Slashdot Mirror
HD-DVD and Blu-Ray AACS DRM Cracked
EGSonikku writes "According to this article on Endgadget, the AACS DRM used in HD-DVD and Blu-Ray has been cracked. The program allows one to decrypt and dump the video for play on a users hard drive, or it can be burned to a blank HD-DVD and played on a stand-alone player. According to the accompanying video, a source release for the program will be made available in January. Time to get that $200 Xbox 360 HD-DVD drive?"
Warning: this link contains video.
As best as I've been able to gather from what I've read today, the very clever fellow just implemented that publicly available decryption routine, and also discovered an (as of yet unreleased) method for obtaining decryption keys. It seems very likely from everything I've read that he is pulling the keys from the PowerDVD program - perhaps they're left unencrypted similar to the original DeCSS obtained a key from the Xing player?
In any case, it will be interesting to see how this is dealt with, and whether key revocation can/can't break this. The author thinks it can't - the cat is out of the bag and is staying that way.
We'll see. I think it's good news for us though, no matter what.
Not to me, it isn't. This will help speed up the adoption of these formats. I'd like them both to totally fail, due to their restrictive DRM. As long as the formats enjoy some success, the content providers will keep pushing for the strong DRM.
The site's Farked, Digged, and everything else already, but here's the forum this was first posted to: http://forum.doom9.org/showthread.php?t=119871
It contains a download link to the program.
Give a man fire, and you warm him for the night. Set a man on fire, and you warm him for the rest of his life.
But I would like to know how this will affect the customer as well. I know short term that DRM is bad and all, especially with the "where there's a will, there's a way" mentality in cracking it, but seeing as how these companies invest (or rather waste) millions in copy protection schemes, will they jack the prices up to cover the cost of their mistakes? I think this practice has become mainstream, no?
Fighting over religion is like seeing whose imaginary friend is best.
The correct conclusion is: 'Finally! Now I don't have to buy an HD-DVD Player.'
I don't mind purchasing an HD-DVD and then just downloading its illegal doppelganger. I DO mind purchasing an overpriced paperweight to keep me legal. I looked at Xbox Live Marketplace from the perspective of:
"Rent 44 HD movies. or Buy HD-DVD Player and a movie." I decided I would get much more HD goodness out of downloads than just a player.
It's sort of like the way I purchase Star Trek for my Xbox and then download a copy for my PC as well. Sure it's illegal, but I look at it from the perspective of: I purchased it so that I could watch it, and watch it I shall.
Cracked already? I had December 29th in the pool.
It must have been something you assimilated. . . .
How exactly are their DRM schemes any more restrictive than DVD's?
Really just a stab here, but maybe given lackluster sales of hardware, the consortium hired a ringer to play "DVD Jon" for a day and "leak" the crack to the public, thus encouraging some support from a DRM-weary public?
The industry knows piracy is not really a big problem - they still make mountains of cash, and society needs a little underlying "lawlessness" (like speeding, for example) to ease pressure. Perhaps some industry insiders sick of kowtowing to the IP Lawyers decided to leak the crack to the public in a round-about manner?
If true, it's brilliant.... if not, then they missed the boat.
ed2k://|file|BackupHDDVD.zip|17964|4860e9248663d52 dc47bfc98d61ec6d7|/
magnet:?xt=urn:bitprint:ZHZI65X7J4NIX7TU7KLDIZXIJA 62SXX7.OBRERVSGGVO4OMWW7JN7BPC2BPDCE2U5NBUVU3Y&xt= urn:ed2khash:4860e9248663d52dc47bfc98d61ec6d7&dn=B ackupHDDVD.zip&xl=17964
If anyone wants to try it out, here is a link to the executable and source code (Java)...
http://forum.doom9.org/showthread.php?t=119871
There is more detailed info in the included FAQ. The bad news is, the program itself isn't actually "cracking" anything. The author used publicly available AACS documents to write his own decrypter (e.g. just as PowerDVD or WinDVD would). The catch is, you must provide the decryption keys to this software in order to rip the movies from the disk.
However, the good news is, it looks like he may have found a way to extract the needed decryption key(s) from the HD-DVDs. He doesn't explain how in the documentation or provide any keys, but if he figured it out I'm sure others will - and that means more advanced and powerful tools shouldn't bee too far off.
now that it is crack, I might buy one :)
No sig for now.
I think Hollywood has a slight edge here. Consider this: Ripped DVDs came around to 4 - 4.5GB and while this isn't a huge amount of diskspace, it is still a considerable amount of space. Even so, a 250GB HDD (you can get this for
Now coming to HD-DVDs (the screenshots from the article show approximately 24GB of space being used or 24GiB, whatever tickles your fancy). This means a 250GB will be able to hold
The point is with the Hi-Def media, it doesn't make as much sense to rip every movie you have and store it on your fileserver for the next year or two. This is awesome news but i am not sure i'll be ripping HD-DVDs/Blu-ray disks like i used to rip DVDs. These things take way too much space. Hollywood would have an edge if they priced the stuff at around 15-20$ - i'd buy one than let a movie take up 30GB on my machine.
Basically HD-DVD and Blu-Ray aren't even options for me at this point as the DRM associated with it has me shaking my head. While I'm willing to pay $20+ for a movie, I want to be able to use the movie on my terms after the initial purchase.
If this hack proves to be valid, I would actually consider investing in the technology as it opens the format up to Linux/Unix/OSX/etc.
It sounds like he didn't "crack" AACS, he just extracted the disc keys for certain titles.
A quick and dirty and probably somewhat inaccurate description of the way AACS works is that each disc is encrypted with a single 'disc key' and then that key is encrypted once with every known 'player key,' and each of those is stored on the disc. So, if you have an authorized player, it will find the version of the disc key that it knows how to decrypt and then use that to decrypt the disc for playback.
My guess is that he used one of the software players like WinDVD or PowerDVD that now sort of support HD-DVD and BLU-RAY. But instead of extracting their player key and publishing that, he played a disc in a debug environment and extracted the 'disc key' for that specific title.
The studios thought that they would be able to 'revoke' disclosed player keys by just not using them on any discs pressed after the disclosure was made public. This guy's approach seems to be to distribute disc keys and then anyone with the same disc can decrypt that specific title, thus making it harder for the studios to guess which player keys need revoking.
I think that this guy's approach will be most useful to widescale pirating because all it takes is for one person to decrypt a movie and share it with a billion of his closest friends. But the 'regular joe' who just wants to copy his BD-HDs to his hard disk for ease of playback or maybe to cut clips from it for his own home movie won't benefit because chances are, the keys for his particular discs won't be widely known enough for him to find them.
So, I now look forward to various HD titles from disc (rather than from broadcast, which are already common if you know where to look) showing up on P2P and elsewhere, I'm still not purchasing any AACS playback system since the "crack" is not (yet) useful enough for me to exercise typical fair-use rights of format shifting and personal editing.
When information is power, privacy is freedom.
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
Also the fact that BoingBoing ran the program and it slightly changed the file is meaningless. Trying to decode a file with the key "0" will obviously not do what you want.
It seems to me most people are seeing this as a means to:
A) Place-shift HD-DVD content (despite current storage constraints)
B) Pirate HD-DVD content (despite current bandwidth constraints)
when I see the much more immediately relevant issue being that of HDCP: If this crack can be rolled into something on the order of a VLC plugin, there's a chance I'll actually be able to use my technically-more-than-capable, yet not-a-member-of-the-HDCP-club LCD display to view commercial 720p content.
