AACS Cracked Again

EmTeedee sends us to a blog post for a summary of the latest results in cracking AACS, from the Doom9 forums (as the earlier cracks have been) — after the DVD Security Group said it had patched the previous flaws. From the DLTV blog: "This time the target was the Xbox 360 HD DVD add on. Geremia on Doom9 forums has started a thread on how he has obtained the Volume ID without AACS authentication. With the aid of others like Arnezami they have managed to patch the Xbox 360 HD DVD add on... It appears that XT5 has released [an] application that allows the Volume ID to be read without the need to rewrite the firmware. This would mean that anyone could simply plug in the HD DVD drive and obtain the Volume ID from any HD DVD without the hassle of flashing it."

One word.

[Spazntwich]

Owned.

Re:One word.

[Ravenscall]

When will these stuffed suits learn that the more they try to limit people, the more people will fight those limitations?

Re:One word.

No, this would definately be beyond "Owned."

This is a PWNED!!1!

Re:One word.

[Spazntwich]

Hopefully not anytime soon, as I love stories of this type.

Seriously, what was the turnaround time from a claimed patch to another breach? Was it even 3 days ago those clownshoes were crowing about it?

Re:One word.

You mispelled "Pwned".

Re:One word.

[ryanvm]

Oh come on, you know you wanted to make your point with a Star Wars quote.

Re:One word.

[Ravenscall]

That works as well.

Re:One word.

[RPoet]

We shall become more powerful than they can possibly imagine.

Re:One word.

[Miseph]

Parent is, by virtue of being the first post in the article, not redundant. If you don't know what that word means, don't moderate it.

In any case, owned indeed. And bravo for thinking to use an Xbox 360 in the hack, that's definitely worth some bonus points.

Re:One word.

[calciphus]

As inconvenient as it is, the real reason for DVD security like AACS isn't for the consumer. Sorry, you're not that important.

When people invest millions of dollars in developing a standard like HD-DVD, Blu-Ray, or whatever comes along next (UV-DVD?), they need assurances that they will get their money back. They don't make money off of the sale of DVDs, but rather off of DVD hardware. So companies that manufacture DVDs can't just build players, they have to buy little AACS chips directly and exclusively from the standard's creator, and pay them a fee.

They don't /really/ care if you break the encryption, because no DVD-player manufacturer could ever go out and use the cracks to avoid paying Sony / Toshiba/NEC. AACS has done its job, in that sense.

I'm glad AACS was cracked. I don't particularly like the idea that I have to rely on a physical copy of something I allegedly only own the rights to "watch" anyways.

Re:One word.

The more you tighten your grip, Tarkin, the more star systems will slip through your fingers.

Re:One word.

[Kaenneth]

Ownedbiwan Kenobi?

Re:One word.

When the same post is made in every single DRM thread, it's redundant. If you don't know what that word means, don't criticize those who do.

Re:One word.

[nigelo]

"Come back here and I shall taunt you a second time".

Re:One word.

[Jugalator]

Wanna bet that with movie exec logic, they will now try to shut down the Doom9 boards for supporting DMCA-infringing activities, and hope for the problem to go away for a while? :-p

Re:One word.

[brogdon]

"You mispelled 'Pwned'."

...and you misspelled "misspelled." :)

/English geek

Re:One word.

To the mods who modded parent up, Thank you. With this guy at -1, the discussion was rather *borked* since this is the root of the main discussion thread. May you be be blessed with fair metamods.

Re:One word.

[HTH+NE1]

Well, you don't have to use Star Wars. There's other cultural references to be made.

"AACS of Evil" springs to mind.

Re:One word.

[TheSloth2001ca]

what you said makes sense, but why spend millions of dollars creating something as complex as AACS when CSS or any other simple easily cracked DRM scheme would accomplish the same thing

Re:One word.

When the same post is made in every single DRM thread, it's redundant.

So then, it goes owned, then repo'd, and now we're at Pwned, then next is rePwned, then... what, Pwnz0rd?

Re:One word.

[Tatarize]

I read on Slashdot briefly while my brother was in the room that AACS was patched, he seemed slightly depressed. I just chuckled and said that it would be hacked again within the week. Which I understood to be extremely pessimistic. It amazes me that the hacks come after the patches.

Re:One word.

[calciphus]

Why spend millions on AACS when other DRM would work?

Two reasons: 1 - Because if it's an existing scheme, SOMEONE owns it and likely it isn't the people inventing the new standard, nor can they charge "new technology" prices on the encoding/decoding hardware. You can't really go to a mfg and tell them they have to buy the same chips they've been buying for 10 years and tell them they cost more now. No, these are new chips. See the new logo?

And 2 - Because you need to give the content creators a reason to prefer your technology, enough to get them to make the initial investment in it. "It's way harder to pirate this movie. It's HD-DVD! Encryption the likes of which has never been seen. So will you use it to stop those big scary pirates?"

Hell of a sales pitch to a dying, scared industry.

Re:One word.

[glittalogik]

They have to implement incrementally more complex encryption to present the impression (true or otherwise) of due diligence to clients/stakeholders. If they replaced CSS with something even simpler, they'd get blasted for it. This way it at least looks like they're trying, and that's good enough to cover their asses and stay in business.

Re:One word.

[ceroklis]

You are an idiot.

Consortium always make manufacturers pay a fee for every piece of hardware that follows their specification, DRM or not.
For exemple, for every end-user device including firewire ports, 0.25$ goes to the firewire patent holders.

ROI for technology developers and DRM are unrelated.

Re:One word.

The companies that develop the standards make most of their money simply through licensing fees and royalties. The AACS chip contributes only a small part of their income.

AACS chip sales are not the primary motivation for a company to create a new DVD standard. Licensing fees are the chief motivator.

Re:One word.

[suv4x4]

When people invest millions of dollars in developing a standard like HD-DVD, Blu-Ray, or whatever comes along next (UV-DVD?)

Next comes Internet...

Re:One word.

[calciphus]

Eloquently stated, and clearly thoroughly researched.

USB/Firewire is a little different than DVD technology. With Firewire, you're paying to be part of a logo consortium. You guarantee that your product will work according to their standards and you pay them a bit of money. In exchange you get to put the "Firewire" logo on your stuff. Same goes for bluetooth, and for USB. But that's because no one company controls these. They're consortia and operate differently.

But how do you suppose they enforce that payment? It's very easy to see if someone's put your logo on their product. How do you know if they used your chips or someone else's? How do you sell them multi-million dollar encryption hardware if they could just go without it? You make it required to read the discs. You could produce a non-AACS compliant HD-DVD player. But it wouldn't play commercial movies.

The purpose is for Sony or Toshiba/NEC to control who can MAKE their standard's players, recorders, and authoring hardware. It's use as a copy-protection scheme is secondary.

Re:One word.

[Sledgy]

It amazes me that the hacks come after the patches. Well the hack coming before the patch would be a little difficult =oP

That does it!

[jhfry]

No more movies! Ever! We quit!

The movie industry.

Re:That does it!

[Thyrteen]

Well, as they said yesterday, who wanted to wait a whole 24 hours for this one to happen? :)
Score:
HD-DVD DRM: 0
Crackers: 2

Re:That does it!

[Transported+Mutton]

Yep, if it is digital it will be copied. Of course the movie and music industries aren't bright enough to figure this out. How else do you explain their suport for Hillery (and company)?

Re:That does it!

[CogDissident]

Anyone else find it funny that this came out just as they were putting people together to push out the new updates?

I have this mental image of a guy in overalls hauling boxes and boxes of patched DVDs out to the truck, looking up at the news-monitor in the shipping yard, and just a single tear falling.

Re:That does it!

[SillyNickName4me]

I have this mental image of a guy in overalls hauling boxes and boxes of patched DVDs out to the truck, looking up at the news-monitor in the shipping yard, and just a single tear falling.

Hmm.. I'd think he'd smile tho. nice job security for a while.

Re:That does it!

That would totally rock. If Big Media could be convinced to limit themselves to their own venues, there might even be enough demand for downloadable indie releases to establish a working micropatronage-based economic system for digital media. Heck, the popular artists might even be able to solicit a bit of "product placement" cash to make it more profitable.
    Would a simple HD recording of a local acting troupe, performing a local playwright's play, be worth donating a quarter to, by you?

Re:That does it!

[Opportunist]

They still make movies? I thought they fired all the actors and hired lawyers instead.

Re:That does it!

[Jamil+Karim]

I have this mental image of a guy in overalls hauling boxes and boxes of patched DVDs out to the truck, looking up at the news-monitor in the shipping yard, and just a single tear falling. Hey! You left out the part about the news-monitor showing a guy in a car littering, and the guy in overalls being Native American.

Re:That does it!

[Oktober+Sunset]

I see a little thought balloon appearing above his head, with the word Overtime!, then a tiny image of him going Scrooge McDucking style in a huge pile of money.

Meanwhile, the fat cat manger receives the report on how much it cost, a single tear is about to fall, as he thinks he can only buy 3 new yachts this year instead of 5, but then he remembers that actually, he can just shift the blame onto someone else and so still get his $20 million bonus, then he remembers how he would get it anyway even if he didn't fuck up. Then he cuts all all the cleaning staff's pay to make up part of the loss and he gets an even bigger bonus and can buy 7 yachts.

Then all the shareholders get their dividend report, all start crying uncontrollably as they realise their investment is paying out worse than a Scotsman on comic relief night. However instead of doing something like kicking out the board, they bleat along to the tune, The Haaaaaackers did it, BAAAAAAAAAAD hackers. Cut to fat cat manager, takes a break from Scrooge McDucking it in his pool of money and he cuts pensions and healthcare for all shipping and logistics staff. Cut back to original guy, who has to spend all his overtime money on buying his kid new braces, .

Meanwhile, the government outlaws, fair use, free speech, free thought, freedom, etc.

Capitalism at it's finest.

Re:That does it!

[Embolism]

I bet they just waited for this moment. I would have.

Find new AACS crack/app.
Wait for the new security updates to be distributed and the obligatory self-congratulations from the issuers.
Announce your new crack/app, sit back and watch the fun.

Re:That does it!

[PopeRatzo]

No more movies! Ever! We quit!

The movie industry.

If the "movie industry" closes shop tomorrow, there will still be talented filmmakers producing and distributing their work. "Intellectual Property" laws are not designed to protect the innovators. By definition they are designed to protect those absolutely talentless hacks who inhabit the movie studios so they can keep themselves in late model luxury cars. The filmmaker who owns the rights to his own work are extremely rare, and are usually only the most successful ones.

The more I think about it, I wouldn't miss the movie industry one bit if it went away. The music industry, too.

Re:That does it!

[arodland]

For sure. If I was working on cracks for this sort of thing, and I had an agenda, I would sit on any new break as long as the current ones were still working. Then once they expend the effort to patch the current ones, you have some new ones ready the next day. Release a crack early and you give the up the game by letting them counterattack all of your positions at once. :)

Re:That does it!

[howlingmadhowie]

I've been thinking about this.

let's take the 1960s as an example. how did hollywood make the big bucks back then? how much did a big film cost? i imagine they got money from selling films to cinema chains and to television franchises. as well as this there was a lot of merchandising. one line of income just didn't exist however: selling the film on a tape or similar to each customer individually.

let's move on to the start of film-marketing to the end consumer. i suppose the video cassette was the first example. here you had technical difficulties before you could copy the film. you needed a second player/recorder. since these things were expensive, the film industry was quite happy to sell videos and not worry much about piracy to begin with. a whole new revenue stream appeared.

then the dvd came, and for 3 or 4 glorious years for the film industry, everything was perfect. dvds could be read, but a dvd burner was prohibitively expensive, ripping a film took ages, and no one had quick internet, so ripped films could only be transfered by physically giving someone a disk. lots of dvds were sold, hollywood had never had it so good.

then everybody got faster processors, huge portable hard-drives and dsl-16billion bps. the new oilwell of marketing directly to the end consumer which appeared at the start of the 80s is drying up. the film industry could point to these things and play the old game of "pity me" from eric berne. the result? a new encryption system (already broken) and legal protection. it is now the case in germany for example, that accidentally causing a nuclear explosion has a maximum sentence of 3 years, while copying a dvd can result in a five year prison sentence.

some things have to be looked at here more closely:

• 1/ have dvd sales really gone down? does anybody have some recent figures for this

• 2/ what was the total turnover of hollywood in 2000 compared with 1970? how much of this came from dvd sales?

• 3/ how much was the budget for media in the average household in 1970 (books, records etc) and how much is it nowadays?

• 4/ how much did the average film cost in 1970 compared with 2005?

in my mind, these are the questions that matter, and we need to be aware of the hard facts here before we buy into the story of the mfia that everybody is a hardened criminal out to get them.

Re:That does it!

[soliptic]

their investment is paying out worse than a Scotsman on comic relief night

I do realise you're joking, and I'm not being defensive/offended because I'm Scottish, because I'm not Scottish (well, if I have any Scottish blood, it's at least three generations back)... But...

Just out of interest, did you know that the Scots are statistically the most generous charity-givers in the UK? Sorry, too drunk to find a proper source to cite

Re:That does it!

[mlrtime]

So what you're telling me here is to sell Yachts?

Bang...

...that head (->MPAA) that doesn't bang.

Or are their heads in the sand? Or both?

Nothing is Foolproof

[Umuri]

God just needs to invent a better fool. Or in this case, someone who cares about being able to watch stuff they buy, on other stuff they buy. No questions asked and no crud breaking because it thinks it's "illegal" due to some dust or something.

When will they learn? I'm remembering a phrase about old dogs and new tricks. The **AAs are very old dogs.

Re:Nothing is Foolproof

Actually, didn't the Mythbusters proved that you can indeed teach an old dog new tricks?

Re:Nothing is Foolproof

[ltjr]

Actually.. that was disproved on Mythbusters.. you _can_ teach an old dog new tricks.

Maybe there's still hope for the MPAA... *cough*

Re:Nothing is Foolproof

[oyenstikker]

It is like spam. Nobody needs to buy the things advertised in spam. Some idiots just need to think somebody will buy the things advertised in spam. The suits at the ??AA just need to think that copy protection will work.

I LOVE this!

[jhfry]

It seems that the /. crowd, and the tech industry in general, knew well before AACS was ever released that it would be a flop. We knew it would do nothing to prevent disks from being copied, we knew it would do nothing but hurt the consumer, and we knew it was an utter waste of money.

Yet the movie industry pushed forward, and look where it got them... exactly where we said it would, nowhere.

I can't wait until they realize that it's not worth it, and just stop concerning themselves with copy-protecting their media and instead focus on creating good movies.

Re:I LOVE this!

[suv4x4]

I can't wait until they realize that it's not worth it, and just stop concerning themselves with copy-protecting their media and instead focus on creating good movies.

Let's keep things straight:

writers/directors/actors focus on creating good movies;
movie distribution/marketing companies focus on wasting money on copy protecting their media.
hackers concentrate ruining the cop protection efforts;
the general consumer looks at the easier way to get their movie, be it rental/torrent/buy DVD/p2p: whatever seems better value.

Re:I LOVE this!

[Pope]

DRM or not, the current 1 freaking minute booting time for HD DVD players (dunno about BluRay) is enough to put me off the damn things.

Re:I LOVE this!

Spoiled rotten. I can remember taking a week to download Slak on my 2.8K modem. A whole minute ... whoa one could forget everything by then.

Re:I LOVE this!

