Slashdot Mirror
HD-DVD and Blu-Ray AACS DRM Cracked
EGSonikku writes "According to this article on Endgadget, the AACS DRM used in HD-DVD and Blu-Ray has been cracked. The program allows one to decrypt and dump the video for play on a users hard drive, or it can be burned to a blank HD-DVD and played on a stand-alone player. According to the accompanying video, a source release for the program will be made available in January. Time to get that $200 Xbox 360 HD-DVD drive?"
Warning: this link contains video.
While I won't be joining the uber-expensive HD parade for several years, This is still good (tentative) news.
As best as I've been able to gather from what I've read today, the very clever fellow just implemented that publicly available decryption routine, and also discovered an (as of yet unreleased) method for obtaining decryption keys. It seems very likely from everything I've read that he is pulling the keys from the PowerDVD program - perhaps they're left unencrypted similar to the original DeCSS obtained a key from the Xing player?
In any case, it will be interesting to see how this is dealt with, and whether key revocation can/can't break this. The author thinks it can't - the cat is out of the bag and is staying that way.
We'll see. I think it's good news for us though, no matter what.
The site's Farked, Digged, and everything else already, but here's the forum this was first posted to: http://forum.doom9.org/showthread.php?t=119871
It contains a download link to the program.
Give a man fire, and you warm him for the night. Set a man on fire, and you warm him for the rest of his life.
But I would like to know how this will affect the customer as well. I know short term that DRM is bad and all, especially with the "where there's a will, there's a way" mentality in cracking it, but seeing as how these companies invest (or rather waste) millions in copy protection schemes, will they jack the prices up to cover the cost of their mistakes? I think this practice has become mainstream, no?
Fighting over religion is like seeing whose imaginary friend is best.
The correct conclusion is: 'Finally! Now I don't have to buy an HD-DVD Player.'
I don't mind purchasing an HD-DVD and then just downloading its illegal doppelganger. I DO mind purchasing an overpriced paperweight to keep me legal. I looked at Xbox Live Marketplace from the perspective of:
"Rent 44 HD movies. or Buy HD-DVD Player and a movie." I decided I would get much more HD goodness out of downloads than just a player.
It's sort of like the way I purchase Star Trek for my Xbox and then download a copy for my PC as well. Sure it's illegal, but I look at it from the perspective of: I purchased it so that I could watch it, and watch it I shall.
Cracked already? I had December 29th in the pool.
It must have been something you assimilated. . . .
Really just a stab here, but maybe given lackluster sales of hardware, the consortium hired a ringer to play "DVD Jon" for a day and "leak" the crack to the public, thus encouraging some support from a DRM-weary public?
The industry knows piracy is not really a big problem - they still make mountains of cash, and society needs a little underlying "lawlessness" (like speeding, for example) to ease pressure. Perhaps some industry insiders sick of kowtowing to the IP Lawyers decided to leak the crack to the public in a round-about manner?
If true, it's brilliant.... if not, then they missed the boat.
ed2k://|file|BackupHDDVD.zip|17964|4860e9248663d52 dc47bfc98d61ec6d7|/
magnet:?xt=urn:bitprint:ZHZI65X7J4NIX7TU7KLDIZXIJA 62SXX7.OBRERVSGGVO4OMWW7JN7BPC2BPDCE2U5NBUVU3Y&xt= urn:ed2khash:4860e9248663d52dc47bfc98d61ec6d7&dn=B ackupHDDVD.zip&xl=17964
If anyone wants to try it out, here is a link to the executable and source code (Java)...
http://forum.doom9.org/showthread.php?t=119871
There is more detailed info in the included FAQ. The bad news is, the program itself isn't actually "cracking" anything. The author used publicly available AACS documents to write his own decrypter (e.g. just as PowerDVD or WinDVD would). The catch is, you must provide the decryption keys to this software in order to rip the movies from the disk.
However, the good news is, it looks like he may have found a way to extract the needed decryption key(s) from the HD-DVDs. He doesn't explain how in the documentation or provide any keys, but if he figured it out I'm sure others will - and that means more advanced and powerful tools shouldn't bee too far off.
now that it is crack, I might buy one :)
No sig for now.
I think Hollywood has a slight edge here. Consider this: Ripped DVDs came around to 4 - 4.5GB and while this isn't a huge amount of diskspace, it is still a considerable amount of space. Even so, a 250GB HDD (you can get this for
Now coming to HD-DVDs (the screenshots from the article show approximately 24GB of space being used or 24GiB, whatever tickles your fancy). This means a 250GB will be able to hold
The point is with the Hi-Def media, it doesn't make as much sense to rip every movie you have and store it on your fileserver for the next year or two. This is awesome news but i am not sure i'll be ripping HD-DVDs/Blu-ray disks like i used to rip DVDs. These things take way too much space. Hollywood would have an edge if they priced the stuff at around 15-20$ - i'd buy one than let a movie take up 30GB on my machine.
