Slashdot Mirror
New AACS Crack Called "Undefeatable"
Tuoqui writes "With all the focus on the infamous hexadecimal number, people may be ignoring a bigger weakness in the AACS armor, which emerged two weeks ago. Some hackers have figured out how to crack AACS in a way that cannot be defeated, even by revoking all the keys in circulation."
I'm just enjoying my coffee, and suddenly I'm faced with an article about somebody's crack!
Fust psot!
Oh I know, don't use HD-DVD...there...defeated.
In a world of acronyms, the words are the real victims.
Nothing for you to see here. Please move along.
Huh, looks like the new strategy is issuing DMCA Takedown orders against anyone who suggests that it is undefeatable...
Summation 2
"I reject your AACS crack and substitute my own"
.... Then maybe media companies will give up this DRM non-sense which does nothing but frustrate consumers and slow the adoption rate of digital media in the mass market.
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
Basically this crack relies on using a Microsoft HD-DVD drive for the XBox 360, with a special firmware patch (which requires you to remove the firmware chip, flash it, and then solder it back in). With a hacked drive, you can apparently get the Volume ID, which is one of the parameters used in the encryption, directly off of the disc. Normally the Volume ID isn't passed to the host computer, I think.
Anyway, in the bizarro-world that the people who write DRM systems inhabit, I think that this will probably just push them to make the drives harder to "tamper" with; I fully expect that they'll eventually just pot the circuit boards in epoxy or something, to keep you from desoldering the chips.
So if you're interested in this stuff, you might as well go out and get one of the MS drives or other first-gen drives, because I suspect the hacking possibilities may decrease over time; it's going to be these early drives which are the most hackable.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
Do we walk away. This issue is so stupid it is insulting. We could be discussing important issues but are wasting time on this.
/.ers can make arguments to the contrary, and I respect your opinions. Forgive me for being sick over this waste of intelligent resources.
My gripe on this issue is similar to my gripes about U.S. politics. The whole friggin system is irrelevant.
All apologies to those who feel that DRM is still a relevant freedom related issue... But I honestly feel that discussing this is just a drain on resources that could be directed towards more fertile topics.
I have no doubt that many
Regards.
"No matter how many Private Host Keys they revoke we will still be able to get Volume IDs using patched xbox 360 HD DVD drives."
I hope the hacker isn't suggesting that this whole encryption key debackle is somehow Microsoft's fault, could you imagine the lawsuit?
Summation 2
I wanted to show a friend what happened on digg, and went back a few days and can barely find any of the hd dvd key stories. I know kevin rose posted that entry saying they basically give up, and the users have spoken kind of thing, but at the same time it seems all those additional stories are gone as well.
Punishing legitimate customers since it's inception. I got reminded of this again today after not being able to play a DVD in my Powerbook because of region encoding. Funny thing is, this DVD is only really of extreme local interest and any outside interest/sales are negligible - since it's only sold in one region so why do the authors enforce region encoding? Do they not know what it is?
Maybe it's better to pirate afterall. Less hassles that way.
All apologies to those who feel that DRM is still a relevant freedom related issue... But I honestly feel that discussing this is just a drain on resources that could be directed towards more fertile topics.
... we were getting so close to a breakthrough there, I don't know how we got off-track.
Yeah, like arguing the relative merits of Linux versus Windows, or Apple versus MS
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
If they didn't learn anything from the countless other times this has happened to other forms of DRM, I don't know what makes you think they'll learn anything from this one.
I have to wonder if the huge amount of HD-DVD hack coverage lately is starting to make Sony wish that someone would spend more time hacking Blu-Ray. There's no such thing as bad press?
Erm, how is this undefetable? If they don't mind sacraficeing the 360, couldn't whoever manages these things revoke its keys and not issue new ones, so that it can't get the volume key, so it can't decrypt the disk?
I'm probably misunderstanding something, though
you are attempting to control the flow of ones and zeros in a world where an electronic communication system designed to withstand a nuclear attack is now ubiquitous
you should give up. you've lost, and will keep losing. it's just silly to keep going down this path. there is only more pain in store for you
people will still make movies. people will still make music. it's just that your particular pre-internet business model is now obsolete
go ask the aztecs or the incans if the appearance of new technology was fair to their empires
it wasn't. but it didn't stop technology in the form of gunpowder and sailing ships and metal armor from rendering them obsolete
so it is with you and the internet
sorry
reality is a bitch
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Published: April 15, 2007 - 11:30PM CT
?giS
But wouldn't that make it hard to fry eggs on your XBOX? I mean, who are you kidding?