[jhfry]

writers/directors/actors focus on creating good movies;
movie distribution/marketing companies focus on wasting money on copy protecting their media. Yes, but if you took the resources wasted by the distribution/marketing companies to DRM their content, the writers/directors/actors would have more resources to create better (arguably) movies. Or at least profits could be better which would help offset the losses from illegal distribution.

Re:I LOVE this!

[CannonballHead]

So, there should be no copyrights, then? Everything should be in the public domain?

Anyone can take a movie and claim its his?

Hm. Even open-source software has some amount "this code was written by..." and generally you don't steal it and say you wrote it. Recently, the Beryl vs. Compiz thing sorta had a fight in that regard.

Whatever we might think about various copyrighting methods, though, the fact remains that people will generally like to receive credit for their work, and possibly even money. So, you can blast the system all you want, but can you propose something better?

Re:I LOVE this!

[TheGratefulNet]

one minute booting time?

are you serious? I don't own one (never will - I don't condone the BD or HD-DVD 'protection' concepts and they'll never get dollar one from me).

why on earth does it take that long? for every startup?

are you talking about software based players (on a pc) or hardware set-top boxes?

(what are they doing? calculating PI to zillions of digits or something??) ;)

Re:I LOVE this!

[MightyYar]

I think that you misunderstand the criticism. Most of us agree that some concept of copyright is probably a good way to provide an incentive to potential content creators. DRM is what is being attacked here... The fundamental problem with DRM is that eventually the content has to be converted into photons and sound waves. It is a physical impossibility to protect photons and sound waves from being copied. In addition, most (all?) DRM schemes to-date have been compromised by getting access to the still-digital signal, which eliminates the single generation-loss that an analog copy would have.

A better solution? Sure... just sell your movies/music and go after the for-profit pirates. The same strategy that has worked for, what, 30 years? Longer in the print industry, who have been susceptible to "perfect" copies for a lot longer than the movie industry. Last I checked, CNN.COM still puts out news even though I can cut-and-paste it, verbatim, on to my own web site.

Re:I LOVE this!

Hmmmm, if I'm not mistaken, Java is a programming language... It doesn't *do anything* until it runs on most likely a virtual machine (which might be poorly implemented), or directly on hardware (which is unlikely). But I wouldn't go as far as saying that it's Java's fault... You just gotta use the right tool for the right occasion, and in this case, I'd agree that running a Java application on a virtual machine to control the hardware, if that's what they are doing, it's probably not the appropriate tool for the task. I've only seen an Early HD-DVD player boot, and it looked more like it was loading an operating system, such as linux or something similiar, but I never looked in to it further. Still waiting to buy until some company comes out with something that plays both formats...

Re:I LOVE this!

[toleraen]

Ohhh, I suppose it would take about a minute to get the water hot enough. Smart thinking in designing those new HD DVD coffee cup holders with the coffee maker built right into 'em.

Re:I LOVE this!

[SydShamino]

The fact that they consider my TV that I spent $3 grand on unworthy of their video, because it doesn't have the correct plug thingy in the back, is enough to put me off the damn thing.

Oh, and I watch 100+ movies a year (over 30 so far this year in the theater, another dozen on DVD). Most of those were independent films at festivals, but still, I'm the perfect market for HD movies at home: watch lots and lots of movies, invested early in hidef, etc. Instead they don't want to sell me product I can use.

Re:I LOVE this!

[ben+there...]

Looks like as with all media post-internet, the solution is to cut out the middle man:

1) writers/directors/actors focus on creating good movies;
-->2) movie distribution/marketing companies focus on wasting money on copy protecting their media.<--
(hackers concentrate ruining the cop protection efforts;)
3) the general consumer looks at the easier way to get their movie, be it rental/torrent/buy DVD/p2p: whatever seems better value.

Re:I LOVE this!

[Opportunist]

One minute boot time surely is no deterrent for me.

Then again, I don't use a system that needs a reboot every few minutes, I can see that this could be slightly annoying.

Re:I LOVE this!

[drxenos]

So, does your sig. have a trailer?

Re:I LOVE this!

"Virii" isn't a word, you frigging morons.

Neither is "frigging."

Re:I LOVE this!

[badasscat]

Yes, but if you took the resources wasted by the distribution/marketing companies to DRM their content, the writers/directors/actors would have more resources to create better (arguably) movies.

It's more like, if hacks like Joel Schumacher stop getting $200 million budgets to make the next crap Hollywood "blockbuster" that ends up bombing at the box office anyway, then other directors will have more resources to create better movies, or at least more of them.

The bottom line is expensive special effects don't make good movies. Never have. Ever heard of Citizen Kane? Casablanca? The Graduate? On the Waterfront? One Flew Over the Cuckoo's Nest? Not a single explosion in any of those movies.

Movie budgets have basically no correlation to movie quality. It takes approximately zero dollars to write a good script. Maybe a couple bucks for some paper and a pen. Not even a computer's necessary - most of the best scripts ever produced were written in the days of the typewriter. It is true that there's a base budget that's necessary to actually produce an existing script - film/tape stock, equipment rentals, talent payroll, catering, etc. - but that is so far below what the average budget is these days that it's completely ridiculous.

In other words, the money spent on DRM has absolutely nothing to do with the quality of our movies. Writers, directors and producers have no constraints whatsoever put on them by DRM on the home video side. And if you want to complain about bad movies, it's probably because there's too much money flying around rather than not enough.

(That said, there are plenty of great movies being made today, including in Hollywood but also outside of it. If you're not finding them, then that's mostly a personal problem.)

Re:I LOVE this!

[blincoln]

The bottom line is expensive special effects don't make good movies. Never have. Ever heard of Citizen Kane? Casablanca? The Graduate? On the Waterfront? One Flew Over the Cuckoo's Nest? Not a single explosion in any of those movies.

But imagine how much *better* a few... hundred... explosions could make those films. Imagine a Citizen Kane where Orson Welles screams "Roooooosssebuuuuuuudddd!", his hair poofs up Dragonball Z style, and he emits a shockwave of grief which levels Neo-Tokyo.

Seriously though, I don't think special effects are the problem. Movies like Sky Captain and Once Upon a Time in Mexico actually used special effects to save a great deal of money on production. It's more like blockbuster films involve spending a ton of money on everything - actors, vast crews, giant sets, location shooting, orchestras, etc. And really, given that they rake in a considerable amount of money, can you *blame* all of those people for insisting on relatively generous salaries? Would it somehow be more fair if the profit stayed the same, but the studio execs kept even more of it and everyone who actually made the movie got less?

Re:I LOVE this!

[FireFury03]

the general consumer looks at the easier way to get their movie, be it rental/torrent/buy DVD/p2p: whatever seems better value.

Ah, but the thing is that the DRM _reduces_ the value of the legitimate product.

• If I buy a DVD and put it in a legitimate player I get to sit through long unskippable videos telling me that copying is bad. If I download a copy of the movie I can just sit down and watch it.
• If I buy an HD DVD I can't play it on my computer because I use Free software (DRM is fundamentally incompatable with Free software). If I download a copy of the movie then it works just fine.
• If I buy some music on a corrupt optical disc (which seem to be still sold as "CDs"), I can't play it on my computer, can't rip it to Vorbis files to play on my in-car Vorbis player and it may not even work on some legitimate CD players. If I download a copy of the music then it works just fine.
• If I buy "protected" content then I can't back it up, meaning I have to carry the original discs with me which could be lost or damaged. If I download it then I can back it up just fine.

In all of the above cases, the content producers are actually pushing me _away_ from the legitimate product because the illegal version is much, much better.

The only way you can get away with screwing your customers like that is if there is no way for *anyone* to copy the product. As soon as one person has copied it, anyone else can download the copy.

Most people _want_ to buy content legitimately, but DRM or extortionate prices prevent them from doing so.

Re:I LOVE this!

What makes Toshiba's HD-DVD players slow is booting Linux. I have no idea why they don't write a bootloader that does the equivalent of a "resume" as the counterpart to a suspend to disk. There's no need to search and initialize the hardware and load applications again and again on millions of never-changing systems. Just boot your one development system, make a memory snapshot, and let everyone benefit from the one minute you spent watching it boot. Is it really so hard?

I have a media player appliance that runs ucLinux and has the same problem, although it does have to anticipate changing hard disks, network configurations and USB Mass storage devices, so at least they have a bit of an excuse for the ~40 second boot time.

On the topic of Java and slow aplliances: Here in germany one of the pay-TV stations used to sell set-top boxes that were running a Java based OS on a 66 MHz PowerPC platform. It took about 5 minutes to boot and had to reload bits and peaces of the UI at a glacial pace. Surprisingly, they never even managed to implement all the features that were promised on the reail box. There are a few linux ports for this dBox thing, like this one: http://www.tuxbox.org/ and all of them are more stable, insanely fast in comparison, and provide any feature one could wish for within the limits of the hardware.

Re:I LOVE this!

[MikeBabcock]

A minute? My blu-ray movies start almost instantly when I put the disc in the PS3 drive.

What bugs me is people like Disney preventing me from rewinding on DVDs ... ugh. I saw a good preview at the beginning of the disc and said "look at this" while pausing, my wife came and I tried to rewind ... no go. Had to eject and put the disc back in. Stupid people.

Ouch

[Grimfaire]

Someone really needs to fire whomever the MPAA uses for deciding on security for these things. Haven't they heard the golden rule of computer security? "Security by obscurity is no security" and that's all they are doing is trying to hide a key. Find the key... no security. Sheesh....

Re:Ouch

[geoff+lane]

With the added bonus realization that it only has to happen *once* in the digital domain and you've got "perfect sound (and video) for ever".

Re:Ouch

[Kimos]

It's not the fault of the MPAA directly. It's the fundamental flaw of DRM.

Encryption works because parties A and B exchange data that is encrypted with a key that party C does not have. In the case of DRM, you have the encrypted data and you have the keys that you need to decrypt and view the data. You are in essence parties B and C. They hide the key from you in the players and software, but it's there if you know how to find it. That's why DRM can and will never work. It's security through obscurity.

Re:Ouch

[ad0gg]

Security by obscurity is a valid security principle but it shouldn't be used alone. It should part of your overall security implementation. Problem with DRM, and why it will always fail, is that the consumer/user needs the ability to decrypt the protected content. Consumer/user has to have access to the decryption key.

Re:Ouch

[Pharmboy]

Security by obscurity is a valid security principle but it shouldn't be used alone.

At best, "Security by obscurity" is a way to buy a little bit of time, nothing more.

Re:Ouch

[TrekkieGod]

Encryption works because parties A and B exchange data that is encrypted with a key that party C does not have. In the case of DRM, you have the encrypted data and you have the keys that you need to decrypt and view the data. You are in essence parties B and C.

I've heard that a lot and it does make sense to me that it would be a fundamental flaw if it was true. Unfortunately it's not. You're not both parties B and C. Your media player is party B, and it's responsible for showing (but not giving you a copy of) the unencrypted content to party C.

In terms of standard encryption, that's like you sending an encrypted file to me, with the understanding that Joe is in the room with me and will also see it on my monitor. I don't have to give the encryption key to show Joe what you sent me. I use my key, display the contents on my monitor, Joe sees it. He can take a picture, film it or whatever, but he can't get a perfect digital copy unless I allow him to get one.

Unfortunately, I do think we're getting close to unbreakable DRM. You can and will always be able to set up a camcorder on your living room and record the unencrypted content the player is showing you. Unfortunately, I think getting perfect digital copies will be a thing of the past until we have legislation to specifically protect our rights.

Re:Ouch

[rm-R-winnt]

Cracking@home, anyone?

Re:Ouch

It's not a perfect mapping.

The media player is not a person. It can be cracked open, analyzed, and tortured but won't object, call the cops, or raise anyone's suspicions. However, getting the key or password from you would, most of the time.

It's also that in this instance, they're trying to send out a mass message to many people (disc distribution) and let any one of them decrypt it. It'll be different when they do downloads and it's encrypted for one person only, but DIVX died and had this sort of limitation.

Re:Ouch

[tooslickvan]

I've heard that a lot and it does make sense to me that it would be a fundamental flaw if it was true. Unfortunately it's not. You're not both parties B and C. Your media player is party B, and it's responsible for showing (but not giving you a copy of) the unencrypted content to party C.

In this analogy, the viewer as party C can strip search party B including the memory contents and body parts. Also, party C can intercept anything party B can see, hear, taste, smell, or touch.

Re:Ouch

[failure-man]

Yeah and you, party C, can pry party B open and dig the key out of its guts. (Either with a screwdriver and a logic analyzer, or, as has thus far been easier, by dumping its memory and finding the key that must be in there.)

DRM will never be "unbreakable" as long as you have the player to break into, and it isn't fitted with some sort of bomb that goes off if you try. (Laws against breaking into it do not apply since a) most of the world understands the concept of "private property" and b) even in America law enforcement DOES have better things to do than arrest somebody for taking apart their DVD player.)

Re:Ouch

The real golden rule is don't leave your systems unlocked and open to the world. Security through obscurity is used all the time. How many linux boxes do you know of that don't let root login remotely? That's so the valid usernames are hard to find out, aka obscure.

Re:Ouch

[MORB]

It's actually more like "give keys to hundred of people and get them all to hide it in the way they wish", so it's even worse than just one guy hiding one key.

Re:Ouch

[Virgil+Tibbs]

distributed computation might well be the way to cracking these schemes. If enigma can be crack through distributed computation then various types of DRM could be.

Re:Ouch

[sarathmenon]

This is /. If you are explaining something, please use a car in your discussion.

Re:Ouch

[Oktober+Sunset]

You forgot the fundamental law of physical possession. Who ever physically possess the hardware, ultimately controls it.

Re:Ouch

[danaris]

...that's like you sending an encrypted file to me, with the understanding that Joe is in the room with me and will also see it on my monitor. I don't have to give the encryption key to show Joe what you sent me.

...Until Joe pulls out his baseball bat and threatens to break your kneecaps if you don't give it to him.

Which is about the closest analogy I could get to "you open the player up and start analyzing its guts with a multimeter and logic probes", which you can do with a media player, legally, with easily available tools and a moderate knowledge of electronics.

So yes, in fact, for all intents and purposes, you are both Bob and Carol, given a reasonable amount of time.

Dan Aris

Re:Ouch

[TrekkieGod]

In this analogy, the viewer as party C can strip search party B including the memory contents and body parts. Also, party C can intercept anything party B can see, hear, taste, smell, or touch.

Enter "Trusted Computing" where the hardware prevents you from looking at the memory contents and encrypted digital transfers between devices so that when you intercept the stuff party B can see, hear, taste, smell, or touch, it'll also be encrypted.

I'm aware not everyone is running 64bit vista with trusted computing devices, and that HDCP is broken, but it doesn't change the fact that eventually everyone will HAVE to be running trusted computing devices with operating systems that prevent you from looking at a memory dump if they want to watch a movie on their computer. It also doesn't mean that they can't come up with something without the flaws of HDCP to fix the device communication issue.

Ultimately, anything you can see and hear can be recorded, I agree. But perfect digital copies will be a thing of the past if we let the companies keep improving DRM.

Re:Ouch

[raehl]

Unfortunately, I think getting perfect digital copies will be a thing of the past

But what about digital monitors? Can't you just make a device that PRETENDS to be an OLED screen but records video signal instead?

