Slashdot Mirror
DeCSS Reply Brief Posted
Thanks to Macki from 2600 who sent the DeCSS Reply Brief Filed on 2600. You can read it in all of the appropriate formats - the next hearing is May 1, at the 2nd Court of Appeals in NY.
← Back to Stories (view on slashdot.org)
Why do so many comments on Slashdot by people still show total misinformation and myth regarding DeCSS?
Multiple major posts on the silly descrabler perl script merely further this misinformation.
Or the uninformed post regarding prime numbers holding the descrambler.
Descramblers for CSS DVD video frames are practically worthless and unimportant and only a final small part of the challenge of extracting "protected" DVD media.
They area all related to wimpy little descramplblers that only work on pre-authorized (validated) DVD MPEG-2 scrambled keyframe blocks.
I am so mad about all this misinformation every month YEAR AFTER YEAR. Who gives a damn about various VOB decoders? They are mundane and hardly interesting nor even contraband knowledge!
The DeCSS lawsuits concern a 40 bit KEY. This KEY is the one licensed to XING as a master key. It is the one, of over 400, that is being killed on new DVDs as we speak.
It was ripped out of XingDVD VidSub Decoder, or its earlier incarnation.
It is what Jon Johansen was accused of stealing by using a WinICE shrouder, and posting on October 6, 1999. The DVD MPAA group (actually not MPAA but the DVD Copy Control Association or "DVD CCA") . Hilariously, due to legal foulups the DVD CCA was not a US group until dec 1999 and has no California, no USA jurisdiction. In fact it is really one extortionist bully at Toshiba Corporation until Dec 1999 (or July 1999 depending on who you believe) hiding behind a few other names listed as partners in the DVD FLLC alliance. The DVD CCA and MPAA are fighting over this one goddamned 40 bit key Jon Johansen distributed. Not the rest of the many many different cracks and decoders and descramblers.
Just these 40 bits.... nothing else you fools. The rest has little merit. Its not stolen object code, and certainly was not patented.
Most VOB descramblers, and MPEG-2 DeCss descrambler loops work on **VALIDATED** data files from VALIDATED devices with valid session keys. They sometimes use brute force kracking and and care less about session keys... but they all come from VALIDATED mounted media... and in Livid and other enabling players they all rely on the 40 bit stolen Xing key.
Validation is a 8 step process and just because Windows, Apple Mac OS, and Linux wipe your butt and usually have the DVD player code do it for you when you access a dvd ususally, does not mean that a solution exists.
The 8 steps are :
LU_SEND_ASF
INVALIDATE_AGID
LU_SEND_AGID
HOST_SEND_CHALLENGE
LU_SEND_KEY1
LU_SEND_CHALLENGE
HOST_SEND_KEY2
LU_SEND_TITLE_KEY
LU_SEND_RPC_STATE
You can read about it in the huge publicly available INF-8090 Specification (though it is buggy) [INF-8090 v3.6 1999 SFF Committee Information Specification for ATAPI DVD Devices 8090) section 4.7.2].
all this endless crap on Slashdot every month year after year is discussing what is done AFTER the 8 steps are completed! What idiots every single poster seems to be. Including the fools at Livid apparently, for never revealing more than one dvd key, the Xing key. There are no kracks until ALL DEVICE MASTER KEYS ARE DIVULGED!
True, there are divide and conquer crypto attacks mentioned in Oct 26th 199 at http://crypto.gq.nu/mail2.txt (Frank A. Stevenson), but frank did not provide any keys, and you NEED a key to mount and access a DVD. There is no HACK. There is no slashdot provided links or code. Its all just the Xing key 40 bit reliance, or reliance on Apple and Microsoft to do it for you.
You need a bus key and player key. The MPAA zeroes out the Xing master key on a special test CD (DVD ROBA buffer has a key wiped). If it fails, then they have proven the key is "stolen" in a player, if the test DVD works with other players using different player keys
Nobody at Livid, and nobody on slashdot, and nobody on the net HAVE EVER OFFERED another key!!! I have 600 keys, of which only 4 are relevant, but only have one goddamned bus validation key. ONE.
This crap you idiots keep talking about on slashdot is pure crap and you deserve to have to see that this little post is searchable in future archives but probably quickly forgotten despite the time of day of the entry. I post anonymously from cybercafes because thats what real hackers do, I don't give a rats ass about creating a slashdot account just to pretend to be non-anonymnous.
I don't care that moderators all seem to surf this dying LNUX site at +1 and will never mod this up past 0. The last time I posted this It was labelled a trol and never brought up past 0. I still don't care if you people never learn. I think its funny that the facts never seem to ever get out.
You can all just keep posting the same bullshit misinformation about DeCSS all you want to week after week.
All you slashdot linux losers are morons if you think that the old patent "US5917914: DVD data descrambler for host interface and MPEG interface being implemented in software" frightened the MPAA. This patent was released publicly on June 29, 1999 and does more damage to the weak "protection" of DVDs than a bunch of lame Perl-script obfuscation contests.
