AACS Vows to Fight Bloggers

Jonas Wisser writes "The BBC is carrying the story that AACS has promised to take action against those who have posted the AACS crack online. Michael Ayers, chairperson of AACS, noted that the cracked key has now been revoked, and went on to say, 'Some people clearly think it's a First Amendment issue. There is no intent from us to interfere with people's right to discuss copy protection. We respect free speech.' The AACS website tells consumers how they can 'continue to enjoy content protected by AACS' by 'refreshing the encryption keys associated with their HD DVD and Blu-ray software players.'"

Cue oft-used Leia quote...

[dada21]

...The more you tighten your grip, Tarkin, the more star systems will slip through your fingers.

Actually, as I said yesterday, ignore these threats. Go out and blog. Understand that freedom of speech is NOT a government-granted freedom, it is an inherent one that all people of all citizenship must understand. The U.S. Constitution's (Bill of Rights) 1st Amendment does not say "You are free to speak," it says that Congress shall make NO LAW restricting the freedom of speech -- NO law. Discussing encryption mechanisms is free speech, and Congress shall not abridge that. As for patents and trademark and the rest, as long as you do not mimic the mechanism in your own hardware or software, you're fine, Constitutionally. As long as you do not quote verbatim the actual code used to create this mechanism, you're not violating copyright. The DMCA is unconstitional, and regardless of what Congress, the Supreme Court, the President, or any company says, it is non-binding in terms of the moral realization that Congress, and honestly no State organization, can prevent you from freely airing your opinions. You are free to talk, but no one has to listen.

From yesterday's post I made about "legal recommendations for bloggers," go out and blog. Say what you want to say. There are more of us than there are of them -- not only can they not afford to go after everyone, they can not afford to go after even a small percentage. Let some bloggers get caught, and all it will do is show other people that non-violent actions should not be criminalized or penalized.

AACS, your days are numbered. Your salaries will end. Your powers will be diminished. It won't be because of competition from another company (that you are likely in bed with, in terms of promoting the abuse of State power), it will be because millions upon millions of people will ignore you, and all you do, in trying to revoke our inherent (and in my opinion, God-given) right to speak freely amongst ourselves.

Re:Cue oft-used Leia quote...

[Tuoqui]

Who would want to put 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 into their hardware or software? :)

Re:Cue oft-used Leia quote...

[vought]

Who would want to put 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 into their hardware or software? :)

Well, here's a screencap of HD-DVD.org showing the key on their own web site!

I guess they're going to have to go after themselves, now. Ve haff the evidence!

Re:Cue oft-used Leia quote...

[Amouth]

the quesion i have is this.. say you post the key on your site.. you get a take down notice.. what does that notice say? does it say to take down the key or to take down "insert key here" - what if you post it and play dumb that you don't know it is the key.. they would have to tell you what it is they wnat taken down.. and in the document would need to be "insert key here" at that point cause it is a leagl document if they take you to court the key is in the document and is now public record.

then you take it down and repost it with a refrence to the public record document.

Re:Cue oft-used Leia quote...

[ackthpt]

...The more you tighten your grip, Tarkin, the more star systems will slip through your fingers.

Yes. Just before the Death Star blew her home world to smithereens.

But let's hope that's not the case here, eh?

Re:Cue oft-used Leia quote...

These are jokes, you humorless freaks. Was the Hogan's Heroes-style Nazi accent not enough of a tip-off for you?

Re:Cue oft-used Leia quote...

[jedidiah]

Forget stealing.

I just want a working Video jukebox solution. The major players like Sony don't seem very interested in providing one and the industry will sue anyone else that tries.

The whole point of capitalism is that the garage shops get to fill niches that the megacorps don't want to bother with.

The sad fact remains that I will easily be able to pull BR/HD-DVD's into my Myth setup before there's a proper BR/HD-DVD jukebox from Sony.

Re:Cue oft-used Leia quote...