Re:Ouch

[praxis]

All crypotgraphic methods are to buy time. Some buy more, some buy less. The balance is to find the method that buys you enough time, that by the time it is circumvented, the information it is protecting is no longer useful.

Using a hidden key buys you a little time. Using AES with a strong key buys you a lot of time.

Re:Ouch

I'm aware not everyone is running 64bit vista with trusted computing devices, and that HDCP is broken, but it doesn't change the fact that eventually everyone will HAVE to be running trusted computing devices with operating systems that prevent you from looking at a memory dump if they want to watch a movie on their computer.

The worst case situation is that someone emulates a "trusted" device. You basically have to mimic a required number of inputs and outputs in the system. This isn't that hard, just look at VMWare and such. The only reason this area isn't explored as much is because the other paths are easier.

Also, it is important to remember that in mass distribution, ONLY one copy needs to be cracked. ONE unencrypted digital perfect copy is all that is required to make the _content_ available. That one copy can be distributed as needed.

Re:Ouch

[suv4x4]

Security by obscurity is no security

This is not security by obscurity. In security two parties exchange a key and encrypted info. You're not supposed to have access to either party.

What we have here is two parties exchanging encrypted info and then giving you a limited peak at that info for a fee. Given you have full access to one of the parties, and he's constantly teasing you with his knowledge, it's reasonable at some point you'll want to beat him up until he cracks up and gives you the key.

Re:Ouch

[MichaelSmith]

you open the player up and start analyzing its guts with a multimeter and logic probes

Even easier. You have full access to the encrypted stream and the decrypted stream. Between the two you have a known algorithm and an unknown key. The difference between the two streams gives you the key.

this is what we needed

this should finally put the nail in the coffin of this stupid effort by the HD-DVD people to try and stop people doing what they have a legal right to do (make a personal back up copy under fair use). I hope they respond by stopping the Xbox player from playing HD-DVDs and then we can finally lose the whole damn crappy format

Next stop - PS3 and Blu-ray!

Re:this is what we needed

[prelelat]

I know what your saying and I agree with it, but having the legal right to make a copy doesn't mean that they don't have the right to try and stop you. I just wish that they would realize that most people like to buy stuff, I know I like to buy DVDs it makes me feel warm and fuzzy to be like "Hey I bought the whole (insert show or movie) series". But the truth is that its too expensive to buy everything I would like to. Production costs at this point of the DVD release have usually been covered(excluding making the menu releasing extra content and having a commentary that I never listen to except on south park dvds) the packaging and DVD for a season of south park is about 50 dollars canadian when it comes out. It probably cost them 5 dollars to make(my guess and some might say it was high some might say it was low theres 3 dvds in there with graphic lables and casing and maybe shipping not sure if the store pays for that or not) so lets say the store like HMV or Best Buy makes about 10 dollars off of the sale. Thats 35 dollar profit for the manufacture. Lets say you pay Matt Stone and Trey Parker to do their commentaries for it, they probably get a % of sales. so if you sell 100,000 dvds of one season you get 3.5 million dollars, say matt and trey take 10% each the studio is left with 2.8 million.
if you reduced the cost so that a box set costs 40 dollars using the same numbers you end up with 2 million. This gives you less profit right? Well if people are more willing to buy a dvd at 40 dollars and you get 150 000 dvd sales you end up with a final profit of 3.75 3 million dollars. Your making more money. I know nothing and I'm bored so don't take me too cereal. I know people will still pirate dvds but people will always pirate dvds, you won't stop them. Use the money that your putting into research to reduce the cost of the product and sell it and I bet you will have less people pirating or at least buying a legit copy after pirating or before making a backup. I know I would.

I find it bad form that I've paid 8*45+20(best of volume was cheaper) for my south park dvd collection. Thats almost 400 dollars. come to think of it that seems insane, and thats not my only collection. Most people can't aford that and I can see why they pirate or make backups. Would you want to go out and spend that again if your DVD got wrecked by a scratch?

Re:this is what we needed

[Stevecrox]

Your talking about supply and demand the problem is the 'supply' is operating under free market conditions nor is it operating as a regulated Oligopoly. There is massive price collusion going on creating a effective monopoly, once this sort of thing happens the requirement to try and be competitive goes out the window every DVD realeased of X size is £x. Its made worse that business's don't always follow the economics reasoning, instead we get business reasoning. Supply and demand says that if we lower prices our profit will be larger but business thinking is concerned with profit maximisation and the idea of minium cost maximuim profit comes into play, they might sell 50% more dvd's but would that be the best way to use those resources?

Personnally I've found most company's TV series DVD prices to be improving for example things like Family Guy series 1 are £9.99 and the latest series (5 in the UK) was released at £19.99 for the amount of episodes that wasn't bad. My question is why are the BBC being so extortionate? (the new) Dr Who second series is £50, I can't find (the new) Dr Who first series anywhere Red Dwarf Series at £25. It seems warped and contrary to everything else on the market, I can get all the Dr Who episodes recorded onto my PC when it comes onto TV, Torchwood should not cost £48 for 11 episodes. The BBC shouldn't be after profit I pay for a TV license and so have already funded those stupid episodes!

Re:this is what we needed

[I'm+Don+Giovanni]

I agree that those that bought the disc should have the ability to remove the DRM if they can; that is within "fair use".
Unfortunately, the very same readers (and possibly posters) of the doom9 forum that extol the virtues of "fair use" also release bittorents of the DRM-stripped movies. That goes way beyond "fair use". Slashdotters always gloss over that part.

Re:this is what we needed

[dissy]

I know what your saying and I agree with it, but having the legal right to make a copy doesn't mean that they don't have the right to try and stop you.

Actually if you were to follow the spirit of copyright law, they do not have that right at all.
After a certain time (Despite the fact right now its 100 years after the death of the copyright holder) their work MUST enter the public domain. That is the cost and price of getting a copyright on the work in the first place.

If they do not wish to pay the costs involved with getting a copyright, then I do not wish to grant them the rights a copyright would give. It's as simple as that.

Before DRM, it was morally tricky to assume that they had no intent to pay for their copyright by putting it in the public domain later. Unless you can see the future, there's no way to know for sure ahead of time.
DRM is exactly the proof that they have no intention to play by the spirit of copyright however, so they do not deserve a limited monopoly over distribution from the start.

If the public can not benifit from their creation, screw them, nether can they.

Re:this is what we needed

[WizADSL]

Yeah, but enter DMCA and you can't legally circumvent the protection keeping you from making your rightful copy.

I were one of the cracking groups...

[Firethorn]

I'd try to crack the stuff from a number of different fronts, but keep quiet until I've cracked a few. With several cracks and exploits found, I'd be able to start working on higher level cracks, due to understanding the system.

Then I'd start releasing the cracks, starting with some of the simpler ones, only releasing another when they patch the exploit I released, resulting in an ongoing sense of futility as every time they fix the holes, I point out another.

Best exploit I think? Stealing or cracking the key to every code created for the discs. That way they'd have to throw the whole system out in order to achieve 'security' again. No current players would work. While a massive beowolf cluster cracking the whole thing would be neat and worthy of the NSA, I think that's unlikely. More possible but still pretty much 'mission impossible' would be a physical theft. If only the DVD Security Group protected those keys like government officials protect our information*...

hm...

*Yes, I'm still a bit irked about having my info stolen at least three times

Re:I were one of the cracking groups...

[garcia]

I'd try to crack the stuff from a number of different fronts, but keep quiet until I've cracked a few. With several cracks and exploits found, I'd be able to start working on higher level cracks, due to understanding the system.

No, it's better to keep the industry fucking around with each one as they come out than to have a couple at once (hell, how do you know they haven't already cracked a few into the future?).

This kind of release pattern will continue to drive the industry bonkers while they try to yank licenses, patch bugs, and obsolete hardware and keys.

They will never ever give up and neither will we.

Re:I were one of the cracking groups...

They will never ever give up and neither will we.

What have you cracked?

Re:I were one of the cracking groups...

[kebes]

The problem with what you describe is that the hacking groups are basically engaged in a (friendly?) competition with each other. All the hacker groups know that any copy-protection will eventually be broken, but "the fun" is in trying to do it *first*. So if one group kept quiet and tried to amass a bunch of cool hacks, they would be "beat" by another group who releases news that they've cracked device X or extracted title key Y. No matter how quiet some hacker groups decide to be, there will always be other groups who don't want to stay quiet. Hence there's no point in trying to keep it secret. If you've got a crack, you may as well take credit for it right away.

Add to this the fact that hacking these devices in general will go much faster if everyone shares what information they've obtained thus far (e.g. the open source philosophy). This also avoids wasted effort on duplicate hacks. For better or worse, it's a fact of life that these cracks will come early and often.

(Note: All of the above is pure speculation. If any of the members of said groups wish to clarify their motivations for releasing hacks early and often, please do so!)

Re:I were one of the cracking groups...

[644bd346996]

What he was suggesting was to find several cracks, then start releasing them one by one, and in the meantime, try to find broader cracks. That keeps the industry on the defensive, and gives the crackers time to try to do more before things get patched. Unfortunately, enough crackers are after fame that that strategy would never work.

Re:I were one of the cracking groups...

[mhall119]

It's not a matter of one cracked key being easy, and another being hard. The fact of the matter is that once you crack a device, it's wide open, there is no more cracking left to be done on that device. It also means that once you crack one device, you have access to all the movies published to date, so cracking another device doesn't gain you anything.

From my understanding, the AACS system is already a very well understood system. It is actually documented and available for public viewing. The way these people are obtaining keys is by finding design flaws in the way different devices implement the system. For WinDVD, it was found that one of the keys is available in system memory at a given point while loading the disc content, and could be captured by reading the right memory address. I'm sure something similar is happening with the XBox360 keys.

The WinDVD key was revoked by AACS, and future movies will not be playable on the cracked version of WinDVD, but a free upgrade to WinDVD will use a new key that cannot be obtained the same way. Revoking the XBox key for future movies will be more problematic, since it would presumably require a firmware upgrade, and making the HD-DVD's most popular playback device unable to play the newest blockbuster movie won't be good for HD-DVD sales.

Brute-force cracking all, or even a small number, of the AACS device keys would take years, probably tens or hundreds of years (I'm not sure exactly what the device key length is). Finding ways to make a playback device give up that information is much faster and easier. Further more, once you crack a single device key, you can get the encryption key for the content of any movie, then anybody can decrypt that movie based on that key, without need of the device or device key. Going back to the WinDVD keys, any movie encrypted with the old WinDVD key can now be decrypted, making a whole generation of HD movies available DRM-free.

Re:I were one of the cracking groups...

Struck a nerve, eh Billy?

Poseur.

Re:I were one of the cracking groups...

[Firethorn]

I was assuming that the hackers/crackers have some private channels of communication, I was talking about the public general release stuff.

By keeping quiet about cracks, that's more discs covered by each crack, as they don't pull the key until it's cracked, thus more production.

Re:I were one of the cracking groups...

[Firethorn]

It's not a matter of one cracked key being easy, and another being hard. The fact of the matter is that once you crack a device, it's wide open, there is no more cracking left to be done on that device. It also means that once you crack one device, you have access to all the movies published to date, so cracking another device doesn't gain you anything.

I figure that some devices are harder than others. Simple fact. I was simply talking about not releasing a crack while another one's still 'active' IE the security group hasn't revoked the key yet.

By not releasing that they've cracked the XBox before the WinDVD's keys were revoked, that means that they can't patch both sets and revoke the keys at once.

XBox isn't the greatest to crack in my mind, it's still too easy to update. You could simply place an auto-update on a number of general release games/DVDs. Somebody has a problem who isn't networked and doesn't buy new games or sony videos, simply mail them a patch disc.

Re:I were one of the cracking groups...

No he's just a Dopebrain smoking crack, as well as all kinds of other things. Still think all that E had no effect, Bill?

Re:I were one of the cracking groups...

[Dunbal]

What have you cracked?

      I could tell you. But then I'd have to kill you.

Re:I were one of the cracking groups...

[sadler121]

...a massive beowolf cluster cracking the whole thing...

If it was that simple to crack AES, we would all be in a world of shit.

Re:I were one of the cracking groups...

[ASBands]

(I'm not sure exactly what the device key length is)

128-bit - so...well over a quadrillion years to break using brute force, unless there is a way to reduce the key space (only check bits, SHAs of bits or MD5s of bits found in the program's executable?).

Re:I were one of the cracking groups...

[Firethorn]

Why do you think I said it was unlikely? Heck the snarky 'Worthy of the NSA'?

Re:I were one of the cracking groups...

[trawg]

So, question - once one of these things is exploited, does that not mean that every disc printed up to the point that the keys are revoked can be ripped (or otherwise copied)?

Re:I were one of the cracking groups...

[thegrassyknowl]

It also means that once you crack one device, you have access to all the movies published to date, so cracking another device doesn't gain you anything.

It also means that as they revoke keys players stop playing newer discs. As crackers (let's get the terminology right) expose keys the MPAA is revoking them. This means that Shiny New Player (TM) will only be able to play movies published before a certain date. I don't know about you but if my shiny new player stopped playing movies publshed after a certain date because the keys it uses were revoked then I'd be mighty pissed off. I'd be dragging the manufacturer through court for selling a device that is not fit for purpose. The manufacturer would probably wind up dragging whoever revoked their key through the courts to recover their costs.

There are only a handful of keys out there. What happens when all the current ones are exposed and revoked?

Joe Public doesn't understand that his DVD player stopped playing disks because someone revoked an encryption key. He just understands it's a Blu-Ray disc and a blu-ray player and the two should go together like VHS tapes and VHS players, CDs and CD players, etc. It's always just worked in the past!

DRM is a flawed mechanism. It protects nothing and causes harm to those who just want to play their media.

Re:I were one of the cracking groups...

[mhall119]

There are only a handful of keys out there. What happens when all the current ones are exposed and revoked?

It's my understanding that there are actually quite a few keys being used in current discs, far far more that have actually been assigned to players yet. Presumably when the player that gets their key revoked fixes the flaw that let it get cracked, the AACS LA will grant them use of one of the other keys. I'm guessing that if AACS will be abandoned well before all the used device keys are cracked.

Re:I were one of the cracking groups...

[Mr2001]

More possible but still pretty much 'mission impossible' would be a physical theft. I dunno, I doubt the keys are actually hidden in a nuclear safe at the end of a corridor full of laser tripwires. If the Russian mob wanted to get those keys at all costs, they wouldn't need any Mission Impossible tactics, they could just send a couple vans full of guys with machine guns to break the doors down. Write some software beforehand to make sure the key works, bring along a laptop so you can verify it on site, and then just start shooting people until they turn over a key that works.

Hopefully it wouldn't come to that, but it's the ultimate Plan B.

Freudian Slip

[zuki]

I was reading parent post and did a double-take, as what I got of it was:

"I can't wait until they realize that it's not worth it, and just stop concerning themselves with creating good movies, and instead focus full-time on copy-protecting their media."
...which in a way seemed to make total sense, there is a perverse part of myself that thinks that this is almost where we are headed.

Z.

Revocation?

[HTH+NE1]

So, how long until my XBOX 360 HD-DVD drive, which I've yet to use even once (waiting for support in Leopard), officially becomes a doorstop, boatanchor, call-it-what-you-will?

"I could have you[r HD-DVD drive] revoked."
"Revoked?"
"Yeah, K-I-L-L-E-D, revoked."

Re:Revocation?

