Slashdot Mirror
Digital Display Encryption Details Leaked
Phill Hugo writes: "Cryptome has details of the High-bandwidth Digital Content Protection System which will be implemented as content control between computers and monitor screens. I wonder if continued leaking of the details of the many copy-protections systems will make them unworkable. Who's willing to follow suit in the other camps?" Your monitor will soon be a "licensed monitor device".
I'm going to stock up on normal monitors now, and sell them on ebay in 5 years.
I'll make a fortune!
(1) The Right of The People to make unlimited copies of copyrighted materials, which they own or hold a valid license to, for their own personal use shall not be infringed.
(2) The Right of The People to transfer ownership or licenses of copyrighted materials , and at their own discresion, (with all copies made therof, if any) to another party shall not be infringed.
(3) The Right of The People to make a copy, in any format, of a copyrighted work aired on a public or subscribed broadcast medium for time shift viewing purposes shall not be infringed.
(4) The Right of The People to possess the hardware and software and other tools necessary to carry out the above shall not be infringed. (5) These rights, as a whole, shall immediately, retroactively, and for all time preempt the portions of all contracts and licenses contrary with the above.
Seem fair? Changes? Additions?
Time to BAN the US mail and other delivery services. It appears that they can be used to get around the DMCA...
To summarise for those who haven't read the thing: I initially thought, "Ok, cool, so we just reverse engineer the secret keys and KSV out of the hardware that we have access to and implement in software." We don't have to know what the hell's going on, just get access to the keys. Any cryptosystem is broken if you can get a hold of the secret key(s).
Aha! But they know this is possible, so they've built in a method to get the system to check for known leaked secret keysets and KSV's. It's broadcast in the media, so your copy of The Matrix will play fine, but Antitrust knows your keys are compromised and so won't play. This is basically the same as revoking your PGP/GPG key if it becomes compromised. Actually, from my quick read of this spec, they appear to have designed a variant of public key cryptography. I'll leave the cryptanalysis of the algorithm to someone actually good at it.
Key management is the real weakness here, though. Sure, if a keyset is compromised it can be tagged as such on newer media, but old media which _doesn't_ know the keyset is compromised should play fine... unless the values are stored in NVRAM or similar on the video card or in the monitor, which would be what I'd design in if I were trying to take all your rights away.
That's a management nightmare, though. Just look at the proliferation of DeCSS. Now imagine a similar program for decoding the video stream and an online database of compromised keys. Sure, the HDCP consortium can update their compromised keylists, but there's a time delay in getting those updates out to the hardware (using the video media as the vector). Cue a game of cat and mouse with the hackers putting out keysets and the HDCP struggling to keep their updates moving.
The big problem that they don't appear to realise is that they are sending the secret keys out into hostile territory! The only way a cryptosystem can remain secure is if you can maintain security of the secret key(s). If the user were choosing the keys for the hardware themselves to protect a datastream over a local video broadcast medium, then that would be fine, because the person choosing the private keys is the person who can maintain the security of those keys.
An analogy: creating a PGP key pair and placing your public key on the 'net for people to use. Now encode your private key onto a CD, which you give to someone. They leak your key, so you issue a recovation and generate a new keypair, but every time you generate a new keypair, you publish your private key (no matter how it has been obscured). As soon as someone other than you has access to your private key, it should be assumed to be compromised.
All in all, a better attempt than CSS, but still fundamentally broken.
Just because you're paranoid doesn't mean they're NOT after you.
This is similar to what Microsoft is planning for Windows XP's sound infrastucture. XP will send all sound signals to the sound card with some kind of encrypted static in them. The card, using a Microsoft-approved driver, will then decode the signal and remove the static for playback [see The Register].
Its all intended to prevent us from somehow getting between the OS and hardware to 'steal' audio (and video, with the monitor system) after the software decodes it. Microsoft is jonesing to help the RIAA kill MP3 and replace it with WMA, and the best way to do that is sucking up to the RIAA and its member companies by taking control away from the end user/listener. Yet another reason to Boycott Microsoft!