Your mind is clear / The things that you fear / Will fade with how much you / Believe what you hear
Several years to develop a new optical storage device with an emphasis on DRM, cracked in a few months.
B a c k u p H D - D V D F A Q
-What is "Backup HDDVD" for?
It can do backup copies of HD DVD movies that YOU OWN! I don't want anyone to do piracy here! This software is a good way to protect your investment, because I have notice that this type of media seems very fragile, if it's scratched a little or dirty, it won't play. It seems less tolerent than DVD format. (Higher density!)
-What "Backup HDDVD" is doing exactly?
This is a java based command line utility that decrypt video files (.evo) from a HD DVD disk that you own, to your hard drive and you can play them back with a HD DVD player software.
-What are the system requirements to use "Backup HDDVD"
1 - A Windows based system
2 - A HDDVD disk drive
3 - A HDDVD player software (like PowerDVD)
4 - A HDDVD movie(s)
5 - Java rutime 1.5
6 - The possibility to access the content of the disk with a drive letter under windows.
(you may need UDF 2.5 file system driver for this)
7 - A lot of free hard disk space to backup your movies!
-Was your first HDDVD movie hard to decrypt?
It took me around a week to do. But I have wasted few days
trying to work on too complicated approach. In fact, it is very simple.
-How do you do that?
The program itself has nothing special. It simply implement the AACS decyption protocol. I have followed the freely available documents about AACS
Have a look at: www.aacsla.com The trick, is to find what they call the "Title keys". So I figure out how to extract them.
-How do you extract the "Title keys"?
I won't explain it in detail. Read the AACS doc first. You will understand. The title keys are located on the disk in encrypted form, but for a
content to be played, it has to be decrypted! So where is the decrypted version of the title key? Think about it...
-What kind of crypto algorithms are involved?
Standards algorithms:
ECC-160
AES-128
Look in the AACS doc for more details.
-What is the TKDB.cfg file?
This is the Title key Database file. It holds the decryption keys for the movies.
-What is the format of this file?
Field 1: SHA1 Hash of the VTKF000.AACS file on your HDDVD disk.
Next fields are pipe "|" delimited.
-Movie Title
-A variable number of Title key, pipe delimited
You have a key number followed by the key value like:
12-08A3DC61910280F2...
Key values are 128 bits long, so 16 bytes, or 32 hexadecimal characters long.
-The TKDB.cfg file provided with your program is empty or incomplete, what can I do?
Here is my TKDB.cfg:
CE6339246F34087AB355681DEB656D23DCD5BD86=Full Metal Jacket | 1-0000000000000000000000
0000000000
486198E3855B57CD40F6DC0C60645BDE8E1E9AC5=Van Helsing |19-0000000000000000000000
0000000000
3D357B0653A66176583C5218FD0149EAF8832FB0=The Last Samurai | 1-0000000000000000000000
0000000000
-What do you think of the technical aspects of AACS?
The design is not that bad, but it's too easy to have an insecure player implementation somewhere. And just one bad implementation is all it needs
to get the keys! There will always be insecure implementations of a player somewhere! And the "Revocation system" is totaly useless if you use
the Title key directly.
-Is there any known problems with the decryption?
Yes. I call this problem the "Nav chain" bug. I realize that I have a lot of frame skipping at playback after the decryption, so I hunted down the problem. To avoid the frame skipping, I patch the video file. This fix allows smooth playback of the movie, but there are some side effects.
-What are the side effects of the "Nav chain" bug fix?
You cannot do fast forward, or backward using the round dial, but you can still use the progress bar to navigate through the film. So it's not that bad... For some reason, the sub-titles don't seems to work anymore. It may be a side
Tired of free ipod spam sigs? Opt ou
I'd like to see them both fail for their restrictive DRM, but they won't. So instead I'd like to see them fail for their pathetic and petty infighting reminiscent of Betamacs and VHS. Anyone over the age of 40 I've talked to about the two formats has said, "What, you mean like Betamacs and VHS?" Just keep telling people that that's what this reminds you of, and wait for someone to start selling a less draconian product. You'll have a long wait, but the moral high ground anyways.
My little site.
So the player key is hard to get at, so this guy worked around it and just copied the title key from memory, which is encrypted on disc with every player key. Since you have the plain text (of the title key) and each of the cypher texts(the encrypted title key), aren't there attacks to figure out all the player keys? And actually its worse since you have many(possibly all?) title keys and all their corresponding encrypted versions that has to extremely limit the search space for the player keys. This would be an even worse problem since they cant just revoke every key. All the hardware would break! Lawsuits galore!
Seems like the whole house of cards will fall down.
its Betamax with am X http://en.wikipedia.org/wiki/Betamax
This is the way the world ends, Not with a bang but a whimper.
That's because Betamax is eXtreme, dude.
... and then they built the supercollider.
The hacker didn't extract the player key. This might be due to the difficulty of getting the player key, but it really doesn't matter.
The use of title keys instead is a great strategy. It means that the revocation system is worthless - AACSLA may not even know which player is compromised. Gray/black-area web sites can maintain big lists of title keys for movies without a whole lot of trouble. The bigger issue will eventually be getting each new movie to the trusted few pirates that are capable of extracting keys. This is no big deal now, but would be if and once these formats become popular.
A counterattack from Hollywood could be to produce thousands of distinct masters of each movie; the same movie would have thousands of different editions that differ only by their title key. I don't know the current state of disk production however, so this may not be feasible.
The revocation system is itself problematic anyway. A person seeking to damage the system itself would try to crack the most popular player, even if it's more difficult than other players. The cost of a massive recall - plus the fines the manufacturer would pay for their player being the one cracked - would heavily discourage the use of the revocation system. It seems like the revocation system is more of a deterrent against both pirates (if you crack a player we'll change the key making your work worthless) and manufacturers (if you don't obfuscate well enough, we'll cost you millions of dollars).
DVD had a revocation system too, but it was never used. DeCSS and the Drink or Die program that preceded it used a player key, but the CSS algorithm was so badly flawed that it wasn't difficult to derive the remaining player keys. This will not happen with AACS, because they're using real crypto this time.
Melissa
"Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
Is there some kind of randsom involved?
If the source code exists, which it must if the code exists, then why sit on it?
It just gives someone the chance to bury it before it sees the light of day.
This kind of situation is what they had in mind when they added BD+ in the Blu-ray spec. OTOH, the HD DVD is out of luck.
Trusted Computing solves this 'problem'. Debuggers won't be allowed to run on 'protected' programs, and this will be enforced on the hardware level (each program will effectively have to ask for permission to run).
For right now, not everything has TPM. We'll see how this changes in a few years (almost all new computers do include the TPM chip).
I agree. We shouldn't have to risk harassment from the *AA for exercising rights that have been granted to us by precendence in different countries, especially those which find their root in UK/Commonwealth legal systems.
It's unfair to expect the individual consumer to fend off such attacks, and insulting to the intent of law to allow the attacks to occur in the first place. The *AA and the various DRM fans are responsible for developing products and solutions/proposals that are compliant with the laws of their target markets, and should not be trying to shove their vision down our throats just to protect oligopoly and monopoly economic models.
The same goes for all industries. Why else has the EU so soundly rejected US proposals to make their patent database a global starting point for managing IP? It's stuffed with speculative junk patents.
I do not fail; I succeed at finding out what does not work.
I do not agree that piracy has anything to do with losses. Who is to say that those that watch movies without paying a fee would actually pay to see them in the first place?