[bdjacobson]

But, to be honest, we all know that a truly free society isn't free at all. You have to have some rules for life to continue. This may be one of them. How much does it matter if you can't speak a string of hexes for copyright/DMCA reasons? It doesn't. Some may say "this is a slippery slope", and that's partly true, but everyone knows that when they start trying to keep us from quoting a favorite line from a recent funny movie, people won't give a damn, and they'll just do it anyways. There will be people with money at that point that realize it's absurd, and when sued, will fight back. I don't see many other places a precedent relating to this Hex issue could lead. So I say it's not a big deal. In fact I would even venture to say that I would support more of this. People want to be entertained, but they're also freaking lazy. When they have to work too hard to be entertained, they'll find something else cheaper, less expensive to entertain themselves with. Have any of you been to Waldenbooks at the mall lately? I recently picked up this for under $10 (by the way I'd highly recommend it; . I took a glance around and found many other cool books-- a 200 page pictured book of historically significant scientific inventions for $6, a 1" thick, 12"x18" book with nothing but pictures of planets in our solar system (and stuff about the far out ones) for $20; Barak Obama's book for $15; etc. etc.-- that had a WAY better cost/entertainment ratio than Spiderman 3 or any of those HD-DVD/Blu-ray discs. Lets see-- $20 for me [and a wife in the future hopefully] to go see a movie (not including the $8 poppcorn and $5 drinks), or $20 for any of those books I listed above that will provide hours more of entertainment? Easy choice. Eventually when this stuff is so restricted that we can't download it for free, and so expensive that we simply can't afford it, a market will be created for cheap ways to entertain yourself-- and these $10 books at Waldenbooks and Barnes and Noble will fly off the shelves. People will visit their library more. They'll go walk at the park with friends more. So while I think it's good to fight for our rights, the result wouldn't be that bad. "Burn the land, boil the sea, but you can't take the sky from me..." We'll find plenty other things to occupy ourselves with. Who cares about AACS and movies and stuff when you can find something else just as, if not more entertaining, for half the price?

Re:Cue oft-used Leia quote...

[i.r.id10t]

Yup, and the amendment right after that has a "shall not be infringed" clause, but there are 20,000+ laws in the US infringing on that right....

Re:Cue oft-used Leia quote...

[Tackhead]

> > ...The more you tighten your grip, Tarkin, the more star systems will slip through your fingers.
>
> Yes. Just before the Death Star blew her home world to smithereens.

"I feel something hilarious has happened. As if 13,256,278,887,989,457,651,018,865,901,401,704,640 geeks cried out in laughter, and were never silenced."

> But let's hope that's not the case here, eh?

Not very long ago, on a website only a few dozen hops away, a great adventure took place.

(cue scrolling text)

Code Wars IV: A New Hope

"It is a period of civil war. Rebel bloggers, striking from all your base, have won their first victory against the evil MAFIAA Empire.

"During the battle, Rebel spies managed to steal secret keys to the MAFIAA's ultimate weapon, the AACS, an armored DRM system with enough power to annoy an entire planet.

"Pursued by the AACSLA's sinister agents, Princess Leia races home aboard her starship, custodian of the leaked key that can save her people and restore fair use to the digital media..."

Re:Cue oft-used Leia quote...

[rainman_bc]

This may be one of them. How much does it matter if you can't speak a string of hexes for copyright/DMCA reasons? It doesn't.

Dude it's a number. Granted a large number, but still just a number.

Are you telling me that projects like the one trying to find the largest prime can't publish that they've tested this number as a prime?

There are certain things you should NOT be allowed to own - a number is one of them.

Re:Cue oft-used Leia quote...

[dada21]

But, to be honest, we all know that a truly free society isn't free at all. You have to have some rules for life to continue. This may be one of them.

I disagree. A free society is one where all citizens are equally free from legal force that gives power to some and takes power away from others, without their express consent (ie, a contract). In a free society, you and I can contract to limit each other -- but the State can not unless we individually tell them that they can. Also, a free society is one where an individual can make any decision they want, as long as they do not directly harm the physical property or body of another individual. Speech can not do physical harm, so speech can not be criminal, no matter how repulsive it is. The effect of the speech could be a physical reaction, but if that physical reaction is performed by a person other than the speech giver, the speech giver has not caused harm.

People will visit their library more. They'll go walk at the park with friends more. So while I think it's good to fight for our rights, the result wouldn't be that bad. "Burn the land, boil the sea, but you can't take the sky from me..." We'll find plenty other things to occupy ourselves with. Who cares about AACS and movies and stuff when you can find something else just as, if not more entertaining, for half the price?

Entertainment has more to do with time preference decisions than just saving "money" doing something that might seem entertaining. Someone who is very busy and who has a high hourly-value to the market may want a quick relief of "getting away from reality" and may be more than happy to pay $150 per person to see an Opera. Someone who is not so busy, and may not command a high hourly-value to the market may be more entertained reading a book, which could take hours or days or weeks. It all boils down to how you (and the market) value yourself.

