Slashdot Mirror
New AACS Crack Called "Undefeatable"
Tuoqui writes "With all the focus on the infamous hexadecimal number, people may be ignoring a bigger weakness in the AACS armor, which emerged two weeks ago. Some hackers have figured out how to crack AACS in a way that cannot be defeated, even by revoking all the keys in circulation."
I'm just enjoying my coffee, and suddenly I'm faced with an article about somebody's crack!
Oh I know, don't use HD-DVD...there...defeated.
In a world of acronyms, the words are the real victims.
Nothing for you to see here. Please move along.
Huh, looks like the new strategy is issuing DMCA Takedown orders against anyone who suggests that it is undefeatable...
Summation 2
"I reject your AACS crack and substitute my own"
.... Then maybe media companies will give up this DRM non-sense which does nothing but frustrate consumers and slow the adoption rate of digital media in the mass market.
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
Basically this crack relies on using a Microsoft HD-DVD drive for the XBox 360, with a special firmware patch (which requires you to remove the firmware chip, flash it, and then solder it back in). With a hacked drive, you can apparently get the Volume ID, which is one of the parameters used in the encryption, directly off of the disc. Normally the Volume ID isn't passed to the host computer, I think.
Anyway, in the bizarro-world that the people who write DRM systems inhabit, I think that this will probably just push them to make the drives harder to "tamper" with; I fully expect that they'll eventually just pot the circuit boards in epoxy or something, to keep you from desoldering the chips.
So if you're interested in this stuff, you might as well go out and get one of the MS drives or other first-gen drives, because I suspect the hacking possibilities may decrease over time; it's going to be these early drives which are the most hackable.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
"No matter how many Private Host Keys they revoke we will still be able to get Volume IDs using patched xbox 360 HD DVD drives."
I hope the hacker isn't suggesting that this whole encryption key debackle is somehow Microsoft's fault, could you imagine the lawsuit?
Summation 2
Punishing legitimate customers since it's inception. I got reminded of this again today after not being able to play a DVD in my Powerbook because of region encoding. Funny thing is, this DVD is only really of extreme local interest and any outside interest/sales are negligible - since it's only sold in one region so why do the authors enforce region encoding? Do they not know what it is?
Maybe it's better to pirate afterall. Less hassles that way.
All apologies to those who feel that DRM is still a relevant freedom related issue... But I honestly feel that discussing this is just a drain on resources that could be directed towards more fertile topics.
... we were getting so close to a breakthrough there, I don't know how we got off-track.
Yeah, like arguing the relative merits of Linux versus Windows, or Apple versus MS
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
If they didn't learn anything from the countless other times this has happened to other forms of DRM, I don't know what makes you think they'll learn anything from this one.
I have to wonder if the huge amount of HD-DVD hack coverage lately is starting to make Sony wish that someone would spend more time hacking Blu-Ray. There's no such thing as bad press?
you are attempting to control the flow of ones and zeros in a world where an electronic communication system designed to withstand a nuclear attack is now ubiquitous
you should give up. you've lost, and will keep losing. it's just silly to keep going down this path. there is only more pain in store for you
people will still make movies. people will still make music. it's just that your particular pre-internet business model is now obsolete
go ask the aztecs or the incans if the appearance of new technology was fair to their empires
it wasn't. but it didn't stop technology in the form of gunpowder and sailing ships and metal armor from rendering them obsolete
so it is with you and the internet
sorry
reality is a bitch
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Keep your eyes to the sky.
But wouldn't that make it hard to fry eggs on your XBOX? I mean, who are you kidding?
Please stop stalking me, bro.
a fitting quote might be:-
"what physical science can devise and synthesize, physical science can analyse and duplicate" - e. e. doc smith (one of my favorite authors).
sorry almost forgot the obligatory 09F911029D74E35BD84156C5635688C0!
For a real laugh, check-out the formerly-known-as Secret Number as Photoshop art. My personal favorite is #12. The funniest part of all was as I went through the list, an animated ad for Blu-Ray high-definition movie playback popped in after image #9. It doesn't get better than that!
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
HandBrake is your friend.