The only way there is a real loss is if some one is SELLING copied DVDs as if they are original. That is not what we are talking about here. We are in this insane mindset that if we see or hear something that we owe money to some one for it.
Utter stupidity if you really think about the concept.
The only way there is a real loss, is if you counterfeit the media and sell it to some one that actually WANTS to pay for it.
This whole issue of IP ownership makes no sense if one steps back and clearly thinks about it.
Cheers
* Carthago Delenda Est *
Who said the source was 320p? The source for most movies is a 35mm film print. The current digital cinema spec calls for resolutions that are essentially 1080p and 2160p.
That particular copy/edition of PowerDVD is going to be very popular...
Commercially available 35mm negative scanners can extract in excess of 10 MPixel per frame. The Digital Imaging Project reflects this by stating that 35mm film should be encoded as native 4200 pixel in longest dimension (depending on actual aspect used this could mean 2600x4200 px). How much data is actually present in a given movie will depend on grain, process, age of film etc. The bits, in point of fact, are there.
Oh, and there is no 70mm version of FMJ, it was shot spherically on 35mm and cut to 1.66:1 which means loss of 20% of image data, let's say no more than 4TB of uncompressed native resolution video. You'll get more from anamorphic movies, and a lot more from 70mm.
No, that means being able to rip the disc/compress it/play on it on his laptop.. or do some resizing so it can play on his ipod, or maybe his mythtv media playing box doesn't have much disk space... There are plenty of reasons why the consumer loses with digital restriction management.
Something like "Just like the Beta-emacs vs vi-HS wars!" ?
If they can be decypted, they no longer have restrictive DRM, right?
Why would those things matter at all? 99% of your time will be spent in the java-provided AES decription routines. Optimizing a single hash lookup will make about 0 difference.
Lookup premature optimization is and learn from others mistakes.
Don't you wish your girlfriend was a geek like me?
So, if he's not in the minority in doing so, and he lives in a real democracy, then what he did must be deemed legal by public assent...
Alas he lives in a republic, and it's a different beast altogether....
It takes 40+ muscles to frown, but only four to extend your arm and bitchslap the motherfucker
"I cannot see any pixels on a regular 36 inch CRT TV when I watch a movie"
Whether or not you see them depends on how far away you are. If you sit closer, you'll see them, I'll garantee it.
Equivalently, instead of sitting closer you can make the screen bigger - it's the same thing, and that's what's happening. 36" is nothing these days. There's plenty of TVs bigger than that, and projectors are becoming common.
I watch my movies on a 110" screen via a projector, and I can definitely see the pixels.
No sig today...
So, you would like an uncrackable DRM because you hate uncrackable DRM???
Patents Drive Free Software as Hurricanes Drive Construction Industry
If I may speculate (which I love to do), I predict that if "leaking" title- (and possibly even host-) keys become common, software players (or at least their HD-module) will NOT get licensed from AACS-LA unless they only run on "Trusted Computing Platforms". Of course, the media moguls have a problem here since they need their format to win in the market, so it's a trade-off for them for sure. If people resist "Trusted" computing, HD-DVD/AACS may have an 'effective' lifespan that's even shorter than what DVD-CSS had.
Looking forward to some cryptographic attacks.
Belief is the currency of delusion.
and you can probably run the app inside a software simulator to analyse what it does...
you can fake everything, even TSCs and whatnots, the program won't have any way to find out the type of "hardware" it's running on.
Each movie will end up being cracked, once, then everyone will download the same cracked version with file sharing. That's the niche they can't prevent.
So it really doesn't matter what stupid multi-key tricks the studios come up with.
I can predict that software players will all be revoked as each one is cracked, though - forcing all of the customers to keep downloading unrevoked, presumably more secure updates. That much is predictable.
Actually there is an attack against file-sharing from the same source. If they watermark the movies so that they can tell which key the crack came from then they can revoke THAT key to prevent future use... But hackers will learn how to recode and filter to remove watermarks before release.
May contain traces of nut.
Made from the freshest electrons.
I like that, the "ease of chipping" feature as a major selling point!
That's not a meaningful statement, I can have endless bits which will consist of nothing but random noise. As for how many lines of resolution is actually achieved by film, you can read here. The actual study referred to is here (pdf). The summary: So basicly, good film is HDTV (between 720p and 1080p somewhere). Film transfered directly to digital has about 1400 lines of resolution, which is better than current direct digital productions, but not by much (most production grade is 1080 lines, and so are people's HDTVs). Of course, while this is done using 'typical' equipment it's of a resolution chart under excellent conditions, I expect an actual movie would have less.
Live today, because you never know what tomorrow brings
DVD had more to offer over VHS compared to HD-DVD and BluRay over DVD. DVD offered no rewinding, special features, easy chapter browsing.. All things that VHS lacked. That's why DVD won over VHS. All they're offering in HD-DVD and BluRay is Slightly Higher Def, which is lost on like 95% of the TV owning public. Oh, and restrictive phone-in DRM.
Not a Twitter sockpuppet... but I wish I was.
I think HD-DVD and Blu-Ray simply will not succeed because hard disk drives will get smaller (in size), larger (in capacity) and more resistant to shock - even to the point of being solid state (like a flash drive).
When this happens, optical media will be a thing of the past because it only holds a mere 250GiB. Tiny drives like the ones in digital cameras probably make for better storage (or will) of high definition video than optical discs do because they're more likely to grow in capacity with the video than the Blu-Ray is (unless they find another frequency of laser light to make even smaller pits and grooves to increase the capacity of a disc -- or mash even more layers in a disc I suppose).
Yes HDDs are more fragile...now. In 10 years I would be surprised if HDDs haven't replaced both of these HD formats for HD content (or another possibility is that you don't buy physical media anymore, you simply stream it to your TV/computer as video on demand).
...and that's the way the cookie crumbles.
and you can probably run the app inside a software simulator to analyse what it does...
That's the joy of owning both the key AND the lock. But the IAA's, and even Microsoft and Intel - haven't figured this out yet. Sigh.
Seven puppies were harmed during the making of this post.
They are just pissing away money fighting an unbeatable battle. The only way they can lock down the content is by not using it.
--
Novell petition: http://www.techp.org/
boycott slashdot February 10th - 17th check out: altSlashdot.org
Always look to the porn industry. Where is the porn industry at right now? Still on DVD and downloadable content. Downloadable content is the future. Sing it with me "Downloadable Content is the way to go."
Can I bum a sig?
Maybe if the powers behind the format had put aside their petty squabbling and released a single format, they could have devoted their energy to finding a market for the format. Now they're busy battling each other for market share, yet this competition doesn't seem to be benefitting consumers. By the time they have a format inexpensive & useful enough, a new format will have likely come along & crptured the public's attention anyway.
HD is not a selling point. It may be useful as a marketing term. I hear many stories - and know some firsthand - of people who connect their flatscreen to a DVD or SD cable and think they have HD. Most people don't know the difference & can't be bothered to learn. Until their is one high capacity disc format, and it's affordable enough to compete against hard drives for storage or flash memory for portability, the manufacturers are wasting their time - and ours. Lack of DRM alone won't sell this.
Yes, but I guess nowadays most people are assuming that consumers won't want to get involved in a corporate battle for format control like they did not then, not knowing that their newly purchased betamax machines would be shiny pieces of garbage as they had to buy a second VCR. I think acknowledging this as Betamax/VHS is to acknowledge the fact that it's wise not to get involved while the two respective companies duke it out. Which is exactly what a lot of people will do, while continuing to buy DVDs.