Personally, I see nothing wrong with paying $20+ to buy a movie -- if I can use it the way I want to. I prefer to live in a tiny home so that I do not have to pay for extra unused space. This means I have no room for the clutter of physical movies (DVDs, VHS, etc). Instead, I have a great Media Center PC (yes, Microsoft), and I have 1TB of movies and TV shows available to watch based on my mood. This is considered illegal, even though I have paid for all the movies and shows I watched. I also used my own time/labor to put those movies/TV shows on that PC. I've harmed no one physically, so the law is unjust and ridiculous. Provide me with a process to reimburse the authors/distributors/producers of a given content, and also allow me to put that content into a system that works with my life, and I will pay AND continue to be a customer. I don't believe in NOT reimbursing those actively involved in the creation of content. I have no desire to pay for the lawyers, DRM researchers, or those who lobby the State to use force against me to uphold their monopoly.

Re:Cue oft-used Leia quote...

[HTH+NE1]

Are you telling me that projects like the one trying to find the largest prime can't publish that they've tested this number as a prime? I doubt they'd bother: it ends with a zero.

Re:Cue oft-used Leia quote...

[orasio]

This may be one of them. How much does it matter if you can't speak a string of hexes for copyright/DMCA reasons? It doesn't.

Dude it's a number. Granted a large number, but still just a number.

Are you telling me that projects like the one trying to find the largest prime can't publish that they've tested this number as a prime?

There are certain things you should NOT be allowed to own - a number is one of them. All information can be codified as a number. As much as I disklike copyrights themselves,saying it's just a number doesn't change the issue one bit.

Re:Cue oft-used Leia quote...

[OrangeTide]

The source code to Windows Vista is "just a number" too. Alan Turing described all this decades ago. Although I think we can all agree that it is protected by copyright.

I don't think you can copyright 14 bytes. But the issue is not copyright, it is the violation of DMCA by providing a tool necessary to break any sort of copyright protection measures.

you can't post plans to view scrambled cable TV anymore (in the US), you can't post utilities designed to decode CSS so you can watch your DVDs on your computer. etc.

What's dumb is these companies going after average joes rather than people who are pressing boatloads of DVDs and importing them to the US. Or people who are hosting huge pay torrent sites to download movies. Or couriers posting the latest films on Usenet to be distributed to sites all over the world.

so will I be in trouble? My DNS resolves any string you give it, so if someone goes to http://09f911029d74e35bd84156c56356.rm-f.net/ they will get a page. (although not [currently] related to those keys)

Re:Cue oft-used Leia quote...

[Miseph]

True, but then again they haven't actually said they own the number. They use the number in context, and are upset because it is being distributed as a specific component of their product. There hasn't been any mention of suing anyone who came to this number independently for unrelated reasons, because it's just a number.

I'm not saying this because I agree with AACS on this, or because I even remotely support DRM, I'm just opposed to straw men.

Re:Cue oft-used Leia quote...

[Chosen+Reject]

I enjoy books, so I'm not trying to say that your totally off your rocker, but the prices your quote are for you only I suppose. $20 to see Spider-Man 3 plus $8 popcorn and a $5 drink comes out to $33 for two people to see a movie where you are, or how you live. My wife and I are going to see it tomorrow morning for a grand whopping total of $11. That's two tickets. This might surprise you, but you can last more than two hours without junk food. In fact, you can last more than two hours without any food or drink at all. Eat a hearty meal before you go. Lay off the excess fats and sugars.

It also helps that we're going in the morning. If I felt justified in doing so, we'd go in the morning during the weekdays and get two tickets for a total of $9, but the time off work isn't worth those $2. Normally we wait till movies show up in the dollar theater and then go on $0.75 Tuesdays. That's two tickets for a whopping $1.50, but there are a lot of movies we want to see this summer and so we're starting early. We haven't been to the theater for nearly 8 months, so we don't spend a lot there anyway. We'll also get the DVDs of most movies we watch. That's because we feel if it's not worth buying, then it's probably not worth watching. So in total, by the time we buy Spider-Man 3 we'll have spent about $30. $11 from the tickets for tomorrow morning, maybe one more viewing in the dollar theater, and then we'll get it on the first day Wal-Mart sells it which is usually fairly cheap.

