Slashdot Mirror
Interview with Developer of BackupHDDVD
An anonymous reader writes "HD DVD and Blu-Ray were supposedly protected by an impenetrable fortress. However a programmer named "muslix64" discovered that this was not the case, and released BackupHDDVD. Now, Slyck.com has an interview with the individual responsible, who provides some interesting insight to his success."
Unlike old DVD-Video, HD DVD and BluRay have a bit -- so far not set -- that degrades all output unless it is via an HDCP connection. This means my older Sharp 720p projector will be degraded along with all early adapter's HD gear
This creates a powerful incentive to not just "backup" your HiDef DVD, rather to remove an onerous limitation -- it may violate the DCMA in the USA, but it is morally and legally sound to most of the world.
Anyone have a cost estimate for producing the AACS DRM? I'm guessing the crack didn't cost nearly as much.
Mij
If he was a native English speaker, he'd probably be in a country that has some sort of DMCA-type law. And he'd probably be in custody by now.
Weaselmancer
rediculous.
Well, the server is being bombed now. Here's the text from the page if you don't want to wait for 5 minutes per sentence.
The next generation of optical disc technology holds the promise to change the way we interact with and store digital media. Perhaps the most exciting change is the arrival of High Definition (HD) video, with its glorious 1920x1080 pixel resolution. It's a quantum leap forward in terms of watching digital content, as its vast resolution reveals a quality never seen before in such fine detail.
Because of the rapid escalation of digital file-sharing - especially of video files - Hollywood has been working around the clock to protect HD content. This is especially relevant for one of its primary delivery mechanisms - HD DVD and Blu-Ray discs. These next generation discs, with capacities of 30 gigabytes and 50 gigabytes respectively, have their content protected with an array of DRM (Digital Rights Management.) Both are protected with a scheme called AACS, or Advanced Access Content System. This DRM is a great leap forward compared to the weak CSS, or Content Scrambling System, that currently "protects" DVDs. Thanks to Fox, Blu-Ray has an additional layer of protection, called BD+, although most discs have yet to support this protection.
Although Hollywood has constructed enough DRM architecture to rival the Pyramid of Giza, it has long been suspected that it would be only a matter of time before HD DVD and Blu-Ray content protection were compromised. Convinced the golden DRM egg had been laid, it seemed that nothing could penetrate the great AACS wall. And to this day, that great wall still stands.
But why crash through the main gates of Constantinople when you can just pick the lock of a long forgotten rear entrance?
On December 26, 2006, a member of the Doom9.com forums named muslix64 introduced himself as circumventing the content protection - not the copy protection - of HD DVD. Additionally, he made available an open source program named BackupHDDDVD. At the time, this program was a command line program that bypassed the content protection - providing the individual successfully obtained the title and volume keys associated with the HD DVD. Once the individual has the keys, the AACS protection can be sidestepped, and the HD movie content can be extracted. According to muslix64, it took all of eight days to successfully circumvent HD DVD content protection.
Much of the more difficult work, such as extracting the keys, has been alleviated as the once encrypted information has proliferated online. To understand where this stunning turn of events is heading, Slyck.com spoke with muslix64, who agreed to a PM (private message) interview.
The mainstream media tends to have many labels for you, i.e. hacker, cracker, pirate, etc., in response to your efforts. What would you call yourself and what would you label your efforts?
I'm just an upset customer. My efforts can be called "fair use enforcement"!
What motivated you to help circumvent the content protection scheme associated with HD DVD and Blu-Ray?
With the HD-DVD, I wasn't able to play my movie on my non-HDCP HD monitor. Not being able to play a movie that I have paid for, because some executive in Hollywood decided I cannot, made me mad...
After the HD-DVD crack, I realized that things where "unbalanced" by having just one format cracked, so I did Blu-Ray too.
Explain how decrypting the device and volume keys are critical to your success. Could you explain the difference between the two?
The device keys, are the keys associated to the player.
The volume key, is the key associated to the movie.
I don't care about device keys. I do care about volume keys, because by using volume keys instead of devices keys, I totally bypass the revocation system. There is no "volume key revocation". There is content revocation, but I really doubt they will ever use it. If you use device keys, they can revoke them. Having the volume key means that you can decrypt ti
46487 466780 252994 376409 96920 39622 205366 244315 622115 512361 668040 63608 259203 955314 811176 652718 166330 23922
Good, that only narrows it down to five billion people. The MPAA will be sure to track down this scoundrel soon.
