obfuscation. It was encrypted using a private key mechanism. Even if you had the specs for the decryption routine (which the hackers had) you'd still need the key.
-----------
"You can't shake the Devil's hand and say you're only kidding."
Re:5 Bytes? (Score:2)
40 bit encryption only serves one purpose any more...it leads people into falsely believing their data is secure.
Re:Learning from Microsoft (Score:2)
The security research ethic as taught in universities is that you tell the vendor and give them time to ship a fix before a vulnerability becomes common knowledge, but if the vendor doesn't produce a fix (as they often don't), full-disclosure is among the available options.
Which comes to the other point, namely that the movie industry liked DVD largely because it was (a) somewhat more desirable for consumers while costing less to manufacture, and (b) closed, and therefore subject to more control over how it moved -- like how most players don't allow you to skip over the usual copy-this-and-die FBI warning at the beginning, and some don't allow skipping of the various logos at the beginning. By and large, the computer community had no interest in letting it remain closed (we've been trying to reverse-engineer it all this time, remember), and has never based itself on the potential profit to be made by already greedy conglomerates.
And, based on the coverage sofar, the security on CSS was a poor engineering job -- as tends to happen to closed security systems. 40 bit keys don't work anymore, and in general, anyone who designs a security system without adequate consideration of the factors deserves what happens.
One possibility is that the music industry will try to distance itself from DVD, but I doubt it, unless they have some unannounced alternative up their sleeves (DVD2? Same thing plus a firmware "upgrade" to the players?), the alternative is VHS, which is much easier to copy than DVD, though harder to make a new master in a counterfeit manufactury.
I'd speculate that in 1-3y bandwidth will have gotten to where VOMs can be moved around the way MP3s are now, and it will continue to have a negligible effect on industry earnings, and we'll hear tons of whining from the movie industry. Then Microsoft will put out Microsoft Video System, which will itself get cracked in a few days, and then there will be sardonic laughter. insuff des
Re:Great insight; one question (Score:2)
Yes, but when you're talking about counterfeiting in commercially significant quantities, the encryption scheme doesn't enter into it. All the encryption scheme accomplishes is to prevent people from turning the MPEG datastream into plaintext. But a high-volume counterfeiter doesn't duplicate at that level; they duplicate the raw bits coming off the read head.
The DVD player in your living room has no way of knowing whether the disc you're playing was legitimately stamped by the studio, or whether it's a precise bit-for-bit copy stamped in Malasia. So it's fairly easy to demonstrate the encryption scheme fails at its stated purpose.
So what's the encryption really there for?
Schwab
Scheiss Netscape! (Score:2)
Sorry for the double post -- netscape crashed mid-submit. Still not sure why that would commit it twice, though -- once with a correction and once without...
Re:I just hope they don't stop making DVD's (Score:2)
A film is usually released in its country of origin first. Some months later, other countries may see it. This is done to save on film printing costs. The DVD zone system--which forms a large component of DVD "encryption" is designed to ensure that a people in Australia don't order a US-imprinted DVD instead of viewing the film in theaters.
Of course, this system ends up shafting the foriegn film buff. Many Japanese films simply don't make it into the US market/zone, and thus are inaccessible to the most import savvy viewers. Of course, one could always buy a Japanese-encoded DVD player, but that's rather expensive.
One oddity with the zone system is that China forms its own zone. Of course, China is home to many a pirate, but this also allows the government of the PRC to essentially control film imports more effectively.
The whole incremental release system will be obsoleted by digital distribution systems, anyway. Bravo for the crackers!
Re:So do slashdot folks care that this is immoral? (Score:2)
Massive corporations want you to buy their stuff. They spend money on advertising. The cost of advertizing is included in the cost you pay for their product. When you buy a can of Coca-Cola, part of what you pay goes to Coke's advertising budget; Coke buys advertising on UPN; UPN makes another season of Voyager. So you don't get to ogle Seven Of Nine(TM)[1]'s tits for free[2], no no no; you pay for it with every can of Coke, every Gateway computer, every new Toyota, whatever you see advertised.
There's also the fact that you are paying by allowing these companies to attempt to influence your buying decisions, but that's a more subtle topic.
([1] Yes, "TM", according to the Star Trek website. Bleh.
[2] No disrespect intended to Jeri Ryan. Much disrespect intended to whoever decided her character should dress like that.)
Re:Net Impact on Movie Industry: Zero (Score:2)
Now I really think the entertainment industry is run by lawyers who don't understand the issue here. If I'm a pirate, I'll just bit copy the media (DVD in this case), and press disks. If I don't have the keys I can then just copy the encrupted data and the copy protection. If I do have the keys I can change the content before copying, but pirates don't want that.
Before anyone works on digital IP rights issues they should be forced to read, and understand, the record player example in Godel Escher Bach. Then if they start claiming they have the ultimate meta record player we know for a fact they are idiots.