Please stop stalking me, bro.
a fitting quote might be:-
"what physical science can devise and synthesize, physical science can analyse and duplicate" - e. e. doc smith (one of my favorite authors).
sorry almost forgot the obligatory 09F911029D74E35BD84156C5635688C0!
While this scheme may not be defeated, I certainly can by strong armed legal tactics by the movie industry likely to stem from my using this approach.
-m
For a real laugh, check-out the formerly-known-as Secret Number as Photoshop art. My personal favorite is #12. The funniest part of all was as I went through the list, an animated ad for Blu-Ray high-definition movie playback popped in after image #9. It doesn't get better than that!
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Did anyone notice that this article is nearly 3 weeks old? Really on the ball there, Slashdot.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Think about this for a second.
I didn't post a single negative comment about cracking DRM. There are simply more important things to be discussing than our access to privatley generated content such as movies.
But forgive me. The first thing I read upon waking up was that gunmen had siezed hostages in Nigeria, my congress was folding over the Iraq withdrawal, and certain drugs commonly prescribed to menopausal women were significant contributors to cancer.
Why am I modded Troll for thinking that having access to movies is really an insignificant issue? I wasn't even disrespectful. Then again, I have liked very few things Hollywood has produced anytime recently.
Regards.
HandBrake is your friend.
With the size of today's hard drives, carrying around physical DVDs to watch on one's Powerbook just seems silly. Rip 'em (I personally think most movies look fine using MPEG-4 2-pass, target size of 700MB) and chuck 'em on your hard drive; uses a lot less battery power and it's one less thing to have to keep in your laptop bag.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
You're missing the point here. Everybody doesn't have to do this. One person does this and posts Volume Keys for each new release, allowing everyone else to simply decode with the volume key. If this truly can't be revoked, then it doesn't matter it they make it inaccessible tomorrow. Not until every existing modded player breaks beyond repair would it be secure again.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Good, because now I don't have to admit I'm getting old and can't remember that 09 F-something something.
More Twoson than Cupertino
Where is it appropriate to say 'let Hollywood take their ball and go home?'
Regards.
i wonder why they didnt use a zero knowledge protocol http://en.wikipedia.org/wiki/Zero-knowledge_proof to defend them disks, bundling the keys with the cds is only delaying the inevitable
The big problem with DRM is the fact that one leak is all it takes. After one person successfully removes the DRM from the protected media, it can be copied endlessly. So sure, HD-DVD might get harder to crack through physical lock-downs on the devices, but we'll still be able to download the results from a successfully cracked movie.
http://it.slashdot.org/article.pl?sid=07/04/12/164 228
Developing an overblown DRM system: Millions of dollars.
Hiring consultants to tell you it'll really, really work this time after firing all the ones who informed you copy protection is a cryptographic impossibility: Thousands of dollars.
Paying lawyers to send cease-and-desist letters to thousands of websites after the key leaks: $500/hour.
Watching yet another DRM scheme go up in flames shortly after its release: Priceless.
To fight the war on terror, stop being afraid.
You are wrong, there are actually places where DRM works for the distributors: A couple of years ago it was possible to buy pirated cards for your satellite-TV receiver, so you could watch all channels for free. People had been doing this since the 80's. Every time the operators invented a new encryption, it was soon cracked and new pirated cards was out for sale. But this ended a couple of years ago, when the current encryption schemes (like Viaccess) was introduced. No one has been able to crack these schemes and most people has lost hope that they ever will be cracked. So the TV networks won in the end. But I guess now people download their their TV-shows with bit torrent instead.
The bad news is, once the media conglomerate PHB's stop taking meetings about next year's bonuses, they'll finally comprehend that storing private keys on the media they sell is a bad idea.
They'll force Trusted Platform Computing as a new and cheaper High Definition format. The private keys will then be stored on a smart card module. Smart cards run their own OS and are quite specifically designed to self-destruct in the event specific programmed communication protocols are not followed.
Bad guys just sniff the data channel then right? Well, the data channel will be encrypted (about version 3.0, but eventually) Then what? Then they you, your computer AND the media player device and your media are merely rented, just like cable TV with even more harm done to new/independent sources of media.
In the "ownership society" era we are in right now, the limits to your media will continue to expand. This is a perfect example of the consequences politically expedient "free market" and some Libertarian pablum. Those whacky Socialist/Communist ideas that Americans love to hate start looking pretty good. Of course, no American will admit it and call it something new, like "Consumer Friendly Media."
If you've read this far, then what are you going to do about it? Most likely just welcome our new media conglomerate overlords.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
Wesley Willis' mother will be overjoyed!
Latewire
The article is a little old, the links to the doom9 forum go to posts from early last month. Within a few days of those posts, there was a link to xboxhackers where they were able to accomplish the same thing without having to patch the firmware, ie, no desoldering.