Basically HD-DVD and Blu-Ray aren't even options for me at this point as the DRM associated with it has me shaking my head. While I'm willing to pay $20+ for a movie, I want to be able to use the movie on my terms after the initial purchase.
If this hack proves to be valid, I would actually consider investing in the technology as it opens the format up to Linux/Unix/OSX/etc.
It sounds like he didn't "crack" AACS, he just extracted the disc keys for certain titles.
A quick and dirty and probably somewhat inaccurate description of the way AACS works is that each disc is encrypted with a single 'disc key' and then that key is encrypted once with every known 'player key,' and each of those is stored on the disc. So, if you have an authorized player, it will find the version of the disc key that it knows how to decrypt and then use that to decrypt the disc for playback.
My guess is that he used one of the software players like WinDVD or PowerDVD that now sort of support HD-DVD and BLU-RAY. But instead of extracting their player key and publishing that, he played a disc in a debug environment and extracted the 'disc key' for that specific title.
The studios thought that they would be able to 'revoke' disclosed player keys by just not using them on any discs pressed after the disclosure was made public. This guy's approach seems to be to distribute disc keys and then anyone with the same disc can decrypt that specific title, thus making it harder for the studios to guess which player keys need revoking.
I think that this guy's approach will be most useful to widescale pirating because all it takes is for one person to decrypt a movie and share it with a billion of his closest friends. But the 'regular joe' who just wants to copy his BD-HDs to his hard disk for ease of playback or maybe to cut clips from it for his own home movie won't benefit because chances are, the keys for his particular discs won't be widely known enough for him to find them.
So, I now look forward to various HD titles from disc (rather than from broadcast, which are already common if you know where to look) showing up on P2P and elsewhere, I'm still not purchasing any AACS playback system since the "crack" is not (yet) useful enough for me to exercise typical fair-use rights of format shifting and personal editing.
When information is power, privacy is freedom.
Also the fact that BoingBoing ran the program and it slightly changed the file is meaningless. Trying to decode a file with the key "0" will obviously not do what you want.
It seems to me most people are seeing this as a means to:
A) Place-shift HD-DVD content (despite current storage constraints)
B) Pirate HD-DVD content (despite current bandwidth constraints)
when I see the much more immediately relevant issue being that of HDCP: If this crack can be rolled into something on the order of a VLC plugin, there's a chance I'll actually be able to use my technically-more-than-capable, yet not-a-member-of-the-HDCP-club LCD display to view commercial 720p content.
Your mind is clear / The things that you fear / Will fade with how much you / Believe what you hear
Several years to develop a new optical storage device with an emphasis on DRM, cracked in a few months.
B a c k u p H D - D V D F A Q
-What is "Backup HDDVD" for?
It can do backup copies of HD DVD movies that YOU OWN! I don't want anyone to do piracy here! This software is a good way to protect your investment, because I have notice that this type of media seems very fragile, if it's scratched a little or dirty, it won't play. It seems less tolerent than DVD format. (Higher density!)
-What "Backup HDDVD" is doing exactly?
This is a java based command line utility that decrypt video files (.evo) from a HD DVD disk that you own, to your hard drive and you can play them back with a HD DVD player software.
-What are the system requirements to use "Backup HDDVD"
1 - A Windows based system
2 - A HDDVD disk drive
3 - A HDDVD player software (like PowerDVD)
4 - A HDDVD movie(s)
5 - Java rutime 1.5
6 - The possibility to access the content of the disk with a drive letter under windows.
(you may need UDF 2.5 file system driver for this)
7 - A lot of free hard disk space to backup your movies!
-Was your first HDDVD movie hard to decrypt?
It took me around a week to do. But I have wasted few days
trying to work on too complicated approach. In fact, it is very simple.
-How do you do that?
The program itself has nothing special. It simply implement the AACS decyption protocol. I have followed the freely available documents about AACS
Have a look at: www.aacsla.com The trick, is to find what they call the "Title keys". So I figure out how to extract them.
-How do you extract the "Title keys"?
I won't explain it in detail. Read the AACS doc first. You will understand. The title keys are located on the disk in encrypted form, but for a
content to be played, it has to be decrypted! So where is the decrypted version of the title key? Think about it...
-What kind of crypto algorithms are involved?
Standards algorithms:
ECC-160
AES-128
Look in the AACS doc for more details.
-What is the TKDB.cfg file?
This is the Title key Database file. It holds the decryption keys for the movies.
-What is the format of this file?
Field 1: SHA1 Hash of the VTKF000.AACS file on your HDDVD disk.
Next fields are pipe "|" delimited.
-Movie Title
-A variable number of Title key, pipe delimited
You have a key number followed by the key value like:
12-08A3DC61910280F2...
Key values are 128 bits long, so 16 bytes, or 32 hexadecimal characters long.
-The TKDB.cfg file provided with your program is empty or incomplete, what can I do?