Great insight; one question (Score:3)
Your observation that "consumer piracy" is likely to be insignificant is very well noted.
The thing is, the commercially significant piracy that takes place under the DVD regime is likely to be, as it is now, a result of "mass piracy" on the part of folks in the "gray market."
Unfortunately, they will benefit from the cheapness of producing DVDs, and while it may become more expensive to become a "commercial DVD pirate" than it is to become a "commercial VHS pirate," that goes along with the benefits of:
If the big sellers of DVDs can maintain rigid control over the manufacturers of DVD mastering units, that might make it hard to "clone" DVDs from masters.
Unfortunately, that's liable to have the same flaws as DAT did. With DAT, there were special codes encoded into tape headers that would let the units forbid copying. That was part of why DAT never took off.
Re:Not too surprising (Score:3)
It's hard to protect -everything-, since something has to be visible to the hardware for it to be able to start decryption. The outer layer -must- be visible, even if it's in hardware. At which point, all you need do is read the outermost key, and you get to exactly the same point these guys did.
Anything the player can see, you can see. There's nothing magical about a machine, even when it's based on a Japanese design.
The question was never "whether" DVD encryption would be busted, but when. Actually, I'm amazed it took so long.
Sooner or later, manufacturers, movie industry bosses, etc, are going to have to come to the same conclusion computer software houses did years ago. Copy protection -doesn't work-! It's a fundamentally flawed concept. There was only one scheme that even came close to working, and that was confiscated by the MOD in England, and classified. Even then, it was probably fairly easy to break. The whole concept is fundamentally flawed.
Too bad for them! (Score:2)
It's as if someone discovered that every door lock and ignition lock on General Motors' cars could be disabled with a refrigerator magnet. Too bad for GM.
Re:Information Wants To Be Free (Score:3)
Simply speaking, copy protection schemes just don't work. If you allow access to the data to anyone for any reason, someone is going to find a crack for it. I don't care how good your copy protection scheme is.
There's one exception to this, and that's if the company goes out of business before anyone has the time or interest to hack their copy protection. i.e. DIVX.
Re:Net Impact on Movie Industry: Zero (Score:2)
I've often wondered about this. It seems like it would be cheaper to produce a cd than a cassette tape for the same reasons, yet here we are 10 years or so into the cd revolution and cd's are still more expensive than tapes.
(And if I remember correctly tapes/records were normally pretty close to the same price)
Also reminds me of a speech I saw from a well known games developer. He was very excited about the proliferation of cdrom drives, as cd's were going to save his company a ton of money over shipping floppies. When someone asked if that meant his games would be cheaper, he just smiled from ear to ear...
Nope, I don't care... (Score:2)
Personally, my income is hurt by closed source old world ways of distributing software and media. I work in computers doing custom development of software for corporations. The software I right is really only useful in a specific context for a company so piracy doesn't effect the work I do. However, having to pay for operating systems, database software and development tools does effect my bottom line in a big way.
I will admit to the fact that deciding as a society that intellectual property isn't something you can own will hurt a lot of companies who have built their empires on that assumption. But in the long run I believe we will be better off for it. In addition I think their are better ways for these companies to make money.
Rather than producing a CD and depending on the distribution of the music to make money, why not make money off concerts instead. Give away the music to hook people and then do major concert tours. Sell experiences that cannot be duplicated and pressed and mass distributed. Sell things that are unique once of a lifetime events.
I can get a DVD of a movie, but yet I still go and see it in the theatres. Why do I do this? Because it is a unique experience that I cannot reproduce in my home. Their is value in that experience. I have a nice home theater system, but it is never the same, so I shell out my money and see it on the big screen with big sound and a large crowd of people to share the experience with.
Really the whole intellectual property thing is, I think, a sign of inefficiency in the mechanisms of distribution more than it is a legitimate form of business. Books, CD's, Videotapes, DVD's, all have a certain cost in duplication and distribution which must be recovered. With the rise of the digital, and the ability to make infinite perfect copies it seems wholely ridiculous to charge me money for it.
Do I believe that copying a DVD is illegal, yes. Do I believe that it is immoral, no. I believe that to charge more than the cost of distribution for the DVD is immoral.
---
Re:not much time left... (Score:2)
2) It killed the CDA pretty well dead in its tracks.
2.5) I'd like to see it pass, and then everyone can go out, buy a steak at the supermarket and then go to the police and confess to possession of the drug.
Not too surprising (Score:5)
40 bits is fairly breakable, and since key transmission is a critical problem in building crypto systems, and DVD systems often represent embedded systems, they have a few keys vulnerable to brute-force attacks.
There is no question but that DVD encryption would be quite vulnerable to brute force attacks.
It appears that the result of this "exploit" is that the decryption keys for all DVDs have been exposed as a result of them being accidentally published.
This is the sort of thing that organizations like the NSA reportedly are acutely sensitive to when they are trying to crack systems.