That's pretty interesting. (In TFA the [hack|crack]er is quoted as saying that one of their goals is to eventually be able to pull the Volume Unique Key from the drive without a hardware hack, but he made it seem pretty far off.) I didn't know they had gotten to that point already.
Slightly OT: I'm really hoping that someone will write up a good introduction to how AACS works, in semi-layman's terms. I've read the official AACS documentation (as much of it is public, anyway) and it's not the easiest thing in the world to get your head around, if it's not your field already. It's obvious these Doom9 guys know their shit, but it would be nice if somebody made some documentation just so the rest of us know what the hell is going on; AACS has so many keys and keyblocks and keys-within-keys-within-keys that I'm never quite clear what exactly they've cracked, or which key is required to read the actual content without any other intervention from the player.
It would really be good if Wikipedia handled that, but right now the AACS article is just a lot of news-bites about the progress of the hacking, and it's very light on the technical stuff (and it's currently locked due to some pissing contest or other).
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
True, but they aren't really trying to protect their movies from being copied. If they really wanted, they could use 2048bits RSA keys to protect their content like MS DRMs 360 games. AACS was weak even before the first blu-ray or hd-dvd was released. The drm in the discs only serve as way0 for them to enforce DMCA. DRM+DMCA is somewhat good copyright protection.
you don't? good for you. but stop criticizing me. i bought my slaves fair and square
"Just because emancipation made some slaves free does not give anyone the right to ask that other slaves be set free. Many new territories out West are being opened up and work just fine without slaves and they produce good crops. Buy from them if you want to consume slavery-free agriculture. It is really that simple."
no, it's not that simple. when a change comes, it comes. it's not about choosing not to respect a law, it's about being unable to respect a law. the paradigm of looking at ones and zeros as freeflowing is not able to respect the world where ones and zeros could or should or would be somehow controlled. in a fundamental way the template doesn't fit the world anymore. speaking the language of copyright on the internet is like someone speaking quechua to someone who only understand spanish: there is no possibility of working together. copyright law was written in an age when only a handful of corporate players could distribute music. now any teenager in his basement can perform the same function an entire corporate behemoth was needed for in 1980. the previous world was easy to police. the new one is impossible to
but of course grumpy old men who don't understand what fundamental change means can still write all sorts of laws attempting to control the flow of bits
grumpy old men: meet poor, highly motivated, unimpressed with copyright, technologically literate teenagers
you tell me who prevails
i'm not asking you to tell me what SHOULD happen, i'm asking you to tell yourself what WILL happen
right and wrong is not the issue. how society understands how things work is the issue. and that has fundamentally changed, inexorably. is it wrong that the best archer in the english army, who has devoted his life to the pursuit of marksmanship, can be defeated by a machine gun in the hands of a blind drunk? is it unfair? yes, it is wrong, and yes, it is unfair. BUT IT IS ALSO JUST THE WAY IT IS. accpet it. move on. the era your mind clings and its legal structures is over, defeated, antiquated, dissolved
it's called "progress"
many an era in human history ends with a few old die hards bitter and clinging to the past and the way things used to work and the way things "should" work and the way things "always worked fine" and the way thing "by moral provenance is the only way to work"
blah blah blah
are you one of those fossils?
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
I own 2 legitimately, untampered-with DVD players, several computers with DVD drives, and an old XBox. When I rent or purchase a DVD that I am unable to play on any of these devices, nothing makes me more livid (especially when I'm already moody because I'm hungry and planned to eat while watching the DVD). It's actually to the point now where I look at the back of the DVD to see who the publisher is before renting or purchasing it, because I've found my devices especially have trouble with Sony DVDs, of course. I've never even made a copy of a DVD or pirated any DVDs, but I can honestly say that as it becomes more painful for me to legitimately watch my DVDs, I will eventually be driven to circumvent their DRM entirely as that would be less painful of a process. It just pisses me off, but there are some movies I would really enjoy watching and owning a legitimate copy of, but I simply won't spend a penny of mine if Sony's name is on it. Furthermore, Sony's BS about hardware manufacturers needing to keep up-to-date with their latest DRM mechanisms doesn't bode well either - I'm not replacing any of these devices which work perfectly fine with the exception of their purposely fouled media.
When will the media industry understand what this is about? Hackers are not working on breaking AACS so they can copy movies illegally, they are doing it because it is a challenge. Who in their right mind is going to spend hours downloading a 40GB HD movie from bit torrent? Most pirates would be perfectly happy with a divx or xvid rip which doesn't even need a high definition source. Thing is, there are certain people who have nothing better to do than sit at home all day and work on cracking *something*. These are the people who take no showers and eat only so they can shit on "The Man". Most of them probably don't even like watching movies to begin with. They are doing it simply to prove they can and all it takes is one greasy haired basement dwelling geek to crack it and the cat's out of the bag.