Here is my TKDB.cfg:
CE6339246F34087AB355681DEB656D23DCD5BD86=Full Metal Jacket | 1-0000000000000000000000
0000000000
486198E3855B57CD40F6DC0C60645BDE8E1E9AC5=Van Helsing |19-0000000000000000000000
0000000000
3D357B0653A66176583C5218FD0149EAF8832FB0=The Last Samurai | 1-0000000000000000000000
0000000000
-What do you think of the technical aspects of AACS?
The design is not that bad, but it's too easy to have an insecure player implementation somewhere. And just one bad implementation is all it needs
to get the keys! There will always be insecure implementations of a player somewhere! And the "Revocation system" is totaly useless if you use
the Title key directly.
-Is there any known problems with the decryption?
Yes. I call this problem the "Nav chain" bug. I realize that I have a lot of frame skipping at playback after the decryption, so I hunted down the problem. To avoid the frame skipping, I patch the video file. This fix allows smooth playback of the movie, but there are some side effects.
-What are the side effects of the "Nav chain" bug fix?
You cannot do fast forward, or backward using the round dial, but you can still use the progress bar to navigate through the film. So it's not that bad... For some reason, the sub-titles don't seems to work anymore. It may be a side
Tired of free ipod spam sigs? Opt ou
"While I'm willing to pay $20+ for a movie, I want to be able to use the movie on my terms after the initial purchase."
Even if "your terms" consist of sharing your copy with the planet?
BTW I believe both standards took this "failure" into account.
eventually a software program has to convert whatever garbled crap they put on any disc to a valid video and audio stream so it's always only a matter of time before someone writes a player that (sort of) dumps the buffer of what goes onto the screen and to the sound card into a file.
Google's Super Secret Search Algorithm: SELECT @search_results FROM internet WHERE @search_results = 'good'
So the player key is hard to get at, so this guy worked around it and just copied the title key from memory, which is encrypted on disc with every player key. Since you have the plain text (of the title key) and each of the cypher texts(the encrypted title key), aren't there attacks to figure out all the player keys? And actually its worse since you have many(possibly all?) title keys and all their corresponding encrypted versions that has to extremely limit the search space for the player keys. This would be an even worse problem since they cant just revoke every key. All the hardware would break! Lawsuits galore!
Seems like the whole house of cards will fall down.
The hacker didn't extract the player key. This might be due to the difficulty of getting the player key, but it really doesn't matter.
The use of title keys instead is a great strategy. It means that the revocation system is worthless - AACSLA may not even know which player is compromised. Gray/black-area web sites can maintain big lists of title keys for movies without a whole lot of trouble. The bigger issue will eventually be getting each new movie to the trusted few pirates that are capable of extracting keys. This is no big deal now, but would be if and once these formats become popular.
A counterattack from Hollywood could be to produce thousands of distinct masters of each movie; the same movie would have thousands of different editions that differ only by their title key. I don't know the current state of disk production however, so this may not be feasible.
The revocation system is itself problematic anyway. A person seeking to damage the system itself would try to crack the most popular player, even if it's more difficult than other players. The cost of a massive recall - plus the fines the manufacturer would pay for their player being the one cracked - would heavily discourage the use of the revocation system. It seems like the revocation system is more of a deterrent against both pirates (if you crack a player we'll change the key making your work worthless) and manufacturers (if you don't obfuscate well enough, we'll cost you millions of dollars).
DVD had a revocation system too, but it was never used. DeCSS and the Drink or Die program that preceded it used a player key, but the CSS algorithm was so badly flawed that it wasn't difficult to derive the remaining player keys. This will not happen with AACS, because they're using real crypto this time.
Melissa
"Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
>>The execs will kill off the format and release a new system within a year. HD-DVD-2 or something like that.
They won't have to change a thing. Read the HDDVD spec and you'll see that keys can be revoked, so all future HDDVDs will not play with that "disallowed" player.
Last I checked there are possibly three films in the entire world with an actual HD source (Lucasfilms Star Wars Prequels) aside from that you are getting what exactly? A 1080p picture upsampled from 320p? That's an awful lot of extrapolation (3x?). The bits just aren't there. If you record a telephone call with even the higest end equipment you are still constrained by the horrific quality of the signal coming from your telephone speaker. FMJ from 70mm(?) to HDDVD, I still have to think that the original recording is just not high enough quality to justify the cost(s) of HDDVD (DRM, $$$, ETC)
Is there some kind of randsom involved?
If the source code exists, which it must if the code exists, then why sit on it?
It just gives someone the chance to bury it before it sees the light of day.
This kind of situation is what they had in mind when they added BD+ in the Blu-ray spec. OTOH, the HD DVD is out of luck.
What if this "cracker" was just a clever ploy by the HD-DVD industry? If people are able to rip (protect) their own property, wouldn't this just encourage more people to buy HD-DVD over blue-ray? It would be an interesting effect to see HD-DVD sales to skyrocket over blue-ray just because people felt they could do with their property what they want. Could this just be a huge MPAA case study to see how big a marketing element drm-free media is?
