Slashdot Mirror
Interview with Developer of BackupHDDVD
An anonymous reader writes "HD DVD and Blu-Ray were supposedly protected by an impenetrable fortress. However a programmer named "muslix64" discovered that this was not the case, and released BackupHDDVD. Now, Slyck.com has an interview with the individual responsible, who provides some interesting insight to his success."
It sure seems to me that the media companies chasing the people finding holes in their impenetrable fortress' is much like a dog that chases his own tail. Every once in a while he gets it, but then it hurts and he lets go, and then he off again chasing his tail. The time and money they spend protecting their stuff might be better spend on an ad campaign, or better yet drop the prices of the content so that maybe, just maybe they will sell a few more..
It seems the interviewer knows _NOTHING_ about the subject:
You can play an unencrypted movie wherever you want; an update of the encryption-scheme will not magicalle re-encrypt the movie. DUH!
An unprotected movie does not require HDCP; HDCP has _NOTHING_ to do with this.
And if that doesn't work, I'll put an HD video camera in a dark box with a 52" HD Plasma and hit the record button.
I don't know why they bother. CSS was "easy" because the encryption didn't change, so once you'd broken it, it was done, unless they wanted to break the standard.
With AACS they "learned" something and used much beefier encryption, and mutable keys...Which makes the keys vulnerable. Some bright boy notices this, breaks the weak security on the keys, and voila! The system, while not broken, is seriously compromised.
It's all pointless though. The companies pushing the DRM have far fewer resources than the people who want to view the content, and the content itself cannot be truly secured because it's meant to be viewed! So they're just throwing away money, and, as Muselix64 himself cogently pointed out in the "interview", the turnaround for fixes from the companies is so long, that there is effectively no way they can stay ahead of the crackers.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
If I understand it correctly, my output resolution will be degraded unless I buy a MPAA-approved display device?
Why would I bother upgrading from DVD if I'm not going to get any better quality?
Tip to Hollywood: Deliberately crippling technology doesn't boost sales. As far as I'm concerned, there's no point in buying into this. Why would I bother to spend a lot of money for something that won't work with my existing equipment, and likely won't work in the manner I intend to use it?
The society for a thought-free internet welcomes you.
After the HD-DVD crack, I realized that things where "unbalanced" by having just one format cracked, so I did Blu-Ray too.
Bless you, muslix. Now the two formats can compete as true equals where it counts: in the ease of supplementing your legitimate media collection with illegal copies of things that you "kind of like".
Let's not pretend that there is one type of pirate. There are many levels of pirate, and by far the most common type (at least in my experience) is the "pirate" who buys plenty of legitimate media, but occasionally supplements their colleciton with an illegal copy of something that they don't care enough about to pay full price for. You can see the popularity of this line of thinking by watching people paw through the "bargain bin" at any major retailer. These are the movies that no one liked enough to pay full price for, but still maange to sell. This is more of a problem, as I see it, with the uniform pricing structure of DVDs. Let's not pretend that "Batman Begins" and "Sisterhood of the Travelling Pants" are worth the same amount of money to most people. They are simply not, and should be priced differently from the get-go. Sadly the media companies instead try to rake in bucks from the "gotta have it now" super-fans crowd by artificially inflating the price; the side-effect is piracy. I would wager that the media companies gain more money then they lose by this process; the convenience of the consumer does not enter into the equation (these companies have demonstrated, repeatedly and without a doubt, that the convenience of the consumer is a very, VERY low priority to them).
Of course I am deliberately discounting bring up That Guy. You know That Guy. He is the guy with the huge collection of pirated movies for the sake of having them. To be fair, unless That Guy has a lot of friends (and usually they do not) they are no real threat to media companies. That Guy would not have purchased the movies anyway, and his collection is (to put it bluntly) a dick-measuring contest to make himself feel better anyway. Every That Guy that I have ever met has had movies of laughably bad quality in their collection; their love is not for the cinema but rather, like a dragon, they hoard the wealth for it's own sake rather than an appreciation for it. And that might be the dorkiest thing I have ever written.