As a consumer, I find it ridiculous that I should pay $19.99 for a disk that I can't use as I please. I use Mythtv for my HTPC and as a result, I can't play HD-DVD disks in it (Linux doesn't support HDCP). If I want to play the content on my desktop computer, I will require a new video card and a new monitor. WTF? The hardware I have now is perfectly capable and I'm not going to purchase new hardware just to play a damn movie. I will not pay for something I can't use the way I see fit. If the MPAA (et. al.) doesn't get it by now, then I'll just spend my money on something else.
Maybe I'm not being a good consumer by spending money I don't have on stuff I don't need, but the only reason I'd bow down to corporate America would be to let it kiss my ass.
This means that person has to buy every single movie that is released. Not very feasible.
The sky above the port was the color of bittorrent, tuned to a dead tracker.
"It's not like I'm leeching," MPAAse heard someone say, as he shouldered his way through the crowd around the door of Reality. "It's like my body's developed this massive plot deficiency." It was a Slashdot voice and a Slashdot joke...
Apologies to Gibson.
Somebody give this a "haha" tag....
You aren't supposed to let them know we know.
"You'll get nothing, and you'll like it!"
Are you implying that ALL forms of DRM have been cracked? Care to back that up?
Reading the slashdot summary, and even the article itself, you may not realize that the Volume ID is just one piece of the puzzle.
The Volume ID is a small bit of data that's stored partially in the lead-in section, and partially in some other non-data area physically on the disc (which I don't fully understand, and apparently isn't available in the public HD-DVD documentation and is only available under NDA). Compliant drives only read and provide the volume ID after completing a cryptographic handshake, which hasn't been broken yet. So now they've made a firmware patch so the drive reads the Volume ID without authorization, without going through the as-yet-uncracked crpyto authorization process.
The purpose of the Volume ID is to prevent copying a disc by simply copying all its data. Because the Volume ID isn't stored within the data sectors, it can't be read normally. Well, that is, without impersonating the software (which hasn't been accomplished yet), or without a modified drive that doesn't require the software to authenticate before reading and returning the data.
That's all. Just one piece, not a full crack of AACS.
PJRC: Electronic Projects, 8051 Microcontroller Tools
SOP in "the scene": they'd just find somebody who works for a video store, disc duplicator, or retailer (or anybody else with fast, privileged access to new media, and halfway decent broadband), send them a drive, and have them do the rips on the releases each week.
This means that person has to buy every single movie that is released. Not very feasible.
Or rents it, or borrows it from a library or friends, or works somewhere that they can get access to a large quantity of titles....
well, you could go hiking, or read a good book. perhaps you could have a good slice of pizza. maybe it does get better than that?
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Hi. You're going to stop issuing DMCA takedown notices. You're going to publicly announce that DRM will never work. Or, these guys here are going to plaster your AACS Processing Key all over the Internet, Digg-style.
Look, the people you are after are your customers. We watch your movies, we listen to your music, we buy your merchandise. We pay you while you sleep.
Do not fuck with us.
:(){
When you have access to the replay hardware, no "encryption" can ever be secure.
Comment removed based on user account deletion
It's about control, and who controls whom.
This isn't just about DRM, it's about dictating every part of your media playback system: no participation in creating content (home, low-budget & independent movies/music, etc.) nor in creating playback systems (no MythTV, homebrew playback hardware/software, etc.). It's about marginalizing everyone who does not fork over licensing cash - LOTS of it - to those holding the core IP rights. Don't pay? can't play.
From AACS to HDMI via DCMA, they want to own every bit - figurative and literal - of the entertainment center in every living room.
Can we get a "-1 Wrong" moderation option?
I quite enjoyed movies and music.
You know, there is a difference between trolling and pointing out the flaws in your reasoning. Just saying.
"I can't think of any way to resolve that conflict: anything that allowed you to make excerpts or backups or format-shift would also be used to make things freely available P2P."
This is true, but it doesn't change anything to the rights consumers have. whatever the **AA's do, they should do it without trampling on our rights with the excuse that it might be abused. a car can be used for joyriding or for killing someone too, yet it does not mean carsellers can order us around how to use our wars and on which roads we can drive - I don't think even you would accept that.