I do not agree that piracy has anything to do with losses. Who is to say that those that watch movies without paying a fee would actually pay to see them in the first place?
The only way there is a real loss is if some one is SELLING copied DVDs as if they are original. That is not what we are talking about here. We are in this insane mindset that if we see or hear something that we owe money to some one for it.
Utter stupidity if you really think about the concept.
The only way there is a real loss, is if you counterfeit the media and sell it to some one that actually WANTS to pay for it.
This whole issue of IP ownership makes no sense if one steps back and clearly thinks about it.
Cheers
* Carthago Delenda Est *
That particular copy/edition of PowerDVD is going to be very popular...
Why would those things matter at all? 99% of your time will be spent in the java-provided AES decription routines. Optimizing a single hash lookup will make about 0 difference.
Lookup premature optimization is and learn from others mistakes.
So, if he's not in the minority in doing so, and he lives in a real democracy, then what he did must be deemed legal by public assent...
Alas he lives in a republic, and it's a different beast altogether....
It takes 40+ muscles to frown, but only four to extend your arm and bitchslap the motherfucker
Retarded moderation, seeing as the parent is talking about the website that the story comes from.
/. editors do again?
Not to mention, of course, that the guy is pointing out an obvious and glaring error in the submission that could have been sorted by even cursory editing.
What is it that
And wouldn't, say. Samsung love it if Daewoo player keys happened to leak out of the factory. If you have to buy a replacement player, you aren't necessarily going to buy the same brand that just crapped out...
"I cannot see any pixels on a regular 36 inch CRT TV when I watch a movie"
Whether or not you see them depends on how far away you are. If you sit closer, you'll see them, I'll garantee it.
Equivalently, instead of sitting closer you can make the screen bigger - it's the same thing, and that's what's happening. 36" is nothing these days. There's plenty of TVs bigger than that, and projectors are becoming common.
I watch my movies on a 110" screen via a projector, and I can definitely see the pixels.
No sig today...
So, you would like an uncrackable DRM because you hate uncrackable DRM???
Patents Drive Free Software as Hurricanes Drive Construction Industry
If I may speculate (which I love to do), I predict that if "leaking" title- (and possibly even host-) keys become common, software players (or at least their HD-module) will NOT get licensed from AACS-LA unless they only run on "Trusted Computing Platforms". Of course, the media moguls have a problem here since they need their format to win in the market, so it's a trade-off for them for sure. If people resist "Trusted" computing, HD-DVD/AACS may have an 'effective' lifespan that's even shorter than what DVD-CSS had.
Looking forward to some cryptographic attacks.
Belief is the currency of delusion.
Excellent. I might even consider siding with one of the competing formats now, but it depends on which one can be broken the most easily.
"For purposes such as encryption and decryption of protected content, the AES cipher is used with the Cipher Block Chaining (CBC) mode of operation [...] Unless otherwise specified, the Initialization Vector used at the beginning of a CBC encryption or decryption chain is a constant, iv0, which is: 0BA0F8DDFEA61FB3D8DF9F566A050F7816"
There's a crib right there. Find it, bpm, "back trace" through stack to find out how you got there.
(posted anon in case some idiot decides to mod this insightful)
Each movie will end up being cracked, once, then everyone will download the same cracked version with file sharing. That's the niche they can't prevent.
So it really doesn't matter what stupid multi-key tricks the studios come up with.
I can predict that software players will all be revoked as each one is cracked, though - forcing all of the customers to keep downloading unrevoked, presumably more secure updates. That much is predictable.
Actually there is an attack against file-sharing from the same source. If they watermark the movies so that they can tell which key the crack came from then they can revoke THAT key to prevent future use... But hackers will learn how to recode and filter to remove watermarks before release.
I like that, the "ease of chipping" feature as a major selling point!
Those aren't title keys, they're hashes of a file on the disc used to associate it with the proper title and a key, which again, is not included.
I think HD-DVD and Blu-Ray simply will not succeed because hard disk drives will get smaller (in size), larger (in capacity) and more resistant to shock - even to the point of being solid state (like a flash drive).
When this happens, optical media will be a thing of the past because it only holds a mere 250GiB. Tiny drives like the ones in digital cameras probably make for better storage (or will) of high definition video than optical discs do because they're more likely to grow in capacity with the video than the Blu-Ray is (unless they find another frequency of laser light to make even smaller pits and grooves to increase the capacity of a disc -- or mash even more layers in a disc I suppose).
Yes HDDs are more fragile...now. In 10 years I would be surprised if HDDs haven't replaced both of these HD formats for HD content (or another possibility is that you don't buy physical media anymore, you simply stream it to your TV/computer as video on demand).
...and that's the way the cookie crumbles.
They are just pissing away money fighting an unbeatable battle. The only way they can lock down the content is by not using it.