While all of that is more expensive than a $6 picture book of space (can you reply with a link, cause that sounds cool), it's worth it to us. But where do you get off trying to dictate how people ought to value entertainment? If people would rather watch a movie for $10,000 than take a short free walk in the park with friends, then that is their prerogative. I read a lot, but I honestly don't see anything inherently more entertaining in a book than a movie. Literature is thousands of years old. Movies are slightly over a century old, and talkies are less than that. Games are only a couple of decades into their life. Images have been around for a long time as well. Just because one art form has had a longer time to evolve, doesn't mean it is inherently better than other art forms. Just because one entertainment medium has been perfecting itself for thousands of years doesn't mean it is inherently better than another medium.

Also, your arguments about restrictive and expensive are very much a reality already. When things get too expensive, people find other things to do. Why do you think it is that not everyone eats lobster? Sure, not everyone likes it, but if it was as cheap as carrot sticks then it would be eaten a lot more than it currently is. Not every one can afford a cruise. Not everyone can afford a trip into space. Not everyone that wants to can afford the ten thousand dollar escort. So people find something else that entertains them. Will the movie companies be upset that you can't afford the movie? Not at all. They'll price it so that they can make as much money as they can. If it's more profitable to them to sell tickets at $200 per seat than to sell it at $2 per seat, then they'll do that. Are they evil for doing so? No, they don't owe you anything. You don't deserve to be entertained by them, that is why they are charging you for it. Which is why your "so restricted that we can't download it for free" comment is totally ridiculous. I'm all for shortening the copyright term, I'm against DRM, but why should you be able to dictate at what price someone sells their work of art for. If they want to overcharge, it's their problem. If they do it because it's more profitable, then good for them. You don't deserve it for free. It is not some inherent right that you have to get someone else's work with the terms that you dictate.

Finally, those $10 books at Waldenbooks and Barnes and Noble are $10 because they know that is the price they can charge for them. If t

Re:Cue oft-used Leia quote...

[vought]

Since you appear to be in the U.S., I'd remind you that:

1. Today is Friday.
2. The post was meant as a joke. Ha ha, hee hee, the irony of it all...

Lighten up.

Re:Cue oft-used Leia quote...

[Biotech9]

Try Philips instead of Sony, the difference is obvious when you look at their players. Philips have no labels, or movie making divisions, so they have nothing to lose with hardware that is lax about playing as many file types as possible. They already have DVD players with USB ports for Harddrives that play Divx, and media players that record video feed to MPEG-2, play back DivX, and don't have any DRM to speak of.

Also very easy to crack players, as far as region free goes.

Re:Cue oft-used Leia quote...

[orangesquid]

I just wrote this:
#include <stdio.h>
#include <stdlib.h>

unsigned char key[16] = {
  0x09, 0xf9, 0x11, 0x02,
  0x9d, 0x74, 0xe3, 0x5b,
  0xd8, 0x41, 0x56, 0xc5,
  0x63, 0x56, 0x88, 0xc0};

int main() {
  int s; /* start char */
  int b; /* byte # */
  for(s = 65 ; s <= 75 ; ++s) {
    printf("Start = %c: ", s);
    for(b = 0 ; b < 16 ; ++b) {
      fputc(s + ((key[b] & 0xf0) >> 4), stdout);
      fputc(s + (key[b] & 0x0f), stdout);
    }
    fputc('\n', stdout);
  }
  exit(0);
  return 0;
}

And its output:

Start = A: AJPJBBACJNHEODFLNIEBFGMFGDFGIIMA
Start = B: BKQKCCBDKOIFPEGMOJFCGHNGHEGHJJNB
Start = C: CLRLDDCELPJGQFHNPKGDHIOHIFHIKKOC
Start = D: DMSMEEDFMQKHRGIOQLHEIJPIJGIJLLPD
Start = E: ENTNFFEGNRLISHJPRMIFJKQJKHJKMMQE
Start = F: FOUOGGFHOSMJTIKQSNJGKLRKLIKLNNRF
Start = G: GPVPHHGIPTNKUJLRTOKHLMSLMJLMOOSG
Start = H: HQWQIIHJQUOLVKMSUPLIMNTMNKMNPPTH
Start = I: IRXRJJIKRVPMWLNTVQMJNOUNOLNOQQUI
Start = J: JSYSKKJLSWQNXMOUWRNKOPVOPMOPRRVJ
Start = K: KTZTLLKMTXROYNPVXSOLPQWPQNPQSSWK

Let's just start making blog posts where the first letter of each word fits one of these patterns (and include the key via the subject line).  Hell, you could write the README to a hddvd playing program so that each paragraph started with one letter, and the Makefile could generate the key from the README, so you wouldn't be distributing the key with the program...