With the size of today's hard drives, carrying around physical DVDs to watch on one's Powerbook just seems silly. Rip 'em (I personally think most movies look fine using MPEG-4 2-pass, target size of 700MB) and chuck 'em on your hard drive; uses a lot less battery power and it's one less thing to have to keep in your laptop bag.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
All this crack needs is for the drive hardware to work. It matters not whether the 360 can decrypt the disk itself further down the line , all the crackers need is the raw info from the disk provided by the hacked firmware.
You're missing the point here. Everybody doesn't have to do this. One person does this and posts Volume Keys for each new release, allowing everyone else to simply decode with the volume key. If this truly can't be revoked, then it doesn't matter it they make it inaccessible tomorrow. Not until every existing modded player breaks beyond repair would it be secure again.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Them: "Hey, want to buy a movie?"
You: "Sure, how much?"
Them: "$100,000,000.00."
You: "F*** off."
Them: "Sorry, that was the price to purchase all rights to the movie, including redistribution and royalties. Would you like to buy a subset of those rights instead?"
You: "Sure, like what?"
Them: "How about, the right to public exhibition, and reproduction of media for sale, but no royalties? That'll be just $5,000,000.00."
You: "No thanks, too much."
Them: "How about, the right to public exhibition? Just $500,000.00."
You: "Do I look like I'm made of money?"
Them: "Sorry. How about, the right to private exhibition? Only $5."
You: "Now you're talkin'!"
Them: "So we have a deal?"
You: "Yep." [you hand them a fiver, and they hand you a DVD.]
Them: "Have a nice day."
You: "Hey, wait, this DVD is copy-protected! I want to copy it!"
Them: "Yes, sorry, we didn't sell you the right to do that. If you have more money -- equal to the amount we'll lose on average for each copy-producing customer -- you can buy that right too."
You: "But I paid for this!" [you shake the DVD at them]
Them: "Do you understand that you paid for limited ownership, and that you consented to the limits stated and known to you at the time of sale?"
You: "No, I'm too dumb-stupid to grasp that. I can only handle concrete meanings of the idea of ownership."
Them: "Yeah, we figured. You probably also think HOAs are usurping your god-given right to paint your house pink, eh?"
Certainly the movie studios are obnoxiously attempting to prevent format-shifting, in order to sell you the same movie twice. But that doesn't mean they are violating any of your rights.
FATMOUSE + YOU = FATMOUSE
Good, because now I don't have to admit I'm getting old and can't remember that 09 F-something something.
More Twoson than Cupertino
i wonder why they didnt use a zero knowledge protocol http://en.wikipedia.org/wiki/Zero-knowledge_proof to defend them disks, bundling the keys with the cds is only delaying the inevitable
Developing an overblown DRM system: Millions of dollars.
Hiring consultants to tell you it'll really, really work this time after firing all the ones who informed you copy protection is a cryptographic impossibility: Thousands of dollars.
Paying lawyers to send cease-and-desist letters to thousands of websites after the key leaks: $500/hour.
Watching yet another DRM scheme go up in flames shortly after its release: Priceless.
To fight the war on terror, stop being afraid.
The article is a little old, the links to the doom9 forum go to posts from early last month. Within a few days of those posts, there was a link to xboxhackers where they were able to accomplish the same thing without having to patch the firmware, ie, no desoldering.
That's pretty interesting. (In TFA the [hack|crack]er is quoted as saying that one of their goals is to eventually be able to pull the Volume Unique Key from the drive without a hardware hack, but he made it seem pretty far off.) I didn't know they had gotten to that point already.
Slightly OT: I'm really hoping that someone will write up a good introduction to how AACS works, in semi-layman's terms. I've read the official AACS documentation (as much of it is public, anyway) and it's not the easiest thing in the world to get your head around, if it's not your field already. It's obvious these Doom9 guys know their shit, but it would be nice if somebody made some documentation just so the rest of us know what the hell is going on; AACS has so many keys and keyblocks and keys-within-keys-within-keys that I'm never quite clear what exactly they've cracked, or which key is required to read the actual content without any other intervention from the player.
It would really be good if Wikipedia handled that, but right now the AACS article is just a lot of news-bites about the progress of the hacking, and it's very light on the technical stuff (and it's currently locked due to some pissing contest or other).