--
Novell petition: http://www.techp.org/
boycott slashdot February 10th - 17th check out: altSlashdot.org
Maybe if the powers behind the format had put aside their petty squabbling and released a single format, they could have devoted their energy to finding a market for the format. Now they're busy battling each other for market share, yet this competition doesn't seem to be benefitting consumers. By the time they have a format inexpensive & useful enough, a new format will have likely come along & crptured the public's attention anyway.
HD is not a selling point. It may be useful as a marketing term. I hear many stories - and know some firsthand - of people who connect their flatscreen to a DVD or SD cable and think they have HD. Most people don't know the difference & can't be bothered to learn. Until their is one high capacity disc format, and it's affordable enough to compete against hard drives for storage or flash memory for portability, the manufacturers are wasting their time - and ours. Lack of DRM alone won't sell this.
Actually, in this case, 99% is probably very close if not a low-ball guess. The hash lookups are nothing compared to decryption.
NOW I am willing to buy hi-def DVDs since I can:
- Take advantage of Fair Use (make backups, format-shift to my PocketPC, keep copies of the movies on my HDD)
- Play DVDs on Linux
- Not worry about downsampling output on non-HDCP video cards
Now the Blu-Ray vs. HD-DVD format war does not matter so much. Does anyone here care WHICH one wins now that both have been cracked?
Thanks guys, you rock!
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
Found an even better on in 7B103C5DCB08C4E51A27B01799053BD9:
"A 128-bit input Device Key (which may be a subsidiary Device Key) is denoted 'k'; in this diagram. This loop is executed three times to produce 384 output bits, incrementing the seed register by one each time. The output of AES-128D is XORed with the seed registers output at each step. For each AES-G3 calculation, the seed register is initialized by the 128-bit value s0, which is given by the following constant: 7B103C5DCB08C4E51A27B01799053BD9"
Chapter 3.4 explains how this AES-G3 calculation is iterated until a suitable device key is derived. Hiding the constants and calculations in a soft implementation may make for interesting work.
pretty please?
This guy wrote a Javaclient based on the open AACS spec which can decrypt the AACS format using Java AES calls.
The program takes a title key as input.
This is nothing special - any student given the spec could write this.
For the whole thing to work, needs a title key.
He did not include those keys - as someone here pointed out, what looks like a key are infact hash-indici to associate the discs with the keys - the keys are however nulled out.
He now claims that it is easy to find the keys if you're looking in the memory.
Case 1: He is right:
According to AACS rules, you need to keep the keys highly confidential. The robustness rules would explain this, I assume you have to hide things from debuggers and not keep keys clean in one memory location, etc... Black art of tamper-resistance is required.
If the player vendor didn't do that, they face serious consequences in addition to the key being revoked.
Case 2:
He wants that others try to find the keys, because he could not do it himself.
Case 3:
This is a hoax and on January 2nd, when he offers us the update, he will laugh at us all
Case 4:
Someone is trying to badmouth something here, be it HD DVD, AACS or PowerDVD
Anyway, I guess we need to wait. Until then, nothing has been proven....
Oops. Looks like they should have used the RFC conventions. They should have used "must" instead of "shall" :)
To decrypt the files you need a 128-bit "title key".
There can only be one title key for each disk.
There's no way to work backwards from a title key to the key in an individual player so how can you revoke a player's key?
No sig today...
If the crack turns out to be real and workable on all titles then this will be good enough for me to be able to buy BlueRay movies. I probably won't, for a while, because I still don't feel a need for any form of HD movies.
I totally agree that it'd be great if we could force these companies not to use DRM but to be realistic that isn't going to happen until a competitor that doesn't use DRM starts whooping their ass. So the first step would be to start releasing DRM-free HD movies which probably means either producing your own movies or convincing someone high up in some movie company that DRM is hurting them.
At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.
I'll be getting one of these formats when it's truly cracked (like DVD CSS is cracked). I have a home media server and the most-watched DVDs in my house are on there. The video quality of DVD leaves something to be desired on my 50" DLP (it's OK, but the quality of the mastering job truly does matter, and HD is certainly much better). I'm interested in getting an HD format... but it's been the lack of a simple, reliable method of ripping the discs that's kept me from jumping in.
I simply refuse to bend over to the movie industry. I WILL be able to do what I want with the content that I BUY. I'm not averse to handing over cash for the shinny silver disc. But when I get it home, I want the ability to put it on my media server and stream it around the house if I want. End or story. Until that crack is real and trivial to use (see software like DVDshrink or DVD Decrypter), I'm out. No blu-ray or HD-DVD for me.
-S
--- What parts of "shall make no law", "shall not be infringed", and "shall not be violated" don't you understand?
But surely they can't include millions, posibly billion of keys to lock out any specific consumer player?
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
How about S-VHS? Remember that one? It was considerably better than VHS, was available, but really went nowhere, because VHS was truly "good enough" at the time. Then DVDs came out, and gee, they're great!