[BobPaul]

New software dvd players may refuse to use it/force you to update the firmware, but my understanding is that if you only use the drive for cracking and never playback, it will not become a doorstop--you'll be able to use it to get volume keys indefinitely.

Re:Revocation?

[SpooForBrains]

"What we really need now is a gun of some sort"
"Will this work?"
"What is it?"
"A gun of some sort"

Re:Revocation?

[Dahamma]

Revocation happens with the content (it revoked hardware is basically blacklisted) - so you could only use it on those movies released before the revocation...

Would be amusing to see the 360 HD-DVD revoked, though, given that MS was on the HD-DVD committee and probably had a lot of say over AACS design.

Re:Revocation?

[BobPaul]

But that has nothing to do with this because the key is extracted from the disc without AACS involvement.

Looks like

[Some_Llama]

The race is on, let me tell you from the perspective of online gaming and the cheat vs cheat detection wars:

The hackers have the edge.

But if you develop the AACS standard at least you have job security ;)

Re:Looks like

[just_another_sean]

But if you develop the AACS standard at least you have job security ;)

Well if your a coder maybe, if you designed the spec? I just hope they gave the poor sucker a few minutes of head start!

Re:Looks like

[Some_Llama]

"I just hope they gave the poor sucker a few minutes of head start!"
With the turn around of the last crack, it seems this is exactly how much head start they gave....



(yes i meant coders, stupid early morning wit! Teh coffee does nothing!)

Anyone else notice...

[djdbass]

...this is just barely 24 hours after they announced it was fixed? Great work to those involved. Hell I can't get a change approved in 24 hours!

Re:Anyone else notice...

[chrisv]

Heh. By the Doom9 forum, they had this 5 days before WinDVD and such were patched - so make that -120 hours ;)

Re:Anyone else notice...

Actually, this crack is sort of unrelated to the upcoming change. The Xbox 360 hack allows anyone to read the protected area of the disk, giving a volume ID. The hack disabled the public/private key auth between the software and the player. In order to decrypt a disk, you also need a processing key, which was extracted from WinDVD. The new change AACS-LA is talking about is that they are essentially switching processing keys (which may vary title to title). This will require some reverse engineering of a hardened software player to obtain.

Additionally, there is a SKB tracking system that AACS-LA can begin using - they haven't laid down all of their cards yet. This system would require the extraction of up to 32-256 bit segment keys for each title.

I personally don't own anything HD equipment, but have been following the events on Doom9 out of curiosity. AACS is a very well designed cryptographic system, and so far despite the anti-DRM fanboyism, it is only half broken. The cracks still require one (or many) processing keys which will need to be extracted from increasing hardened software and hardware players, in addition to segment keys for each title. I encourage anyone interested in crypto to give the discussion on Doom9 a read, its a very interesting and well designed system.

Fine by me.

[Kadin2048]

No more movies! Ever! We quit!

The movie industry.

That really wouldn't be the worst thing in the world. There's a huge demand for movies, but they're expensive to make and the current movie industry sucks up most of the available investment dollars. There's no "secret sauce" involved in making a movie; it's just very, very expensive, and the people with enough cash to bankroll a film would rather go with an established, sure bet, rather than taking a chance on someone or something new.

If the current players just decided to pack up and go home, the new industry that would rise up in its place would doubtless be a lot more creative -- at least in the short term -- and we'd probably see a lot of new material out of it. In time, it would probably stagnate, too, because that's the way of things.

The main problem with the current situation is that the dinosaur companies have bought protection for their business models from the government, and essentially have propped themselves up. There's nothing bad with companies getting big, but there's also nothing that says they have a "right" to stay in business, either. Failing business models deserve to die, and the companies that rely on them deserve to die, too; when they don't, you're stopping what ought to be a natural economic progression.

Re:Fine by me.

[jhfry]

That's kinda my point... there is still ton's of money to be made without need for this DRM BS. They will never just pack it in and stop making movies.

However they do love to make it sound like DRM is essential for there to be any money in producing movies.

Re:Fine by me.

[Hijacked+Public]

After reading the first sentence I thought someone was making a good point, but the signature line negates it.

Keep cracking DRM schemes and all you'll get are more laws aimed at stopping you, more vigorous enforcement, and more DRM integrated into your hardware.

Stop buying DRM'd content in the first place and maybe you'll get somewhere.

Re:Fine by me.

[Lumpy]

There's no "secret sauce" involved in making a movie; it's just very, very expensive,

no it's not. having overpaid prima donna union actors, union workers and extravagent locations, props and lunches IS expensive. making a killer good movie IS NOT expensive.

go watch El Marachi. It's better than most everything made at Hollywierd and was less than the cost of a cheap car.

a crapload of great movies are made for dirt.

Re:Fine by me.

[kebes]

Good post.

This assertion:

There's no "secret sauce" involved in making a movie; it's just very, very expensive.

caught my eye. Actually I would say it's an untested hypothesis that movies are expensive. Currently movie production is basically a monopoly (actually a cartel). By definition monopolies have no competition, hence there is no incentive to try and make things cheaper. This gives rise to the massive salaries and creative accounting that Hollywood engages in. (Somehow, on paper, they actually have razor-thin profits even when the movie made 10-times as much money as the supposed budget.)

If Hollywood were replaced with something new, that was actually a competitive marketplace to make decent movies at the lowest price, I bet they would cost only a fraction of what they cost now. I imagine a movie that nowadays costs $30 million could actually be made for $600,000 once salaries became more reasonable, advertising were less extensive, and studios were forced to optimize their workflow to keep the budget down. The quality/budget ratio of independent films lends credence to this theory.

Current movie prices are massively inflated because they are a monopoly. If that monopoly were removed, I bet the new price of movies would be low enough that people wouldn't bother with unauthorized duplication... because the genuine article would be cheap enough already.

Re:Fine by me.

[HTTP+Error+403+403.9]

I think TV killed the movie industry. A traditional movie is a dinosaur compared to TV. The level of character and plot development in a single season of a one hour drama is so much greater than a single two hour movie can provide. If the Sopranos were a movie franchise, we'd be on maybe the third or fourth movie - roughly equivalent to 6 or 8 TV episodes. It seems like movies compensate for the lack of character and plot development by using gimmicks or bigger explosions.

Re:Fine by me.

[Kadin2048]

After reading the first sentence I thought someone was making a good point, but the signature line negates it.

My signature or the GP's?

Anyway, I think it's important to work on both fronts. First, I agree that the best bet is just to not purchase anything that's DRMed at all. But since that means basically bowing out of a large portion of our culture -- I mean, no late-model VCRs (macrovision) or tapes, no DVD players or discs, no TiVO -- I think you're going to have trouble getting enough people to follow you to make it significant. There's no point in throwing yourself in front of a tank if they're just going to run over you and nobody else is going to notice or care.

Continually breaking the DRM schemes costs the studios a lot of money. It ensures that DRM is never "fire and forget;" and it turns DRM from being a one-time cost into a continual cost center, a black hole that they need to keep pouring money into. If you can make the cost of maintaining an effective DRM system higher than the cost of the piracy that it allegedly prevents, then it will eventually go away -- either the companies will see the light, or they'll be run out of business by other companies who do, and who are more profitable as a result.

The major remaining problem is that the entertainment industry in particular has so much political influence that it's going to require a lot of vigilance and advocacy to keep them from trying to use the law to buoy themselves as they start to sink -- or barring that, pull everyone else down with them. We haven't had much luck in this in the past, hence we've seen the AHRA, the DMCA, and lately the Mickey Mouse Protection Act go through. But if we can keep the visibility of their actions high -- which is aided by putting pressure on them and forcing them to be more and more outlandish and openly anti-consumer -- while at the same time denying them revenue by boycotting DRMed products and sucking their revenue through a guerrilla campaign against the DRM systems themselves, they'll eventually be forced to quit.

Re:Fine by me.

[Skreems]

You're not watching the right movies if you think there are none with character and plot development. Some stories are better told as a single 1.5-2 hour presentation than split over episodes.

Re:Fine by me.

[Zonekeeper]

There's no "secret sauce" involved in making a movie;

Well...unless you're making pr0n...

Re:Fine by me.

. I imagine a movie that nowadays costs $30 million could actually be made for $600,000 once salaries became more reasonable,

I live in LA and often see people filming. Last year, they were shooting an SNL spinoff movie in my neighborhood. About 50 people showed up in the morning and started construction -- lights, props, equipment. They filmed the scene that afternoon. It was about 30 seconds long. I wouldn't be surprised if it ended up on the cutting room floor. They tore everything down that evening. I was shocked at the amount of effort necessary to shoot on location.

I don't think cutting salaries is the answer. I doubt those people were being paid much. In fact, there were about 200 extras who worked all day for free. Making movies is just time intensive and expensive. Shooting in a studio is cheaper, but you lose the quality and freedom afforded by on location shots (do you want your move to look and feel like a sitcom?).

I think the real area for cost cutting is new media. Film is horrendously expensive, not only to shoot on, but also to distribute to theaters (think hundreds of thousands of dollars). Digitial distro could make movies cheapers and enable smaller companioes to work without distributors.

Re:Fine by me.

[smellsofbikes]

>The quality/budget ratio of independent films lends credence to this theory.

I'm not trying to be snide here, but I suspect you haven't seen very many independent films. Most of them *suck* *incredibly*, but the very best 0.1% are quite good indeed, competitive with the best stuff coming out of Hollywood. I think it's something like a Boltzmann distribution -- Hollywood has a very steep curve, so there's not a lot of difference between their very best movies and their worst. Bollywood's best are about as good, but their worst are much worse. Chinese films, at their best, are superb, but the worst ones I've seen have been nearly unwatcheable. Then you go to an independent film competition -- I'm not talking Sundance, I'm talking some local art scene competition -- and you begin thinking to yourself "I'd pay $30 to not have to watch the rest of this."

Money doesn't guarantee a movie will be good, but it does heavily indicate the movie won't be appallingly bad.

Re:Fine by me.

[fotoflojoe]

go watch El Marachi. It's better than most everything made at Hollywierd and was less than the cost of a cheap car.

Read Rebel Without a Crew, it's basically Robert Rodriguez' diary for the making of El Mariachi. Great book. Rodriguez' motto: There's at least one bad movie in everyone.

Re:Fine by me.

[MobyDisk]

Dear Indie Movie Lover,

Explosions are expensive.

Sincerely,
Most people

Re:Fine by me.

[grepya]

I've seen El Mariachi and it's a sort of watchable movie. Not great. Certainly not "better than most everything made at Hollywierd". But I'm aware of the cost. Reportedly ~ US $8000 (it was actually shot in Mexico). Also reportedly, Rodriguez got a large part of the money by selling his blood. The story of how the movie was made is far far more interesting then the the actual movie itself. And in fact the sequels made later with Antonio Banderas et al are far better done as far as acting/production values/Salma-Hayek value etc are concerned. The budget for the sequels of course was not even the same galaxy as that of the original.

Re:Fine by me.

[CastrTroy]

It's like saying "making software is expensive". Well, its as expensive as you want to make it. If you find programmers who want to make the software for free in their spare time, using free tools, then it's very cheap. If the programmers want to get paid $100 an hour, and want to use tools that cost $5000, then it is expensive to write software. All it takes to write software is time and a cheap computer. All it takes to make a movie is time and a video camera.

Re:Fine by me.

[araemo]

"Continually breaking the DRM schemes costs the studios a lot of money. It ensures that DRM is never "fire and forget;" and it turns DRM from being a one-time cost into a continual cost center, a black hole that they need to keep pouring money into. If you can make the cost of maintaining an effective DRM system higher than the cost of the piracy that it allegedly prevents, then it will eventually go away -- either the companies will see the light, or they'll be run out of business by other companies who do, and who are more profitable as a result."

You're missing the point. You touch on it when you say "... the piracy that it allegedly prevents", but you make an argument about making it more expensive than they're allegedly losing to piracy.

They know they're not losing as much as they claim they are. The claims are just for the legislators. The point of DRM is not to stop piracy, but to monetize things that used to be free. Not even 'fair use', simply free, completely. You'll buy a movie, and you'll only be able to watch it on your main TV. If you want to watch it in your car, you'll have to pay for the privilege. If you want to watch it on your computer, pay them again. If you want to make a copy of it, well, too bad.

You won't make it more expensive. Reason #1: Part of the cost is being swallowed by Intel and AMD(And AMD/ATI and nVidia. And seagate and western digital. And Microsoft and Intervideo.)
Reason #2: they'll likely be able to DOUBLE if not TRIPLE their revenues by selling you playback rights you used to get for free. It won't be immediate, but they plan to grow their revenue as people become accustomed to paying for extra 'conveniences' with their DVDs.

Re:Fine by me.

[PPH]

Its not so much that making movies is expensive (some good ones are damned cheap), its that access to distribution channels is restricted by the industry cartel.

Make a great indie movie and get good reviews at a few movie festivals. Now, you'd think that, with good publicity, marketing it to the major theaters or getting DVDs into distribution channels would be a cinch. Not true. Take a look at how many, producers, executive producers and other such drones get attached to the credits of an indie film gone mainstream and you can get an idea of how many palms you have to grease to get your creation shown. Does it really take half a dozen companies to handle this stuff? I doubt it. It seems to be more like the mob bosses telling someone what a nice little business they've got there and wouldn't it be a shame if it burned down (Ha, ha, ha!).

It seems to me that this is the primary motivation behind the MPAA (and RIAA) seeking unfettered police powers, on behalf of their clientele, to go after "copyright infringement". Particularly in attacking alternate forms of distribution channels rather than identifying instances of their misuse and prosecuting that alone. These channels might interfere with their cartels.

Re:Fine by me.

[Mister+Whirly]

Or Clerks. Easily better than most Hollywood flicks at 1/1000 the price.

Re:Fine by me.

[HTTP+Error+403+403.9]

You're not watching the right movies if you think there are none with character and plot development. Some stories are better told as a single 1.5-2 hour presentation than split over episodes.

I said, "the level of character and plot development in a single season of a one hour drama is so much greater than a single two hour movie can provide." I didn't say there are no movies with character or plot development.

I agree that some movies do a great job of telling a story than a season long TV show but often times these movies are of limited scope and additional character and plot development aren't necessary.

Back to my original point, the amount of time a television show can dedicate to characters and to a complex plot is much greater than what a two hour movie can provide. It's the math, a 22 episode season of a one hour drama on commercial television is around 880 minutes and a movie is about 90-150 minutes. A TV show can spend two or three episodes (80-120 minutes) introducing characters, a movie normally introduces the characters in the first fifteen or twenty minutes.

Re:Fine by me.

[Draknor]

Continually breaking the DRM schemes costs the studios a lot of money. It ensures that DRM is never "fire and forget;" and it turns DRM from being a one-time cost into a continual cost center, a black hole that they need to keep pouring money into. If you can make the cost of maintaining an effective DRM system higher than the cost of the piracy that it allegedly prevents, then it will eventually go away -- either the companies will see the light, or they'll be run out of business by other companies who do, and who are more profitable as a result.

You are missing some key alternatives. I agree DRM will be a continual cost center, but for companies, the real issue is how much does it cost, *to them*? If hackers keep breaking DRM, the companies won't continue to burn millions of dollars into generating new DRM if there is a cheaper alternative -- and likely alternatives are:

1. Lobby Congress to pass additional laws (such as the DMCA) protecting their "intellectual property rights", as well as their business model.

2. Lobby Congress/FBI/enforcement agencies to crack down on those who crack the DRM, making it much more risky & costly to for hackers.