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
Or, there's always "Hey, I want to exercise my rights under fair use laws, which have always existed and which you don't have to pay a penny for." Or "Hey, I want to exercise my private-exhibition right (which I paid you for) on a platform of my choosing." Or "I want to make a backup of this, so I can continue to exercise that private-exhibition right (which, again, I paid you for) if my kids scratch the crap out of the original." It's not quite so black-and-white as you put it there.
To fight the war on terror, stop being afraid.
Except for one thing... That's not what they're selling.
They are selling you an entire physical copy, which you can do whatever the hell you want, short of selling copies.
Look at their advertising. They don't say, "Purchase a license to private exhibition today!" They say, "Own it on HD-DVD, today!!!".
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
There is a rule in security: "Don't Prohibit what you can't Prevent" [1]. The same rule applies to laws.
Higher Logics: where programming meets science.
I own 2 legitimately, untampered-with DVD players, several computers with DVD drives, and an old XBox. When I rent or purchase a DVD that I am unable to play on any of these devices, nothing makes me more livid (especially when I'm already moody because I'm hungry and planned to eat while watching the DVD). It's actually to the point now where I look at the back of the DVD to see who the publisher is before renting or purchasing it, because I've found my devices especially have trouble with Sony DVDs, of course. I've never even made a copy of a DVD or pirated any DVDs, but I can honestly say that as it becomes more painful for me to legitimately watch my DVDs, I will eventually be driven to circumvent their DRM entirely as that would be less painful of a process. It just pisses me off, but there are some movies I would really enjoy watching and owning a legitimate copy of, but I simply won't spend a penny of mine if Sony's name is on it. Furthermore, Sony's BS about hardware manufacturers needing to keep up-to-date with their latest DRM mechanisms doesn't bode well either - I'm not replacing any of these devices which work perfectly fine with the exception of their purposely fouled media.
Them: "Do you understand that you paid for limited ownership, and that you consented to the limits stated and known to you at the time of sale?"
No because it was never explained to anyone buying a DVD nor is it printed in legible and readable size fonts on the DVD. Also the Advertising done for said DVD is the reverse of that by proclaiming "OWN IT TODAY!"
therefore, your contract is null and void because it was not presented at the time of sale AND your advertising suggest the reverse of what you claim your contract to say.
I would give THEM the benefit of the doubt if they made that fact clear. They do not because they know for a fact it will significantly impact DVD sales in a bad way.
Do not look at laser with remaining good eye.
Wrong. See USC title 17 sections 107 thru 109.
GCHQ Quantum Insert installed. If only our tongues were made of glass, how much more careful we would be when we speak
The sky above the port was the color of bittorrent, tuned to a dead tracker.
"It's not like I'm leeching," MPAAse heard someone say, as he shouldered his way through the crowd around the door of Reality. "It's like my body's developed this massive plot deficiency." It was a Slashdot voice and a Slashdot joke...
Apologies to Gibson.
That's fair to some extent. But remember:
1)Legally, you have a right to make fair-use excerpts. DRM prevents that.
2)Legally, everything goes into the public domain eventually. DRM prevents that.
3)DRM is an enabling technology for censorship (eg "un-leakable documents") Do we really want that?
Lastly, there is NO natural right to the so-called "intellectual property". Society grants a temporary monopoly to artists as a concession.
In the most pedantic sense, you're right. Nothing in copyright law dictates that the copyright owner make access to copyrighted works easy. Copyright law merely dictates that there are certain actions that an owner of a copy may not perform without the copyright owner's permission - namely distribution and public performance. The original intent was to insure that only the copyright owner could profit from distribution so that they'd be incented to create creative works.
The bit of the equation that violates my (and everyone else's rights) is the DMCA which says that it's illegal for the first guy to workaround the DRM to tell me and everybody else how he did it (remember, computer software is "speech" in the first ammendment sense). As soon as that law is properly neutered, then all will once again be right with the world.
Copyright law used to work just fine back in the days when making a copy of a copyrighted work was non-trivial. In the digital domain, because making a copy of a work is trivial, it is virtually impossible to police. As we have seen, DRM only makes it slightly more inconvenient for a little while.
Where this leads us, I don't know. The current system of copyrights is irreparably broken. Some new system based on the notion that copies are easy and trivial to create will need to replace it. But the problem there is that you need to compensate artists for their work. The Spiderman movie cost many hundreds of millions of dollars to create. If you want movies like that to be made in the future, then some way to gather those hundreds of millions to do it will need to be found. But there's more to copyright than huge Hollywood productions - it needs to work for the garage band selling CD-Rs at their concerts too.