As for other unmentioned formats brought up by Quad, remember SACD and DVDAudio? Where are they? Especially when you consider that the DVD is perfectly capable of recording audio without going the draconian DVDAudio route. I have several DVDs with music that plays perfectly fine in my DVD player, complete with 5.1 sound. I don't own a DVDAudio disk. I do have one SACD, but it plays in normal CD players.
I'm sure there's plenty more, but that'll do for the recent past. The common thread in the failures I see was price and, for the content, more draconian DRM (SACD and DVDAudio players both have significant restrictions in place on playback options, DVD discs do not, so you get full digital output on DVD recorded discs, while you get analog only output on the other two)
The cesspool just got a check and balance.
So, I think I'll just do my damndest to avoid buying ANYTHING that implements or requires DRM ... Starting with Windows Vista. I probably won't succeed 100%, but I think I can come close. If enough folks join me in this, maybe we can convince "them" to either abandon DRM or come up with DRM technologies that are not a monumental PITA.
Either will be fine with me.
You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
It is only a guess that PowerDVD is the program whose memory might be getting analyzed, or indeed that this is the method to get title keys. The real problem for the AACS folks is that every player will be subject to this kind of analysis, and title keys cannot be revoked. Anyone publishing title keys would be foolish to reveal the source, of course, but once a title's key is out, the encryption is worthless.
The story gets juicier, by the way. If the "trusted computing" chips start getting used, one needs to look at these the way key storage modules are examined in other industries where secrets are to be maintained. If such devices have commands to allow them to dump their keys, once someone uses those commands on a device, the control they have is basically game over. The relevant command for the existing "trusted computing" chips exists and dumps keys in cleartext, so lotsa luck. (BTW it is very hard to back up or restore keys with such gadgets securely, even in the ones used in industry, without such commands. Normally the computer controlling the key store boxes has to be well protected too and everyone recognizes the boxes are merely a hurdle. Where the boxes are consumer PCs subject to consumer programs (or for that matter Trojans), such trust is not rationally giveable.
What would be a useful demo now would be a Trojan that would detect when some process is playing a HDDVD or BR disk, trolling thru its memory to find keys (maybe using entropy analysis as well as the known IVs and so on), and broadcasting them somewhere a la spam. The resulting flood of prompt disclosures where obviously the disclosing PC did not know it was going on would perhaps serve as a lesson for the DRM folks to close shop and find more honest work. Attempting to overcome laws of nature only leads to dramatically damaged customer computing ability and harm to our culture by locking up what should be common information.
oh well...rant over.
Agreed about not having the legal right. But who are you to say there's no moral right? The laws defining what's legal are fairly clear in this matter, at least in the US, but there is no clearly delimited moral construct... morality is up to each individual. You are free to decide that -- morally speaking -- you are going to adhere to a certain standard. It is up to others to decide for themselves what their morality is.
As for "or otherwise", what "otherwise"'s (i.e., alternatives to legality and morality) are being referenced? Without even knowing what alternate frameworks of interpretation are being summarily dismissed, I'm not inclined to green light that throw-away, no matter how compellingly rhetorical it might sound at first blush.
- First they ignore you, then they laugh at you, then ???, then profit.
That makes perfect sense if the keys aren't stored at the same machine that will decrypt the movie.
Rethinking email
Piracy really has something to do with Pirates.
And unfortunately for the FSM, the number of Pirates in the sea is not very big. Arrr!.
I've been saying this for a while.
The way this will work is that undiscovered player keys are used to decrypt title keys and the title keys them selves are then distributed.
As long as everybody keeps his piehole shut the collection of title keys just grows and grows, maybe even by dynamically requesting a title key before playing a movie.
If a player key is discovered and disabled by the goonsquad then that player key is simply published along with the title keys that it can't be used to obtain, that way the whole key package shinks every time the evil content overlords disable a key.
It's likely that player keys will be discovered with some frequency, so the freedom fighters might choose to publish player keys on their own just to shink the key package.
Someone needs to put together the infrastructure to support title key distribution and some dynamic way of decrypting an encrypted title key.
-- To dream a dream is grand, but to live it is divine. -- Leto ][
Hrm, that comment about the "nav chain bug" is interesting. If I recall correctly, AACS includes a checksum of the "rules" (similar to UOPs on DVD, but also implementing navigation) for playing the video file. If you're not using the correct encryption key, you can't use the navigation rules, either... even though you can read the file. At least on a conforming player, anyway.
If the studios want to get Draconian about this, they just need to use shorter pressing runs and vary the disc keys (which are just AES-128 keys, and so can be varied freely without worrying about the broadcast encryption scheme or what other discs are using), as already mentioned in this thread; in theory, you could have a different disc key for every disc that goes out, although that'd be economically impractical and unnecessary.
That still leaves the issue of a single cracker breaking weak software players. A possibility that occurs to me is distributing the media with these widely-varying disc keys, and charging to download the title keys. No player keys will be left with the user. This will make it an expensive proposition to crack large number of titles, as it won't be a "free" process.