In order to keep such systems secure, it is absolutely necessary to be extremely careful with how critical data like encryption keys are dealt with. Apparently these keys were released to people upon whom it was not carefully enough impressed that they needed to be "billions-of-dollars-riding-on-this" worth of careful.
Oops.
Re:Net Impact on Movie Industry: Zero (Score:3)
Information Wants To Be Free (Score:4)
Simply speaking, copy protection schemes just don't work. If you allow access to the data to anyone for any reason, someone is going to find a crack for it. I don't care how good your copy protection scheme is. I don't care what kind of information you're trying to protect, or what kind of media it's on, be it CD, DVD, casette, diskette, whatever. Information wants to be free.
They've tried so many tricks and schemes over the years. Remember the "What is the second word on page 153 of the manual" ones? Or what about software that would only let you install it twice.
I still use numbers like 123-1234-1234567 for Micros~1 product keys even when I have the legit numbers. Always good for a chuckle.
The way they accomplished the crack was hilarious 'though. RealNetworks (or whatever subsidiary that was) must be pretty embarassed right now... forgot to encrypt their decryption key. Morons
Anthony
^X^X
Segmentation fault (core dumped)
Re:Take a lesson from Hong Kong? (Score:2)
Clearly, these people are not very clever. It seems fairly clear to me from this "horror story" that the movie theatre model of film distribution has been marginalized by advancing technology.
We observe that people are not willing to go to the theater, but are willing to buy VCDs. Now, would a clever person either:
The environment is changing. Organisms (and organizations) that do not evolve will end up as an exhibit under glass in a museum. I guarantee you the environment will not change to suit your whims. Start changing the way you think about this stuff; the ulcer you save may be your own.
Schwab
Like hybrid multiple-recipient PGP (Score:3)
- Most disks have their video data encrypted with a random 40-bit key (called a "title key"?). Each disk has a different title key.
- 409 copies of the title key are made, each encrypted with a different manufacturer's key (also 40 bits each). Those encrypted keys are written to the disk.
- A given manufacturer, when they get their DVD license, gets one of those 40-bit manufacturer's keys and a note that says "use key number 12".
- The player looks at the disk, extracts the 12th of those 409 encrypted keys, uses its manufacturer key to decrypt it, giving it the title key. That title key is used to decrypt the video material. It ends up with the same title key as any other player would have gotten on that same disk.
- The manufacturer key would be held in ROM or encrypted in a software player of some sort. To discourage manufacturers from doing that badly, the following threat is put in the license agreement: If someone figures out your manufacturer key, you pay us a lot of money, and in addition we stop including your key in the 409 used on new disks. Now all the newest movies won't play on your player, and you go out of business.
So it's like the usual hybrid PGP scheme with multiple recipients (where a per-message random symmetric key is public-key-encrypted to each of the recipients), except CSS uses symmetric encryption everywhere, and the disks are usually encrypted to the same 409 recipients all of the time, and only a few dozen of the recipient keys are actually known by real users (players), the rest being kept in a vault for new licensees.The problem was that the encryption was really poor. There are two attacks:
- For any given disk, brute force the title key. I think this would take a day or two per movie. Then assemble a web database of some sort where you could look up the title keys for your disk.
- Once you've figured out the title key for a given movie (say, by discovering one of the manufacturer keys, doesn't matter which), look at those other 408 encrypted keys. For each one, brute-force the related manufacturer key. (because of massive flaws in the crypto, this takes about a tenth of a second for each one). Now you have 409 manufacturer keys. You don't care which one is which. Publish them all.
The latter has happened. Hundreds of keys are now public knowledge. Many of them are probably in use by big-name manufacturers (you now have the key of every player that could have played that disk, which is all of the current ones and most of the future ones). And it is practically impossible to change the keys in a useful way. They would have to drop all of the keys in use by the current players from new titles, making them unplayable on current hardware. If even one key remained from the set that are now known, the same attack could be made to get all of the new ones.Note that if they had planned for this, they could conceivably have put several keys into each player, and the response to having all of the current keys published would be to switch everything to Set 2 (instead of using FooCo's first manufacturing key on the disk, they use FooCo's second key). The current players that had multiple keys would still play new movies, but the published keys would not work. However, learning any one of the new keys (perhaps from a poorly protected software player that had multiple keys too) would allow the whole attack all over again. And brute-forcing a title key would allow the whole attack over again. The net result is that CSS is completely and utterly dead.
There is an extra layer on top of this, the authentication phase, which I don't know much about. From what I can tell it seems to be designed to keep someone from snooping the bus traffic and reading the decrypted video from there. The DVD drive will refuse to read certain sectors from the disk (the encrypted keys) until you've negotiated something with the drive. There may be more to it than that, but the technical issues have been solved for quite a while.. the necessary ioctls are already in the linux kernel.
