Slashdot Mirror
Decryption Keys For HD-DVD Found, Confirmed
kad77 writes "It appears that, despite skepticism, 'muslix64' was the real deal. Starting from a riddle posted on pastebin.com, members on the doom9 forum identified the Title key for the HD-DVD release 'Serenity.' Volume Unique Keys and Title keys for other discs followed within hours, confirming that software HD-DVD players, like any common program, store important run-time data in memory. Here's a link to decryption utility and sleuthing info in the original doom9 forum thread. The Fair Use crowd has won Round One; now how will the industry respond?"
"Hello, Doom9.com's ISP? Yes, this is Microsoft. We're auditing your sofware licenses."
"Hello, Doom9.com's registrar? You're being charged with violating the DMCA. Pretty much all of it."
"Hello, little tiny country? This is the MPAA, and as official representitives of the US government, we're asking you to hand over all people involved in this post on Doom9.com's forum. If you fail to respond, we'll enact sanctions on your country and drive you into the dark ages. Just look at North Korea for an example.
You have Pr0n, cheaper hardware and blank media than Blu-ray and now you can "backup" movies, HD-DVD will be the winner of the HD format war, at least here in Argentina, Brazil or other developing countrys where piracy reigns...
Don't release the crack until after the standard is settled! Now all the studios will go Blu-Ray only.
sulli
RTFJ.
or people who want to watch movies they bought on their mythtv system
or people who like to buy movies and watch them, but don't run windows
And guns are just as useful to criminals as they are to law enforcement units and law abiding people protecting their home.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Quite simple. The content industry will simply dump the format, after all, there's an alternative. Now it's high time to show that BluRay is just as "consumer friendly" and break it for good, so there is no alternative left, and if the studios want to get their content to the customer, they have to accept that DRM is useless in their strife to protect their rights.
The point is to create as much damage as possible, so the industry learns that the only one hurt by DRM are they themselves. Revoked keys mean more work, more expense, more hassle and dissatisfied customers who have to jump the hoops. This will in turn create more awareness for DRM and the problems it creates.
We have to teach the studios that DRM is a failure. That it only generates hassle and problems for their paying customer and is no barriere or even a deterrent for the pirates. For this, the customer has to be the one hurt, too. Learn the easy or the hard way, learn about DRM by investigating or by having your tools stop working.
Yes, that's not the usual gentle way of teaching. But appearantly some people don't learn 'fore it starts to hurt.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
New disks can be pressed with new keys, and the compromised software player will have it's key revoked. As such, this is not a generally useful solution. AACS remains secure, and at best, we may see individual keys available for certain pressings of certain discs. This approach will never provide general playback as DeCSS does.
However, it is my understanding that the decryption process can be done by the TPM; once this is supported, the problem will be much more difficult. Make no mistake, the battle has only just begun. Before long, software based attacks may be rendered impossible.
comedy awards? This is hilarious. Spending all that money on DRM, implementing new media, only to have the encryption cracked before launch day (practically) must be like trying to nail jello to the wall using $100,000 nails. (Has Mythbusters tried nailing jello to a wall yet?)
The real question is not how they will respond, but when will they learn?
Support NYCountryLawyer RIAA vs People
is never underestimate a hardcore geek with a little equipment and a decent block of vacation time....
people have been xeroxing books for like 40 years and nobody ever made such a stink as the mpaa and riaa have. their whole thing is so wrongheaded, if they would spend all those legal fees and lawyer salaries on hiring better directors/writers/actors their profits would skyrocket. its not piracy that loses them profits, it's SHITTY PRODUCTS.
sometimes, i wonder if i'm the only conservative on teh intarweb. ah well, back to mah hogs and warmongerin'....
You are correct, sir. The attack vector is the same, keys being exposed in insecure memory in the decoder/player. The encryption of AACS itself is unlikely to be cracked as it's AES, and AES is very nifty and well studied. Even if the key searching approach fails, there *are* possibilities that some sort of attacks could be waged on the AES implementation which might be vulnerable. (For instance, I wrote AES for MATLAB. It's highly likely that my implementation could be exploited for various reasons, such as cache timing attacks.)
"Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman
Even if they one day develop a perfect DRM scheme full of unbreakable secure paths, it won't be possible to avoid someone simply removing the actual LCD screen, wiring the signals instructing which pixels should turn on and off to a 3rd party device, and recording the unencrypted content in raw format.
No piracy is being stopped by these means. They're and will always be utterly useless.
Conservatism: (n.) love of the existing evils. Liberalism: (n.) desire to substitute new evils for the existing ones.
Everyone seems to be missing the point. Existing titles are chump change. Just make the next pressing with the new key. The flurry seems to center around release dates anyway, so no future discs will decode on the compromised player. They don't want to make it impossible, they simply want to make it difficult. Having to keep a key database updated is a pain in the ass. I'd go as far as to say that they don't care about an isolated crack - they'll "fix" it and go on, with updates from time to time. This is a s/w player, not a hardware player, correct? Just require an update.
The point is that they will make this about Piracy, and that its the Pirate's fault that you have to go download an update to get your machine to work. Not their fault (Say "Not my fault" in David Spade's voice an you'll get the idea). Most consumers will believe the newsvertisement they see on ther local station that blames those evil pirates for their suffering. If it weren't for the pirates, their stuff would work. Which can easily be spun at truth - pirates cracked the system, system must be safe or poor artists children will starve, so we had to change the system - all pirates fault. Your mother would fall for that, and you know it.
Right and wrong is irrelevant - it's who takes the blame for the mess that matters, and the industry has a lot of PR money to make sure the finger points at someone else.
Is it just my observation, or are there way too many stupid people in the world?
What about the early adopters, who bought high-end video cards without HDCP, or very nice HDTVs, also witohut HDCP? They now have to pray that somebody (Sony?) sees the light and doesn't trip the "artificially cripple old HDTVs" flag.
So, because the MPAA is afraid of an attack that isn't feasable, and may never be, they are forcing early to buy new hardware (for no good reason). I can't help but wonder if this wasn't a simple money grab -- force everyone to upgrade so they pay you twice for the same hardware.
Don't thank God, thank a doctor!
Actually, I've more commonly seen it referred to Digital Restrictions Management. I think the term Digital Rights Management is just the publishers attempt to put a positive spin on something that is fundamentally designed to impose restrictions on your use of the content. The accepted and common meaning of the abbreviation of course will be determined in due time.
I'll say your nom de plume is appropriate. There are two ways to reconcile these positions logically. One is that it is not the same Slashdotters making both claims (we have diversity of opinion here, in case you failed to notice). The other way is that the "competition" the first claim refers to is between corporations, not between formats. The former fuels markets, the latter fragments them. It's true that the latter is a consequence of the former, but it is not an inevitable consequence. For instance, nearly all books published in English today have the binding on the left side, even though there are many publishers competing for your cash.
But, I wanted socialized health insurance!
Many "customers" act as criminals then bitch and moan when they're being treated as such.
Only because exercising fair use is acting like a criminal. Except its only acting; it isn't being.
The actions of a criminal can also be the actions of a law-abiding citizen legally exercising his rights. It is to what ends the acts are performed that (are supposed to) define them as criminal.
I can swing my fists in the air as long as I like as long as I don't hit your nose. It's bad laws like the DMCA that would make swinging my fists in the privacy of my single-occupancy home a crime.
Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
You haven't the slightest idea what you're talking about. No matter how well coded, any information used by a program is available to someone determined to extract it.
"What is needed is a DRM that is advanced enough to be flexible enough to allow all "fair use" while curtailing piracy."
DRM will never be this advanced, because this proposal is fundamentally impossible, because it implies logically inconsistent outcomes. Either I can copy no part of the video for any reason, or I can copy some part of the video (no matter how small) for any reason. If I can copy any part, even screenshot by screenshot, for any reason, I can re-assemble it outside the player and the DRM is therefore useless. If I can't, fair use is violated.
DRM, in all it's manifold and perverted forms, can go to hell.