== Paul Rickard, Editor of The Microsoft Boycott Campaign ====
I think the only answer would be customer demand. So how can the movie studios create this demand? By releasing movies that will ONLY be playable on conforming equipment.
But this is going to be a huge hurdle, much bigger than the introduction of DVDs. With a DVD, at most you have to buy a DVD-ROM drive or a DVD player that now costs under $200. But this new protected videostream is going to require you to buy a new protected DVD player AND a new protected TV. (Or for PC folks, a new video card and a new monitor.) Now you're paying at least $500, probably closer to $1000. That's pretty severe! These movies are going to have to be awfully good to make it worthwhile for anyone who isn't rolling in money.
The eventual disappearance of NTSC broadcasts is going to be tough enough to sell even when "all" most folks have to do is buy a set-top box. But tell everyone that they must replace every TV they own, and I don't think they'll go for it.
Therefore, I think the only way for this to go through in a big way is for the movie studios to get together and buy all the major monitor manufacturers. Good luck, fellas.
As a liberterian you would be advocating a smaller nay an absolutely minimalist government. You would in effect reduce the executive and legislative branches of the government to a bare minimum and allow the judicial branch to become much more powerful. Every dispute would have to be settled in the courts and most of those would have to be settled in the civil courts because there would be a drastic reduction in the number and scope of laws.
Given this I submit that the corporations would be much more powerful then they are today. By eliminating all safety regulations, minimum wages, pollution laws etc you would allow the corporations to make much greater profit then they do now. It would be even more impossible to take them to court given their greater wealth. By reducing power of government you will create a vacuum which will be filled by the corporations. They can grow unchecked and wreak havoc on the world without any resistance whatsoever.
War is necrophilia.
I'm talking to YOU. You know who you are. You're the guy with the ability (money) to run for political office, and could probably win, but you don't want to get into politics. You're leaving the governing of your nation to the more corrupt or power-hungry or lawyer-type or self-centred bastards who don't give a damn about society as a whole.
Run for office, for Christ's sake, because the way it's going, it will only get worse! Get off your ass and make a small sacrafice for the rest of us. You can do it! We're only asking for two terms. ... What's STL?
------
I'm a C++ guru
Is for ONE person to make a device to tap into the signal going to the picture tube, and this protection scheme will be useless.
It is getting to the point where I am going to ACTIVELY pirate copyrighted media, just to show my absolute disgust for the MPAA and RIAA. This blatent manipulation of the computer and electronics industry by these monolithic giants must stop.
Feed the need: Digitaladdiction.net
While I'm not totally against the concept of "rights" in the form of "pay the person whose content you use, I would like to know exactly where in this mess of crap are MY rights protected? I think shit like this is way out of line when implemented as hardware requirements . Who the hell made the Movie and Song industries the people who get to choose how I use things for which I've already paid for?? Hell, never mind about the content that I've paid for, who the hell made them the arbitrers of how HARDWARE that I purchased - PURCHASED!- functions? It's ridiculous to the extreme and would make for some seriously deadly comparisons to other industries. You'll notice that if Ford doesn't like how I drive my car, they can shove it up their ass. The same of course goes for the people who made my microwave, and desk lamp; all of them can think whatever they like but having paid for these goods, I decide how I use them.. And can anyone tell me where the concept of free and open markets making decisions on what (products) live or die, went...?? Bastards one and all..
>There are lots of non-Sony, non-Sharp, non-Toshiba, non-Philips makers
But almost all of them use Sony or Mitsubishi parts. The Trinitron and Diamondtron tubes are standard in most good CRTs, and while I don't know much about LCDs, I'm sure there's probably a similar situation where 2 or 3 manufacturers make some of the important components or license some necessary IP used in almost all. So if all the major companies back content protection, they can say "include content protection or we won't sell you [needed widget]." Then you have the market effectively in total control by the content barons. Another possibility is to create a content encryption and playback system which will not work at all with standard, non-protected ports.