You seem to be complaining about the irrational and inconsistent behaviour of slashdot(ers)...but in fact it's very rational and consistent, we (well, most slashdotters, that is) just take the rights of the consumers as our first focus, not the profits of companies. I doubt you would see many complain if **AAs would come up with something that safegards all our consumer-rights. The actions they've done thusfar, have often been done in total disregard of any of our rights, and this includes encryption and suing people without actually checking the facts (for instance; downloading on a P2P is not neceseraly illegal if you're not uploading).
The bottom line is, excerpts or backups or format-shift belong to our basic rights as consumers, and whether or not abuse is possible, that is not our concern, and can not be invoked as a reason to take away our rights. It's this slashdot is pointing out, and they *are* rather consistent in it.
--- "To pee or not to pee, that is the question." ---
So, another DRM system devised with more complicated encryption, another DRM system cracked by even cleverer hardware hackers.
Yay.
I notice, however, that digital camcorder technology is quickly improving. How long will it be before a $1000 camcorder pointed at a television playing a HD-DVD will produce an image of decent quality? There will always be quality losses in analog transfer, but when those quality losses are no greater than those that you get from recompression to internet-friendly sizes, who cares?
Digital still cameras are also getting faster and more flexible with their timings. If a camera is capable of recording, say, 8-10fps at 1024 x whatever continuously, then all you have to do is sync the shutter trigger with every third frame retrace signal and you've pulled down every third frame of the movie. So, three trips through, and you've got a high-quality jpeg of every frame. Unfortunately all the timing data I can find is for dSLR's using ~10 megapixel images, but my three-year-old $200 camera using a slow card can do 4fps continuous at its 2000 x 1500 resolution... so a modern SLR set on the lowest resolution might be able to manage it.
This sounds like a pain, but so is soldering chips and whatnot. The point, as everyone knows, is that if one guy with $1000 of equipment can spend ten hours and pull a decent copy of the movie out of the analog hole, video DRM is dead.
The analog hole is sort of the death knell of audio DRM -- sound is easy to record. How long before video succumbs also?
I can devise two large prime numbers and synthesize a composite number by multiplying them. You can't analyse it and figure out the primes I used.
I have mod points, but what the heck. The slashdot editors strike again - posting stories without checking their facts. I've been following this since the muslix64 hack, so I do know what I'm talking about. I'm quoting the 'hacker' (arnezami - great guy) mentioned in the Ars Technica article:
QUOTE - Original post
In order to decrypt a disc you need the keys the content is encrypted with. These we usually refer to as Volume Unique Keys (although technically VUKs give Title Keys which are used to decrypt the content but this amounts to the same thing). What is important is that VUKs cannot be revoked. In other words: once we have a VUK for a disc then the AACS decryption-protection is broken for that disc. AACS cannot undo this.
So how can we get VUKs?
There are several ways to get VUKs for discs. But none of them are permanent solutions for retrieving all VUKs for all discs (released in the future).
* Get the VUKs out of "old" versions of a Software Player * Get a Volume ID (unique per movie) and a Processing Key (unique per Media Key Block version) and calculate the VUK.
The first method will expire quickly: we can now use WinDVD to retrieve VUKs out of its memory. But when new discs come out they won't work with this old version of WinDVD so you would have to install a new version. Therefore making this method obsolete for new discs.
The second method requires not one piece of information (like taking a single VUK out of the memory of WinDVD) but two pieces of information. We have several techniques now for a drive to reveal the Volume ID of a disc. So this part of the method is permanent. However the Processing Key will change every time they change to a new MKB version. And since we also need this second piece of information to calculate a VUK for a disc we always need to get the new Processing Key out of some player (whether its a Software Player or a standalone). The Processing Key (or better a Device Key) is very powerful though: if found it makes it possible to decrypt all discs released so far (assuming we can also retrieve the Volume IDs of those discs).
UNQUOTE
Moral of the story: We still need the processing key and that can be changed by the AACS, or by the abuse of language, "revoked". So the new AACS Crack is not "Undefeatable".
The only development since the time this article was written is that the firmware doesn't need to be changed anymore for the drive to reveal the VolumeID. There are some standard commands which get the job done.
Forgive me for being totally clueless.... but can someone explain this to me? I never really understood why it was impossible to make a copy of a DVD (or some CDs) without cracking it. Or why you need a no-CD crack for game CDs. If the data on a CD or DVD is just 1s and 0s... why can't you just make an exact copy of the 1s and 0s onto the blank CD and why won't that work? Why do you even need to decrypt it? The only thing I can think of is that there's a physical difference between the original disks and the blank disks you buy at the store. Even encrypted and compressed data is just binary code... so why doesn't making an exact copy of it do the trick?
I would really appreciate any explanation- I've wondered this for years.
*confused*
I've got 1 word for you: NetFlix
I will not give in to the terrorists. I will not become fearful.