And, as noted by others, this is independent of the copyright issues on DVD movies. CSS was a scheme to restrict use of the video data, and had the effect of preventing the development of open-source players on Linux and other platforms. Now they can be written (and mostly have been, although doing both audio and video at once is beyond the capacity of most processors).
-Brian
Re:DVD encryption is so stupid!!!! (Score:2)
-----------
"You can't shake the Devil's hand and say you're only kidding."
In all seriousness... (Score:2)
I'm quite sure the encryption opponents are quite relieved that anyone who might otherwise oppose them is too busy blaming whatever group he or she is not a part of, be it the Democrats or the Republicans, the Liberals or the Conservatives.
Berlin-- http://www.berlin-consortium.org [berlin-consortium.org]
Offtopic: Philosphocal Question (Score:2)
If, as you say in your post, "DIVX was *evil*," why did you work on it? Why did you help to create something you knew no one would want, and which you yourself didn't want to have?
I'm not trying to be hostile. It's just that I learned my lesson on issues like this a long time ago, and I've made it clear to myself (and my employers) that I will not work on projects with which I personally disagree. Perhaps I'm in a better position than most (and I also don't put myself in the way of such projects), but I've never fully understood why someone would spend their precious creative energy on something they personally felt was pointless, wrong, or ethically bankrupt.
This is just me talking,
Schwab
Re:Big surprise? Not really (Score:2)
Yeah, they'll try, but I hope for them they'll see the light somewhere in the future.
I see this as a kind of market. Corporations trying to make as much money of the customer as they can, resulting in a black market of warez/mp3z/moviez.
Most people buy their favourite linux-distro (even the original one, not cheapbytes) instead of downloading it. Why? They feel buying it is rectified by the value.
In my opinion most people _are_ willing to pay for what they get, but they are not willing to pay bucks which are the tenfold of the value they get.
The battle of hollywood and the big music labels is lost, they have nothing left to fight.
Everything the could do is damned to fail, they can't use copyprotection cause they don't control the hardware, they can't check the whole internet for warez cause even geocities or tripod can't get their own servers clean, this is impossible.
(ie. just rename bla.mpd in bla.doc and their cute scanners will fail miserably).
Increasing bandwith will end the possibility of making a lot of money because you own the distribution and marketing channels, and that's what it all reduces to, IMO.
Businesses and export restrictions. (Score:4)
They stand to lose a lot of money not being able to secure dvd's. And when there is money behind something, you can bet they will act.
Re:Net Impact on Movie Industry: Zero (Score:2)
Personally, I hope that the record companies understood that there was a 99.999999% chance that the encryption was going to broken. I bet they have some fail-safe plans. I believe some people have mentioned as such before that they still have some tricks up their sleeves.
But, to see the encryption fail soooooo stupidly, it has to hurt DVD's chances on the whole. Didn't Xing THINK that someone would reverse engineer their buggy software? Hell, maybe that was their idea (one little programmer not encrypting the code brings down DVD - hahaha).
Later,
Justin
Good (Score:3)
They needed a clue and got one they will definitely listen to this time.
Re:Net Impact on Blockbuster: 100 (Score:2)
1. I can buy a DVD movie for around $15 bucks.
2. I can buy a CD-R disk for around $20 bucks.
3. Said disk might become a coaster.
4. Said disk is better used as a backup medium.
($20/4.5GB) more expensive than tape.. but its random access.
5. I can spend the entire afternoon burning said disk.
6. I can spend a few minutes buying/renting said disk.
7. I don't belive you can play said disk directly from your HD.. meaning you have to burn them first.
Re:Bad reporting on part of Wired (Score:3)
Re:Learning from Microsoft (Score:2)
Its how you use the knowledge that counts. If you discover a security hole, then you could either:
- do something to exploit it
- ignore it
- inform the appropriate people, so that it gets fixed
If you ignore it, then you're in effect helping the 'bad guys', who will inevitably discover this vulnerability and exploit it, when in fact there may have been a chance to get it fixed.If you exploit it, you could either keep the discovery to yourself, make it public so that every cr/hacker-wannabe can use it for their own interests, or make it public to put pressure onto a body to fix it (as in the MS hotmail case). In the first two cases, you're being the bad guy, in the second case, your motivation is good, but your implementation is flawed: this should only be tried as a last resort.
If you report it, and it gets fixed, then kudos all round.
Encryption isn't all its cracked up to be.
Re:The article is gone !! (Score:2)
Perhaps it didn't show up for you in Netscape 4.7 (NT), but it showed up for me in Netscape 4.7 (NT).
related article (Score:4)
It will be interesting to see what the industry can do to fix "lost" activation keys. And that probably depends on if all discovered keys are in software or hardware players...
Re:DVD is Dead Anyway. (Score:4)
The "except maybe for storage" is the kicker. Most people buy videotapes, DVDs and such precisely for storage. If I have the movie on DVD, I have it. You can decide not to distribute it any more, alter it, edit it, do whatever you want with it, I can still pop the disk in the player and watch what I bought no matter what. If I download it over the net when needed, I'm at your mercy. If you decide to take it down, I'm SOL.