Everything I say is a lie. Except that... and that... and that, and that, and that, and that... and that.
It sure seems to me that the media companies chasing the people finding holes in their impenetrable fortress' is much like a dog that chases his own tail. Every once in a while he gets it, but then it hurts and he lets go, and then he off again chasing his tail. The time and money they spend protecting their stuff might be better spend on an ad campaign, or better yet drop the prices of the content so that maybe, just maybe they will sell a few more..
It seems the interviewer knows _NOTHING_ about the subject:
You can play an unencrypted movie wherever you want; an update of the encryption-scheme will not magicalle re-encrypt the movie. DUH!
An unprotected movie does not require HDCP; HDCP has _NOTHING_ to do with this.
This can't be stoped. It's not like the first DeCSS that used stolen Xing keys and could only work for as long as the keys weren't revoked.
This uses the keys specific for the DISC, which can't be changed anymore.
And the best part : In order to decrypt the movie and play it, every player *HAS* to have the volume ke in memory or SIMD register for a short period of time. No matter if players key are revoked, version upgraded, bugs fixed, etc... This technique doesn't rely on any bug that can be patched. It only rely to the fact that, whatever player you choose, at one moment it needs the volume key - which you can then grab and share on the net.
There's no way to patch this.
This is one more proof that the fundamental mechnics of the DRM - ie.: providing both the crypted data and the key in the same place - is flawed. You can't protect a content from the one who bought the disc. If data must be decrypted on the buyer's computer, then nothing cab prevent it from being circumvented.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Two, now.
-muslix64
If I understand it correctly, my output resolution will be degraded unless I buy a MPAA-approved display device?
Why would I bother upgrading from DVD if I'm not going to get any better quality?
Tip to Hollywood: Deliberately crippling technology doesn't boost sales. As far as I'm concerned, there's no point in buying into this. Why would I bother to spend a lot of money for something that won't work with my existing equipment, and likely won't work in the manner I intend to use it?
The society for a thought-free internet welcomes you.
After the HD-DVD crack, I realized that things where "unbalanced" by having just one format cracked, so I did Blu-Ray too.
Bless you, muslix. Now the two formats can compete as true equals where it counts: in the ease of supplementing your legitimate media collection with illegal copies of things that you "kind of like".
Let's not pretend that there is one type of pirate. There are many levels of pirate, and by far the most common type (at least in my experience) is the "pirate" who buys plenty of legitimate media, but occasionally supplements their colleciton with an illegal copy of something that they don't care enough about to pay full price for. You can see the popularity of this line of thinking by watching people paw through the "bargain bin" at any major retailer. These are the movies that no one liked enough to pay full price for, but still maange to sell. This is more of a problem, as I see it, with the uniform pricing structure of DVDs. Let's not pretend that "Batman Begins" and "Sisterhood of the Travelling Pants" are worth the same amount of money to most people. They are simply not, and should be priced differently from the get-go. Sadly the media companies instead try to rake in bucks from the "gotta have it now" super-fans crowd by artificially inflating the price; the side-effect is piracy. I would wager that the media companies gain more money then they lose by this process; the convenience of the consumer does not enter into the equation (these companies have demonstrated, repeatedly and without a doubt, that the convenience of the consumer is a very, VERY low priority to them).
Of course I am deliberately discounting bring up That Guy. You know That Guy. He is the guy with the huge collection of pirated movies for the sake of having them. To be fair, unless That Guy has a lot of friends (and usually they do not) they are no real threat to media companies. That Guy would not have purchased the movies anyway, and his collection is (to put it bluntly) a dick-measuring contest to make himself feel better anyway. Every That Guy that I have ever met has had movies of laughably bad quality in their collection; their love is not for the cinema but rather, like a dragon, they hoard the wealth for it's own sake rather than an appreciation for it. And that might be the dorkiest thing I have ever written.
Yes, and how Windows it self will know that it isn't running inside a "simulated" trusted computer (the TC chip is virtual and part of the emulator) running inside an actual regular computer (with no chip to prevent you from running whatever you want ?)