Re:Cue oft-used Leia quote...

[neoform]

I placed a hex code at the bottom of my website, I gave no instruction as to what is it or how it's used..

Is that illegal? As far as I'm concerned, it's my public key for some of my work. Just because HD DVD happens to use the same key.. really means nothing to me at all.

Is it then illegal for me to point out that HD DVD uses the same key as me?

Re:Cue oft-used Leia quote...

[inviolet]

Dude it's a number. Granted a large number, but still just a number.

+1 Funny, -1 Dishonest.

To wit: Can I publicly post your credit card number, expiration date, and CVN? They're just numbers... and how can ordinary numbers have implications for property and finances?

In fact, I have a list here of 10,000 valid bank-account and PIN numbers. My right to distribute them is a First Amendment Issue, damnit!

Re:Cue oft-used Leia quote...

[IgnoramusMaximus]

The source code to Windows Vista is "just a number" too. Alan Turing described all this decades ago. Although I think we can all agree that it is protected by copyright.

No we cannot. Many of us believe that for that very reason (attempt at "ownership" or integer numbers, in defiance of the very phillosphical ideas of "ownership" or "trade") the so called "copyrights" are nothing but a scam, although they might have originated as an badly thought out, naive scheme to promote arts and science.

All of the so-called "intellectual property" schemes invariably fail the test of basic logic when analysed in depth, primarily due to the fact that they attempt to treat information as an entity which is subject to "trade" or "private ownership", for which information simply lacks the required attributes.

Re:Cue oft-used Leia quote...

[Overzeetop]

That's great, except that Philips does not - to my knowledge - make a 300+ DVD changer, much less a BR/HD version of such a beast. Sony is one of the very few that actually makes a jukebox for video formats which does not have a 4 or 5 digit price tag.

Re:Cue oft-used Leia quote...

[dex22]

Here's a timeline:

The hex code is a key. The key has certain protections under U.S. law. They have revoked the key. It is no longer a key. It no longer has certain protections under U.S. law. It is just a number that used to be a key. You publish the former key on your website. Nothing happens.

There, wasn't that fun? :)

Re:Cue oft-used Leia quote...

[Goaway]

No, the whole point of capitalism is to be an economic system in which the means of production and distribution are privately or corporately owned and development is proportionate to the accumulation and reinvestment of profits gained in a free market.

What you describe is what starry-eyed libertarian idealists wish capitalism was all about.

Re:Cue oft-used Leia quote...

[trewornan]

It does matter that it's "just a number" and does change the issue because it becomes impossible to know what is ok and what's not.

For example would the square root (3640917314083012466.760454263) be illegal as well - what about the cube root, or a list of prime factors, or it's square, or it's integer multiples - just how many numbers are you prepared to outlaw?

Re:Cue oft-used Leia quote...

[cortana]

Like http://www.chillingeffects.org/notice.cgi?sID=3218 : note the second URL in the takedown notice...

Re:Cue oft-used Leia quote...

[ClassMyAss]

All information can be codified as a number. As much as I disklike copyrights themselves,saying it's just a number doesn't change the issue one bit.

However, what might change the issue is the fact that this is not a creative work, or anything even remotely resembling one. Rather, it is a purely functional number, essentially the equivalent of a password (which are not copyrightable). You are correct, people skew the issue by focusing on the fact that it is a hexadecimal number; the real issue is that it contains no expression of anything, it is merely a key to a digital lock somewhere, likely spat out by a random number generator. The distribution of such a key might be illegal as well (trade secret perhaps?), but I see absolutely no reason it should be prohibited based on copyright.