Judges and senates have been bought for gold; Esteem and love were never to be sold.
And the Sony C6 Betamax recorder, given a decent aerial, could record the Teletext signal along with the picture (even if your set was non-Teletext, since it's being picked up by the recorder's internal receiver). I never even realised VCRs weren't supposed to be able to do that. All those old Betamax cassettes in lofts and cupboards are hiding not only subtitles, but little vignettes of the news and sporting events of the day they were recorded.
The only problem was that in order to get that resolution better than 280 lines (think about it - that's only chucking away 32.5 of 'em, which isn't bad), a Beta machine needed more moving parts than its VHS cousin (although they moved less often. VHS laced the tape when you pressed PLAY and unlaced it when you pressed STOP. All fast-winding was done inside the cassette -- which allows you to move the tape faster, but you cannot switch to picture-search without lacing it. Betamax laced the tape the first time you pressed PLAY and unlaced it when you pressed EJECT. Fast-winding was done inside the cassette until you first pressed PLAY [to allow for rapid rewinding before watching], and thereafter, with the tape laced; making it possible to switch instantaneously from fast-wind to picture-search.) Thus, VHS recorders were easier to field-maintain. And in an era before everything was made to be disposable, that was the deal-clincher.
Je fume. Tu fumes. Nous fûmes!
NOW I am willing to buy hi-def DVDs since I can:
- Take advantage of Fair Use (make backups, format-shift to my PocketPC, keep copies of the movies on my HDD)
- Play DVDs on Linux
- Not worry about downsampling output on non-HDCP video cards
Now the Blu-Ray vs. HD-DVD format war does not matter so much. Does anyone here care WHICH one wins now that both have been cracked?
Thanks guys, you rock!
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
The European ones with a better memory, anyway. V2000 never hit the streets in the US.
Specialization is for insects. -Heinlein
danpsmith wrote and included with a post:
Unfortunately, the video companies did not learn one of the factors that made CD a success: a single format. Although many formats were proposed, only one was chosen and accepted by the music industry. They saw what happened with Quad (seven incompatible formats), and were determined that CD not meet the same fate.
Due to the format war going on between the two DVD successors, I will stay with DVD and sit out the war until long after there is a victor. For me, DVD is good enough for now and I have no pressing reason to move to either format. It is the same reason that I am staying with CD, versus going with either of the CD successors.
I wouldn't be surprised if the above paragraph reflects the views of many people concerning the new formats.
This guy wrote a Javaclient based on the open AACS spec which can decrypt the AACS format using Java AES calls.
The program takes a title key as input.
This is nothing special - any student given the spec could write this.
For the whole thing to work, needs a title key.
He did not include those keys - as someone here pointed out, what looks like a key are infact hash-indici to associate the discs with the keys - the keys are however nulled out.
He now claims that it is easy to find the keys if you're looking in the memory.
Case 1: He is right:
According to AACS rules, you need to keep the keys highly confidential. The robustness rules would explain this, I assume you have to hide things from debuggers and not keep keys clean in one memory location, etc... Black art of tamper-resistance is required.
If the player vendor didn't do that, they face serious consequences in addition to the key being revoked.
Case 2:
He wants that others try to find the keys, because he could not do it himself.
Case 3:
This is a hoax and on January 2nd, when he offers us the update, he will laugh at us all
Case 4:
Someone is trying to badmouth something here, be it HD DVD, AACS or PowerDVD
Anyway, I guess we need to wait. Until then, nothing has been proven....
Oops. Looks like they should have used the RFC conventions. They should have used "must" instead of "shall" :)
DVD's won over VHS? Didn't I just read an article about how DVD player ownership just surpassed VHS player ownership? If you consider that winning the war, it sure took them long enough (~10 years).
Have you ever considered piracy? You'd make a wonderful Dread Pirate Roberts.
Of course, until this format debacle is decided I am not buying regular DVDs either.
To decrypt the files you need a 128-bit "title key".
There can only be one title key for each disk.
There's no way to work backwards from a title key to the key in an individual player so how can you revoke a player's key?
No sig today...
"But the IAA's, and even Microsoft and Intel - haven't figured this out yet."
Sure they have but they're not going to admit it while they're still making money from selling the dream.
No sig today...
If the crack turns out to be real and workable on all titles then this will be good enough for me to be able to buy BlueRay movies. I probably won't, for a while, because I still don't feel a need for any form of HD movies.
I totally agree that it'd be great if we could force these companies not to use DRM but to be realistic that isn't going to happen until a competitor that doesn't use DRM starts whooping their ass. So the first step would be to start releasing DRM-free HD movies which probably means either producing your own movies or convincing someone high up in some movie company that DRM is hurting them.
At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.
I'll be getting one of these formats when it's truly cracked (like DVD CSS is cracked). I have a home media server and the most-watched DVDs in my house are on there. The video quality of DVD leaves something to be desired on my 50" DLP (it's OK, but the quality of the mastering job truly does matter, and HD is certainly much better). I'm interested in getting an HD format... but it's been the lack of a simple, reliable method of ripping the discs that's kept me from jumping in.
I simply refuse to bend over to the movie industry. I WILL be able to do what I want with the content that I BUY. I'm not averse to handing over cash for the shinny silver disc. But when I get it home, I want the ability to put it on my media server and stream it around the house if I want. End or story. Until that crack is real and trivial to use (see software like DVDshrink or DVD Decrypter), I'm out. No blu-ray or HD-DVD for me.
-S
--- What parts of "shall make no law", "shall not be infringed", and "shall not be violated" don't you understand?
But surely they can't include millions, posibly billion of keys to lock out any specific consumer player?
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
When was the last time you saw a movie come out on VHS? Or even for sale at a store?
Not a Twitter sockpuppet... but I wish I was.
"All they're offering in HD-DVD and BluRay is Slightly Higher Def, which is lost on like 95% of the TV owning public."
That's what I said. I only know one person with a HDTV. Everyone else sees a 32" CRT for $76 compared to a 20" HD LCD at $290, and they grab two 32" TVs.
Not a Twitter sockpuppet... but I wish I was.
How about S-VHS? Remember that one? It was considerably better than VHS, was available, but really went nowhere, because VHS was truly "good enough" at the time. Then DVDs came out, and gee, they're great!
As for other unmentioned formats brought up by Quad, remember SACD and DVDAudio? Where are they? Especially when you consider that the DVD is perfectly capable of recording audio without going the draconian DVDAudio route. I have several DVDs with music that plays perfectly fine in my DVD player, complete with 5.1 sound. I don't own a DVDAudio disk. I do have one SACD, but it plays in normal CD players.
I'm sure there's plenty more, but that'll do for the recent past. The common thread in the failures I see was price and, for the content, more draconian DRM (SACD and DVDAudio players both have significant restrictions in place on playback options, DVD discs do not, so you get full digital output on DVD recorded discs, while you get analog only output on the other two)
The cesspool just got a check and balance.
I still have a VCR, hooked up and everything. I can't remember the last time I actually watched a movie on it though. I did use it a few weeks ago to record something ... the VERY unusual situation where all 3 tuners on my MythTV were busy and there was still something else I wanted to see. That's the first time that has happened in a long time too.
My point is, DVD ownership just surpassed VCR ownership, but a lot of people still had/have their VCRs even if they were not using them often.