Naturally, there will be hardware hacks to remove protection from monitors, or to make non-protected monitors work with protected content. But they will be illegal circumvention devices under the DMCA, so impossible for consumers to legally obtain unless they live in a truly free country. Even so, they will require too much technical expertise for the former, or be too esoteric for the latter, to ever reach the average consumer.
What we have is a few large conglomerates setting themselves up as IP barons, just as we had the robber barons of the 19th century or the nobility of the feudal systems in earlier centuries. IP barons will have rights and opportunities and modes of existence far removed from what the average citizen ever sees. And that's not the way it's supposed to work. Unregulated capitalism is as evil and crushing and divisive as any system ever conjured in history. I'm all for capitalism, but with responsible consumer protection.
"The more corrupt the state, the more numerous the laws."--Tacitus, *The Annals*
Leaking details won't make these systems unworkable if they are any good. In fact it may make the copy protection schemes better, as manufacturers realise security through obscurity doesn't work. And there's always the fact that you can't encrypt the final output, it has to be visible to us humans :) I mean granted video protection mucks this up a bit, but it's still watchable.
--
Never try to teach a pig to sing. It wastes your time and annoys the pig.
So what would happen in that case is that the hot new releases would be unpirateable for awhile (and thus people who wanted to see them would have to pay for them), but after a period of time the keys would be compromised and anyone could copy, excerpt, or modify the original work.
If you squint a little -- okay, if you squint a lot -- it almost looks like something the U.S. founding fathers would approve of. The creators of new works would have a limited period of exclusive distribution (providing an incentive to create works), after which the works would fall into the public domain.
TheFrood
If you say "I'll probably get modded down for this..." then I will mod you down.
This doesn't require an act of Congress to mandate or any strong arm tactics against the manufacturers. It is an integral part of the evolution of video. And for you audiophiles, both DVD-Audio and superCD (or whatever Sony calls it) are already encrypted on the media.
And before you think I see this as either a good or neutral development, I don't. This is another step in the entertainment industry's plan to strip we consumers of all of our rights and force all media into a "pay-per-view" scheme.
Right, and the smart makers won't implement it. There are lots of non-Sony, non-Sharp, non-Toshiba, non-Philips makers out there who would love to get a bigger share of the market and would gladly use this as a way to do so. Think of the MP3 Discmans the smaller electronics makers ship now, or VCD ... someone will ship hardware that's user-friendly, or I'll eat my hat.
sulli
RTFJ.
How many of you use SDMI or ATRAC vs. MP3? Show of hands? Case closed.
sulli
RTFJ.
We see theese kind of things popping up everywhere. "Pirate-protection" on cds, computergames, compressed music, vcrs, dvds, harddisks and now, as if it wasn't enough, The game of profit-maximizing makes buissiness out of encrypting signals in the 1m wire between my computer and my monitor. I have to ask myself one question - WHY? Why are someone allowed to control my pc? Why are someone allowed to limit the use of services I have legaly purchased? If I purchase something, I like to think of it as my own. I own my car, my tv, my bike and my books. I can do with it what I find delightful or funny - whenever I feel like it. Unfortunately some fuckhead came up with the idea of "licence-agreements" - and worst of all, most governments in the world allows this kind of development-brake to be switched on. If I would like to know how this pc operates (it runs winME), I'm not allowed to. I'm tried to be prevented from having my DVDs copied, someone tries to prevent me from copying my purchased music, someone is trying to have my purchased books time-limited, someone is trying to stop me from taping TV-shows, and now - as the top of the "kransekake", as we say in Norway, someone wants to keep me from listening in on the signal MY OWN pc tries to send to MY OWN terminal. I liked to think of my own as my own. Just as Linus pronounces linux as linux. But I'm not allowed to. This has got to stop. If this common policy continues, we are not allowed to change the lightbulbs in our own homes, we won't be allowed to open the hood on our cars, we won't be allowed to install our own car-stereo, and we won't be allowed to not watch commercials. Someone has got to say NO at some point, or civilisation is going down - driven to the ground by its own hunger for profit. I'm not a communist - far from it, but I do want to point out a communist fact, manely that the people are in charge. Or, for you american citizens, you were in charge. Then you found out that you had to let the money take control, and now it's the buissinessmen in the USA that litterally controls your lives. And when I thought you'd seen what you have become, you elect - of all the idiots in your country, Mr. George W. Bush as your president. I've gotta laugh. But everywhere else in the world, I would like you to think about what kind of control you want over your own life. Think abiut it the next time you are to elect your representate to the natonal-government. Of course we don't want to steel things - but then again, that's why we BUY it. What we are really doing nowadays is renting stuff - but noone calls it that. I wonder why...