Case in point: DIVX. It died because people didn't want to have to ask somebody else permission to watch a movie they'd already (in their opinion) bought. I suspect the same people want Internet-based video to succeed as wanted DIVX to succeed, and it'll die for the same reasons DIVX died.
Re:I just hope they don't stop making DVD's (Score:2)
They're just mad because they were promised by the technical people that this encryption system was SO perfect that it would make it impossible for anyone to ever copy any part of a DVD. The pesky problem of "fair use" wouldn't be an issue, because fair use would have become technically impossible.
Unfortunately for them, the rest of the world doesn't seem to share their vision of the future of recordable media.
Re:So do slashdot folks care that this is immoral? (Score:2)
Re:toshiba reply etc (Score:2)
Not necessarily. Look at mp3 - a clearly inferior standard (to full 16bit, 44.1kHz 2-channel stereo CD audio) has taken off because people are willing to sacrifice some audio quality for a small file size. MiniDisc is now also taking off under much the same auspices - psychoacoustic processing reduces the amount of information stored, so the physical medium can be smaller.
What's a more interesting question, and is approaching completely off-topic, is whether or not all musicians will embrace 5.1 audio for their production. 2-channel audio is quite well entrenched, and the optimization of a stereo system in a room is MUCH easier than setting up a room for good 5.1 audio. The end result is that it's a hell of a lot easier to make 2-channel audio sound great...and with the typical DUMB consumer out there, the advantages of DVD-Audio aren't yet obvious.
Getting back on track, digital watermarking is being proven out which does not affect the quality of the audio [musicode.com]. A brilliant audio engineer and electronic musician, Larry Fast [synergy-emusic.com] (of Synergy and Peter Gabriel fame) has wholeheartedly endorsed this technology - and mentions on his site that he wants to use it for attribution ("Hey, I wrote this song!") rather than for copy protection. This, more than anything, may set a trend -- not as a means by which copying is prohibited, but to serve as an identifier of the original source of a given audio recording. I expect to see this everywhere in 10 years; think of it as a GIF comment for audio.
Re:So do slashdot folks care that this is immoral? (Score:2)
The advertisers aren't doing this out of the goodness of their hearts; if they were, they'd just send the money and be done with it without making you look at ads. They're doing this because they believe that getting you to look at their ads will get you to buy their stuff. And so we drive the culture of consumption which leads to the economic injustice that makes people poor and hungry in the first place.
Also, how much is your time worth? How much time does it take you to click on THS? Sending ten bucks to charity each year might actually be cheaper, as well as getting more results. To paraphrase some /.er's .sig, "Advertising-supported activities are only free if your time has no value."
(And yes, I do give directly to charity, and also to persons of my direct acquaintance who are in need.)
Re:Net Impact on Blockbuster: 100 (Score:2)
DVD encryption - to keep honest people honest... (Score:3)
I'd say that if it were that easy to crack CSS, then perhaps it was meant to be no more effective than Macrovision... a stumbling block too big for those not interested enough in overcoming it. While it's pretty obvious that both it's now easier to crack DVDs and it's still unfeasible to copy them in massive numbers, what's not really thought of here is whether or not such a development will dictate the future effectiveness of the copy protections on DVDs.
The development of MP3+CDR is an entirely different story, as digital audio was an entrenched standard that was already effective for the music industry. On the other hand, DVD is still rather new and it's rather easy to predict that in five years it WILL be feasible to pass around cracked movies on the Net for many people. Just how many people are willing to do that is another issue entirely.
I suppose that fixed storage, recordable media, and available bandwidth will all be large enough in a few years to allow DVDs to be copied easily. Still, it will take a lot of one person's time to do extensive trading, and the availability of that kind of equipment to the general public will be limited. The interesting facts and issues of the situation are:
1. People who buy DVDs usually have all the other nice little gadgets too. Hence the current target market for DVDs will probably be enabled best to trade them illegally.
2. DVD is a premium high-quality format for an extremely popular medium, which means that unlike CDs (which would be more of a standard format) trading DVDs would be preferrable to any other kind of bootlegging.
3. The movie studios do have the option of pulling DVDs and sticking with VHS... for most releases. Or, perhaps a greater control and limited availablity on DVDs would prevent DVDs from becoming a mass-consumer product, hence eliminating the possiblity of mass-pirating.
4. On the contrary, the movie studios can make a huge push of DVD into the consumer market so that it does become a mass-consumer product, not only strengthening their margins above those of the already mass-pirated, more expensive, and lower-quality VHS, but also to eliminate the possiblity that a large part of the DVD market would pirate them. Add more to the market that won't be copying them and you minimize the copying problem. CDs currently enjoy this position, as there are many people who copy them but there's a massive amount of people who can't, don't, and won't, therefore making the CD-copying problem negligible on the bottom line.
