Microsoft Windows Media Player Encryption Hacked

NubKnacker writes "Here we go again. The Register has the story about the encryption in Windows Media Player being hacked by DVD Jon. From the article: 'Jon Lech Johansen has reverse engineered a proprietary algorithm, which is used to wrap Media Player NSC files and ostensibly protect them from hackers sniffing for the media's source IP address, port or stream format. He has also made a decoder available." This has been pending for some time now. Do you see a reason to install Windows/WMP just to be able to view a webcast?"

Why this happens

[sdirrim]

You know, this only happens because Microsoft is the industry standard. Imagine a world where there are competitive OS and software markets, with no Internet Explorer phenomenon. You wouldn't get this, because developers would actually try to create secure programs. Instead, Microsoft takes programs that are more or less comparable, and incorporates them into it's products, thus killing any competition for that program! (Read: Excel and Lotus 1-2-3)

Re:Why this happens

[Iphtashu+Fitz]

You know, this only happens because Microsoft is the industry standard

Microsoft is the "industry standard" only because they are big & powerful & have the ability to force others to do things their way. Standards are based upon community support. What DVD Jon is doing is showing that there's little community support for Microsofts so-called "standards".

nscdec.c

[coolnicks]

http://nanocrew.net/software/nscdec.c

"VLC should have NSC support in the near future."

Let the best player win!

[RUFFyamahaRYDER]

FTFA - "It's more likely that the purpose is to prevent competing media players from supporting the NSC format," he observed.

Exactly right... Why don't they just leave this kind of thing open for everyone to impliment with their own player and let the best player win? Argh!

Re:Let the best player win!

[ackthpt]

Exactly right... Why don't they just leave this kind of thing open for everyone to impliment with their own player and let the best player win? Argh!

Ok, maybe I'm just stupid ignorant, but I haven't found a way to record Windows Media streams to my HD to watch again later. Maybe it's there and I'm such a git I can't find it. But if it's not there, maybe one reason why is to prevent people from doing that very thing. Nothing like a proprietary format to ensure you only get to see what the provider wants you to see and when they want to make it available to you.

Re:Let the best player win!

Downloading:
  SDP Downloader
  CoCSoft Stream Down

Cutting editing/encoding:
  Asfbin
  VirtualDub 1.4c-asf

Happy Googling.

Re:Let the best player win!

[stoborrobots]

$ mplayer -streamdump -streamfile fun.wmv mms://server.domain.example.com/path/fun.wmv

Re:Let the best player win!

[FlynnMP3]

"... a way to record Windows Media streams to my HD to watch again later."

1) Get Firefox & use it.
2) Goto menu item Tools
3) Select Options...
4) Select Downloads
5) Click on "Ask me where to save every file" in the Download Folder section.
5) Click on the Plug-Ins button (in the File Types section)
6) Find the extension of the movie and click on the checkmark to disable browser support for that extension.
7) Click ok a few times to get out of Options.
8) View source on the page where the video is that you want to save (or do this before step 2).
9) Search for SRC and repeat the search till you find the URL of the movie. (ditto)
10) Highlight and copy the URL from the source. (ditto again)
11) Open a new tab and paste the copied URL. Press ENTER or click on Go.
12) Firefox will bring up a dialog of what you can do with the file. One of the options is to save.

There are easier ways to save the file. Having a program intercept a URL click if it has a certain extension (http://www.xi-soft.com/default.htm) and other ways. If you savvy (or want to learn) about web source code, then this way works perfectly fine.

-FlynnMP3

Re:Let the best player win!

[kleinux]

To simplify a little you can usually save embedded media in Firefox with Tools|Page Info|Media. There you will see a list of all embedded media on the page. In this you will usually find the url of the video and you can press save on that line. This will sometimes produce an empty file, but works most of the time.

This is how I view most embedded media when at home under Linux.

Re:And out come the lawyers

[ackthpt]

Thanks DVD Jon. Keep the interoperbility clause of the DMCA alive!

What's he got anyway, a red phone to the EFF? I certainly admire what he's doing, but you know he's not just knocking on the door asking for trouble, but banging with both fists.

i wonder if i can get this to fit on a t-shirt, like my DeCSS shirt...

an added bonus!!!