For this to work you actually need TC-enabled computers. There aren't currently enough of them.
So either Microsoft pisses of its customers with something like "HD DVD & BD can only played on Windows Vista running on special mother boards. The rest of 80% of you just can't play them at all" (and currently customers are already pissed enough because they can't always play in full HD when they don't have display systems that *are* getting popular those days). Or either microsofts accepts to let some player run outside it's protected models and you don't even need a virtual machine or root kit to extract the needed data from memory.
As said by another
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
The *IAA wastes so much time, energy and ultimately money on various DRM implementations and the end result is always the same. The DRM is eventually cracked so those who want to pirate material can and do yet the DRM is cumbersome enough to upset and turn off a certain percentage of legitimate customers.
My roommate purchased an HDTV a few years ago before the HDCP standard emerged and he recently bought a Playstation 3. He was seriously pissed when he found out he couldn't watch Blue Ray Discs at the highest resolution because his TV wasn't compatible.
Things like this only serve to alienate legitimate consumers who are already inclined to pay for the product. The pirates just wait for the DRM to be cracked.
Since the DRM on these new formats is so insulting, I'll always be happy to see it suffering setbacks like this. However, I'd be slightly less happy if the person who cracked it was just some guy who wanted to be able to get everything for free and impress his mates by giving them free movies. Assuming this muslix64 character is telling the truth, he seems like a decent sort. His story is just that he wanted to be able to use his own purchased movies in the way that he wants to, in his own home. So consider him thoroughly endorsed!
On a different subject, this still leaves Linux (and BSD, ReactOS, Haiku etc., etc.) users in a spot of bother. I don't understand if having a movie key would allow you to watch something on the disc even without the right player software to access the HD-DVD/Blu-Ray drive, but even if you don't need special software it still looks like extraction of the movie keys can only be done with Windows software, and presumably OSX software in the future. I'd still really like to see a proper, Free Software, libdvdcss-style crack for these formats. I'd like to think it's only a matter of time...
It seems likely to me that MS has a trick to allow protected processes to be debugged. It's either a secret mode of Vista, or they have debug builds of Vista that allow this type of snooping to take place.
I mean, in the perfect world, you develop non-protected, and then you turn it into a protected process once it's been debugged. But back in the real world, certain programs will break and you'll only be able to debug in "protected" mode.
If Hollywood is bright, they'll just ignore this. The DVD is certainly exploitable (in fact, in hindsight, it was trivial), but last I checked they make a ton of movies from selling DVD's. I fail to see this is any different.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
How do you know that Intel has not been putting a TPC module in every CPU for the last five years? They've had this ring architecture for a decade, could there not be one more ring they never told us about? in five more years they could turn it on and surprise! every computer less than a decade old is TPC complient. The remaineder still run but can't use the new OS or must run in a reduced privledge mode.
Some drink at the fountain of knowledge. Others just gargle.
Someone who likes muesli and Intel architecture but isn't so good at spelling?
Q: What is the fastest way to crack a DRM scheme?
A: Label it as uncrackable.
Thank you, thank you. I'll be here all week. The 9:00 show is completely different from the 7:00 show. Be sure to tip your bartenders and waitresses.
Laws affecting technology will always be bad until enough techies become lawyers.
How about a player for linux?
Since, based on the past, none of the studios will license a key for a linux player, I propose we create a player that, as part of playback, incorporates this "crack".
To get around this, the player will prompt for the disc key before playback. Then, the disc is decrypted as playpack is performed, thereby bypassing the "Player Key".
"Freedom in the USA is not the ability to do what you want. It is the ability to stop others from doing what THEY want"
You have found the very reason why they have not enabled the flag and will not for years to come - way too much old equipment and way too many customers to be pissed off.
In the technical rounds it was easy enough to add the flag, but once the marketing people realized what it would do they nixed the use of it.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Which is why I will never "upgrade" to HD. When my lowdef stuff stops working, I'll simply opt out of the rat race and not buy anything. Books are still good.
I will not pour thousands of dollars into a HD system only to have some jerk in a corner office somewhere decide that my investment constitutes a risk to his profits, and be able to take it away from me without consequence, without my consent, and without buying me new geegaws. F'em. They don't generate ANY content I'd be willing to pay that much to watch.