From what I can tell, the AACS are not actually claiming copyright protection for the key, though, they are instead invoking part of the DMCA, claiming that the key's distribution violates the prohibition on releasing software to circumvent copyright protections. This is a separate issue, and one that is not easily resolved. To be honest, in spirit, they are probably right - people who distribute this key are doing so to stick it to the industry, and by the spirit of the law (whether you agree with it or not - I do not), should probably be considered to be doing something illegal. But I don't really think the key itself could reasonably qualify as software, and I think the DMCA is very specific about banning software that undoes copy protection, and never mentions a password that could be USED in software to undo copy protection, so everyone might be on fairly good legal ground, technically at least. Then again, I'm no lawyer, so who knows...I imagine judges get annoyed at people for this stuff since at root, people disagree with the laws in place and are pushing the boundaries of those laws just to piss on them, so I wouldn't want to be the guinea pig that tests out this stuff in court...

Re:Cue oft-used Leia quote...

[Thyamine]

That's an interesting idea, I agree. However, since they've already revoked the key, that key itself isn't so much the point as it is about protecting their interests. They need to go after everyone posting up their IP (assuming that they can own a number) so as to put a strong face on copy infringement or whatever. Since it's revoked, putting it in a legal document probably isn't a big issue.

Re:Cue oft-used Leia quote...

[julesh]

That image is being sent without a Content-Type HTTP header. It's people like you that hold the web back.

Honestly, I think you should at least stop for a moment and consider who's likely to be responsible here. The image was served from homepage.mac.com, which is rather unlikely to be a server the poster has rights to administer. So, at least one of two things has occurred:

1. The server has been set up badly, and it's Apple's fault, not the poster's, or
2. The system running on the server relies on metadata uploaded with the file (e.g. the Content-type: header in HTTP file uploads) which the poster hasn't supplied (e.g. because he uses Internet Explorer which AFAIK doesn't supply that header).

So it's Apple and Microsoft that are holding the web back.

Re:Cue oft-used Leia quote...

[dgatwood]

The source code to Windows Vista is "just a number" too. Alan Turing described all this decades ago. Although I think we can all agree that it is protected by copyright.

There's a large and obvious difference there. The source code to Vista is a number that is a numerical representation of a copyrightable work, much as an digital version of a song or an eBook. The number itself cannot be protected, but the copyrighted work can be---even if it is represented in the form of a number with a particular encoding. Any copyrightable work can be represented as a number (possibly in a lossy way), but when a number (decoded in a standard way) represents something else that can be protected, that number is protected implicitly.

The key, as you mention, is not copyrightable, and thus, its only protection lies in the DMCA (and even that is somewhat dubious).

Re:Cue oft-used Leia quote...

[saboola]

Let's not forget since this is an HDDVD related discussion, the scene after this one in the new HDDVD special edition, in which Han shoots ET with a walkie talkie.


C-3PO: I would much rather have gone with Master Luke than stay here with you. I don't know what all this trouble is about, but I'm sure it must be your fault.
R2-D2: 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
C-3PO: You watch your language!

Re:Cue oft-used Leia quote...

[AndersOSU]

It could have been a trade secret at one time, but by printing it in the take down notices it is now public knowledge and trade secret laws do not apply.

Re:Cue oft-used Leia quote...

[Drew_9999]

"...a free society is one where an individual can make any decision they want, as long as they do not directly harm the physical property or body of another individual. Speech can not do physical harm, so speech can not be criminal, no matter how repulsive it is. The effect of the speech could be a physical reaction, but if that physical reaction is performed by a person other than the speech giver, the speech giver has not caused harm."

You've simplified the problem far too much, I'm afraid. Technically, it's true that speech can do no physical harm, but what you're saying is a bit like standing on a crowded sidewalk and swinging a baseball bat wildly until someone gets knocked on the head. TECHNICALLY, they could have walked around you. Realistically, though, you were endangering people by being a moron. Oh, but that's physical, right? How about telling a deaf person that it's safe to walk on the train tracks, even though you know there's a train coming right behind him? How about a boss knowingly putting a worker in danger? How about a politician lying? What if that lie causes a war?

The idea is to put *reasonable* restrictions on actions (including speech) that negatively affect the safety and livelihood of others. If you don't consider that freedom, well, that's your opinion. But when done correctly, it's about as good as it gets. In my opinion.

Re:Cue oft-used Leia quote...

[cez]

When you are "hiring a hitman" you might "speak" to them to do it, but you are paying them to do it, that's where the crime comes into it. If you just mention to some random stranger, "hey I think it would be a good idea if you killed that guy" and they did it...there is no crime in that.

Re:Cue oft-used Leia quote...