The 'hack' is actually just telling the chip that is responsible for decryption of the content to not look at the revoked key list (skipping the whole function that does that and automatically returning a boolean 1)
It's still the same problem as with any form of DRM: you have to give people the public key(s) for both parties, the private key(s) for both parties the encrypted content AND the code that says HOW to use those keys and encryption.
Security through obscurity at it's best.
Custom electronics and digital signage for your business: www.evcircuits.com
If it gets much more difficult to watch a movie I think independent web producers who do not use DRM are going to start making a killing.
I memorized the damn number over the past few days, and now I find out that it's unnecessary :( I guess it'll go in their with all those digits of pi as yet another useless geek skill...
C 5836327569502884881971693C0993751058
3.14109592F9653115802979D937423E3845B62D864413563
Just hope I don't get the two confused.
a dying dinosaur is still very dangerous to all around it. so just lay low until the mighty antediluvian beast stirs no more, extinct and dead, as it should be. we're just waiting out its death throes like little scurrying nocturnal mammals, ready and able to inherit the earth
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
amen, glory be to god, god is great, etc.
you said the right thing, well, dead on the head
god bless!
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
I think I speak for the vast majority here when I say this.
Perscriptio in manibus tabellariorum est.
Anything called "Undefeatable" or any "definitive terms", like "Unbreakable", "Definitive", "Ultimate", etc... are just marketing terms and must be taken as such. Technically speaking is very hard to believe that such thing exists.
It's the good ol' crackers x hackers conflict: you create a lock, they drill a hole, you fix the hole, they drill in a different location, and so on...
Maybe it's "Undefeatable" now, but just give the good guys some time =:cP
Er Galvão Abbott - IT Consultant and Developer
"The main issue is the cost of purchasing standalone high-def players by the hackers, but as prices for these come down, this problem will slowly go away. "
See! Sony had a good reason to over-price the PS3 all along.
The problem for the DMCA is that it has the potential to be a moderate inconvenience to a large number of people.
Python coder | PyQt Applications | Writer
What A Load Of Rubbish!
The author of the original article doesn't understand AACS.
The "Device ID" that they are so happy about being able to find is "in plaintext" .
What you actually need to play the content on the disc is the Media Key, which is what they will lose the ability
to compute once the device-key gets revoked.
--
The Insane Kobold
There are other ways, like signed firmware. That's kind of a recursive form of DRM; using DRM to protect DRM!
Live today, because you never know what tomorrow brings
This contract is the Constitution* for the United States of America*, which grants Congress* the power to restrict your rights. Some might argue that you agreed to it when you did not emigrate to Canada* given the chance.
* Or foreign counterparts.
are you saying making child porn is the same as pirating music?
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
I wonder why the HD-DVD people don't get together with the satellite people? Satellite TV is extremely secure and has never really been cracked successfully. Most cracks involve emulating a smartcard, which is easy since the smartcards still use early 80s technology. Even then, nobody has really done a crack that wasn't fixed within a week.
Satellite is providing a service. In other words, when you try to crack it, you are mucking with a transmission and the delivery of that (unpaid for) service can be detected.
HD-DVD and Blu-Ray are, ostensibly, providing a product. Sure the discs are encrypted, but they are still a physical medium that you possess and they are, so far, usable without being connected to a network. Therefore the means to decrypt must exist within the disc and the drive, and without a network, there's no way to notify Big Brother if you retrieve the keys in an unauthorized manner.
Granted, some players are network connected, but I don't think the studios are eager to require an internet and/or cable tv connection just to play a movie.
Thanks everyone- Now I get it! I feel so much better! ;)
History has shown that "Free markets" are temporary.
At some point, producers will do any number of things to capture a market like coordinate pricing or capture all suppliers or capture all distribution channels. It takes legislation to minimize these effects. Then the legislation has unintended effects on markets too.
The "free markets" you describe are academic standards that are impossible to meet.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
showing us the way to the future for the bertelsmanns of the world: promotional mouth pieces. evolve into that they must, or die
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
"When did everyone become a comedian?"
There's this little thing called...unemployment. You may have heard about it?
...put that shit back ;)
Crack is wack!
How many movies are released per day, and how many per day can you get off NetFlix?
What good does it do you if the warez scene does this, anyway? Are you going to google for keys every time you want to watch one of your movies, or what?
The problem (for the media industries) with DRM is that, if you are going to allow non-profit fair use under copyright law (or for that matter format-shifitng, which is under even more attack by the corporations), it really cannot be done in such a way as to prevent misuse for for-profit piracy. Fair use is already an endangered species -- I fully expect this to eventually get into the legislature and an attempt made to severely restrict, if not eliminate, fair use.