[jshaped]

"Do you see a reason to install Windows/WMP just to be able to view a webcast?"

Well sure!!!
But I've already installed Windows for its lovely properties of stability, speed, and beauty.

Re:Yeah!

[Pyrowolf]

... get a job from any reputable company, unfortunately. Someone as resourceful as Jon, if given an opportunity, could be priceless.

Re:why did he do this ??? :-(

[yfkar]

For us who don't want to install an entire OS just to be able to see a video, this is a great day.

Uh-oh!!!

[Pig+Hogger]

Expect some Louisiana military relief effort units to be redeployed soon to Norway, for a Search-and-Destroy operation aimed at Jon!!!

Re:Uh-oh!!!

[Zemplar]

Don't tell me, another search for WMDs [Windows Media Decoders]?

Bring on the MS shills.

[Lellor]

If Microsoft, the MPAA, and other corporations don't want their systems hacked, they must make sure that there is a way to play the content on alternative systems easily. Vendor lock in is not acceptable and the people have spoken. Linux (and other non-MS OS) users should not be forced to run Windows to play DVDs or ASFs or whatever. That is all.

Re:Bring on the MS shills.

[dgatwood]

What separates a "shill" from somebody who simply prefers Windows?

What's the difference between the pope and the Easter Bunny?

Cool but not super cool

[Psionicist]

What this does is simply to take one of those files with meta info about a stream and translate it to a human readable format. The meta file looks like this:

[Address]
Time To Live=0x00000002
URL=023m000000001WQ01q07G0S00w02y 0Bm1Z06y0P01b06C0Sm0k06q0QG1Z0780Rm1p06y0PW
1q02u 0Om1l06q0Bm1f07C0OG1m06a0Bm1j0700TG1m06S0SW1X06G0P G0k06G0R01i0000
Player Version=020m000000000MD00k0300BW0n02u0Cm0u03K0C000 00
NSC Format Version=029G0000000008Cm0k0300000
Channel Version=0x00000083
Name=026G000000000UKW1b06m0QG1 X06C0OG1p07G0KW1X06G0QG1l0000
IP Address=02EG000000000KCW0p03C0BW0p02u0Cm0k0340000
IP Port=0x00000457
Delivery Mode=0x00000002

The utility translates it to this:

[Address]
Time To Live=64
URL= /media/files/Cisco.asx
Name= Demonstration Content
IP Address=169.254.10.1
IP Port=22593

So you can grab the stream without using the MS program and netstat.

The utility is more like a utility like base64 decoders (this is not base64 though) than a circumventing tool.

Re:Cool but not super cool

[Tackhead]

> So you can grab the stream without using the MS program and netstat.
>
> The utility is more like a utility like base64 decoders (this is not base64 though) than a circumventing tool.

Something like it would, however, make a damn nice Firefox plugin.

It's grown particularly galling during the Katrina disaster - if you're a TV station, and you're putting up a 2-minute clip of a news article or interview that you broadcast a few hours ago, why in God's name are you making us re-download it every time we want to view it?

Your servers are half melted down due to Slashdotting, your bandwidth costs are through the roof. If you must use a proprietary video format (seriously, if you're scared people won't be able to get the XVID codec, what's wrong with good old MPEG?), at least let us download the damn thing.

You stream live content. You download static content. Is the difference that hard to understand? Or is it that news broa-buffering-dcasters hav-buffering-e a strange sexual fetish for buf-buffering-fering?

Best known export!

[firepacket]

Article from theregister.com
Norway's best known IT export, DVD Jon...

Awsome. I didnt know they were exporting those. I wonder how high they tax. I want one.

Re:Best known export!

[billybob2001]

He's Region 2 only - is that ok with you?

Re:Best known export!

[WormholeFiend]

Now I know what coffee jetting through the nose feels like.

Re:why did he do this ??? :-(

[I_Want_This_ID]

Why? All encryption mechanisms (save quantum) can and will eventually be defeated. This has been known for quite some time. Why does this make it a sad day ?

Imagination run wild...

Girl in the wild west: "DVD Jon, you're my hero!"
DVD Jon (disguised as the Lone Ranger): "Stay here, it's not over yet" (gets out revolver)

Man, I need to stop watching TV...

Windows....