But that's just me. Feel free to pour $BUCKs into their profiteering maws if you wish. It's your money... well, your's and mostly THEIRs, since they can decide to take it away from you.
Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves.
Sheesh, and they make fun of his English!
"If you have nothing to hide, you have nothing to fear." - Every fascist, ever
This trick is quite handy to stop services that you don't have rights to, by replacing them with dummy executables... *cough* corporate USB port disabling software *cough*
gcc: no input sig
From what I can tell, there's three camps of consumers when it comes to DRM:
- The camp that can't stand it, won't buy it, and goes without the content.
- The camp that doesn't like it all that much, but buys it anyway.
- The camp that won't pay no matter what you do, and pirates the content instead.
I know the recording industry is losing out on sales thanks to DRM because they're losing me. I just discovered an amazing album on iTunes, but I'm not going to buy it because of the DRM. If FairPlay wasn't there, I would have just spent $9.90 to download an out-of-print album. I have heard other Slashdotters express similar sentiments.Lifting DRM seems like a win-win-win-win scenario to me. The hold-outs like me will suddenly start buying music, the existing paying customers will be happier that they can move their music back and forth, and some of the pirates might start paying now that the convenience is there. I don't think they'll lose anybody to the lack of DRM, because piracy is ubiquitous - if you want a song for free, it's out there. The recording industry makes more money because at least as many people are buying, if not more. About the only company that loses in this scenario is Apple. The recording industry could give them an ultimatum - no DRM or no music - and Apple would lose the lock-in that managed to defeat the recording industry last time they renegotiated the contract.
Lately, the prevailing theory for why DRM is present is not that it stops piracy, but that it locks content to one format so consumers have to buy it again and again for different platforms. That's a nice theory, but I question whether it truly works that way. When was the last time you remember somebody doing that? For example, I've never seen anybody buy a DVD of a movie they already have on VHS. (Admittedly, I could be living a sheltered life.)
I thought the name was describing the 64-bit version of a breakfast cereal?
Modern copyright is theft of culture from everyone and it retards the progress of the useful arts and sciences.
So basically... "We're going to hold this gun to your head, here, but don't worry -- we're not going to use it! It's just easier to put the gun there, now, than it would be to do it later...but we don't want to deal with the mess it would make if we used it, so just forget it's even there. Trust us!"
We don't have to trust them. We have Blu-Ray/HD-DVD backup. I am just explaining what will happen, and why.
No, thanks. I think that as the media companies become more and more desperate, as it becomes painfully obvious that DRM just doesn't work, they're going to pull out all the stops and go down fighting.
Why would they? They will have seen the music industry cave to DRM free formats by that point and realize what large sums of money are to be gained by leaving things as they are.
Don't ever question what a broke junkie will do for a fix, and don't ever question what an obsolete corporation will do to protect its business model.
Don't ever think that a company will give up a large pile of money shoved in front of its face. That's the predictive model I use.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Absolutely. I have no problem with paying what I regard to be a fair price for music/movies/whatever - but I refuse to buy something if it has DRM on it that will restrict my use of it. This would make me either camp 1 (or maybe 3...) - except I'm quite happy to pay for DRM-protected content if I can't easily buy a non-DRM version, AND I can easily strip the DRM from what I buy. If it is more convenient for me to pay a few bucks to quickly and easily find a high-quality version of something I can use freely, than it is for me to hunt down a decent-quality pirated copy, I am more than happy to do so.
I pay, I download, I strip the DRM, then I use how I please. It may be technically *illegal* anywhere that has DMCA-type laws, but frankly anyone who says it is *wrong* can bite my shiny metal ass.
My preference is, and will always be, in order:
1. Pay a *fair* price to quickly and easily buy a legal, DRM-free version
2. Spend time/effort to find a pirated/cracked copy
3. Buy a DRM-infected version and remove the DRM
I utterly refuse to buy DRM content if I do not already possess the means to remove it easily and permanently.
DRM will never stop piracy (to quote mulix64: "If you can play it, you can decrypt it") - all it does is inconvenience paying customers, turns some otherwise-paying customers to piracy, and presents only a trivial obstacle to piracy.
As soon as the MPAA/RIAA realises there are many people out there with the same views, the sooner they will start making better profits from online sales, WITHOUT pissing off their customers.