I'd be willing to bet that the cost to produce AACS was pretty high in the grand scheme of things. AACS was created by a consortium consisting of IBM, Intel, Microsoft, Panasonic, Sony, Toshiba, Disney, and Warner Brothers. Granted that huge corporations like those can afford to throw tons of money and resources at a project like AACS, but the bottom line is that it probably cost a pretty penny. Consider the person-hours involved in just high level meetings among all those companies to hash out the AACS specification. If you get one person from each of those 8 companies to spend one full week of work (assuming 8 hour days) just on hammering out the specification then you're talking about 320 person-hours. Assuming those people have average annual salaries of $80,000 (SWAG) and work 40 hour weeks then that's over $1500 a week for their salaries, or $38/hour. 320 person-hours at $38/hour equates to $12,160.
Now obviously I'm pulling all these numbers out of you-know-where, but the point is that these companies invested a lot of manpower and a lot of time to create AACS. It may not seem like a lot to their respective bottom lines, but it does add up to a lot of salaries paid specifically on AACS, and most likely a lot of investment in hardware for development, testing, etc. It certianly wouldn't have been an insignificant ammount if you could do a full audit of all their books. I'd say (another SWAG) that the total cost of developing and implementing AACS would be somewhere in the neighborhood of $5,000,000 when you include hardware & software design/development as well as the salaries, etc. of the people involved.
The *IAA wastes so much time, energy and ultimately money on various DRM implementations and the end result is always the same. The DRM is eventually cracked so those who want to pirate material can and do yet the DRM is cumbersome enough to upset and turn off a certain percentage of legitimate customers.
My roommate purchased an HDTV a few years ago before the HDCP standard emerged and he recently bought a Playstation 3. He was seriously pissed when he found out he couldn't watch Blue Ray Discs at the highest resolution because his TV wasn't compatible.
Things like this only serve to alienate legitimate consumers who are already inclined to pay for the product. The pirates just wait for the DRM to be cracked.
It seems likely to me that MS has a trick to allow protected processes to be debugged. It's either a secret mode of Vista, or they have debug builds of Vista that allow this type of snooping to take place.
I mean, in the perfect world, you develop non-protected, and then you turn it into a protected process once it's been debugged. But back in the real world, certain programs will break and you'll only be able to debug in "protected" mode.
If Hollywood is bright, they'll just ignore this. The DVD is certainly exploitable (in fact, in hindsight, it was trivial), but last I checked they make a ton of movies from selling DVD's. I fail to see this is any different.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
How do you know that Intel has not been putting a TPC module in every CPU for the last five years? They've had this ring architecture for a decade, could there not be one more ring they never told us about? in five more years they could turn it on and surprise! every computer less than a decade old is TPC complient. The remaineder still run but can't use the new OS or must run in a reduced privledge mode.
Some drink at the fountain of knowledge. Others just gargle.
You have found the very reason why they have not enabled the flag and will not for years to come - way too much old equipment and way too many customers to be pissed off.
In the technical rounds it was easy enough to add the flag, but once the marketing people realized what it would do they nixed the use of it.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Which is why I will never "upgrade" to HD. When my lowdef stuff stops working, I'll simply opt out of the rat race and not buy anything. Books are still good.
I will not pour thousands of dollars into a HD system only to have some jerk in a corner office somewhere decide that my investment constitutes a risk to his profits, and be able to take it away from me without consequence, without my consent, and without buying me new geegaws. F'em. They don't generate ANY content I'd be willing to pay that much to watch.
But that's just me. Feel free to pour $BUCKs into their profiteering maws if you wish. It's your money... well, your's and mostly THEIRs, since they can decide to take it away from you.
Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves.
Sheesh, and they make fun of his English!
"If you have nothing to hide, you have nothing to fear." - Every fascist, ever
I don't mean to flame your .sig... but you've got it exactly wrong. Laws about tech will always be bad, until enough techies become lawyers.
Hmm, person X is a lawyer. She makes mid six figures and works 80 hours a week. She have a staff to handle IT issues. Her motivation to 'become a techie' is...? I, on the other hand, got sick of the fact that other people were writing the rules that controlled my industry. So I left off being a netadmin and now I'm in law school. You want the laws to be sane? Start writing them, rather than leaving that to people who don't have a clue, and don't have the slightest reason to care.
From what I can tell, there's three camps of consumers when it comes to DRM:
- The camp that can't stand it, won't buy it, and goes without the content.