Secondly, this technology could also be used in our schools and libraries to ensure that objectionable content, such as sexually explicit images, or anti-religious propaganda can be blocked from our childrens tv screens. It is difficult to imagine any law-abiding sane adult arguing against this technology.
Lets hope it becomes commonplace, soon.
internet becoming the biggest free blockbuster {a popular video rental chain in the US} on the planet
... If the horse and buggy manufacturers had the governmental reach the Movie and Music conglomerates have today, we would not be allowed to drive a car because that would trash their horse and buggy business model. (A good lawyer would have patented the multi-passenger enclosed coach and attaching an engine would be a breach of license.)
What if there is nothing wrong with that? What if that is really a good thing? Of course, it would smash today's content business models.
Let's think about this
Of course if Radio had realized what they could achieve by hiring lawyers instead of engineers, there would have been no television because it would have (and did) significantly reduce the importance of radio as an entertainment resource. (A good team of lawyers would have manipulated the system so that radio technology was allowed for licensed receivers -- which of course would only have delivered sound, not video.)
No one speaks for the new business models that would rise up to profit from the new content realities since they don't yet exist. And of course, the way things seem to be headed, our big brother will not let things change so we can discover what they are. (And yes, someone will always profit. The only issue is that they may not be the same ones that do today. ===> Change is bad when you are already on top.)
Bang Bang Oww (Me pounding fist on table and then rubbing it because I hit the table too hard.)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ the real world is much simpler ~~
--- -- - -
Give me LIBERTY, or give me a check.
But with more and more of the rules we find ourselves living under being dictated by corporate groups, could it be that the line between business and the state is blurring?
I look at phrases like "licenced monitor device" as being the beginning of a worrying trend. The reason is that we're moving from a situation from where something we already had (as opposed to, say, a DVD player, or personal computer, where licences have been a major component since they were placed on the market) being replaced by equipment where tough restrictions on its use are being enforced. Those restrictions are protected by force of law - if you opt to use the equipment without following these rules, you may find yourself being sued. Yet these rules are not being subjected to democratic review.
In the case of TV and radio, the former of which we're seeing this new regime encroach upon, the latter of which we may see soon with the marketing of digital radio and current trends suggesting every digital media device being given these restrictions, this strikes me as particularly obnoxious because over the last 50 years, we've come to rely upon this as a source of much of our information needed to make reasonable judgements about the world we live in. Media has moved from print to radio to TV, and, imperfect though it is, it seems important enough to me to be a source of concern if you can no longer access it without agreeing to rules that you may find blatently unfair and/or counter to your beliefs.
I've seen it argued that licencing rather than legislation is better because you create freedom of choice and let the markets cater for people. But where you have a monopoly, be it on the provision of broadcast television signals for a consortium of interested parties, or a critical piece of system software needed for compatability with peers, is it reasonable to argue that users do have the capability to choose between different products with different licences, and would it not be reasonable to at least have some basic rights instituted for users, at a legal level, so that producers cannot dictate how people use information they have paid for, or equipment they have paid for, in the privacy of their own homes? Does the alternative, which is what we appear to be seeing the start of now, replace elected oversight of law making with unelected legally enforcable rule making?