Reading the slashdot summary, and even the article itself, you may not realize that the Volume ID is just one piece of the puzzle.
The Volume ID is a small bit of data that's stored partially in the lead-in section, and partially in some other non-data area physically on the disc (which I don't fully understand, and apparently isn't available in the public HD-DVD documentation and is only available under NDA). Compliant drives only read and provide the volume ID after completing a cryptographic handshake, which hasn't been broken yet. So now they've made a firmware patch so the drive reads the Volume ID without authorization, without going through the as-yet-uncracked crpyto authorization process.
The purpose of the Volume ID is to prevent copying a disc by simply copying all its data. Because the Volume ID isn't stored within the data sectors, it can't be read normally. Well, that is, without impersonating the software (which hasn't been accomplished yet), or without a modified drive that doesn't require the software to authenticate before reading and returning the data.
That's all. Just one piece, not a full crack of AACS.
PJRC: Electronic Projects, 8051 Microcontroller Tools
Here's the problem with your argument.
Once you move out of the rights given to you by copyright law (basically, the right to view for personal use, making fair use excerpts, and fair use copying -- backups and time shifting and format shifting and viewing, copyright expiration after a given time) you move into contract law supplemented by copyright law.
I don't sign contracts when I buy music or videos so your scenario doesn't apply. Here's a more accurate scenario:
Them: "Hey, want to buy a movie?"
You: "Sure, how much?"
Them: "$100,000,000.00. and we'll sign over all rights to the movie, including redistribution and royalties."
You: "I don't need all of that. Don't you have anything cheaper?"
Them: "Sure. We have a streaming version that allows you to watch it for 5 cents a minute, but you'll have to sign a contract stating you'll forgo your fair use rights."
You: "I just want a copy with all the freedom copyright law gives me."
Them: "$50"
You: "No thanks, too much."
Them: "Sorry. That's how much the market is willing to pay and we're here to make money. Are you sure you don't want the 5 cent a minute deal?"
You: "No thanks. I think I'll start looking for indie artists or wait for it to become less popular so I can get it on sale."
Them: "Okay. Unfortunately, we don't have any indie artists yet but we're working on it. As for the DVD, it's a very hot item so you'll have to wait a long time for a discount. But if you want to wait, we welcome your business. Be sure to come back to us when you do decide to buy. We might have a few indie artists by them you might be interested in."
That's the way it's supposed to work and how it was envisioned when copyright laws were created. It's just business, clean, simple, and efficient.
No confrontation, no hard feelings, no unfairness on either side, no teams of lawyers and copyright police hunting down 95 year old grand mothers because they *might* have possibly violated copyright law, and no hords of copyright violators who feel justified in ignoring copyright because they're treated like criminal scum even if they comply strictly with the law.
When you have access to the replay hardware, no "encryption" can ever be secure.
Comment removed based on user account deletion
It's about control, and who controls whom.
This isn't just about DRM, it's about dictating every part of your media playback system: no participation in creating content (home, low-budget & independent movies/music, etc.) nor in creating playback systems (no MythTV, homebrew playback hardware/software, etc.). It's about marginalizing everyone who does not fork over licensing cash - LOTS of it - to those holding the core IP rights. Don't pay? can't play.
From AACS to HDMI via DCMA, they want to own every bit - figurative and literal - of the entertainment center in every living room.
Can we get a "-1 Wrong" moderation option?
Whitney Houston vows to conquer the undefeatable the crack - more news at 11.
I'm not a Troll, it's reverse psychology.
I have mod points, but what the heck. The slashdot editors strike again - posting stories without checking their facts. I've been following this since the muslix64 hack, so I do know what I'm talking about. I'm quoting the 'hacker' (arnezami - great guy) mentioned in the Ars Technica article:
QUOTE - Original post
In order to decrypt a disc you need the keys the content is encrypted with. These we usually refer to as Volume Unique Keys (although technically VUKs give Title Keys which are used to decrypt the content but this amounts to the same thing). What is important is that VUKs cannot be revoked. In other words: once we have a VUK for a disc then the AACS decryption-protection is broken for that disc. AACS cannot undo this.