So, I think I'll just do my damndest to avoid buying ANYTHING that implements or requires DRM ... Starting with Windows Vista. I probably won't succeed 100%, but I think I can come close. If enough folks join me in this, maybe we can convince "them" to either abandon DRM or come up with DRM technologies that are not a monumental PITA.
Either will be fine with me.
You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
The irony of that was that the format that eventually won (VHS) was technologically the worst of the three. The format that lost out the fastest (V2000) was technologically the best of the three (by far actually). If there is something to be learned from this it is that technological superiority doesn't count for much in setting global de-facto standards.
www.sjbaker.org
Agreed about not having the legal right. But who are you to say there's no moral right? The laws defining what's legal are fairly clear in this matter, at least in the US, but there is no clearly delimited moral construct... morality is up to each individual. You are free to decide that -- morally speaking -- you are going to adhere to a certain standard. It is up to others to decide for themselves what their morality is.
As for "or otherwise", what "otherwise"'s (i.e., alternatives to legality and morality) are being referenced? Without even knowing what alternate frameworks of interpretation are being summarily dismissed, I'm not inclined to green light that throw-away, no matter how compellingly rhetorical it might sound at first blush.
- First they ignore you, then they laugh at you, then ???, then profit.
That makes perfect sense if the keys aren't stored at the same machine that will decrypt the movie.
Rethinking email
I've been saying this for a while.
The way this will work is that undiscovered player keys are used to decrypt title keys and the title keys them selves are then distributed.
As long as everybody keeps his piehole shut the collection of title keys just grows and grows, maybe even by dynamically requesting a title key before playing a movie.
If a player key is discovered and disabled by the goonsquad then that player key is simply published along with the title keys that it can't be used to obtain, that way the whole key package shinks every time the evil content overlords disable a key.
It's likely that player keys will be discovered with some frequency, so the freedom fighters might choose to publish player keys on their own just to shink the key package.
Someone needs to put together the infrastructure to support title key distribution and some dynamic way of decrypting an encrypted title key.
-- To dream a dream is grand, but to live it is divine. -- Leto ][
The local Walmart has a VHS section that usually has new releases on VHS tapes. What's funny is how much cheaper a new release on VHS is over DVD. The studios kept telling us how DVD prices would come down because DVDs are cheaper to manufacture over tapes, but it never happened. The studios just sat on the extra cash and got fat and happy.
I came, I saw, She conquered.
It's also interesting in that the porn industry sees by far the most copyright infringement, but seems to care about it a lot less than the **AA does. Even with all that copying going on, they still somehow are able to make quite a bit of money without whining about it and suing people left and right.
Please stand clear of the doors, por favor mantenganse alejado de las puertas
If there is something to be learned from this it is that technological superiority doesn't count for much in setting global de-facto standards.
One could say that the OS wars have confirmed this. Remember, the common cold is very popular too, that doesn't mean it's good...
The movie industry still makes tons of money, they just want to make more or want something to blame when Daredevil doesn't do good. It can't be that the movie sucked, because they already explained to the investors that its going to be a great movie and that paying Ben Afflick millions will only make the movie better.
Can I bum a sig?
Let me repeat that - Blu-Ray/HD-DVD players and media have to give you both the encryption algorithm and the key. Now, it's true that asymetric encryption means that I'll never be able to modify and reencrypt the data without changing the encryption key and thus producing a readily identified copy, but that's not the goal, is it? Given the algorithm and decryption key I can decrypt the content preset. That's the whole point of the system. Attempting to lock the decryption algorithm and key away from the rest of the computer system is impractical at best, more likely impossible. At the end of the day Blu-Ray and HD-DVD end up reliant upon the obsecurity model (rather like CSS); with thousands of eyes watching, obsecurity doesn't work for long (rather like CSS).
Betamax VCRs never really became "shiny pieces of garbage" in the way Blu-Ray / HDDVD machines will. The crucial thing is, video cassettes were always recordable. You can still watch all your old recordings of Charles and Di's wedding, Fawlty Towers, It's A Wonderful Life and the entire Carry On series, and even record new programmes (VHS tape is the correct width, 12.7, to be wound into worn-out Beta cassettes; but note that you do need to keep the original metallic leader tape, since Beta and VHS used different auto-stop mechanisms and clear plastic leader won't trigger it). As I've hinted elsewhere, Betamax has better resolution and better colour reproduction.
The problem with play-only formats is exactly that: they are play-only, and so there can come a point where nobody is making any new material to play on them.
Je fume. Tu fumes. Nous fûmes!
The GPP went on about DUI, Assult, Theft, etc. Changing the analogy to jaywalking and parking meters doesn't fix the problem of poor analogies.
The correct analogy is books. When you purchase a book, you are permitted to read it whereever you would like. On the bus, in your bedroom, in the tub, wherever. When you purchase a DVD, CD, or HD-DVD you are doing exactly the same thing as buying a book. You are purchasing a physical copy of the creative effort of the distributor.
What is the total sum of the equipment to read a book? Light and functioning eyes. Oh wait, you can legally use a braile reader to translate the book to braile - some record the book for later playback so one person can scan for another person to 'read' later.
What do you need to view a DVD movie? A player, a video source, and an audio source - along with eyes & ears. Somehow, needing more than your body to appriciate a distributed work makes all of the rules change. What portion of the right to govern distribution (which is all copyright is supposed to cover), covers the right to limit the use of a legally distributed copy?
If I desire to view a legally purchased DVD on my Linux box instead of a Windows box, how do I effect the profit margin of the distributing company? If I re-rip the movie & place it on my video-iPod so I can watch it on my train commute, how do I effect the bottom line? Since, I have already made my purchase of the movie, format shifting should be viewed as no more than the equivalent of moving a purchased book from room to room. Most of the hacks and work-arounds that have been developed were initially done to enable people to use digital media in the same manner they had always used analog. It is not some conspiracy to deprive companies of revenue, it is the efforts of people directed towards maintaining their way of life in a digital erra.
Has the availability of those hacks and work-arounds created an environment in which people blatently disreguard the right-of-first-sale and fair use rules on which they are based on? The honest answer is yes. However, that does not mean that the solution is ever increasing regulation and restriction. As evidenced by the dismal failure of every effort to limit piracy, it simply doesn't work. Eliminating my rights to fair use doesn't solve the problem, in fact it enlarges it as disillusionment with the system causes more casual disreguard for it. The hypocracy doesn't help. Remember legitimate fair use of a copyright work is not an exemption from the provisions of the Digital Milenium Copyright Act. The DMCA itself re-affirms the rights of fair use, but simultaniously denies you the rights to the means to exercise those rights. A shear genius work of doublespeak.
Exactly. You don't even have to be "good enough"; if you can appeal to the lowest common denominator, and you're essentially competing with nothing at all, "almost good enough" is good enough. Joe Moron doesn't see a drop in picture quality, he sees an improvement over having to watch TV programmes when the TV company say so. And since a VCR is both mechanical and electronic, it's extra-prone to failure. With many of the early machines being rented rather than sold, the perception of reliability was important: they were being sold primarily to rental companies {and in quantities justifying rebranding!}, not consumers. The situation is more or less the same with Windows: it succeeded because it represented an improvement over having no computer at all {some would say even that's debatable}. Well, and because computer vendors were blackmailed into selling it.
Je fume. Tu fumes. Nous fûmes!
... what needs to be done in stead is:
1) Find the player key in stead, it's much more interesting and can be used to find all title keys released until now.
2) Find a way to decrypt title keys without compromising the identity of the player key, so we can keep playing HDDVD movies.