The code can definitely be improved for style and readability and for performance and stability.
A GUI can easily be provided.
Can I say: "it's all done".
The question: how to distribute it without running into trouble.
Hashtable vs. HashMap is stupid, but NIO might be worthwhile. These things are often I/O-limited processes, since AES-128 decryption is pretty fast. (Think about it: The player software has to do this in real time. The limitation is being able to feed the decryption procedure, up to the point where the CPU load hits 100%.)
Of course, the real way to do this is to use assembly to ensure the data streams smoothly from the I/O buffers out to the CPU cache and back to main memory, but that's not necessary for the data rates which would be useful. If a player can spin out 2 hours of video in 2 hours, on top of H.264 decoding at HD res or whatever, then a software decrypter should be able to do it say, in 1/100th the time (2 minutes), assuming the process is CPU bound and AES decryption takes 1% of the CPU cycles (with the rest being the HD decrypting).
I think it's far more likely that the process would become I/O bound. The data rate on BD tops out at something like 36 Mbps. 100x faster is 3.6 Gbps, which would more than saturate a SATA 2 link. Of course, you're hitting a hardware bottleneck there, so using NIO might not improve things all that much, if at all. NIO is more useful for waiting on large numbers of file descriptors, like we do in servers (rather than spawning lots of threads in the old Java model), not reading a single stream (for which the built-in Java buffering works perfectly fine, maybe even better).
So yeah, I agree the GP was probably some CS n00b who gets off on advocating the most sophisticated Java API possible. (Although really, HashMap is a lot easier to use than Hashtable, IMHO. The API's more consistent with the rest of the latest Collections API.)
The movie industry still makes tons of money, they just want to make more or want something to blame when Daredevil doesn't do good. It can't be that the movie sucked, because they already explained to the investors that its going to be a great movie and that paying Ben Afflick millions will only make the movie better.
Can I bum a sig?
Let me repeat that - Blu-Ray/HD-DVD players and media have to give you both the encryption algorithm and the key. Now, it's true that asymetric encryption means that I'll never be able to modify and reencrypt the data without changing the encryption key and thus producing a readily identified copy, but that's not the goal, is it? Given the algorithm and decryption key I can decrypt the content preset. That's the whole point of the system. Attempting to lock the decryption algorithm and key away from the rest of the computer system is impractical at best, more likely impossible. At the end of the day Blu-Ray and HD-DVD end up reliant upon the obsecurity model (rather like CSS); with thousands of eyes watching, obsecurity doesn't work for long (rather like CSS).
The GPP went on about DUI, Assult, Theft, etc. Changing the analogy to jaywalking and parking meters doesn't fix the problem of poor analogies.
The correct analogy is books. When you purchase a book, you are permitted to read it whereever you would like. On the bus, in your bedroom, in the tub, wherever. When you purchase a DVD, CD, or HD-DVD you are doing exactly the same thing as buying a book. You are purchasing a physical copy of the creative effort of the distributor.
What is the total sum of the equipment to read a book? Light and functioning eyes. Oh wait, you can legally use a braile reader to translate the book to braile - some record the book for later playback so one person can scan for another person to 'read' later.
What do you need to view a DVD movie? A player, a video source, and an audio source - along with eyes & ears. Somehow, needing more than your body to appriciate a distributed work makes all of the rules change. What portion of the right to govern distribution (which is all copyright is supposed to cover), covers the right to limit the use of a legally distributed copy?
If I desire to view a legally purchased DVD on my Linux box instead of a Windows box, how do I effect the profit margin of the distributing company? If I re-rip the movie & place it on my video-iPod so I can watch it on my train commute, how do I effect the bottom line? Since, I have already made my purchase of the movie, format shifting should be viewed as no more than the equivalent of moving a purchased book from room to room. Most of the hacks and work-arounds that have been developed were initially done to enable people to use digital media in the same manner they had always used analog. It is not some conspiracy to deprive companies of revenue, it is the efforts of people directed towards maintaining their way of life in a digital erra.
Has the availability of those hacks and work-arounds created an environment in which people blatently disreguard the right-of-first-sale and fair use rules on which they are based on? The honest answer is yes. However, that does not mean that the solution is ever increasing regulation and restriction. As evidenced by the dismal failure of every effort to limit piracy, it simply doesn't work. Eliminating my rights to fair use doesn't solve the problem, in fact it enlarges it as disillusionment with the system causes more casual disreguard for it. The hypocracy doesn't help. Remember legitimate fair use of a copyright work is not an exemption from the provisions of the Digital Milenium Copyright Act. The DMCA itself re-affirms the rights of fair use, but simultaniously denies you the rights to the means to exercise those rights. A shear genius work of doublespeak.
... what needs to be done in stead is:
1) Find the player key in stead, it's much more interesting and can be used to find all title keys released until now.
2) Find a way to decrypt title keys without compromising the identity of the player key, so we can keep playing HDDVD movies.