[zappepcs]

Personally, if I have to load MS products to view, read, hear, or use something, then I will never view, read, hear, or use that data... period!

If DVD John can crack it, then it wasn't secure in the first place. In my opinion, DVD-J is making the world more secure by showing people that their encryption sucks. Go John go...

Re:Windows....

[h4rm0ny]

Well, I'm not the OP but two things to consider:

1. If one person out of seven billion cracks it, then seven billion people can access it - e.g. DVD Jon cracks DVD encryption and now we all watch DVDs on our PCs.

2. Refusing to use Microsoft-only formats/protocols to recieve media sends a strong message to the media provider that they should offer something else if they want his attention. This works for news-outlets and entertainment,

If you're suggesting that he is seriously impairing his learning or life-quality by cutting off these sources, then that would be a counter-point to point two. But I think it's unlikely that he can't get the same information or entertainment elsewhere.

Re:As soon as I can figure this out..

[Astrorunner]

Linus: You know, before I answer any more questions there's something I wanted to say. Having received all your letters over the years, and I've spoken to many of you, and some of you have traveled... y'know... hundreds of miles to be here, I'd just like to say... GET A LIFE, will you people? I mean, for crying out loud, it's just an operating system! I mean, look at you, look at the way you're dressed! You've turned an enjoyable little job, that I did as a lark for a few years, into a COLOSSAL WASTE OF TIME!

[ a crowd of shocked and dismayed slashdotters.... ]

I mean, how old are you people? What have you done with yourselves?

[ to CmdrTaco ] You, you must be almost 30... have you ever kissed a girl?

[ CmdrTaco hangs his head ]

Poor Linus

[TubeSteak]

/me puts on a flame suit

Maybe Linus is just bitter cause he doesn't have a low UID

Re:As soon as I can figure this out..

[ackthpt]

[ to CmdrTaco ] You, you must be almost 30... have you ever kissed a girl?

Actually, I think he's the only one who has...

Re:Is it really needed ?

[firepacket]

What I understand from the article is that the actual video stream isn't protected; what's encrypted is the server/file location and (perhaps) a username/password.

Is it really so ? Or have I missed something ? This is exactly the case. And because the address and port are so easy to find through netstat, "It's more likely that the purpose is to prevent competing media players from supporting the NSC format,"

What a shameful tabloid-press like headline

[flowerp]

A correct headline would have been:

Proprietary encoding of Media Player Broadcast definition files successfully reverse engineered.

The problem is, no one really makes use of NSC files anyway. Most streaming media is still done as simulcast, not as multicast.

Re:What a shameful tabloid-press like headline

[Spy+der+Mann]

A correct headline would have been:

Proprietary encoding of Media Player Broadcast definition files successfully reverse engineered.

Helloooo, this is Slashdot. Such a headline would've NEVER been published.

Hire him

[bahwi]

I think Microsoft should just hire DVD Jon and whoever else and have him write the algorithms and encryption. I know it's counterproductive, and I know he would probably oppose it, but throw enough money under there and most morals head out the door. DRM is coming, and if this guy is going to keep cracking them, you're gonna need someone better than him to write it, or get him so he'll be on their side.

Ah well, until then, what's the next one for him to hack? Can't be too far off now.

Re:Hire him

[Alsee]

I think Microsoft should just hire DVD Jon and whoever else and have him write the algorithms and encryption.

The "problem" is that DRM is not actually encryption, it's obfuscation. You are GIVING people the encrypted content, you are GIVING people the decryption algorithm, and you are GIVING people any keys required. If you didn't then they wouldn't be able to view it at all.

Hiring DVD Jon wouldn't make one bit of difference. No matter what algorithms and keys Jon comes up with, he'd still have to GIVE them to everyone in order to be able to view the files at all.

Encryption is when Alice wants to send a message to Bob and prevent Charlie from reading it. Encryption can be extremely secure. You can do fantastic encryption to keep stuff secret against Charlie.

With DRM you are Alice attempting to send a message to Bob so that Bob can read it, but you are trying to somehow keep it secure against Bob. It doesn't work. You can't give it to Bob and keep it secret from Bob at the same time. DRM is fundamentally flawed logic.