This is part and parcel with the increasing attitude amongst politicos (and the cattle who elect them) that anything, ANYTHING that MIGHT be misused by ANYONE for criminal purposes must be severely restricted or criminalized. (Example: millions play violent video games with no ill effects; one deranged dude plays violent video games and then shoots up a university; therefore NO ONE should have the right to play violent video games.)
"Every great cause begins as a movement, becomes a business, and eventually degenerates into a racket." -- Eric Hoffer
No, whatever software you use for ripping the discs will just be able to automatically download new keys from some source in a country that won't go after such a server. People with the cracked drives will just upload new keys as they get them. There will probably be some forum for requesting keys as well. Kind of like FreeDB for AACS keys. There aren't that many titles out there on these new formats yet, so they'll probably be able to keep up with most of the new releases.
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
You don't seem to get where this is heading. Once the Volume IDs are out they can freely be incorporated into new HDDVD decryption utilities with update capabilities. Oh, and if you're actually complaining about having to do a GOOGLE SEARCH then you're right, you are too lazy to rip your own movies.
What is this supposed to mean? There are even more people outside the warez scene who can also solder.
Sure, but why would they bother doing all that work for you?
No, whatever software you use for ripping the discs will just be able to automatically download new keys from some source in a country that won't go after such a server. People with the cracked drives will just upload new keys as they get them.
That's not how the warez scene works. It's all about taking credit and releasing before anyone else. Contributing to a common repository is likely not very interesting.
Setting up such a repository is certainly no simple task, either.
There aren't that many titles out there on these new formats yet, so they'll probably be able to keep up with most of the new releases.
And what about later, when there are actually a lot of titles out there?
I think I'm gonna squeeze that in my signature.
as it got crack, was, "Oh no, not again."
Satellite TV is extremely secure and has never really been cracked successfully
Crapola...
Soon as I get this confounded traktor beam to actually work in reverse, all your chip are belong to us
The interpretation is obviously wrong since it has led to laws which do not serve the original purpose. I can't help that. The US government has been infiltrated and overtaken by profiteers. What else is new?
the NPG electrode was replaced with carbon blac
We have rights because we say we do.
From where else can rights come? Natural Law? Please! Not even life itself is a "natural" right: Murder is quite "natural," and it has been the common practice of man to conquer and kill, to rape and pillage, for most of recorded history (and certainly for what came before that too).
It is as we became more civilized that we gave those things up. We, generally, decided those things were wrong. Most of us homo sapiens decided life was a basic right of people. Some of us decided speech was too (but not all of us, for sure); some chose "religion" as well. There's some variety. And in each case, the key is this: We decided.
We humans create the world we inhabit for ourselves. Chalk it up to our opposable thumbs. And the world we inhabit, thanks to our largish frontal cortex, is not just a world of physical stuff, but of ideas, abstractions. The idea of "rights" is an abstraction we built. And we can do whatever we want with it.
So, what do you think your rights should be?
I think that one of mine -- a lesser one, for sure, but still something I'd like -- should be that I can move data around how I want. Not a big deal, and also, I think, not too much to ask. Whether they understand it or not, I'm not in the studios' way. I think they should stay out of mine.
I really tought I'd have a lot of fun, whatching the keys of hardware players being revocated, one after the other...
And then a bunch of harkers break the system for good, and destroy all possibilities.
Rethinking email
But this time the cartel wrote the law. Would anyone living in his district be sure to thank US Congressman Howard Coble at the next election? Coble was the guy that introduced the DMCA into Congress. http://en.wikipedia.org/wiki/Howard_Coble
Cracking digital satellite encryption is lame, something only pirates would do. Cracking AACS is merited, something people with non-HDCP monitors, non-HDCP video cards, or Linux would do.
Your mind is clear / The things that you fear / Will fade with how much you / Believe what you hear
This could already be done by having a few community-trusted people keep a compromised device key secret and continuously use it to decrypt and publish volume keys. In both cases, revocation is not possible/relevant and the flaw is on a per-release basis with the people exploiting the flaw having to stay on top of every new release. Leaking a device key semi-periodically does more damage as it exposes every movie up until that point.
Evidently, the key to understanding recursion is to begin by understanding recursion. The rest is easy.
> didn't learn anything from the countless other times this has happened to other forms
> of DRM, I don't know what makes you think they'll learn anything from this one.
They'll ram DRM down our throats or die trying.
Because that takes zero effort, and because it is viewed as being for good cause. Also because it has rankings.
None of those are really true in this case, although I guess you could implement rankings if you really wanted to.