With option 1, they could effectively remove any threat of competition by a company distributing non-DRM material by lobbying Congress to pass laws that effectively require DRM on any commercial content distribution. And I have faith they'd be able to find ways to be able to do this and sell it to Congress in a palatable manner.

With option 2, we've already seen some of this with the RIAA. While there will always be hackers to break the codes, it won't mean much to the movie companies if those codes only remain broken in some foreign lab or parent's basement. It's not until such utilities or methods become more widespread that it causes harm to the movie companies, and for that to happen there have to be people out there looking for it. If you put enough fear into people, they won't go looking for it, and generating fear is comparatively cheap. Of course they have to be careful to not take it too far and generate a backlash, but a few rounds of DRM cracking and they'll have a good enough history.

Think about this scenario --
Movie industry introduces new DRM (probably knowing it'd be broken eventually)
Hackers break it
Movie industry introduces fix to DRM
Hackers break it ... (maybe repeat a couple of more times)
Movie industry goes to Congress -- "Look, we tried to put in strong technological protections, but these hackers just keep breaking it! We've tried multiple times, and they are relentless. We need your help tracking these people down and persecuting them, to make an example to dissuade others"
Movie industry pours a couple of million into re-election campaigns
Congress passes laws / supports resolutions to "crack down" on hackers
FBI busts a few people and prosecutes them very publicly, which generates a "chilling effect" on the general public related to "hacking" movies.

Re:Fine by me.

[Kenshin]

Dear Most People,

Controlled explosions are expensive.

Sincerely,
Someone who played with fireworks as a kid

Re:Fine by me.

Actually I would say it's an untested hypothesis that movies are expensive

True, SOME movies don't have to be expensive, but some do. I remember when T-2 came out and they said it cost some god-awful amount of money (50 million or something like that). I said "WHAT? How in the hell can a movie cost that much?"

Then I saw the movie and I said "how in the hell did they get by with only fifty million? They wrecked fifty million dollars worth of cars making the damned thing!"

My GF (yeah go ahead and laugh, you'd laugh harder if you ever saw her) made me watch a Sandra Bullock chick flick the other day. Had it not had Bullock in it they could have made it for a few hundred bucks. But I hated it!

I like action flicks; blank ammunition, cars, and exploding buildings ain't cheap. If I want art I'll read a book or go to a museum!

Re:Fine by me.

> Money doesn't guarantee a movie will be good, but it does heavily indicate the movie won't be appallingly bad.

Two words: Ben Affleck

Re:Fine by me.

[msuarezalvarez]

Money doesn't guarantee a movie will be good, but it does heavily indicate the movie won't be appallingly bad.

Actually, in my experience, the more expensive a movie is, the worse it ends up being. You probably need to get a better provider of non-gazillion-dollar movies, that's all.

Re:Fine by me.

[pete-classic]

Well said.

The conventional wisdom is that Hollywood sucks and anything would be better. I think what gets lost is that making a decent movie is tremendously difficult. It requires a lot of highly skilled and experienced people. Making a great movie takes that same stuff, only more, plus a lot of luck.

Hollywood movies, for all their flaws, usually get most of the . . . technical stuff right. That's a huge plus.

Beyond that "the Hollywood machine" does a vast amount of work vetting material. I'm sure some profound art is lost in this process, but it really does keep the self-indulgent pap to a minimum.

The indie approach is everyone and their dog makes a movie, and the cream rises to the top. The Hollywood system aims to never shoot the crud, and just shoot the 10% that might be worthwhile. I think that this creates a (comparatively high) floor on the quality of Hollywood movies, but does lower the ceiling on just how good they can be a bit.

That's why "all the really good ideas come from outsiders".

-Peter

Re:Fine by me.

_ I second that... el Mariachi was watchable, but not "better than..."
Desperado however WAS made on a relative shoe string... can't remember the exact figure, but it had a budget that was MUCH less than the typical H-wood affair, especially for an action oriented film.

For an example of good independent film made on a shoe string that isn't Robert Rodriguez try:
A good film financed more or less out of pocket by the director and distributed by the director (ie. a screening of the film frequently comes with a meet and greet with the director, as he physically brings the film with him to the screening). Of course that means (now that I'm looking at it carefully) you can't actually watch it any more as he's working on other projects these days...

In any event, a good movie that was science fiction in the vein of many of the great science fiction writers, stories meant to make you think about human relations and human machine relations, not a vehicle for explosions (which are, I believe entirely absent here).

-sk

Re:Fine by me.

[pete-classic]

A more cynical view would be that character development is cheaper than action on a per-minute basis. A TV show that has to fill twenty-odd forty minute slots in a year must spend time with the characters to make budget.

Additionally, the survival of a TV show requires repeat business on a scale of weeks. Character is the only consistent way to archive this. (I think Heroes is doing a terrific job of leveraging character and plot to keep me tuning in.)

-Peter

Re:Fine by me.

[smellsofbikes]

The part that's harder to gauge is how editorial compromises affect the Hollywood stuff, and that's why my characterization might not be completely accurate. I can think of half a dozen Hollywood movies off the top of my head that, if just slightly rewritten, would've been *really* good movies -- for my definition of good -- but would've left a lot of people walking out of the studio feeling uncomfortable. Which is my definition of good, frankly. Hollywood has to knock off the rough corners, and by so doing, changes the movie's message.
Some examples: Amy Homes wrote a terrific book called "The Safety Of Objects" -- creepy, beautiful, haunting, and really unsettling, like most of her stuff. They turned it into a terrible movie because all the creepy and unsettling parts got yanked out. If you're not willing to make those editorial sacrifices, you lose a lot of audience. In a word, you don't sell out.
So the question is: what makes a 'good' movie? It's possible that my definition of 'good' necessarily means 'unpopular' and Hollywood's definition absolutely must mean 'popular' -- but who am I to say that a popular movie isn't good, just because it caters to the widest possible audience? 'Titanic' could have been more unsettling and upsetting. Would that have made it a better movie? Well, what do we mean by 'better'? There are a lot of great movies that looked very much like duds when they came out in the theatres because lots of people hated them and told lots of other people, but twenty years down the road, those movies are acknowledged as being superb.

I guess what I'm saying is in large part agreeing with you: that at the very top end of movies, Hollywood gets all the background material -- sets, reasonably good acting, excellent filming, excellent sound, reasonably good editing, fairly good direction -- right, so it's down to the content, which might be neutered or might let something good slip through. In contrast, small independent films have wildly variable quality on *all* those and it's very difficult for them to get *all* those points right, so what carries them is the exceptional quality of the content.

Now that I think about it, it's almost like two wholly different metrics. Hollywood takes lots of production genius, then subtracts, from this nearly superb creation, a whole bunch of content, like a sculptor in marble, so what they end up with is something less than they should be doing. A small-time indi takes a chunk of uncompromised content, and to that adds actors, direction, filming, editing, like a sculptor in clay, so what they end up with is something that's the sum of a whole bunch of subsystems, heaped upon the quality of the original content.

Re:Fine by me.

[cyberfunkr]

Dear Most People,

Most common items don't explode. They spark, they pop, they burn, they shatter; but big booms with infernos and visible concussion waves are few and far between.

Sincerely,
Reality

Re:Fine by me.

[symbolset]

Waterworld. Gigli. I could go on but I won't. I am not boycotting movies -- I've just lost interest. More than that. My interest was dragged to death in a hundred expensive plush seats.

Re:Fine by me.

[DigDuality]

Dear Mr HaveNoTaste,

There's many great movies without explosions. In fact most of the action packed movies with no dialogue except one line meat heads, sci-fi that's nothing but action with lasers, romance that's nothing more than repetition of Wedding Crasher, Meet the Fockers, and some crap with J Lo in it over and over again, all the CGI laden movies, with huge acting names in them.. tend to be really flat movies. They have no feeling, no passion, crap stories, crap dialogoue.

But ooh ooh.. look! Explosions! zomg. that's so cool.

Amazing movies were made on shoestring budgets. And not just cult classics. 12 Angry Men anyone? To Kill a Mocking Bird? These didn't exactly cost a fortune.Actors are overpaid, and Hollywood is too scared to try ideas that aren't sure things.

Sure we could have another 20 movies with Will Farrell or Ben Stiller in them, but I could really give a crap. Rodriguez and Tarintino could've made Grindhouse out of their pockets, and look how many actors and producers chipped in because they wanted to do something fun.

Movies need to get back to people who love to make them rather than these scientologiest nutbags who marry women doped up on too many prescribed pills while pregnant and not knowing who the daddy is.

Re:Fine by me.

[smellsofbikes]

I'm sticking by my original contention. I've been to the Seattle Film Festival and watched hour-long movies of the shoes of people walking down Broadway. My ex-gf was in a scifi film made in Death Valley by a couple of kids with a VHS camcorder and I couldn't stand to watch it even though it was my girlfriend and she took her shirt off. Have you ever seen the Turkish Star Wars? At least that had a budget of $40,000, but it was still unbelievably bad. At least when I was watching King Kong and Waterworld I was thinking "Wowie, this stinks, but I wonder how they did that effect?" rather than just "aaaaah the cameraman's finger is over the lens and the actor's previous job must have been beating llamas: god, please, take me now."

Re:Fine by me.

[smellsofbikes]

Aw, c'mon. Good Will Hunting had about five good lines. ("How about them apples?" Every geek has to love that moment.) Even Jersey Girl, which was so bad I wanted to puke drano, had one scene that enriched my life. (The Sweeney Todd bit in amidst all the Cats talent show material: that was beautiful.)

Re:Fine by me.

[Bearhouse]

They don't deserve to die just because they are big. There's lots of business models in the movie industry. Can you compare Hollywood to Bollywood to 'Blair Witch'? There are several steps to making a movie: 1. Creating / buying the 'original' story. 2. Organising / getting finance, (producing). Here, options range of 'Get Shorty' (GREAT film) to the latest Wall St. financing packages. Whatever, it would appear that people will always manage to get cash to make films. 3. Making a movie - which has not really changed for decades, apart from CGI. Big budget, small budget, /= success either way. 4. Distribution = ROI. With the rise of 'vertically integrated' companies - Sony springs to mind - attempts were made to leverage supposed synergies between content and distribution. These remain elusive - and yeah, I did not forget iTunes & iPod. So, I guess my point is that the dinosaurs have a place, and could easily continue to thrive if they focus on what they are supposed to be doing - making great movies. The biggest hits easily repay their costs at the cinemas...

Re:Fine by me.

Yep, that's what I do.

We have no VCR, no DVDs. CDs with protection schemes
I accidentally pick up at a store, I dump at the checkout saying "I can't use these. They don't play in my computer."

It's my money, and I decide what I buy. Significant? To me it is.

Re:Fine by me.

[mattynabib]

I so completely agree with this.

Now SOMEONE... please tell that to Big Oil?

Re:Fine by me.

[kebes]

I see what you're saying, but I was careful to say "quality/budget ratio" and not simply "quality."

I've seen some independent films that were maybe 1/4 as good (in a technical sense) as big-budget Hollywood movies, but their budget was 1/20 or 1/100 of the movie I'm comparing it to. My point is only that independent movies seem to get "more bang for your buck" than big movies, which suggests that it is possible to make movies of a certain quality level with a more limited budget than what Hollywood uses.

I'm not saying that you can make a slick film with awesome special effects without spending some money--I'm theorizing that Hollywood is very far from making movies optimally (in an economic sense), and that the budgets of their movies are unnecessarily large.

Re:Fine by me.

[flimflam]

It's not the unions that make movies expensive.

You mention "overpaid prima donna union actors". I agree that movie stars are overpaid. But that has nothing to do with the union. Union rates are frankly not very high, either for actors or any other crew position. Granted, the unions demand that everyone get paid, but basically their just ensuring that it's possible to have a career in the industry - you certainly don't get rich being a grip or an assistant director, or whatever. But if everyone on the crew get union scale, and non-labor costs are not extravagant, you'd still have a very low budget movie -- one that only has to be somewhat successful to make money.

Oh, and El Mariachi was a very bad film, and Robert Rodriguez is a no-talent hack who now makes lousy very very expensive movies instead of lousy cheap ones.

Re:Fine by me.

[Uryene]

>Money doesn't guarantee a movie will be good, but it does heavily indicate the movie won't be appallingly bad.

Two words for ya: Pluto Nash.
As in The Adventures Of Pluto Nash.
'Nuf said. :)

Re:Fine by me.

rotfl. +1 coffee snort

Re:Fine by me.

[elrous0]

Not true. I know a place where they're plentiful and cheap.

Re:Fine by me.

[pete-classic]

"Good" is absolutely subjective. By my personal (and only partially examined) metrics, there are many "good" (even "very good" and possibly "great") movies that are quite popular. "Braveheart" springs to mind. It's not my favorite movie, that's a tough call between "Chasing Amy" and "Fight Club", but in a sense it's the most "perfect" movie I've seen.

-Peter

Re:Fine by me.

[smellsofbikes]

Okay, I'm not going to argue the quality/budget ratio thing: you're right. What I will argue is how much that matters. People pay to see quality movies, not the best movie that could be made on $50, or any threshhold. That's what YouTube is for: movies for the people, with near-zero production cost. I hope that some day that's a valid production technique for movies people will pay for. There are amazingly good low-cost movies -- 'y tu mama tambien' comes to mind -- that Hollywood could stand to learn from, but as I argued elsewhere in this thread, Hollywood's metric for 'good' is 'popular' so they'll make any editorial concessions necessary to increase viewership, and as a result they release neutered movies. I'm not sure they'll ever produce what I think are good movies. So we get to a point where we're secretly arguing about what we mean when we say 'good' movies, and as much as I hate to admit it, Hollywood's definition is hard to argue against, given their assumptions. A lot of people want to see spectacle, and a lot of people unconsciously associate spectacle with quality, and for them, Hollywood consistently churns out pretty good movies.

Re:Fine by me.

[TinyManCan]

This only works if the 'hackers' are in the US or a country that works the the US in this manner.

North Koreans, Chinese and other assorted countries will just tell the US to shove it when they come looking for these people.

Since the technology is deployed worldwide, it can be hacked world wide. No amount of extra laws in the US is going to stop the next DVD Jon.

Re:Fine by me.

[guruevi]

What's so expensive about making a movie? Starting a company costs more or less the same. The problem is that 'actors' demand such high wages, everybody else (the peepz that aren't on tape) just earn as much as you and me. There are plenty of movies out there that made it to the big screen and had cost less than 100k.

Re:Fine by me.

[Xtravar]

That's a good idea. Let's totally do it.

1. Film explosions in Iraq.
2. Film rest of movie in Arizona with Native Americans pretending to be terrorists.
3. Edit scenes together.
4. Profit!

Wherever there's an abundance of a resource, an industry should arise taking advantage of it. Why not?!

Even better, let's dispose of radioactive waste by putting it in remote-controlled Humvees with US Marine-looking mannequins in the front seat.

But by now I'm probably way off the topic of AACS being cracked.

Re:Fine by me.

[smellsofbikes]

Those are some very good choices. Any others? coz with titles like that, I'd be very interested in what else you're watching.
The French movies "Red" and "Blue" are two of my favorites. I also loved the first El Mariachi movie, the one actually made in Mexico. It has drama, action, comedy, romance, and tragedy, even though it's definitely not written with me in mind. I was also struck by DiCaprio's acting in "what's eating gilbert grape" and Pitt's acting in "snatch", although I wouldn't call either great movies.