#1 is much harder than just snarfing the title key, because the player key might only be in memory while the title key is being decrypted and that takes a very short amount of time.
#2 might be very easy (one server running in law-less^H^H^H^Hfree contry could do it all, the bandwidth needed is very low).
#2b Alternatively we could set up a peer to peer network where some of the hosts know how to decrypt title keys, each host will anonymize all data about where it got the answer from, that way it will be very hard to track down the hosts that have the player keys.
#1 is made harder and more important because it's very, very cheap for the powers that be to revoke player keys, so they might revoke all windows based player keys once a month and force all windows players to download new executables and keys to be able to play new movies.
-- To dream a dream is grand, but to live it is divine. -- Leto ][
Same thing happened with the transition from cassettes to CDs. They lie. That's just the way they are.
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
You say that, but then I - as a member of that other 5% of the population - absolutely crave the ability to watch movies on my screen in high def. I *can* see the difference, and I think it's great.
However, no matter how great I think it is, I'm not dumb enough to buy a HDDVD/BluRay right now. Everytime I watch a DVD on my TV, I curse the consumer electronics industry for not being able to come up with a sane solution to fit my needs.
As much as it is ignored by 95% percent of the population, the HD-DVD/BluRay war is a deep disappointment for the other 5%.
Trusted Computing solves this 'problem'. Debuggers won't be allowed to run on 'protected' programs, and this will be enforced on the hardware level (each program will effectively have to ask for permission to run).
Yes and no. You're right about the effect, but wrong about the mechanism.
The TPM can't control what programs can or cannot be run, so it's not correct to say that disallowing debugging of protected programs will be enforced on the hardware level.
The enforcement will be done purely in software, by the operating system. What the TPM will do, though, is to provide a place to securely store the player key, and to bind that key to a specific operating system environment. Boot a different OS, or modify some part of the OS that is considered important for security and the player key will no longer be available.
So, if you use the unmodified OS, it will note that the DVD playing software is not "debuggable" and will not allow your debugger to attach to it. If you try to patch the OS to force it to allow debugging, then the player key won't be available to the player, so you can't grab it with the debugger.
Note that in order for this to work, there must be no exploitable security holes in the OS that allow you to patch the OS after it's been booted into its fully functional state. This is because of the way that the TPM "binds" a key to a given system state.
Basically, during the boot process each chunk of code feeds data to the TPM. The TPM hashes all of this information into a Program Control Register (PCR). This hash value in the PCR is what represents the system state. To bind a key to the PCR, the TPM simply XORs the PCR with its internal master key and uses the result as an encryption key to encrypt the bound key (in this case, the player key). Retrieving a bound key works the same way: The TPM reads the encrypted bound key from disk, XORs the current PCR value with the master key and uses the result to decrypt the bound key.
If you boot into a different OS, or in any other way change the data that is fed to the TPM during boot, then you change the PCR value. Different PCR means different result when XORed with the master key, means different result when the bound key is decrypted.
So, to make such a protection system work, it is necessary that all of the software that is used to enforce the protection be part of the data that is fed to the TPM for hashing into the PCR. BUT, if you can exploit some hole to patch the software *after* the PCR has been fully initialized, then you're golden.
Another way that attackers can try to work around the TPM is by snatching the key before it's bound to the TPM, or by arranging for it to be bound to an already patched OS. Most likely, software player manufacturers will try to work around this by asking the TPM to "attest" to its configuration (meaning its PCR value) before giving out a key.
It's not clear how well that will work, though, because it means that every booted Vista system has to have bit-for-bit identical software so the player mfg can know what the "valid" PCR value is (well, large groups of Vista systems have to be identical, giving the mfg a set of valid PCR values). That doesn't seem like a problem until you realize that part of the data that has to be hashed into the TPM to make the system secure is the BIOS/EFI code. Because if an attacker compromises the code at that level, any protections the operating system tries to implement are irrelevant.
It may be possible to use a string of attestations, one for the PCR value from each stage in the boot process to work around *that* problem, but it's not clear how feasible that is.
Bottom line: The TPM will be used to strengthen DRM systems, but it seems pretty likely that it will be defeatable (and defeated) in many ways. This is because TCPA wasn't designed as a copy protection system, or to prove to third parties that the machine won't violate DRM. Rather, it was designed as
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
You don't need to crack DRM to do what you've mentioned. The Analog hole still exists (no HD-DVD or BR discs use the analog flag yet), so you could always make smaller copies for an iPod (God, you're a geek; what normal person would care about watching an HD-DVD on an iPod when the DVD (or even the VHS) would do just as well).
-- "I never gave these stories much credence." - HAL 9000
Yeah but you can get a player that can play both BluRay and DVDs. So all your DVDs still work and you can start buying new releases on bluray (or HDDVD, but its seems to me like bluray has won). So it may not offer as big a improvement as DVD but it will also be a much easier transition. More like an upgrade than a replacement.
Of course the lack of HDTVs will be a problem. But as people start buying HDTVs they will pick up a bluray player along with it.
Not me baby....you ever try to carry TWO 32" CRT's??
Hehehe..seriously....I am completely over CRT's....no matter the cost....just too bulky and heavy. This is especially true for computer monitors...but, also true for television.
My preference? DLP Projectors....that that expensive...with a screen, less than many large LCD or Plasma tv's...are HD resolution compatible...and take up very little room, and are easily transportable. Hell...I can grab my projector...take to a friends house and hook to their dvd player, and have 'portable' movie night just about anywhere.
For a bit over a grand...100" picture and great resolution, and taking up very little room.....I don't think they can be beat.
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
Maybe I'm just bitter today, but I have to point out that you're a FREAKING TROLLING MORON. Buddy, there were a bunch of alternative operating systems before Windows was ever on the market. If you didn't like DOS, you could stick with your C64 or your Amiga or your Mac. If you didn't like Windows 3.1 you could have run OS/2 or *nix with X-windows. There have always been alternatives. I know it's popular to shit on Microsoft and whine about "not having a choice" but come on, step into reality. There were alternatives and those alternatives fell by the wayside... and not because "stupid Joe Average users" got conned into using Windows, but because DEVELOPERS and HARDWARE COMPANIES got on the Microsoft bandwagon.
I don't see what would be so bad about them building something -standard- and easy to use? Like just store a high resolution mpeg4 file titled movie-name.avi, or something, on the high capacity disk. no encryption, nothing. Anyone can open it in Linux/Mac/Windows, etc., pretty easy to build player, integrate the thing into anything, etc. Also pretty easy for -users- to make their own disks (home videos). No need to expensive proprietary software (powerdvd?), etc.
Anyone who -will- copy DVDs will still copy DVDs anyways (and by the time they're downloadable, encryption doesn't even come into the picture). And it only takes 1 person to rip the DVD! Why not make it easy to use for everyone, and have the market create all sorts of extentions that go along with having a huge amount of storage, and easily movable video content.
"If anything can go wrong, it will." - Murphy
But if the "banned" key happens to be associated with a popular consumer-grade player, then the manufacturers will have to replace or upgrade every single one of those players in the field (except, maybe, the actual one that was used to obtain the key -- at the very least, it might be considered a warranty-voiding modification). They can't associate keys with individual players; there would be more keys than movie on the disc! (And it would be easy to find a key). People will take their players back to the store if they don't work, which is something that they have every right to do under consumer protection laws, and they will kick up a stink. And it will end up making the 2006 Sony Rootkit fiasco seem like a methodist sunday school picnic.
Je fume. Tu fumes. Nous fûmes!