0 = 5 times
8 888999") = "13256278887989457651018865901401704640"
1 = 5 times
2 = 2 times
3 = 1 once
4 = 4 times
5 = 4 times
6 = 4 times
7 = 4 times
8 = 6 times
9 = 3 times
The least is 3 and the most is 8.
rand_permutation("0000011111223444455556666777788
Is it prohibited?
mod parent up please
Sigh. Fallible = Infallible We need point no further than their acceptance of slavery (at least tacitly) in one or the other Articles in the Constitution as evidence of this. To Further Expound: When I referred to "the best, market-based way of compensating", the only other alternative I can think of that could even approach a market-based way of compensation would be Government subsidization. This has flaws of its own (such as who defines what work is worth pursuing or compensating artists and other thinkers for, etc, etc), and, in my opinion, is nowhere near as good a solution as the current short term method of content reproduction and distribution monopolization. If you (or anyone else) has any other ideas, please, by all means, enlighten me.
N0w get the T-Shirt
https://www.spreadshirt.com/shop.php?sid=114635
This isn't like cracking really. There's no real challenge to it. I still suspect that it will get done, simply because people want it, and there are people that can do it. They'll find ways to get their name attached to it, they always do. It's not easy to set it up, but that probably won't matter, as there will be real demand for it, even by the people that have the drives capable of ripping the movies. As for keeping up, they'll get the stuff that most people want, and nobody will care about the rest.
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
Repeat after me. THIS IS NOT A PROCESSING KEY.
Sure being able to obtain a volume id is important, but the processing key we already know has been revoked, and we have no way to obtain another without debugging the next version of a software player.
While I realise that debugging the process may be relatively easy, and someone may have already done it. As far as I know, no new processing key has been released.
09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
This happens even if the phone line is disconnected. It does not require anyone from DISH showing up to do updates. I certainly believe that the satellite connection is two-way, though they do seem to prefer a phone connection over satellite up-link.
Erm, no.
The satellite connection (for satellite TV, not internet) is definitely not two-way. If it was, you'd have to have all sorts of warnings all over your satellite dish, telling people not to step in front of it, or stare directly into the feedhorn, etc., because of the EM radiation hazard. Plus, you'd have to have a fairly big amplifier somewhere, and a much better feedline than most people's satellite dishes use. And you'd have to aim the dishes a lot more carefully.
What's happening is that the upstream communication is all done over the phone line, but downstream is done via the satellite. You don't need to have an upstream connection to get software updates -- it's a "push" technology, not "pull" like apt-get. They can beam down a software update whenever they want, and unless you have hacked the receiver to somehow ignore the update, it will download and install it (hopefully checking it against some sort of cryptographic signature or key that's delivered once in a while via telephone).
Back a while ago, there was a big sting operation where the satellite companies, one of them anyway, worked with the Feds and sent out bad firmware (over the satellite downlink, not over the telephone or anything) that bricked all the cracked smartcards that some people were using. It was actually a fairly interesting trick on their part; they crafted a logic bomb and forced people to install it into their smartcards over a period of years (by commanding the STBs to only work with cards that had been updated), byte by byte, until the whole thing was there, waiting, and then they pulled the trigger and created an irrecoverable race condition. Story here.
Anyway, I think the whole thing is bullshit, and I think the laws that protect satellite TV broadcasters were the beginning of a very bad chapter in U.S. jurisprudence, although I doubt I'll live long enough to see it rectified. Any person ought to have the right to set up whatever type of circuitry they want to, and do whatever they want with the signals on the public airwaves that arrive on their property, so long as what they're doing doesn't generate interference that extends off of their property. There was no reason to give the satellite TV providers the protection they got; having satellite TV isn't enough of a public benefit to make it worth trampling on almost 100 years of communications law. If the market really wanted satellite TV, then it would have happened without such protection -- just like regular terrestrial TV and radio happened without draconian laws being specially crafted to make the signals only receivable on special sets. (And yes, I know, satellites are expensive, but I bet that the very first terrestrial TV stations, for their time, were just as expensive and risky as launching a bird is today.) In short, the legislators back in the '80s wanted to rush things, and thought they would jump-start "progress" through legislation. The DMCA and the whole doctrine of "anti-circumvention" are the direct result.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
800 - three - three - three - F - S - C - K !! </headbang>
IIRC, copyright was originally set up roughly along the same lines as patents, i.e. 17 years from initial publishing. So what's this "modern" BS about so many years from death of the publisher? Why in the devil's briefcase has this been allowed in the ostensible public good?
Perhaps that's one more thing that should be taught more in schools, the original terms and thinking behind copyrights. How many bets any effort to do so is squashed under metric kilo-buttloads of self-serving corporate effluvium...
"What in the name of Fats Waller is that?"
"A four-foot prune."