Re:Fine by me.

[alx5000]

I'd love to see 24 without explosions ("Come on, Jack, we gotta find those clubs before people start getting hit!!")

Re:Fine by me.

I'm not trying to be snide here, but I suspect you haven't seen very many independent films. Most of them *suck* *incredibly*--
SNIP
-- and you begin thinking to yourself "I'd pay $30 to not have to watch the rest of this."

Sounds an awful lot like FarkTV.

Re:Fine by me.

[smellsofbikes]

I see your Adventures Of Pluto Nash and raise you the Turkish Star Wars. Or, as I said in another post here, the scifi movie shot in Death Valley that my then-gf was in, shot by some kids with a VHS video camera.

I haven't seen Pluto Nash, I admit. But I bet nowhere in it does the soundtrack get overwhelmed by a passing airplane, or cut out entirely, or break up to be replaced by feedback. I bet the cameraman doesn't get his fingers in front of the camera lens, and you can't see the cameraman's shadow obviously in the picture. The props probably aren't visibly being pulled by string (as was the case with K9 in some episodes of Dr. Who.) Probably the main character doesn't have a blue shirt in a shot that swings to focus on someone else, and when it swings back the main character is wearing a yellow shirt. I've seen all these happen in indi films.

That's what money gets you. It doesn't make good content, but it does help to ameliorate awful production.

Re:Fine by me.

[msuarezalvarez]

Well, your description of the movies upon which you are basing your contention support my contention that you should watch some better movies...

Re:Fine by me.

[AusIV]

While I get more enjoyment out of a good TV series than I do out of a good movie, at least movies have good conclusions. When a TV show goes on for several seasons, I often find myself yearning for a conclusion - and often they never come - the network tells them it's time to end it, and they half ass an ending in a few episodes. While movies may not develop characters or plot lines as fully, they seem more complete from the respect that they have a solid ending.

Re:Fine by me.

[WizADSL]

I agree. One easy example of this is any movie that was based on a TV series such as Star Trek, X-Files, or even comic books. This is partly an attempt to capitalize on the existing well developed characters from those sources (a fanatic following is helpful too). If you look at a Star Trek movie for example, you have the same cast and characters but you can look forward to a story that would be much too expensive to produce as a one hour or multi-part episode, not that this is necessarily a bad thing.

Re:Fine by me.

[smellsofbikes]

They also support my contention that the worst indi movies are *far* worse than the worst Hollywood movies. I watch a lot of movies and most of them are better than these examples. My point was, and is, that if you go to a Hollywood movie, there will be some sort of plot, there will be sound, most of which is intentional, there will be directing, there will be editing, the cameraman won't be shaking like a leaf, there won't be drunks walking onscreen in the middle of the film, in most cases the person playing the lead actor will be the same from the beginning to the end of the movie (unless there's a good reason within the movie to change) and you probably won't have people clearly forgetting their lines and hear someone yelling them from the background. I've seen all those in indi movies, but I haven't in Hollywood movies.

Re:Fine by me.

[yarbo]

I don't care if a movie is 1/4 as good at 1/20 the price because I still have to pay $9 to see it in the theaters no matter what.

Re:Fine by me.

[greenbird]

I'm not trying to be snide here, but I suspect you haven't seen very many mainstream films. Most of them *suck* *incredibly*, but the very best 0.1% are quite good indeed

There. I fixed that little typo for yeah.

Re:Fine by me.

The French movies "Red" and "Blue" are two of my favorites.

What was wrong with "White"?

Pitt's acting in "snatch"

Needed subtitles, I thought.

Re:Fine by me.

[smellsofbikes]

I'm not denying that most mainstream films suck. It's just that most indi films suck worse. The top percent of Hollywood, Bollywood, Shanghai, and indi films is awesome. But from there on down, the suckage increases rapidly. The difference is that the less money that is put into the film, the more the potential suckage, down to the point where the camera is shaking enough the audience gets sick and you can hear airplanes flying over on the soundtrack.

Re:Fine by me.

[soliptic]

All a matter of taste, isn't it, though? I watched about 20 minutes of Clerks and turned it off because IMHO it was completely crap. For a film that's (apparently) all about dialogue, that dialogue was unwatchably contrived, stage-y and smugly smart-alec-y, I just couldn't handle it. Strange, because I thought Chasing Amy had outstandingly realistic dialogue and that's the same guy (IIRC?)

Re:Fine by me.

Are Hollywood's movies consistently better, or have you been conditioned to think that?

Re:Fine by me.

[HTH+NE1]

Dear Most People,

CG explosions are getting cheaper and cheaper.

Sincerely,
Someone who plays computer games

Re:Fine by me.

[Skreems]

Ah, sorry. Yes, I agree that they have more time to spend on character, and on story. I still maintain that there are plenty of stories that don't NEED more than a movie length to portray, so it's not a question of "TV is better than movies because they have more time". Both can be mediums for fantastic stories.

Re:Fine by me.

[pete-classic]

A bunch of my friends love the film "Snatch", but I strongly disliked it. I think that one is a matter of being very close to being on my frequency, but the narrow miss really turned me off.

To this day you can catch me calling out, "Come find me, Gilbert!" from time to time. :-)

I love all of Kevin Smith's stuff. His concert films are really funny. "Amy" is my favorite film of his, but "Clerks II" has really grown on me. Captures some of the magic of both "Clerks" and of "Amy". Other favorites include "The Big Lebowski", "Donnie Darko", and lots of usual suspects like "The Matrix", "The Empire Strikes Back", and the Lord of the Rings trilogy. I like some of Tarantino's stuff. "M*A*S*H" is really good.

I really liked the Sci-Fi channel's "Dune". The effects were a little cheesy, and the acting was . . . mixed, but they really made a good go at doing the source material justice.

I generally dislike French cinema, but I'll check those out. I'll need to check out "El Mariachi" as well.

Oh, I was Walter Sobchak last Halloween.

-Peter

Re:Fine by me.

Stop buying DRM'd content in the first place and maybe you'll get somewhere.

If only it could be that simple. Your root-cause analysis and strategy for 'fixing' this problem sucks balls, quite frankly. DRM is only a symptom, you have to go after the criminals in government and big business. The people giving and receiving bribes to purchase legislation that brings about DRM, and that is not only inherently illegal, but that is yet another attack on 'we the people'. Of course you then have the uncomfortable realisation that the government _is_ the legal system, and you are essentially hoping that the criminals will prosecute themselves.

So what we have here is a need for a post, a shovel, a few acres of spare land, and guns. Lots of guns.

Re:Fine by me.

First, I agree that the best bet is just to not purchase anything that's DRMed at all. But since that means basically bowing out of a large portion of our culture...

Exactly what planet do you live on?

I get all my movies straight from BitTorrent.

I don't miss out on a thing.

Re:Fine by me.

[suv4x4]

Meet the Fockers, and some crap with J Lo in it over and over again, all the CGI laden movies, with huge acting names in them.. tend to be really flat movies. They have no feeling, no passion, crap stories, crap dialogoue.

But ooh ooh.. look! Explosions! zomg. that's so cool.

Why the hell should I be ashamed that I like spectacular explosions and CGI? If you have your prejudice you can keep it all to yourself. I prefer enjoying both the cheap indie movies and the CGI eye candy in Hollywood blockbusters.

There are turds and marvels in both areas. You're not going to actually tell me that all indie movies are great, are you? A lot of them are incomprehensible abstract mess, no redeeming qualities at all, not even a decent explosion.

Re:Fine by me.

[ozphx]

Its a simple formula. You take the cost per day of developing and pimping DRM (DEV), the fat wads of cash you make per a day (FATCASH), the daily % of sales lost to piracy when a high def release is out (OHNOES), the number of days that your shitty DRM delays a release (PWNTIME) the amount of money lost because geeks are angry at your DRM (RMS), the incidental benefits of making money selling people the same shit twice (JSIXPK) and the amount of extra daily profit needed to get your annual executive bonus (GOAL).

(JSIXPK + (FATCASH / OHNOES) * PWNTIME) - DEV - RMS. If this is more than GOAL then you win!

I submit to you that FATCASH is extremely large, and OHNOES is very small. PWNTIME is probably in the order of a week. JSIXPACK is a fairly substantial bonus. DEV is tiny compared to (FATCASH / OHNOES) * PWNTIME. RMS is insignificant compared to JSIXPK.

Sounds like hitting GOAL would be a trivial task which would imply you win FERRARI and HOOKERS.

So yes, they know what they are doing. They know the game quite well, they have run the numbers. They also know the numbers, (the real ones, not the "we lost more than the GDP of the US on piracy") - and I humbly suggest that if you don't know the numbers you should perhaps STFU. DRM is a delaying tactic, and I'm very sure the content holders know it.

Re:Fine by me.

[funkdancer]

Yep, agree with parent. Right now the only thing preventing me from buying a HDDVD player - and consequently lots of titles; Australian broadband is quite restrictive in terms of bandwidth speed and quotas, so won't bother torrenting these for a while - is the bloody DRM. Also the HDCP requirement is another thing that's holding me back; without, the streams would likely play back quickly enough on my existing equipment, now I have to factor in a crack on top of this as well --- or update my hardware (again).

So if the studios had just done away with all DRM there'd be at least one more paying customer. As long as these awful-beyond-belief "you wouldn't steal a car" ads are NOT mandatory viewing at the beginning of each playback, that is. They couldn't possibly be more counter productive than they were in my case.

Re:Fine by me.

[thegrassyknowl]

I'm not trying to be snide here, but I suspect you haven't seen very many independent films. Most of them *suck* *incredibly*, but the very best 0.1% are quite good indeed, competitive with the best stuff coming out of Hollywood.

I'm not trying to be snide here, but I suspect you haven't seen very many independent films. Most of them *rock* *incredibly*, but the very worst 0.1% are quite bad indeed, competitive with the best stuff coming out of Hollywood.

*fiexd*

Re:Fine by me.

[bendodge]

I really like Facing the Giants, which had a budget of $1m.

Re:Fine by me.

[msuarezalvarez]

I watch around one or two movies per week, and have done so for a decade or so. I very rarely watch movies which one would call Hollywood movies; a good 60 percent of what I watch is contemporary and independent (not so much as in Robert-Redford-blessed as in really independent), and I'd say less than 20% of what I watch comes from the US. I have very, very rarely seen what you describe.

Here in Buenos Aires there is an excellent independent movie festival (it is taking place as we speak, in fact), where around 400 movies are shown each year. While I have never seen all of them, in previous years (not this time, sadly) I've gone as far as seeing 20 movies in 8 days or so in that festival, basically buying tickets at random. I've surely seen movies I did not like, but never, ever anything like what you describe.

OTOH, I cannot remember a Hollywood blockbuster in the last years which after 1 hour did not make me want to get out of the theater and hit the guy that sold me the ticket.

I guess I am just luckier than you.

Re:Fine by me.

> I'd love to see 24 without explosions

It'd be nothing but Jack torturing people.

Re:Fine by me.

[smellsofbikes]

"white" just seemed mean-spirited. Even though I think Julie Delpy is the most beautiful woman on the face of the planet I couldn't feel like it was one of the best movies ever. "Before Sunrise" was pretty damn spectacular, though, and only partly because of her.

As for subtitles, well, here you are! They're all pretty fantastic, and very funny.

Re:Fine by me.

[smellsofbikes]

You're not reading my other replies here. I think that Hollywood's best rivals independent's best, but Hollywood's worst is much less horrible than indi's worst. I don't think Hollywood's best stuff is better, or even as good as, the very best independent material, however.

Re:Fine by me.

[smellsofbikes]

You're right: I probably haven't seen more than a thousand or so indi films, as opposed to the hundreds of thousands that exist. As I've said in other posts in this thread, once you've seen a couple indi films where the cameraman's finger is across the lens, or the actor's voice is drowned out by a truck driving by, or the actor can't remember the words and you can hear a director yelling the lines, you come to appreciate the mediocrity of Hollywood films a little more.

*fiexd*?

Re:Fine by me.

[mdhoover]

Totally agree 100%. I would (and do) buy DVD's etc regardless of whether or not I could download them via broadband (regardless of the link speed in this country which sucks) mainly due to the fact that I like to own the physical media.

Unfortunately for me I am a criminal whenever I watch anything on my chosen operating system. I would happily purchase a HD-DVD player and HD-DVD's but alas they wouldn't work.

All they have done with the DRM is made the illegal product more desirable and useful than the legal one, in fact the illegal product is the only one I can use...

I would happily be their customer if they would let me... what can you do

Re:Fine by me.

[Builder]

You owe me a new keyboard - I just spewed coffee all over this one :)

Re:Fine by me.

[Builder]

And some decent audio equipment to record a score. And an editing suite / computer. And some means of distribution (even if that is just a computer with a DSL connection).

Re:Fine by me.

[ivan256]

I guess it's a matter of taste. If you swap those two movies in your comment, you'd have a pretty good summary of my opinion of them. Additionally, the scenarios in Chasing Amy could only ever happen to an elite group of people so far out of touch with reality they hardly exist. Clerks, on the other hand, could be real if not a bit exaggerated.

Actually a success

[zeroharmada]

While I think everybody has been making good points so far, you have to remember that in the long term copy protection is actually winning. While these measures might be meant in name to stop piracy, their true value is in taking out fair use as collateral damage. The goal of DRM is not to stop piracy, but to make it difficult enough that Joe User will not be able to convert or make backups through a point and click interface. If this copy protection has done that, then it is making them money.... shame all it does is hurt the people who legitimately buy their products.

Re:Actually a success

[jfengel]

Do you really think that there's this enormous market of people buying replacements of DVDs that they've already bought but lost or broke?

Or buying a second copy on iTunes because they can't play the DVD on their iPod?

I mean, I'm sure these things happen, but I can't imagine that it's a significant percentage of the market. It seems to me that if they removed the DRM entirely and stopped trying to shut down P2P sharing software, so that you'd have no difficulty downloading anything you wanted, they'd lose far, far more potential sales to people downloading rather than buying.

Re:Actually a success

[danpsmith]

While I think everybody has been making good points so far, you have to remember that in the long term copy protection is actually winning. While these measures might be meant in name to stop piracy, their true value is in taking out fair use as collateral damage. The goal of DRM is not to stop piracy, but to make it difficult enough that Joe User will not be able to convert or make backups through a point and click interface. If this copy protection has done that, then it is making them money.... shame all it does is hurt the people who legitimately buy their products.

Yeah, but if you buy a disc, I for one wouldn't feel the least bit bad about using bittorrent to download a ripped copy with full rights. Or hell, skip buying and go right for the ripped copy.

Re:Actually a success

[mrchaotica]

Do you really think that there's this enormous market of people buying replacements of DVDs that they've already bought but lost or broke?

Or buying a second copy on iTunes because they can't play the DVD on their iPod?

I mean, I'm sure these things happen, but I can't imagine that it's a significant percentage of the market.

Even a single person doing one of these things is a failure of Fair Use, and is therefore unacceptable.

Re:Actually a success

[jfengel]

I wasn't aware that Fair Use was one of those holy rights, like life, liberty, & pursuit of happiness.

So playing the same game, if even a single person who would buy a BloodRayne DVD decides to download it instead, that's a failure of Copyright, and is therefore unacceptable.

We have a conflict of rights. Have you got a better solution other than "my right trumps everybody else's"?