- The camp that doesn't like it all that much, but buys it anyway.
- The camp that won't pay no matter what you do, and pirates the content instead.
I know the recording industry is losing out on sales thanks to DRM because they're losing me. I just discovered an amazing album on iTunes, but I'm not going to buy it because of the DRM. If FairPlay wasn't there, I would have just spent $9.90 to download an out-of-print album. I have heard other Slashdotters express similar sentiments.Lifting DRM seems like a win-win-win-win scenario to me. The hold-outs like me will suddenly start buying music, the existing paying customers will be happier that they can move their music back and forth, and some of the pirates might start paying now that the convenience is there. I don't think they'll lose anybody to the lack of DRM, because piracy is ubiquitous - if you want a song for free, it's out there. The recording industry makes more money because at least as many people are buying, if not more. About the only company that loses in this scenario is Apple. The recording industry could give them an ultimatum - no DRM or no music - and Apple would lose the lock-in that managed to defeat the recording industry last time they renegotiated the contract.
Lately, the prevailing theory for why DRM is present is not that it stops piracy, but that it locks content to one format so consumers have to buy it again and again for different platforms. That's a nice theory, but I question whether it truly works that way. When was the last time you remember somebody doing that? For example, I've never seen anybody buy a DVD of a movie they already have on VHS. (Admittedly, I could be living a sheltered life.)
Absolutely. I have no problem with paying what I regard to be a fair price for music/movies/whatever - but I refuse to buy something if it has DRM on it that will restrict my use of it. This would make me either camp 1 (or maybe 3...) - except I'm quite happy to pay for DRM-protected content if I can't easily buy a non-DRM version, AND I can easily strip the DRM from what I buy. If it is more convenient for me to pay a few bucks to quickly and easily find a high-quality version of something I can use freely, than it is for me to hunt down a decent-quality pirated copy, I am more than happy to do so.
I pay, I download, I strip the DRM, then I use how I please. It may be technically *illegal* anywhere that has DMCA-type laws, but frankly anyone who says it is *wrong* can bite my shiny metal ass.
My preference is, and will always be, in order:
1. Pay a *fair* price to quickly and easily buy a legal, DRM-free version
2. Spend time/effort to find a pirated/cracked copy
3. Buy a DRM-infected version and remove the DRM
I utterly refuse to buy DRM content if I do not already possess the means to remove it easily and permanently.
DRM will never stop piracy (to quote mulix64: "If you can play it, you can decrypt it") - all it does is inconvenience paying customers, turns some otherwise-paying customers to piracy, and presents only a trivial obstacle to piracy.
As soon as the MPAA/RIAA realises there are many people out there with the same views, the sooner they will start making better profits from online sales, WITHOUT pissing off their customers.
Problem is, people won't realize the High-Def either doesn't show, or doesn't matter. Even worse: they won't care. Most people get all glazy-eyed with technology, they just accept that not all movies are created equal. Others just want the fanciest, most expensive toy to show off to their sexually dominant peers.
It used to be, when someone bought a fancy overpriced stereo, came back the next day and said it sounded cheap, you'd tell them they need fancy overpriced cables to "bring out the quality" and off they go with $400 of cheap copper and plastic. Then when they come back you tell them "you need bi-amped speakers!" and off they go with $600 of cheap paper and wood. Then when they come back, THEY tell you "my stereo is shite, here's even more money, sell me the best you got".
With High-Def it's going to be the same song and dance. "My HD-DVD looks uglier than VHS", you need a new TV. "My HD-DVD still looks like shite", you need new cables. "My HD-DVD looks like Whoopi Goldberg's boobs", you need a power conditioner... the crappier something is, the more opportunity there is for upsale. That's why nothing ever works "just right", there's always some stupid feature that's glitched or backwards, just to make room for future improvement$. It sucks for discerning enthusiasts like you and I, because we're a minority. For every videophile that returns a crippled player on principle, there are 99 norms that will do the exact opposite and spend more money to "fix" the problem. High-Def is marketed as a luxury after all, and luxuries are supposed to cost lots of money for minimal functionality. At least that's what the retail world has been telling us all this time.
-Billco, Fnarg.com