Ohh! impress me by encoding that patent into a Perl Script.
Wow thats so L337 and k00l and Hax0r! Wow a VOB decoder.
I Never see anyone ever talk about this issue, EVER. Not in any US court proceedings or filings. I have yet to study this newest one line by line yet.
Perhaps I am the only person than knows a damned thing about how DVDs are encoded and are validated. Maybe its because I actually did some damned hacking day and night in Sept 1999 instead of sitting on my ass speculating.
Sure I use 0xE2;0xA3;0x45;0x10;0xF4 (E2A34510F4) just like everyone else, despite the fact that I could use Microsoft or Apples keys that I refuse to share.
But E2A34510F4 (the Xing key) is dead and soon new DVDs will stop playing on Linux, and NOTHING you guys have posted here over the months will help because without the 8 step validation process, the laser head will not do a read of an encrypted DVD keyframe block.
I should not blame all you guys, the rest of the ENTIRE internet is also totally clueless.
I think I am the sole man on earth who understands that player keys and master keys are still pivotal.
Playing my DVDs on my home computers that do not seem to allow DVD playback in the OS is the only reason I care about this field. Livid is an honest and worthy cause, and despite the membership signal to noise, and the crappyness of their programming skills, Livid is worth defending. People have a freedom of speech in some parts of the world and the freedom to express themselves with source code, especially if transcribed into human readable prose for amusement. This is not an exploit nor a Krack, this is about being able to watch the movies you own on DVD on the video equipment you own from the DVD player you own. I have no interest in copyright violation at all.
If people want my list of other 400 comaptible 40 bit player keys (not a device master key, just player keys) I could post them here if enough people want them. You merely run a tool that brute force deduces them all from a conquer standpoint. Of the >400 only 4 seem to be universally perfect on all media.
But the lack of other non Zing Keys merely fuels the lawsuits and endangers all the LINUX DVD authorizers when the media changes.
The lack also fules most of the ignorant posts by poeple impressed by brute force descramblers or standard descramblers.
gabest_CRAPCRAP@freemail.hu_CRAPCRAP
The cryptography has been done to brute force all of the keys. I have no doubt that Frank Stevenson, for example, knows all of the keys as do many other people.
In fact, you don't even need a player key to get the title key. The player key unlocks the title key area so that you can use an IOCTL to read the title key. But the title key itself can be found by analysing the encrypted portions of the VOBs. The player keys aren't even needed anymore.
The keys are not the issue. The New York case isn't about distributing a key, it's about distributing the software that unencrypts a VOB so that it can be played on an Open Source player.
I have discovered a truly marvelous sig, unfortunately the sig limit is too small to contain i
IIRC, it went something like this....
DECSS was written on windows because at that stage there was no UDF Filesystem support in Linux, so the disk file had to be read & decoded on windows. The user could then reboot into linux to watch the movie from the hard drive. That was the only way to watch the movie in linux.
Once UDF was supported in linux this was no longer needed, and it could be done directly under linux.
-- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz
It wasn't the drivers. It was suport for the file system that is used on DVDs. Linux did not have support for the filesystem at the time so it was developed on Windows to see if it would indeed work.
Quite simply, what DeCSS does is read and de-encrypt the raw MPEG-2 data off of a DVD. From there, it is pretty straightforward to decode the MPEG-2 and re-encode at a lower bitrate using DivX -- and then it's the whole napster nightmare for the MPAA.
No, the sound and video is not in MPEG-2 format. It is in a raw uncompressed format. Remember that while MPEG is good compression there is a price to pay. The color is not as distinct and the images are not as clear. Not too noticable but there is a trade off to be made. Plus even with DivX, the resulting file is still around 650MB. That is not very small. Even with broad band that takes a while to download. Most people don't want to bother saturating their connection for that long. There are some but not many.
MPAA != DVDCCA. Yes, the DVDCCA is concerned that their monopoly on DVD players is in jeopardy because of the release of the key. But that is entirely separate from DeCSS, a **Windows program** to decode DVDs.
Well then what about css-auth, the Linux version of DeCSS which some of the code is used by the LiViD for playing of DVDs? I think the intent was to allow projects like LiViD to show up. Decrepting the VOBs(the files that on the DVD that contain the raw video and audio) was needed to be done before a player could be made. I followed the events of the different groups trying to break the encryption for a long time. DeCSS came on the scene and it was instantly seen as a way to play DVDs.
Molog
So Linus, what are we doing tonight?
So Linus, what are we going to do tonight?
The same thing we do every night Tux. Try to take over the world!
CSS is, prima facia, software designed to circumvent access controls (my hardware/software reading the disk I purchased) intended to permit me legal access to the DVD.
Why hasn't anyone filed a suit with that counterclaim? It seems like a fantastic class-action opportunity.