This is why you (almost) never hear about military encryption or bank encryption or credit card encryption or other proper encryption being cracked, yet you ALWAYS hear about DRM systems falling apart. You can encrypt the files on your hard drive and the FBI could attack it for a hundred years and not get anywhere. That is a valid encryption task. You can create a DRM system and it generally falls apart in a matter of hours, days, or at most a few months. DRM is not a valid encryption task, you're not trying to keep secrets against an outside party. You're tring to keep secrest against an inside party. Trying to keep secrets against people who ARE AUTHORIZED to read the files.

You generally can't "crack" legitimate encryption. On the other hand a skilled person can always look at at the DRM system YOU'VE GIVEN HIM and that you have AUTHORIZED him to view files on, and he can and read around inside and figure out how it works. Once you've authorsed someone to read/view something then it is no longer within the realm of encryption.

The new Trusted Computing DRM system they are pushing is the same thing, with the single twist that your personal key is hidden inside a microship. Well if you're a bright college student and you have a well equipped college lab handy, well it's STILL merely a matter of looking inside they chip you've been given and reading out your key and then the entire system falls apart.

DRM is a fundamentally broken idea. It is simply impossible to give people something and keep it a secret against them at the same time.

The real problem with DRM are the stuipid laws attempting to get DRM to "work". The DMCA says that NONINFRINGING people can go to prison for up to five years. Innocent noninfringing people. There's a bill, the DMCRA, which would simply amend the DMCA to say that noninfringing people are not criminals and do not go to prison. Under the DMCRA anyone who commits copyright infringment would face the exact same laws and penalties as before, the DMCRA only protects noninfringing people. I have never heard anyone give any reason or argument why noninfrining people *should* go to prison. If any Americans would like to support the DMCRA and insure noninfringing people do not unjustly face prison under the DMCA then please click my SIG and register your support.

-

Re:Yeah!

[lou2ser]

According to his wikipedia page, he's currently 22 years old.

http://en.wikipedia.org/wiki/Jon_Johansen

Why do they even bother?

[NetNinja]

I see the whole encryption scheme as a lesson in frustration.

Why even bother when someone is able to defeat it in less than 24hours?

The more you try to hold on to something the easier it is to let it slip away.

Can someone out there please give a clear and succinct explanation to this whole encryption scheme?

It's actually a good codec

[m50d]

That's why I'm willing to use it. Looks a bit blocky, but compresses incredibly well - I have a wmv music video that's smaller than an mp3 of the song in question. Also, I've found it the easiest of the main video formats (windows media, real, and quicktime - ogg theora and dirac just aren't ready for primetime yet) to get working in linux - just dump the dlls in the right format and both xine and mplayer can play them flawlessly, even as streams from websites (just install gxine or kaffeine). Real is harder, at least if you don't want to use their OSS-only official client, and quicktime is an absolute nightmare. So I'm all in favour of requiring windows media player to view videos, because the alternatives are worse.

Windows Media

[callipygian-showsyst]

Do you see a reason to install Windows/WMP just to be able to view a webcast?"

No! I've installed Windows Media--including the Windows Media SDK, WMP10, and the Windows Media Encoder--because it's a great encoder and is included in the price of a windows system. I prefer the sound of WMA-encoded files to MP3s at the same bitrate. And there are at least 50 music players on the market, like my Samsung, that I can just plug in to Windows and sync with Windows Media Player! No need to install any software (unlike those stupid Creative folks with their virus!). Just plug it in and it works.

Re:Windows Media

[NatasRevol]

No need to install any software???? Except of course the 3 pieces you mentions a couple of sentences ago.

And as for the virus....it's a Windows virus. The problem isn't with creative, it's with an OS that's so easily corrupted.

Re:As soon as I can figure this out..

[evilviper]

[ to CmdrTaco ] You, you must be almost 30... have you ever kissed a girl?

Well, he's maried... So no.

Re:And out come the lawyers

[ackthpt]

Since he's already won one case, he's got some precident on his side. Now they just seem to be leaving him alone.

Could be, but this is Microsoft he's now diddling with. Their approach could be either Open the Bucket o' Lawyers or Come up with a new Windows Media format, ecoding, etc.

Some say as soon as someone figures out Microsoft's strategy, it will immediately be replaced by a new one even more confusing and inexplicable. Others say this has already happened.