--
You are not alone. This is not normal. None of this is normal.
C-style notation is used throughout the state diagrams and protocol diagrams, although the logic functions AND, OR, and XOR are written out where a textual description would be more clear.
The concatenation operator ' || ' combines two values into one.
I stopped reading about there to go off and fix all my C code. Since when has || been a concatenation operator? To think that for all these years I thought it was a logical OR. No wonder none of my programs work.
DVI is a digital spec, as opposed to the current analog VGA spec. a few vid cards have DVI-out, notably hercules and ATI cards. most DVI monitors are LCD, because they natively use the digital information, whereas a CRT has to put a DAC in it to use the DVI signal. they seem to want to encrypt it because this is then essentially a perfect signal that can be copied.
--how long till the operators are jailed for anime-induced pedophelia and
Go read the paper. This has nothing to do with computer monitors. This is a system for encrypting cable tv, satellite, and other broadband TV systems. This is CSS for your television set. Didn't pay your subscription fee this month? No HDTV for you, your key is revoked. Hacked your HDTV-Tivo? Your key is dead. Want to tape that TV show for time-shifted viewing? Sorry, it can't be intercepted for recording, watch it at the time AOL/TimeWarner/Microsoft broadcast it or forget it.
These specs are put up on the digital-cp site itself. I dont think that they have been "leaked".
"Do something man. Right now."
The reason that there is a broad push for this kind of technology (intrusive content control) is that the current federal administration is very much pro big business. The tactics being employed now skirt existing interpretations of anti-trust laws by employing monopolistic tactics against consumers, not other businesses. While the MPAA may employ virtual monopoly power in forcing consumers to buy expensive new equipment (and therefore sacrifice rights), it does not impose an entry barrier to other prospective businesses. Anti-trust laws could easily be expanded to counter this new type of monopoly, but only under a pro-consumer administration. A supreme court ruling in favor of consumers would bring this whole house of cards down, but the majority of justices will (most probably) be pro-big business if any of the current democratic justices retire (Bush will only appoint pro-big business justices, of course, and it is very likely that at least one democratic justice will retire during Bush's administration).
An interesting quote re Bush:
On the 12th month of the year of the millenium, in the seat of greatest power, the village idiot shall come forth to lead.
-Nostradamus
Big businesses are entrenching themselves against what they see as a potential wave of piracy. As more people come online, and, even more importantly, as bandwidth barriers are lowered, media piracy is being made possible on an unprecedented scale (a la Napster). All they're trying to do is basically protect their profit margins. This kind of thing, however, will never work. All it would take to stop this crap is for one person to crack each major release that comes out, just once. After that, just convert it to good ol Divx, fire up Bearshare/Gnutella/Limewire (assuming all napster-type pseudo P2P services block that stuff out) and the MPAA is screwed. Soon, the industry will kill itself, as it will make obtaining pirated copies much more convenient to obtain than trying to meet all the new standards required to play legal copies. All the media industry has to do is increase the inconvenience/cost ratio of pirated media as opposed to legit goods in order to stay ahead of the game. What they just don't get is that there will always be a hardcore bunch of hackers out there that will break their system just for the hell of it. They can put everybody through a load of shit trying to achieve the golden 100%, or they can do the smart thing and implement something designed to make it inconvenient for most people to pirate media and achieve 85%. What they'll find out the hard way is that it will cost more money that they'll save to try to constantly update a system that will be a perpetual ground zero for hack attacks.
Aside from the potential (make that probable!) gross abuses of this system, it would be great for high-security environments!
...
string* plamenessFilter =
*plamenessFilter = "Flaming Death!!";