#1 is much harder than just snarfing the title key, because the player key might only be in memory while the title key is being decrypted and that takes a very short amount of time.
#2 might be very easy (one server running in law-less^H^H^H^Hfree contry could do it all, the bandwidth needed is very low).
#2b Alternatively we could set up a peer to peer network where some of the hosts know how to decrypt title keys, each host will anonymize all data about where it got the answer from, that way it will be very hard to track down the hosts that have the player keys.
#1 is made harder and more important because it's very, very cheap for the powers that be to revoke player keys, so they might revoke all windows based player keys once a month and force all windows players to download new executables and keys to be able to play new movies.
-- To dream a dream is grand, but to live it is divine. -- Leto ][
I don't see what would be so bad about them building something -standard- and easy to use? Like just store a high resolution mpeg4 file titled movie-name.avi, or something, on the high capacity disk. no encryption, nothing. Anyone can open it in Linux/Mac/Windows, etc., pretty easy to build player, integrate the thing into anything, etc. Also pretty easy for -users- to make their own disks (home videos). No need to expensive proprietary software (powerdvd?), etc.
Anyone who -will- copy DVDs will still copy DVDs anyways (and by the time they're downloadable, encryption doesn't even come into the picture). And it only takes 1 person to rip the DVD! Why not make it easy to use for everyone, and have the market create all sorts of extentions that go along with having a huge amount of storage, and easily movable video content.
"If anything can go wrong, it will." - Murphy
In this case, obeying the letter of the ill-advised law is even LESS important than it would be for stealing bread to feed your family, and if you'd steal bread to feed your family, you should sure as hell break every law you disagree with. Sounds crazy, but the only way to change bad law is for enough people to break it consistently and frequently enough to demonstrate its ridiculousness (as exemplified in an earlier reply regarding alcohol prohibition).
Just want to get this comment here so you can refer to it in 20 years. AACS will never be cracked. There are too many keys. There will be no software players you can reverse engineer like there were for DVD's. There is no interest in playing movies on PC's like there was for DVD's. It would take over 50 years to reverse engineer just one of the millions of keys by brute force.
Of course, in 20 years you won't even care about who cracked what encryption anymore. It'll just be there like death, taxes, and America.
I have red all the above, as i undestand we have some data, whitch was red from disk itself, and some data (key) from player (Powerdvd). Then we tamper with whese two aruond and we get a real key with whitch we decode the movie. Am I right?
If yes,then the question is Why it is (or not) so hard to get that player key. Just fire up the debugger, trace until it reads key from disk (easy), now just look for code whitch does something with that. Somewhere around you will find the key. For example such cracking gruops as RELOADED cracked STARFORCE. it wasnt easy, but the main poblem was to get the executable running. They could extract all those keys from exe and from cds very easy. Why is it hard to do that with powerDVD? it's just simple player. No antidebugging trics, no rootkits, no cd drivers. Nothing.
And, as I understand AES you can decrypt content with only one key, so how can every piece of sofware have different keys?
Uh, huh. Well you may want to read "Everybody does it: crime by the public by Thomas Gabor" before you start making any absolute conclusions about the publics behaviour and the OK'ness of it.
As long as 5% of the people are able to crack the copy-protection, the other 95% need only copy what the original 5% have de-protected.
Je fume. Tu fumes. Nous fûmes!
I won't be quite as extreme, as there are a few places I believe the baggage of this kind of a scheme is necessary. For instance, we don't have a common game engine, therefore each game must ship with software, so any commercial game is automatically somewhat locked down and proprietary, and you can't do everything you want to with it.
Further, I'm perfectly alright with buying things with completely, pathetically defeated DRM. DVDs encrypted with CSS are fine -- I just rend them and rip them, or buy them and rip them.
However, I'm avoiding Windows Vista as long as I can, depending on how much usefulness I can get out of Linux. I'm also not going to buy or rent a single Blu-Ray or HD-DVD movie, so long as it's impossible for me to pop it into a Linux box and play it with mplayer. If I buy music, it'll be in the form of CDs or FLAC files.
Basically, what I'm hoping for is to create an example that others can follow, without boycotting being a monumental PITA. Then, when they come around with surveys, asking why we don't all have Blu-Ray, we can tell them we don't like them bricking our players because we might be able to use them to pirate.
Don't thank God, thank a doctor!
That's what i'm waiting for, and why i'm excited by this news. Hopefully, soon i can get a 360 hddvd drive, and start netflixing in HD.
If they can't track down what player key was disclosed, they'll flood the underground market with bogus title keys while also making multiple yet visually indistinguishable parallel runs of the same release with different title keys to frustrate the market of title key sharing (multiple pressers manufacturing differently keyed masters of the same title). The more valuable the content, the more masters they'll make with different title keys. If the movie is crap, they only make one master.
That's one way to frustrate the piracy market. And they don't even have to wait for a player key to be broken to implement it.
Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?