5. Finally, the industry has time to combat the problem with a variety of solutions before copying becomes feasible. They don't have to pull off any drastic moves right now, which means that if DVD business is brisk I doubt they'll be scaling back on it anytime soon. They may switch formats (a DVD2), they might try to keep DVD-RWs and all similar DVD writable formats from becoming widespread, or they might ignore the problem altogether. It's not like what happened to the music industry, where one day the tools became available and people started ripping/encoding/copying CDs like crazy as the industry helplessly watched.
Right now, however, it's just a big embarassment for the movie industry and a new opportunity for the elite piraters. If I had the opportunity to advise the movie industry how to handle the situation, I would probably suggest that right now they should take a "good faith" position and trust the current market to not do what they pretty much could have done anyway. In the future, I'd suggest that perhaps they take either one of two paths: They start planning a format change RIGHT now for a rollout in 10 years and make the new DVD-Video format a self-standing component with closed specifications rather than a multi-component open standard, as this would prevent anyone from easily pirating movies (in other words, a DVD drive is like a standalone DVD player and you just overlay it, which shouldn't be too much to ask in 10 years) or getting any undesirable use out of the video. Or, they make DVDs an entrenched standard and a mass-market industry with even a bigger push than they are today, with the understanding that they hold the advantage of being the honest, legal, simple, and not-too-expensive solution for DVD purchasing. In other words, who cares about pirating when you're going to make gadzillions of dollars selling legit DVDs and, for most people, that's the best or only option now and for a long time. It's like if you own a candy store and little kids keep eating the candy... you can put the candy on a higher shelf, or you can put a small basket of free candy by the door. You DON'T stop selling candy (or only sell stale candy)...
Re:5 Bytes? (Score:2)
The question is, now that CSS is cracked for everyone and not just an `elite' few, what's the industry going to do? I suspect thay can't actually do anything that will allow them to `win'. For good of for ill, the various `recording' companies are losing control. In the long run, it's probably a good thing.
Won't last long. (Score:2)
There are no damages to be liable for (Score:2)
If there's any liability, I would think it would be simply due to a breach of contract, and no more. How can MPIA ever show that this will result in damages? The damages may even be negative since this will almost certainly result in increased DVD sales. :-)
I'm not saying Xing/Real won't lose money -- they might chicken out and settle out of court. Or maybe there's a contractual provision that spells out a monetary penalty for disclosing keys.
But let's get realistic: there simply are no damages, and if this ever got into a court then MPIA's case would be pretty iffy.
---
Disassembly of Object Code illegal? (Score:4)
Re:blaming those who break security (Score:2)
Cracking copy protection is an intellectual exercise that in and of itself has no ethical connotations - if anything, by increasing human knowledge (it is, after all, the solution of a mathematical problem) it could be considered ethically positive.
Using the solution to actually produce unauthorized copies can be ethically good (making backups for your own use), bad (massive pirating), or indifferent (making a mix tape for your friend).
The corporate state will keep trying to patch copyright law, but it's far too late. We need new systems to "promote the progress of science and useful arts," because current copyright and patent law just don't cut it in the face of modern tech.
(P.S. Let me point out that it is "copyright, as in the right to copy, not "copywright" or "copywrite" as has been often seen here on Slashdot. Thank you, enjoy the show.)
DVD Consumer Rights - Copying is a GOOD Thing! (Score:2)
Secondly, consumers should have the *same rights* with DVDs as they do with other media such as *copying for personal use*, *playability anywhere* (no regional restrictions), and *no tracking*; DIVX was an obvious example, but there's a push for more subtle schemes of tracking individual DVD consumers.
I bet within a few years, the movie industry in particular will give up their futile fight and realize that copying is a good thing just like has been for movies on video; and anyways there's no way to stop copying so why bother...just undercut the pirates and use more creative marketing...I mean Disney's marketing of the same movies in different packaging, etc is brilliant and shows that it's even possible to sell people the same movies they already OWN!!
Re:Hurry to see the previews! (Score:2)
Cool movie with a shitty ending and no consistent point.
But electronics makers WANTED DVD format cracked! (Score:3)
Re:Net Impact on Movie Industry: Zero (Score:2)
Well anyway- Fripp put it better than I will, funnier, but he made his website badly enough that it's impossible to deal with. So I'll just paraphrase.
The record companies impose a number of historical charges in the form of percentages on the cost of the albums. So if the artist is getting 5% royalty on sales, that is 5% after a 20% wastage charge, j.random other charge, and (I am NOT making this up) a charge on typical breakage of the SHELLAC the music is recorded on. I am NOT making this up.
"But CDs are not made out of shellac!". As Fripp said in his lost article, "Now you're getting clever."