Re:And out come the lawyers

Perhaps they'll try to extradite him like this guy: http://www.theglobeandmail.com/servlet/story/RTGAM .20050730.wxdope0730/BNStory/National/ This too involves a foreign national breaking US laws with/using the internet. Here there is no 'physical' object crossing the borders however.

Re:As soon as I can figure this out..

[Afrosheen]

Hahaha, nice Shatner rip. What movie was that from? Or was that from a Saturday Night Live skit?

They created a monster

[intnsred]

Thinking back to years ago when the corporate powers-that-be had a teenager arrested for merely figuring out CSS, I wonder if those corporate bureaucrats realize that they were creating a monster?

I mean, if they had just left the kid alone, his curiousity might have waned and today he might be a stodgy coder writing finance apps.

Instead, they pissed him off, highlighted the system's corruption and injustice, and created a monster.

Re:They created a monster

[madstork2000]

A monster to them, a cult hero to the slashdot minions...

That is an interesting train of thought.
-Ms2k

Re:And out come the lawyers

[bobcat7677]

Bucket of Lawyers? I thought lawyers came in cans? Maybe it's a costco thing. Guess I need to get a costco card again...

Using this for years

[cz_eye]

Being a non-broadbander from far far east I was forced to do so on regular basis. The streaming is no-option for me so I am forced to hack the stream server and get to the downloadable content. I can do it for cbsnew.com, comedycentral.com, foxnews.com, cnn.com, msnbc.com and bunch of other servers. Some have their content even very well indexed and sorted by date in the database behind, so someone can pick the track without even looking.. (once u get in) just change the date or increment the story ID and forward it to the download queue. Instant TV and replayable, very nice.

(just kidding of course)

Re:And out come the lawyers

[cbiltcliffe]

This guy used to live and have a "Pot store" in the city where I live.
While I don't agree with his views on dope, I think it's absolute bullshit that he should be arrested and sent off to a foreign country for breaking laws in a country he doesn't even live in. Everybody else around here seems to think the same thing.
If the US doesn't want people buying pot seeds over the internet, then make damn sure they're confiscated when they come across the border.
When are people in the US going to start being arrested and shipped off to China for not bowing to the emperor, or something stupid like that. The US would be up in arms if someone were to try to impose Chinese law on US citizens living in the US, so why the FSCK should we impose US law on a Canadian living in Canada?!

Sorry....I got more and more pissed off as I was typing that, which I'm sure you can see by the tone......

Re:As soon as I can figure this out..

[GPLDAN]

Turns out.... Kathleen was his laptop.

No such thing in our legal system

[andersh]

You're mistaken - we don't use Case Law in Norway. Our legal tradition is Scandinavian/continental civil law - where precedents are very weak arguments as opposed to the US/UK Common Law system.

Re:As soon as I can figure this out..

[AdamWeeden]

Be gentile

I'm Jewish you insensitive clod!

Re:To bad this doesn't help me

[martin_b1sh0p]

Thanks as well. Couldn't find one that did this, now thanks to the /. crowd I have two to choose from :-)

No, I will not install Media Player

[DougMelvin]

I can not believe that people are still trying to broadcast streaming media via proprietary and "locked" technology. I, for one, will use this new decrypter to view any streaming broacasts that use this technology. I'd like to also rant a little on Quiktime who now bundles iTunes.. if you are not using a windows 98/me you are forced to install iTunes just to view a .mov file.. That's BS.. I now use Quiktime alternative and Media Player classic which may be download alone, or bundled with the kazza lite mega codec pack.

Re:And out come the lawyers

[Shakrai]

Norway has a good, civilized and modern justice system that doesn't give corporations any more weight than regular Joe.

Neither does the American justice system. If you have money you can hire good lawyers and generally make the process really painful for the other side -- but that doesn't have anything to do with being a corporation vs a human being. One individual with a ton of money can make your life a living hell via the legal system just as easily as a corporation can.

Re:As soon as I can figure this out..

[Hosiah]

I metamoderate him over the head with a rancid carp

Actually, if Linus Torvalds says I'm publicly wanking, then that's probably what I'm doing. It's just kind of difficult not to break stroke when I'm looking at phrases like "rancid carp".