Just want to get this comment here so you can refer to it in 20 years. AACS will never be cracked. There are too many keys. There will be no software players you can reverse engineer like there were for DVD's. There is no interest in playing movies on PC's like there was for DVD's. It would take over 50 years to reverse engineer just one of the millions of keys by brute force.
Of course, in 20 years you won't even care about who cracked what encryption anymore. It'll just be there like death, taxes, and America.
I have red all the above, as i undestand we have some data, whitch was red from disk itself, and some data (key) from player (Powerdvd). Then we tamper with whese two aruond and we get a real key with whitch we decode the movie. Am I right?
If yes,then the question is Why it is (or not) so hard to get that player key. Just fire up the debugger, trace until it reads key from disk (easy), now just look for code whitch does something with that. Somewhere around you will find the key. For example such cracking gruops as RELOADED cracked STARFORCE. it wasnt easy, but the main poblem was to get the executable running. They could extract all those keys from exe and from cds very easy. Why is it hard to do that with powerDVD? it's just simple player. No antidebugging trics, no rootkits, no cd drivers. Nothing.
And, as I understand AES you can decrypt content with only one key, so how can every piece of sofware have different keys?
Or put another way, the porn industry has a business model that is more resilent to outside influences beyond their control without having to buy off politicians. Yeah, you don't players in the porn scene that are multi-millionaires to the degree of someone like Tom Cruise, but in general they seem to do well when compared with the average American.
Please stand clear of the doors, por favor mantenganse alejado de las puertas
The C64, Amiga, Atari ST and so forth were perceived as home games machines, hardly up to the job of running a business. They just weren't "industrial" enough. Business adoption was what brought down the price of the IBM-compatible PC. If some big enough corporation had decided to standardise on, say, Amigas, then history might have run differently. As it was, every non-IBM system found a niche. The BBC and later Acorn RISC machines, with their ROM OS, built-in structured BASIC and accessible hardware, found their way into education and science laboratories; the Mac was used for desktop publishing; the Atari ST, with its built-in MIDI interface, was used in recording studios and the Amiga with its graphics capabilities (you could synchronise its video timing to an external source) was used for video post-production. Mainstream businesses went with IBM-compatible PCs (the Amstrad PCW8256 and co. served many users very well for a long time, but were eventually replaced with PCs) running DOS or Windows.
The rest is history. Millions of expensive typewriters, calculators and desk ornaments were sold on the basis that everybody else was buying them so we need some too. PCs eventually reached a critical mass, bringing down prices. Lower prices meant less initial investment to become a hardware developer, hence more hardware development (don't forget, the early machines' 8- and 16-bit buses were very easy to interface to); and as even more hardware became available, PCs managed to equal and eventually surpass the competition. Software developers also were attracted by less expensive machines (leading, unfortunately, to a huge glut of poor-to-mediocre software [cf. the situation with 8-bit home computers c.1983-4]; however, Microsoft's tolerance of piracy meant that MS software was effectively free-as-in-beer, so eventually bankrupting publishers of software which competed directly with MS). General-purpose I/O cards, Windows, MIDI interfaces, genlock-capable video cards and the inexorable March of Time all eventually helped PCs displace the older machines.
Je fume. Tu fumes. Nous fûmes!
Well then I guess I'll have to use another fancy and accidentally DRM breaking technology called optical out to hook up to my top quality optical input video capture card (that I don't actually have but wish I did lol) If you get both the sound and video in digital format being sent through optical cable and being re-received in through a really good quality card, you barely lose anything cuz if I understand optical correctly, it sends totally uncompressed video that's basically pixel 1x1 is color 34A6D3, etc so all you have to worry about is capturing it fast enough and encoding it well after it's captured in an uncompressed format. Yaaaaay digital! Seriously, how could the DRM people not realize that sending any signal digitally out of a player means it's uncompressed. They better not start encrypting it and having the TV decrypt it.
Google's Super Secret Search Algorithm: SELECT @search_results FROM internet WHERE @search_results = 'good'
Except that there's a flag on the disc which tells the player to degrade the signal if it isn't going through a protected path (HDCP). Right now, the flags aren't set, but they eventually will be.
As long as 5% of the people are able to crack the copy-protection, the other 95% need only copy what the original 5% have de-protected.
Je fume. Tu fumes. Nous fûmes!
Pirates came on DVD and HD-DVD from our local pr0n shop, and this was about a year ago.
I come here for the love
The point that I'm trying to make in addition to countering your assertion that Windows succeeded because it "was an improvement over having no computer at all.", is the point that there were a lot of reasons why Windows succeeded. Yet what I quite frequently read around here is all of this drivel about the evil, monopolistic Microsoft forcing their OS on the world. Before Microsoft was the company that we all love to hate, they were just another fish in the sea. And when they were just another fish, a lot of people decided that they liked that fish. They made an OS that ran on the most mass produced hardware out there at a time when nobody else could do it.
Heheh. Someone else remembers that. My grandparents, inexplicably, had a V2000, a Betamax and a VHS VCR. And probably way too much money.
"Did you exchange a walk on part in the war for a lead role in a cage?"
Agreed. Really *securing* a system with a TPM is non-trivial, and it's damned near impossible if the system configuration has to change on a regular basis. Honestly, TPMs are really not very useful to home users. They're valuable for servers and for enterprise workstations that are configured and mostly left alone, and really require high security.
If you want evidence of just how hard it is to create a secure system build on a TPM, consider this: Linux TPM drivers were available as soon as the chips started to hit the market, long before any other platform started playing with them. Further, there's a corner of the Linux world that is *intensely* interested in security, consider SELinux, GRSecurity, etc. Even further, the Linux world has a very rich tradition of a zillion specialized distributions, each highly tuned for a very small, specific niche. The boot managers we use are open source (and there actually is a TPM-enabled version of GRUB), and nothing in the software stack is hidden from the modifications needed to build a TPM-based solution.
So where are the super-secure TPM distros? There ought to be a firewall distro that hashes *everything* into the TPM and periodically sends attestations to the system administrator, so that even the tiniest compromise will be detected instantly. There ought to be a Host Security Module distro that uses a TPM-enabled PC to provide a poor-man's HSM. There ought to be web server distros that use the TPM to secure their SSL keys.
If it weren't fiendishly difficult, all those distros would exist, but *NONE* of them do. Not a one. Well, not that I've been able to find -- I'd actually love to be proved wrong here... anyone?
This isn't to say that a TPM isn't useful, just that security is much, much harder than people want to believe. I'm sure we will eventually get those Linux distros. I'm far less certain that Microsoft or Apple will ever be able to really make use of them the way they want to.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
It's simple really. The porn industry makes movies people actually want to watch.
I won't be quite as extreme, as there are a few places I believe the baggage of this kind of a scheme is necessary. For instance, we don't have a common game engine, therefore each game must ship with software, so any commercial game is automatically somewhat locked down and proprietary, and you can't do everything you want to with it.
Further, I'm perfectly alright with buying things with completely, pathetically defeated DRM. DVDs encrypted with CSS are fine -- I just rend them and rip them, or buy them and rip them.
However, I'm avoiding Windows Vista as long as I can, depending on how much usefulness I can get out of Linux. I'm also not going to buy or rent a single Blu-Ray or HD-DVD movie, so long as it's impossible for me to pop it into a Linux box and play it with mplayer. If I buy music, it'll be in the form of CDs or FLAC files.