Basically, we're looking at corporate pork barrel, bigtime. The artists, perhaps even the movie studios do not get _that_ much money out of these huge industries. It's the corporations taking more and more. Of course they are not passing savings on to the consumer. That would be capitalism and a desire to compete on the basis of price. Of course they are not passing vastly increased earnings on to the artists. Why should they when they can charge a percentage of CD sales to broken _shellac_ and deny it to the artist? Of course they are earning exponentially more than they were. Where do you think they get the money to bribe the government and attempt to get antipiracy legislation passed?
The industry does not DESERVE protection. Whether it's the music industry (slamdunk of an argument to anyone who knows anything about how bad it is) or the film industry (Blair Witch Project, anyone? All you 3DSMax artists ever wondered exactly why you can't just make a movie and start trying to sell it?), it is so corrupt it's disgusting, and needs to be put down for its own good. It's not capitalism. The barriers for entry are too high, and they aren't all legal barriers (remember 'payola' of the 1950s?) These days there are ever more interesting ways to do that. It's out of control, and the consumer is powerless to stop it.
The only sensible attack is the judo-like approach that has so often worked in the computer industry- it's time to start proliferating record companies and _film_ companies, all indy, all guerrilla businesses with low overhead and depending on the fact that, what with the big industries being the way they are, it'd actually be _more_ profitable for artists to go with an indie- even with the albums/DVDfilms/whatever being sold at fscking _bookstores_ (did you know that independent bookstores are also being choked to death by heavy corporate shifts to online selling and the constant mergers and consolidations into ever-larger corporations?).
I think that's the way the future is heading. Could result in the mainstream being very glossy, very trivial, and very empty- with not many customers left to cheat. All that's required is that the actual media (CDs, DVDs) can be produced by indies in formats that work with the hardware generated for the consumers. That's all that's necessary. You don't need to _lead_ the curve, only be on it somewhere.
Anyway, my two cents
Re:Net Impact on Movie Industry: Zero (Score:2)
You'll notice that some trashy blockbuster movies are being initially priced at sell-through prices. It's all a matter of the studios maximizing their income. If they think that no one is going to care about "Godzilla" six months from now, then it's in their best interests to sell as many copies as they can now. It's just marketing.
Security through obscurity doesn't work! (Score:2)
Re:How does it work, really? (Score:2)
That's bad. I didn't realize how bad it really was. I can just see Sony forming a deal with Warner (pick any two names you like) such that Warner's movies only play on Sony players..
Nasty...
---
Re:Great insight; one question (Score:2)
We have a DVD player bought from Sony... When we bought it, we also got it modified (for about NZ$40) to accept DVDs from any zone.
The modification is Sony approved, and was done by the shop (which was a reputable place).
So much for zone protection...
--
Repton.
Re:Big surprise? Not really (Score:5)
Not true. Movie studios have always profited from making films, and have always spent whatever they felt necessary to do so.
I think we can all agree that home video has been the best thing to ever happen to the movie industry. What you might not remember is that they fought home video tooth and nail. Various movie studio executives insisted that their films would never be released to home video. Disney and Universal sued Sony for inventing the home VCR! They claimed that the very existence of home taping would destroy their studios and empty theaters. You might think this is an exageration, but just ask anyone who was involved in home video in the very early 1980s.
In spite of their best idiotic efforts, the consumer electronics industry won out and practically forced huge piles of money into the hands of the studio bosses. These idiots, had they had their way, would have smothered home video in it's cradle.
Most /. readers are too young to remember the bad old days, when seeing anything other than a current release meant waiting for it on regular TV or maybe talking an art house into showing it on the next schedule. Trust me, it sucked.
But one thing about Hollywood...once they start making money (even when they are forced to do so) they get insanely greedy. They start to expect it, and they want to make sure they squeeze every penny possible out of the suckers (us). That's how idiotic plans like DIVX get launched...and why they keep pushing Pay-Per-View. Trust me, they're not going to rest until they can get back to the original model - people paying every time they watch a movie (and, if they can pull that off, every time they listen to a song).
...and the media conglomerates are exerting all the pressure they can to make consumers believe this seems reasonable. The Supreme Court in the Sony case ruled that home taping was a privacy issue, that what a person did in the privacy of their own home with a VCR was their own business. Hollywood has been buying legislators off to get things like the Digital Millinium Copyright Act passed to pull an end-run around the Court. The act makes hacking out so-called "copy protection" a felony.
Net Impact on Movie Industry: Zero (Score:5)
I've thought about this a lot, and I've come to the conclusion that the movie industry really has nothing to worry about from unauthorized copying. The facts, simply, are these:
A lot of manual intervention is required in the mass duplication of video tapes. Basically, you have a wall of VCRs which record at 2x normal speed. So it takes about 45 minutes to make a batch of 200 or so tapes. These machines are frequently attended by a human operator (who costs money). DVDs, on the other hand, are pressed like CDs in an entirely automated process. Thousands can be stamped out in an afternoon. The manufacturing costs for DVDs is less than one-fifth that of video tapes, a savings which, of course, is not passed on to the consumer. So, while their PR department whines shrilly about "piracy" (a term used more for its emotional overtones than its accuracy), the studio is raking in even more money than before.