Re:Actually a success

[MobyDisk]

Do you really think that there's this enormous market of people buying replacements of DVDs that they've already bought but lost or broke? No, but there is large market of people buying the same music or video in a different format. VHS->DVD->HDDVD, Cassette->CD->iTunes, etc.

Re:Actually a success

[jedidiah]

Fair use is tied to free speech. By making speech something that can be owned, you interfere with everyone's right to say what they want. In case you haven't been paying attention, you can be sued for singing happy birthday to your friends or family. Understanding of this is why creative works are not treated like real property in the US Constitution. The people who wrote it realized what kind of slippery slope they were dealling with.

Fridays doesn't sing that dorky birthday song just because it has flair.

Re:Actually a success

[Ariastis]

In a market where sales are in the billions, even 1% is a fucking great deal of money.


They way I look at it, all the DRMing thing is financed by that 1% alone. The only drawback for the implementers of ACCs & DRM in general is that they look like idiots/assholes, but guess what, with billions coming in, I think they got used to that and dont really care anymore...

Re:Actually a success

[mrchaotica]

We have a conflict of rights.

No we don't, actually, because copyright (despite the name) is not a "right." It's a privilege invented for the purpose of "promoting progress," nothing more.

Have you got a better solution other than "my right trumps everybody else's"?

How about "everyone's rights trump the privileges of a select few?" Sounds good enough to me!

Great but

[Rik+Sweeney]

Doesn't the lack of HDMI output on the 360 make this a bit of a pointless exercise?

Re:Great but

You can connect the Xbox360 HD-DVD drive to a PC, so ... no, not really pointless.

Re:Great but

[Aladrin]

You haven't been following the news, eh? The 360 'elite' that will be sold very soon has HDMI as one of it's main new features. The other is a larger hard drive.

Re:Great but

[DShard]

It doesn't matter that it doesn't have HDMI after you strip the encryption and play the file from your laptop/media center/DVR

Re:Great but

[Nirvelli]

The drive is a USB drive. They're using it on a computer and the crack lets them rip the disc to the computer.
So the 360's output doesn't really matter.

Irony potential ?

What if the famed power of the PS3 were utilised to break the AACS for every blue-ray disk ?

Re:That does it! I've seen THAT movie before...

[mnemotronic]

That is the second or third remake of "We quit!", and they're not getting any better.

<insert usual rant about inbred entertainment industry management noodlebrains>

AACS

[dattaway]

Another Aacs Crack Soon

Re:AACS

[Dorceon]

How about: AACS Ain't Cryptographically Secure

Re:AACS

[dattaway]

Another Attempt Compromised Security

Re:AACS

[ThisNukes4u]

Well, more like the implementations aren't cryptographically secure.

Defective By Design

[gcnaddict]

Here's an outlandish idea:

Microsoft and Toshiba screwed this up on purpose to undermine the AACS. Defective by Design, sure, but this is probably one of the few times that it ROCKS.

Re:Defective By Design

[Opportunist]

Microsoft does not screw up anything on purpose!

Re:Defective By Design

[Mister+Whirly]

Not so outlandish on Slashdot. Just throw in a Sony rant, and bring up how OS X is inherrently more secure than Windows and you have an automatic +5 Interesting rating...

Re:Defective By Design

[msuarezalvarez]

Great signature! Almost G. B. Shaw-good. ;-)

The biggest blunder of this

is the part where they left the commands in the firmware to "poke" into the drive's memory. That's just... not good for security. Alas, you still need access to the key from the MKB to create the processing key using the VolumeID, so there's still work to do.

I wonder

[BCW2]

When will all the various DRMorons figure out that whatever they create WILL get cracked. They can't win. What a bunch of wasted time & effort! If they adapted their business model to current technology they might see an increase in sales.

Re:I wonder

[photomonkey]

They don't care if it gets cracked. They only care how difficult it is to keep up with the crack-patch cycle. Their goal is to make it difficult or risky for John Q. Everyman to copy movies and music.

They have to know that all their security measures will be broken. They can win by attrition.

Re:I wonder

[mrsteveman1]

I agree, they never wanted to STOP piracy, despite their bitching they all know it isn't possible, save for a few half-retarded executives.

However, the purpose of DRM in the industries eyes is 2 things, first it slows piracy by some measurable degree, and by slows i mean relative to a movies release in a theater or on its HDDVD disc, it DOES take some time to get that movie in a distributable form. This delay supposedly allows the theater or stores to make as much money as possible. This xbox hack once again makes that very quick, but on average it takes longer than it would without DRM. This is the same strategy as the mediasentry people and other p2p poisoning companies.

Second, they always wanted to make sure you had as few rights as possible, so that you can do nothing but watch a purchased movie where they want, how they want, at the times they want. They fully intend on setting the ecosystem up so that you must buy back rights you already had.

I think the true value of these DRM hacks is not gaining access to the media (however that is vital as well), but ensuring that we are technically able to get around future systems with much more problematic purposes, like online censorship.

Kudos!

[iviagnus]

When will they ever learn? What they can conceive, we can circumvent. Either the MPAA/RIAA will bow to consumer demand by (providing content at a much lower price) or they might as well close up shop. Really now, do actors need to be making 12 million dollars for a film? I think not. Likewise, start at the corporate top, and start making salary cuts at the CEO-level.

NO DRM = more ads ?

[Bill,+Shooter+of+Bul]

When they decide that they can't prevent theft, they might just decide that they can instead use the increased distribution to their benefit via increased ads inside each movie.

Might even make sence for them to produce two versions of the movies:

1. Free Electronically distributed , with ads maybe non skipable commercials between chapters
2. Not free, no ads + DRM

of course pirates would still try and rip the add free discs, and or remove the ads from the free version, but it might remove the incentive for many people to pirate the non free disks. I mean, most still watch tv with ads, instead of tivo-ing it and skipping the commercials or downloading it without commercials, right?

Re:NO DRM = more ads ?

[rikkards]

I mean, most still watch tv with ads, instead of tivo-ing it and skipping the commercials or downloading it without commercials, right?

Nope. I have a PVR and I still download most stuff rather than fastfoward through commercials. The only thing I use my PVR for is stuff that isn't high demand

Re:NO DRM = more ads ?

[sqlrob]

How do you make something non-skippable without DRM?

Re:NO DRM = more ads ?

[LordSnooty]

Might even make sence for them to produce two versions of the movies: # Free Electronically distributed , with ads maybe non skipable commercials between chapters

Sure, they can knock themselves out, but I reserve the right to close my eyes and put my fingers in my ears.

Re:NO DRM = more ads ?

[Bill,+Shooter+of+Bul]

No strong enforcement anyway. If you have chapters, attach it to the beginning and ending of each chapter. Or maybe there are no chapters, so you can fast forwards through it, but its still there.

Re:NO DRM = more ads ?

[Bill,+Shooter+of+Bul]

I mean, *most* still watch tv with ads, instead of tivo-ing it and skipping the commercials or downloading it without commercials, right?

From what they tell me, most people aren't slashdot readers. I suspect less of the general public download tv shows than the slashdot readership. I also suspect a higher percentage of linux users here than in redmond, Washington. And for my next trick of prognostication, I predict the sun will rise out of the wesss ... No WAIT I'm getting a feeling from beyond the earth .... EAST. The sun will rise from the EAST tomorrow.

Hacking

[alphamugwump]

This is some sweet hacking.

How ironic that we need to hack hardware that we ourselves own.

Re:Hacking

How ironic that we need to hack hardware that we ourselves own.

When I was a teenager back in the stone age (when nerds used slide rules and weren't in any way "kewl"), guitar fuzzboxes were expensive. I'd hack ten dollar radios into fuzzboxes and sell them at a 200% profit and at a fraction of what a fuzzbox cost in a music store.

It was my hardware. How was that ironic?

Re:Hacking

Hacking hardware you own has been part of the "hacker" culture from day zero.

Re:Hacking

Well, nobody has EVER succeeded in giving both the encryption and the key to somebody else, and preventing them from freely accessing what is encrypted. It's this ludicrous unnatural notion that will prevent DRM from ever working. How in the world will you be able to keep the user from freely accessing the content while at the same time allowing him/her the means of doing so? Include stupid pills with your DVDs?

Give me a lock. Give me the key to that lock.

[mmell]

The key can only be used by media; I can plainly see that the key is quite intricate and ornate, and clearly stamped "Do not duplicate".

Yup - no concievable way I can get a key for my own use to unlock the lock. Can't be done - not even gonna try! All those other cracks I've heard about - I know that none of them could possibly have worked, the *AA has seen to it that the deCSS debacle can't be repeated, right?

Tell ya what - I don't even pay attention to this - let me know when a movie worth watching comes out on Blu-Ray or HD-DVD and I'll start to pay attention - so far, the folks at *AA can just color me unimpressed!

joe user doesnt have to have a ripping utility...

[plasmacutter]

joe user doesn't have to have a ripping utility to regain fair use from this copy protected media.

hd-dvd and bd rips have been showing up on trackers as early as the first crack, and to make things even cushier from a fair use perspective, the media files are generally small enough to burn to a single layer dvd-r (or at most double-layer).. much more accessible to joe user than an overpriced bd or hd-dvd burner (do those even exist yet? how many thousands if they do exist?)

Don't use cracks

[iamacat]

There are plenty of entertainment options. You can watch regular TV, videos on YouTube or just take a walk in the park. Why go out of the way to patronize people who are not willing to serve content the way you like it?

Re:Don't use cracks

Because none of those options will let me see awesome gun fights, car chases, and explosions in glorious 1080p.

You may not like it, but that's the reason.

Re:Don't use cracks

[Ant+P.]

I don't watch hollywood's factory trash and I don't listen to the shit on the Top 40. What right do those nazis have to dictate what operating systems I may or may not use on hardware I bought and own?

Re:Don't use cracks

[iamacat]

Why would the filmmakers of said glorious gunfights give up on DRM if everyone agrees to it then?

Re:Don't use cracks

[J.R.+Random]

It is obvious that those Doom9 guys are having loads of fun. If they get more enjoyment out of cracking the DRM than from watching the idiot movies, why shouldn't they just crack to their heart's content?

Re:Don't use cracks

[TheoMurpse]

Why go out of the way to patronize people who are not willing to serve content the way you like it?

Because if I can just get a better-quality copy of Star Wars, maybe I'll finally understand why Greedo shot first!

Maybe that's because they've been better lately?

[Kadin2048]

I think you definitely have a point, but I think it may be like debating the relative merits of the poem versus a 1,000 page novel. They both have their place.

One of the reasons I think serialized TV shows have become popular lately is because they're not controlled by the big movie studios, at least not as directly. (Yeah, they're mostly bankrolled by the networks, and they're mostly owned by the same handful of media companies, but they're further from the centers of power.) There have been opportunities for and evidence of creativity in mainstream TV that just hasn't been seen in mainstream cinema in a while, and I don't think it's really because of the format itself. That probably helps, but really I don't think there's any fundamental superiority between a short film (think 5-10 mins), a traditional picture (90-120 mins), and a serialized show (as many hours as you want, usually in 20 or 45 minute semi-contained chunks, with seasonal plot arcs of ~10 hrs).

There's a lot of pretty dreadful TV out there, too (daytime soaps?), underlining the point that length may give you a bigger canvas, but it doesn't really make the painting any better. And not to mention the very good movies made over the past century, many of which probably wouldn't be good as serials.

hurm. about 24 hours....

[Churla]

That took longer than I thought it would.

Re:joe user doesnt have to have a ripping utility.

[ben+there...]

hd-dvd and bd rips have been showing up on trackers as early as the first crack, and to make things even cushier from a fair use perspective, the media files are generally small enough to burn to a single layer dvd-r...

I don't know if I'd call those <DVD-size downloads HD-DVD "rips".

We could call them...I don't know...Is "shreds" taken?

If I post like this, it's redundant.

[SPQR_Julian]

If I post like this, it's redundant. Quit saying, cuz I've seen some redundantly repetitive first posts. Not this one, but I have seen some posts that completely repeat themselves quite frequently.

Re:If I post like this, it's redundant.

[Miseph]

Yes, except for the small problem that it's only one word long, and thus does not repeat itself. Good effort, though.

Horray!!

[TheNinjaroach]

That's the best news I've read all week!

DRM isn't about money, it's about control

[Opportunist]

Sure, the money is a nice-to-have feature, but what DRM is about is control. Controling what you may see and what you may not (or no longer) see.

When a movie cannot be seen anymore, you can sell the same script again (as a "new and improved" version). When a song can't be played anymore, you can sell the remix, no matter how crappy it is. Nobody could prove that Han fired first because "the director changed his mind and thinks it's better that way". What you like about a movie doesn't matter anymore. It doesn't matter anymore if you liked an earlier version of a movie or song better, because it does not exist anymore.

Of course this game can be played by governments as well, if they don't want you to see/hear something because it is "inappropriate" for you. Freedom of speech? Sure, say what you want, but nobody ever said anything about some kind of freedom to listen or see.

Or to be heard.

Beeeeep

Java is on BluRay, not HD-DVD.

Thanks for playing. Try again later.

Want to hurt AACS?

[rahvin112]

If someone really wanted to hurt the AACS system they would find and release the playback keys for the top 10 standalone players preferably after one of the formats has achieved success. If the top 10 players suddenly couldn't play the discs anymore and a lot of people had the players, the difficulty in reflashing all those players by the common public would either hurt sales SEVERELY or cause them to not revoke the players for fear of the damage it would do to the reputation of the hi def format.

So if you really want to hurt them, pull out your soldering iron and pull those keys from the standalone players.

Re:Want to hurt AACS?

[sarathmenon]

Just to point out, the _exact_ same thing happened to DVD. Once dvdcss was out, there was no easy way to flash the hundreds of players out there, so the movie companies decided to forget about it. Same for region coding - the spec was ripped out to the point where every sane company decided to turn it off by default.

Re:Want to hurt AACS?

[throx]

That's exactly the point of hitting the X360's HD-DVD player. Similarly, the PS3 has to be the primary target for defeating Blu-Ray. Revoking either key would result in massive class action suits, which makes it not worth it for the distributors to continue defending their DRM scheme.

Van Helsing

[freeweed]

Money doesn't guarantee a movie will be good, but it does heavily indicate the movie won't be appallingly bad.

Except for Van Helsing. Sadly, I watched the entire thing because of a promise - trying to disprove a comment of "this movie has no redeeming value whatsoever"; I didn't think it was possible to spend $200 million and not have SOMETHING worth seeing.

I spent the last 90 minutes of that atrocity thinking up unique and interesting ways to gouge out my eyeballs.

But why?

[I'm+Don+Giovanni]

Why do you guys so badly want to remove the DRM? If you have the disc, then your HD-DVD player will play it, so why strip the DRM? I've heard people saying, "Well, I want to transfer the movie to my iPod", to which I say, "Bullshit". Nobody gives a damn about watching a highdef movie on an iPod. So if you can, please provide legit reasons for "stealing or cracking the key to every code created for the discs". I know there are plenty of illegit reasons, but list some legit ones.

Re:But why?

[SirTalon42]

Playing the movies in Linux for one (the guy that created DeCSS did it for that very reason IIRC). And playing the movie on an iPod or other device is a legit reason (unless you think the person should ALSO buy the movie on DVD to put on the device). Another reason is to be able to make a backup of the movie (can't comment on HD-DVD/BluRay durability, but the durability of some DVDs is HORRIBLE, not to mention it is FAR more convenient to have the movie on your hard drive than floating around who knows where).