Basically, what I'm hoping for is to create an example that others can follow, without boycotting being a monumental PITA. Then, when they come around with surveys, asking why we don't all have Blu-Ray, we can tell them we don't like them bricking our players because we might be able to use them to pirate.
Don't thank God, thank a doctor!
You address some genuine issues, but the Trusted Computing specification addresses and resolves some of the "problems" you cite.
All of your comments about finding and exploting software bugs / software holes to crack the system were valid, and their solution here is to *force* down software patches. If Trusted Computing is adopted as they hope and intend, in a decade or less you may find it impossible to get onto the internet at all unless you allow the software patches to be pushed down onto your machine to close the holes.
it means that every booted Vista system has to have bit-for-bit identical software so the player mfg can know what the "valid" PCR value is
No, as I'll discuss below. The PCR value is used for authentication of other data. Seeing essentially random new and varied PCR values is not a problem.
It may be possible to use a string of attestations, one for the PCR value from each stage in the boot process to work around *that* problem, but it's not clear how feasible that is.
That is approximately the idea, and it is feasible. The first thing the Trusted Software Stack is required to do is keep a log of each value that gets hashed into the PCR, and any identifing information associated with it.
So for example the first value that gets hashed in is the BIOS hash. The system keeps a log of that value, and logs that it is the BIOS value, and presumably the name and certification signature from the BIOS provider proving it is a genuine unmodified BIOS from that Trusted-certified BIOS provider. Then you add in the boot-loader software hash, and the name of the bootloader company and the signature authenticating that. Then you add the hash of the operating system and the name and signature of that operating system provider. Then you add in and log the various operating system hardware drivers, and you rely on the operating system to log which drivers are and are not security critical for various purposes. And then the you can optionally even log every single application that gets run, with the operating system logging which ones are and are not relevant for various purposes.
So if for example you are the RIAA with soem music DRm software, you first take that log file and verify that it does indeed match the current PCR value. New and effectively random PRC values are fine.... they merely proove that the logged software list is genuine. Then you look at the first few items in the log, the BIOS and bootloader and operating system, and you simply check that the listed company is on your "Trusted Computing" approved list, and then check that the signature is genuine. The next thing on the list are the various drivers. If some software we (the RIAA) don't care about... for example a video driver or maybe Trusted DVD player software... if that gets added... it will have an effectively random hash and adding it to the PCR will create an effectively vandom value... but we don't care and we don't even need to verify it. We are Trusting the Trusted operating system to prevent DVD player software from affecting our music DRM system. So it doesn't matter if irrelevant random values get mixed into the PCR and randomize it... we can see by the log that we don't care about that line-item and we can keep tracing the log forward to the items we do care about. The last item on the list might be the last run application.... the application we are currently talking to over the internet... would be our (the RIAA's) own DRM-enforcing music software. The log file and the current PCR prove that we are talking to the exact software we want to be talking to. We (the RIAA) can then bind the music decryption key to that exact software.
If you boot into a different OS, or in any other way change the data that is fed to the TPM during boot, then you change the PCR value. Different PCR means different result when XORed with the master key, means different result when the bound key is decrypted.
There is a complex system that, when Trusted-appropriate, allows
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
Trusted Computing solves this 'problem'. Debuggers won't be allowed to run on 'protected' programs, and this will be enforced on the hardware level
No it doesn't. The entire Trusted Computing security model vanishes in a puff of smoke the moment someone (metaphorically) sneezes at his motherboard. The software front-door is a militarized bank vault, but there are a dozen wide open hardware back-doors.
That instantly gets us exactly back where we are right now with the current story. You have the exact same person adding a switch to his motherbord or somesuch, undetectably and untracably sitting at home capturing disk keys from memory exactly as in the current story, and managing to leak those keys exactly as in the current story.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
Hi, Alsee.
How large is that log file going to be? Seems like for most pieces of software, it is going to have to contain a full copy of the hashed code. For well-known software, of course, it can be optimized to just a list of identifiers. Mostly.
An even bigger problem is that the scenario you describe (hashing every app) *only* works for DRM while on-line. It would theoretically allow the TPM to attest its current state, but it would be useless to bind any decryption keys to that state.
As for what would make a TPM more suitable for DRM enforcement, there are many things that could be done.
The best is to make the TPM into a low-end HSM. This would add only pennies to the cost of the chip -- a little more internal RAM and a hardware AES co-processor. It would also be necessary to ensure that the TPM was on a USB2 or PCI bus. Couple that with "secure" output hardware (HDMI and something similar for audio) and you can easily arrange it so that the main CPU *never* sees an unencrypted media stream. Connect to iTunes, or whatever, present your TPM's public key (which is signed to prove that it's a TPM key), the music vendor encrypts an AES key with the TPM's public key and sends it back, the TPM stores it and gives the OS a key identifier. Then, you download music, encrypted with that AES key. When you want to play it, the OS hands the data and the key ID to the TPM, which decrypts the data and re-encrypts it with the key for the secure output device. The OS takes the re-encrypted stream and hands it to the output device for rendering into analog format.
That would be a DRM chip. It wouldn't matter a bit what OS you were running, because the main CPU would never see unencrypted data. And it would be vastly simpler to implement and manage than the hoops you have to jump through to try to use a TPM for DRM enforcement.
There are other options and approaches as well, that would allow the TPM tighter control over all running software, rather than just decrypting media streams. For one, put it on the system bus and give it access to system RAM (would require memory controller cooperation). Then provide a mechanism where it can enforce which applications are or are not allowed to run based on its analysis (with the assistance of the OS), and what those applications are or are not allowed to do.
Regarding the implications of the lack of hardware security in TPMs, I would argue that the lack is strong evidence that they are designed to be for exactly what they say they are: to protect against attacks by people who don't have direct, unlimited and unobserved access to the hardware. Were I designing a DRM enforcement system, I absolutely would build in some hardware anti-tamper protections. For a device intended to be used in a secure server room, or on a workstation which the user has an interest in securing, there's no need for that.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Because as-of-yet relatively uncommon hardware isn't "allowed" to even play the material (in full quality).
I agree about front projectors for home theatre, they are now high quality and cost effective, but there is one significant weakness: most of them cannot cope with a daylit room. You need to close all the curtains to get decent contrast. I've been wanting to watch more movies during the day (holidays) and I have started to find this annoying.
:)
Thus I need a 42" plasma/LCD as well
For every expert, there is an equal and opposite expert. - Arthur C. Clarke
And the Sony C6 Betamax recorder, given a decent aerial, could record the Teletext signal along with the picture (even if your set was non-Teletext, since it's being picked up by the recorder's internal receiver). I never even realised VCRs weren't supposed to be able to do that. All those old Betamax cassettes in lofts and cupboards are hiding not only subtitles, but little vignettes of the news and sporting events of the day they were recorded.
Over here even VHS VCRs can record closed captioning information, including all modes. I'm sure I have a lot of closed caption news for the deaf recorded on my tapes of UK sci-fi aired on local PBS channels. TiVos also record this information, except they decode it when recorded and regenerate it in the VBI on playback (saves disk space).
Now if only they could record the SAP signal at the same time as the regular audio.
Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
If they can't track down what player key was disclosed, they'll flood the underground market with bogus title keys while also making multiple yet visually indistinguishable parallel runs of the same release with different title keys to frustrate the market of title key sharing (multiple pressers manufacturing differently keyed masters of the same title). The more valuable the content, the more masters they'll make with different title keys. If the movie is crap, they only make one master.
That's one way to frustrate the piracy market. And they don't even have to wait for a player key to be broken to implement it.
Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?