So how can we get VUKs?
There are several ways to get VUKs for discs. But none of them are permanent solutions for retrieving all VUKs for all discs (released in the future).
* Get the VUKs out of "old" versions of a Software Player * Get a Volume ID (unique per movie) and a Processing Key (unique per Media Key Block version) and calculate the VUK.
The first method will expire quickly: we can now use WinDVD to retrieve VUKs out of its memory. But when new discs come out they won't work with this old version of WinDVD so you would have to install a new version. Therefore making this method obsolete for new discs.
The second method requires not one piece of information (like taking a single VUK out of the memory of WinDVD) but two pieces of information. We have several techniques now for a drive to reveal the Volume ID of a disc. So this part of the method is permanent. However the Processing Key will change every time they change to a new MKB version. And since we also need this second piece of information to calculate a VUK for a disc we always need to get the new Processing Key out of some player (whether its a Software Player or a standalone). The Processing Key (or better a Device Key) is very powerful though: if found it makes it possible to decrypt all discs released so far (assuming we can also retrieve the Volume IDs of those discs).
UNQUOTE
Moral of the story: We still need the processing key and that can be changed by the AACS, or by the abuse of language, "revoked". So the new AACS Crack is not "Undefeatable".
The only development since the time this article was written is that the firmware doesn't need to be changed anymore for the drive to reveal the VolumeID. There are some standard commands which get the job done.
Exactly!
Software has long been sold as a license transaction, not a physical item or intellectual property transaction.
Entertainment products are still treated as physical items, when really the manufacturer would prefer it be a license but without the right to back up the "software". By keeping the distinction fuzzy, the argument can be left unresolved.
Because of this, my biggest fear with all the fires stoked by the *AA orgs is not that they actually expect to be able stop casual or large-scale copying, but that they keep the argument alive long enough to scream that it can't be stopped. Then they say that because of that, they should be subsidized by taxes on blank media (like what happened with DAT or what happens now with blank discs in Canada). In essence, control the argument so that your point can't be refuted, then say the problem is endemic and find a "solution" that generates revenue but still leaves you with your original "problem" that can be trotted out anytime someone raises a valid point about your original argument.
Pressed DVDs can have information written to them in a special location that any DVD burner can read but that no DVD burner can write. In this way, discs that can't exactly be duplicated are created. Since the information in question is the CSS key and CSS has been thoroughly cracked, it isn't a problem in practice.
Huh? I'm not a hardware expert, but in order to play a cd or dvd, your drive has to read bits off of it and pass them to the program playing it. So, you mean that in some cases the drive can't tell what the bit is and in some cases it can? That doesn't make any sense to me.
The uncopiable CDs have sectors that are effectively not written correctly according to the standard. It's possible to sense when it isn't written correctly with a player, but a writer isn't capable of writing such incorrectly-written sectors.
We should concentrate on the garage bands and videos. Let the studios wither and die. Power to the People!!! and all that crap.
All ideas^H^H^H^H^Hprocesses in this post are Patent Pending. (as well as the process of patenting all postings)
I wonder why the HD-DVD people don't get together with the satellite people? Satellite TV is extremely secure and has never really been cracked successfully. Most cracks involve emulating a smartcard, which is easy since the smartcards still use early 80s technology. Even then, nobody has really done a crack that wasn't fixed within a week.
Satellite is providing a service. In other words, when you try to crack it, you are mucking with a transmission and the delivery of that (unpaid for) service can be detected.
HD-DVD and Blu-Ray are, ostensibly, providing a product. Sure the discs are encrypted, but they are still a physical medium that you possess and they are, so far, usable without being connected to a network. Therefore the means to decrypt must exist within the disc and the drive, and without a network, there's no way to notify Big Brother if you retrieve the keys in an unauthorized manner.
Granted, some players are network connected, but I don't think the studios are eager to require an internet and/or cable tv connection just to play a movie.
History has shown that "Free markets" are temporary.
At some point, producers will do any number of things to capture a market like coordinate pricing or capture all suppliers or capture all distribution channels. It takes legislation to minimize these effects. Then the legislation has unintended effects on markets too.
The "free markets" you describe are academic standards that are impossible to meet.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html