The number of people who are going to A) spend hours downloading a 5 gigabyte file, and B) spend 5 gigabytes of hard disk space to store it (at a cost of $20/gig) is statistically insignificant. Yes, you'll probably have a college dormitory sharing movies over their 100Mbit LAN. This represents -- what? -- 0.001% of the total market? I'm surprised the studio's accounting department hasn't killed these anti-copying campaigns as an unbelievable waste of money.
The fact is that DVD writers are expensive and are likely to remain that way for the forseeable future. Beyond that? I think we can take a lesson from what happened to the music industry with the proliferation of CD writers and MP3 files: Those companies are as strong as they ever were, and there is no proof they are suffering financially (despite our fervent desires to the contrary).
What I find particularly puzzling is that the hardware companies haven't figured out that they're in the driver's seat. Toshiba et al could have easily told the movie industry, "No, you're not going to get encryption or regional lockouts. Because it doesn't matter. Our manufacturing process costs less than one-fifth of the one you're using now. Once your shareholders find out there's a process that will cut your costs and increase profits and product quality (and we'll make sure they do find out), they'll rake you over the coals until you adopt it. You will use our open, unencrypted platform, and you'll like it. The financial reality leaves you no choice."
The argument really is that simple.
Schwab
not even 40 bit security (Score:2)
that might stand up for an hour on a brute force attack by a pentium 90. if they were lucky.
MUCH more likely, a valid key would be hit early in the attack, after all, there are 400 to choose from.
Re:So do slashdot folks care that this is immoral? (Score:2)
I can't speak for you, but I have a legally protected right to make backup duplicates of tapes, cds, vhs movies, dvd movies, etc. The industry putting CSS and Macrovision on the DVDs I legally own prevents me from getting my legally mandates rights. I don't own a console DVD player. I do have a small collection of DVDs that I'd like to transfer to VHS tape so that I can watch them when I please and not have to go over to a friends house.
-sw
DVD Encryption? Good riddance (Score:2)
Let assume c is the ciphertext and p the plaintext. Simply run the algorithm to decipher c, then dump the plaintext p unto another medium. Repeat for every c.
In simple words: run the DVD, and copy it on a VHS. You'll lose these fancy functions, but the essence of the DVD is still there: a copyrighted movie.
The point is: it's silly to try to prevent the copying of a film or music, whether it's in DVD, MP3 or CD format. Who the hell cares? Copyright laws are in place, and they're supposed to prevent anyone from making money illegally off of them. However, it's not illegal per se to copy a film or a song, once you bought them legally and are doing so for personal use.
So, breaking the DVD Encryption scheme is akin to figuring out how to copy VHS to VHS. The fact that this data can be transfered over the Internet is, I think, irrevelant. The industry needs to grow up; I certainly don't see a reason to stop producing DVDs because of this.
The rule of copy-protection scheme is: sooner or later, it's gonna get broken. Surely they realised that.
"Knowledge = Power = Energy = Mass"
Does anybody know about DVD encryption? (Score:2)
1. Is the encryption algorithm known?
2. Will consumer decks play unencrypted disks?
If the answers to these are 'No', then this isn't really too important, for the time being. And while it's theoretically impossible to prevent people from determining the decryption algorithm if you ever sell software players, it should be possible to build an encryption system that can be kept a secret.
thad
Bad reporting on part of Wired (Score:4)
This simply isn't the case. They didn't bother to print the obvious fact that blank media costs significantly more than DVD movies to begin with, making unauthorized copying a waste of time and money! (Not to mention the fact that equipment to record DVDs playable in consumer DVD players is around $15,000)
I also didn't see anyone mention that copyright law does not restrict people from making backup copies of material that they own. Even the copy protection in consumer DAT machines allows this, unlike the broken CSS scheme. (Suppose I want to make sure that the DVD movie I just bought will still work 50 years from now, even if the original gets scratched or destroyed)
They missed the most important fact of all-- as long as CSS remained secret, computer users were forced to use Microsoft Windows or Mac OS to play back DVDs. Only the release of CSS to the public will make playing back DVDs on other operating systems possible. Many people have _wanted_ to go out and buy a DVD decoder card and movies, but have not because there was no support for this hardware in Linux or their operating system of choice. Hardware drivers have become available for some DVD decoder cards, but without CSS code the drivers are relatively useless.
Now, we will not have to wait much longer to watch DVDs on our machines.
oops, i meant 31 bits (Score:2)
should read: "this reduces the 40 bit security down to a little more than 31 bits."
Re:Take a lesson from Hong Kong? (Score:2)
Alas, no. Another Slashdot user did. However, I've been unable to find the original post; it's probably expired.
Schwab