Also so you wouldn't have to watch the 10 minute 'COPING MOVIES IS ILLEGAL' or other advertisements at the start of a lot of DVDs (though I don't know if HD-DVD/BluRay have the same things, since I don't own any of the HD movies but figure they do or will).

Re:But why?

[Firethorn]

Pretty much what Sir Talon said.

Media shifting is the major one for me. The ability to strip annoying advertisements and those annoying 'don't copy me!' when I bought the bloody thing is another.

Another nice thing is to be able to grab screenshots and clips for various reasons (fair art).

Re:But why?

>Why do you guys so badly want to remove the DRM?

1) So I can play movies at 1080i on my component only HDTV. Legitimate enough for you? Because you can't do that now on any "legitimate" player.

2) So I can play movies at full resolution on my 1600x1200 VGA or DVI-1 computer monitor. You can't do that now. It's downscaled to 640x480. Legitimate enough again?

1) is not at all a rare case, as not everyone bought their HDTV in the past 2 or 3 years. 2) is also not at all a rare case, as the vast majority of monitors out there are not HDCP compliant.

I would be very surprised to find out that there are more HDCP enabled TVs than the items screwed over in 1) and 2). If I'm right, right now the VAST MAJORITY of customers are not getting the full experience out of the disc that they are paying for. Some of them might not be noticing it because they're half blind or don't care, but that doesn't make it right. Saying that's right is like saying it's OK to give the wrong bills in change to a blind man.

Basically, I think it's fair to say I want to play HD movies at full resolution on something OTHER than just an HDCP enabled TV. And it's fair to say that I shouldn't have to buy anything more than an HD player for that.

And that's not just worring about transferring it to other devices. 1) and 2) are 100% legitimate uses without even invoking the lame "fair use" clause with any other media (except DVD) in the world, even in the USA. If it weren't for the DMCA, it would even be legitimate for HDDVD, DVD and Bluray. And, if it weren't for the ridiculous notion that people could copy the movie from the VGA cable (come on, they don't even make RAIDs that fast for consumers, never mind the lack of capture cards under $10k) the studios would be gung ho about it too.

Have I mentioned that HDDVD/Bluray can turn off your TVs HDCP support if it's access key is hacked in the same model TV halfway across the world? That's just one more reason to hate the scheme. Imagine your car not starting anymore because someone in China has figured out how to hack the computer in the car so that he can start it without a key. It's just that bullshitty (tm).

"If they adapted their business model" ...

[I'm+Don+Giovanni]

"If they adapted their business model"? WTF is that supposed to mean? You mean, simply give the movies away for free and live off of "support"? Explain what you mean, if you will.

Re:"If they adapted their business model" ...

[BCW2]

By making it available in whatever format is desired, at a price most are willing to pay.
In music Itunes has changed the business model. People pay $.99 for songs they want and don't buy the whole CD. When was the last time a CD came out with 12+ "really good" songs on it? Everyone that pays for music buys singles now and avoids the "filler" tracks. Movies don't need to cost $12 - $20 for a DVD. Sell downloads for $7.50, about the same as a ticket to the theatre. People can then rip their own DVD's. Piracy will never end, I don't care what laws or penalties come, someone will always do it for the fun/challenge, deal with it!

Re:"If they adapted their business model" ...

[WozNZ]

They are trying to charge a LOT for an item that costs near to nothing to copy and distribute. That is the problem.

Their business monel WORKED when it was not cheap to copy and distribute copies which is why they always try and get "taxes" put on the various forms of blank media.

An all you can eat Global licence is a far better solution. Anyone that wants legal access to music or films pays a monthly subscription, the same way you pay your Sky or Cable subscription now. Probably paid at the ISP level.

Every "item" downloaded is counted and then each month the royalties are distributed to the artists based on a pro-rate of download counts.

How hard can it be. The subs can be low because of the number of people paying them.

Change or die. The RIAA and MPAA know their death is coming, they just want to use DRM and the courts to prolong their life.

MOD PARENT UP

[gratemyl]

"Interesting" x 5!

Smart input - MOD UP.

We should be so lucky...

[Theatetus]

Seriously, I used to buy that argument until I stopped wasting time with major-studio movies and major-label music. I haven't looked back. If that whole alleged "industry" were to disappear tomorrow I wouldn't miss it for a second, and I'd probably have an even wider array of independent local (and non-local) filmmakers and musicians to enjoy.

What's the big bad scary secret these middlemen-industries don't want you to know? They aren't necessary.

They aren't really that scared you're going to copy Pirates of the Carribean. I mean, sure, they would rather you not. But that's not what's keeping them up at night. What is scaring them is that without locked-down video and music playing hardware devices, anybody can make music or a movie and anybody can watch and listen to them. They've built their fortunes by standing in between artists and people who want art. And the technology just doesn't leave much of a place for them anymore.

It's Always Nice...

[Nom+du+Keyboard]

It's always nice when a crack applies to the largest installed base. Makes attempts to close it up all that much harder for the copyright mafia.

Learning...?

[Jugalator]

When will the DRM devs learn that it's generally a poor idea to encrypt stuff, and then send the encryption keys along?

Sure, it's hard to do otherwise in case they don't want to require an Internet connection to play pretty much anything, but that's when you should start realising that pumping R&D money in DRM techs is just a big waste of money.

...Catwoman...

[abb3w]

85 Megabucks to get Three Golden Raspberries. Kudos to Halle Berry for accepting hers with style, not to mention graciously thanking everyone who had helped her get there.

I suspect some more comparing via the BoxOfficeProphets.com database with the list of Razzie winners and nominees could turn up a few other coprolites.

It's extremely high stakes Sudoku...

...and you know everyone loves a good puzzle!

Insofar as the format war...

[Darundal]

...I consider this a selling point in favor of HD-DVD.

Blu-ray please

Please guys, start working on Blu-ray too. We want the DRM in both formats to be useless.

Re:Maybe that's because they've been better lately

The difference is that television shows are mostly controlled by the writers. Movies are controlled by the director, the writer just works on the film like the carpenter building a set.

Spelling correction.

[crhylove]

Pwned. Geez, it's like you've never played Urban Terror before.

Re:Spelling correction.

[Spazntwich]

Whoah whoah whoa what the FUCK? I was just playing a UrT game in which some random players I didn't recognize knew both myself and my brother, and now this?

Non Recursive.

[crhylove]

Anally Anti-Consumer Security?

And recursive:

AACS Adds Cracked Security!

That wouldn't work

[swillden]

If someone really wanted to hurt the AACS system they would find and release the playback keys for the top 10 standalone players preferably after one of the formats has achieved success. If the top 10 players suddenly couldn't play the discs anymore and a lot of people had the players, the difficulty in reflashing all those players by the common public would either hurt sales SEVERELY or cause them to not revoke the players for fear of the damage it would do to the reputation of the hi def format.

Sorry, while that would have worked for DVD players (had CSS not been so utterly braindead as to make it unnecessary), it won't work for HD-DVD or Blu-Ray. The key revocation scheme in AACS allows individual players -- not brands of players or even models of players, individual physical units -- to be separately revoked. So, if you extracted the keys from one unit of each of the top 10 models, and published them so they'd be revoked, you'd have succeeded in disabling exactly 10 players. All other units of those 10 models would continue to work fine.

No, the thing to do is to extract the keys from one player, and then start extracting media keys from each movie published and put them in an on-line database. Put this centralized database in a county where the laws allow it, and get people all over the world to mirror it, and contribute to it.

They could defeat this attack by using media keys that are unique per disk, but that would make disk production vastly more expensive, since they couldn't just create a master image and stamp out copies.

Re:That wouldn't work

[Overzeetop]

Sorry for not modding you up, but I'm somewhat curious:

If the players each have a unique key, what is the probability that the keys which are used to identify the player are (mathematically) sequential? I don't know squat about cryptography, or the way AACS works, except for what I read here (that's very sad, indeed). Nonetheless, it has been proven that most manufacturers are unbelievably lazy when it comes to this sort of thing. If there is a chance that the player keys are sequentially assigned (within the cryptographic "series" if there is such a thing), it would be theoretically possible to expose a large number of keys from a few data points. That _would_ have the effect of screwing up a large base of installed players.

I expect the details would make such a process very difficult, and once performed the manufacturers would likely resort to a pseudo-random asignment, but it sure would be fun to watch. As long as my (future) player wasn't one of the ones revoked. ;-)

Re:That wouldn't work

[swillden]

If the players each have a unique key, what is the probability that the keys which are used to identify the player are (mathematically) sequential?

The probability that any two device keys are sequential is almost certainly 1/2^128.

I expect the details would make such a process very difficult, and once performed the manufacturers would likely resort to a pseudo-random asignment, but it sure would be fun to watch.

Actually, from the manufacturers' perspective, they're not random at all. Imagine a large binary tree with 31 levels, and therefore 2^31 (~two billion) nodes. For each of these nodes, the AACSLA (Licensing Administrator) generated a key, almost certainly using a good hardware random number generator. Each device is assigned a set of keys derived from the keys in this tree by encrypting a pre-defined 128-bit number with AES and the keys from the tree, applied a certain number of times in a certain way. I believe the AACSLA delivers the pre-computed, per-device keysets to manufacturers, rather than providing the keys needed to generate the keysets.

So the only way manufacturers could really be lazy and still produce working devices is by reusing key sets, and the manufacturer really has no reason to do that, other than maybe a miniscule efficiency gain during production, and quite a lot to lose from it -- the AACSLA could revoke any or all of the manufacturers' devices at any time, and the manufacturer would have no legal and scant moral recourse.

Re:That wouldn't work

[petermgreen]

All other units of those 10 models would continue to work fine.
if you've extracted the key from one player you can probablly do it to another one of the same model and publish your results so others can copy it.

hence they will either have to revoke the whole player line or deal with a stream of keys coming from many players of the same model.

Re:That wouldn't work

[swillden]

if you've extracted the key from one player you can probably do it to another one of the same model and publish your results so others can copy it.

Sure, but it takes effort -- probably significant effort -- for each device.

hence they will either have to revoke the whole player line or deal with a stream of keys coming from many players of the same model.

Which isn't really an issue for them. Revoking keys is easy, and since each revoked key only eats, on average, 21 bytes of the future HD-DVD/Blu-Ray disks, they can easily accommodate millions of revoked keys. Actually, if devices of the same model are given adjacent keypaths, it there will be more "blocks" of revocations, which will reduce the space needed on disks.

Published player keys are easy for them to address, because they designed for it. Published media keys are a different story.

Listen to isolated 5.1 audio channels

[HTH+NE1]

I'd love to see 24 without explosions

If you're watching the HD version with 5.1 sound, try disconnecting all but the center speaker.

Personally, I like listening to everything but the center speaker. Or even just the left and right channels on an iPod. Then I entertain thoughts about how fun it would be to create a season-long parody of it, substituting alternate dialog in the center channel. Maybe call it "Funny Tor".

One thing about the slashdot crowd..

I know this is a waste of time, but..

The slashdot crowd seem to love news like this, and claim that copy protection etc limit freedom and choice. However, what if I choose to sell a piece of software, and not follow the OSS model? Where is my freedom from piracy? OSS and proprietry software both have their place, and if you don't believe in the right to sell software without having it pirated, you might just be a hypocrite...

Thanks

[Overzeetop]

Interesting, and very likely correct. I was under the naieve assumption that the manufacturers would be generating player keys themselves. That, of course, would be foolish from the AACSLA perspective.

Welcome

[swillden]

If you're interested in the details, the specifications are available on the AACSLA web site, http://www.aacsla.com/

they have no "right" to sales

[plasmacutter]

t seems to me that if they removed the DRM entirely and stopped trying to shut down P2P sharing software, so that you'd have no difficulty downloading anything you wanted, they'd lose far, far more potential sales to people downloading rather than buying.

this same argument can be made for shutting down lowes to protect home depot, or shutting down the airlines to protect the railroads, or shutting down the auto industry to protect the buggy whip manufacturers.

no business has a "right" to sales. "potential sales" are only that, potential. every local restaurant around here has "potential sales" "stolen" from it by the others.. maybe we should shut down everything but fridays because fridays lost potential sales to longhorn steakhouse, sidelines grill, or ruby tuesday.

oh wait.. those are all huge companies, and only individuals are fair game for stripmining consumer and civil liberties.

and don't confuse copyright with real rights we should be guaranteed through constitutional limitation of government power, copyright was merely "allowed".. it is a priviledge granted ONLY for the promotion of progress. at this point it can best be classified as "regress".. oh wait.. bad pun comming!... "CONGRESS!"

Re:joe user doesnt have to have a ripping utility.

[plasmacutter]

it's not my fault a group of teens and twenties in their garages and college dorms are vastly better at video encoding than the cartel mastering houses

Obligatory

[TheoMurpse]

Sounds like hitting GOAL would be a trivial task which would imply you win FERRARI and HOOKERS.

In fact, forget the FERRARI.

Re:joe user doesnt have to have a ripping utility.

[ben+there...]

it's not my fault a group of teens and twenties in their garages and college dorms are vastly better at video encoding than the cartel mastering houses

Well, they think they are. That's for sure. But if you want a horribly compressed DVD5 at 720p, why not take the DVD9, resize it to 720p, then compress that to H.264. You end up with almost the same result. In other words, it has the quality of the DVD. You might as well just get the DVD.

A 15 GB MPEG-2 HD movie might compress well to a DVD9. Not a DVD5. And not the 30-45 GB Blu-Ray rips. The smallest that makes any sense for those is 2x DVD9 (9-18 GB H.264).

H.264 is damn good. But it is not magic. MD5 and SHA-1 will compress an HD movie to fit on a DVD5 too, but it's a bit lossy...

Re:joe user doesnt have to have a ripping utility.

[plasmacutter]

that's not the point i was making.

no.. codecs are not "magic".

however, most processing houses, rather than apply proper filtering and encoding settings, will just "throw bitrate" at the problem until it goes away.

that's why dvds and their hd counterparts are FrIcKiN HuEg LiEk XbOx.

(that, and many simply want to make the files large enough to discourage fair use by requiring more expensive dual layer media.. which until recently was not even available)

the kids actually do a proper job and trim the fat.

We get that because democracy is flawed.

[jotaeleemeese]

Companies, corporations and cartels should have no input whatsoever in the political process as dontaors, sponsors, etc.

That skews the political system on their favour, instead of finding fair solutions for everybody involved, politicians find solutions for the people that make possible for them to remain in office ( not the voters, but their campaign contributors, campaign money is what gives them a chance to get elected in the first place. Money comes before voters).

As long as US people do not drill that on their skulls and make it a high priority to get it fixed, the corporations will continue waging war by proxy against the US citizenry (and against the rest of the world by proxy, given the influence the US has politically and economically).

Inquiring minds want to know

My ex-gf was in a scifi film made in Death Valley by a couple of kids with a VHS camcorder and I couldn't stand to watch it even though it was my girlfriend and she took her shirt off.

Where's the torrent? thx.

DRM Sucks

I'm not a coward, just I dont see a point on stupid registering in every webpage for a single reply to a single article.
The DRM will never beat the users, this was just another prove of PurePwnage :)))

LOL, UrT....

[crhylove]

Yeah, I've been a fan since the early 2.x releases, and now it turns out this guy who runs the main studio where we've been recording is a huge fan.

rhY