[MMC+Monster]

If you are looking for a DVD player that will play those .avi files you download off the internet, you must try the Phillips DVP 5140. The thing is Phillips' gift to mankind. It plays DIVX & Ultra DIVX files. It plays both NTSC and PAL format videos (DVDs or VCDs). With a code you can get from the product page on amazon.com (look at the user reviews for the product on amazon.com) you can make it region free with a simple code.

I bought one for my dad and one for myself, and recommend it to many others.

Available for $50 at Walmart, by the way. :-)

Re:Cue oft-used Leia quote...

[SQLGuru]

1 (C) Me. I just copyrighted the number one. Therefore, all numbers, since they can be derived from a number I copyrighted, also belong to me. Layne P.S. Are these colors pretty??? I'm thinking about using this as my web site color scheme..... (just paste this into an HTML document to see the colors).

<html>
<body>
<table>
<tr><td bgcolor="#0009F9">00 09 F9</td></tr>
<tr><td bgcolor="#11029D">11 02 9D</td></tr>
<tr><td bgcolor="#74E35B">74 E3 5B</td></tr>
<tr><td bgcolor="#D84156">D8 41 56</td></tr>
<tr><td bgcolor="#C56256">C5 63 56</td></tr>
<tr><td bgcolor="#88C000">88 C0 00</td></tr>
</table>
</body>
</html>

Re:Cue oft-used Leia quote...

[Distan]

They (the AACS-LA) are playing games with words.

When they say they have "revoked the key", they mean they have revoked the device key for a specific software player. They have not done anything about the processing key that is floating around.

Re:Cue oft-used Leia quote...

[quickgold192]

The reason this is significant is that they are threatening to take down sites who post the code, even if it's user generated. So sites like Digg, whose users submit the number and not the admins, are being ordered to take down the code. In this case, a search engine displaying the search term is user generated content and is illegal, according to them. It is meant to show the ridiculousness of their actions.

Re:Cue oft-used Leia quote...

[Wyzard]

But I don't really think the key itself could reasonably qualify as software, and I think the DMCA is very specific about banning software that undoes copy protection

Actually, it isn't. What it actually says is:

No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that--

• is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title;
• has only limited commercially significant purpose or use other than to circumvent a technological measure that effectively controls access to a work protected under this title; or
• is marketed by that person or another acting in concert with that person with that person's knowledge for use in circumventing a technological measure that effectively controls access to a work protected under this title.

(Emphasis mine.) I think the AACS LA could easily argue that the processing key is at the very least a "part thereof".

Re:Cue oft-used Leia quote...

[Kris_J]

Ahhh, what an awful dream! Ones and zeroes everywhere... and I thought I saw a two. ...

It was just a dream, jagdish. There's no such thing as two.

Re: Cue oft-used Leia quote...

[Dolda2000]

That was quite interesting. Just in case someone wants to see it, I made a picture (it ain't pretty) featuring that sequence of colors (though you had mistyped the next to last one ;). It is available here.

Maybe a more artistic person than me could make something more interesting with these colors? Remember, you'd have to make their ordering significant as well, not just the colors.

Re:Cue oft-used Leia quote...

[IgnoramusMaximus]

Copyright is there to emphasize the value of that work - numbers without context aren't creative works, and as far as I've understood the AACS don't even make claims to such an end.

This, of course, is one of the ways the various greed-mongers are attempting to confuse the issue and you apparently fell for it. What is happening here is that two completely separate and wholly tangential to each other issues are being shotgun-wedded in order to create an illusion that information is somehow measurable in terms of labour or monetary value.

The truth however is that information and labour (in terms of marketplace) are completely independent from each other. Your own example of a random number generator is one way to show it, but there are many others. For example the labour of an artist occurs at the time of creation and/or performance, but it does not re-occur if the performance is done by a machine or another person. In other words the creation becomes independent of the labour used to create it (or more precisely to find it in the domain of all possible large numerical values). Furthermore, since information lacks some of the crucial attributes needed to make it compatible with the concept of "private property", such creation can be duplicated endlessly without diminishing the original in any way, but labour of which is done by people (or machines) other then the original creator and so the creation propagates even if the creator is still "in possesion" of the "original" item and performs no action with it.

The way to logically solve this problem is, of course, to treat information and the labour needed to produce it as separate. There are many ways of doing so but all of them have to acknowledge that control of information, once released, is impossible. One of such methods being true and tried -- but updated to modern realities -- "patronage" system, whereby authors get paid by foundations, which in turn are subsidised by either individual art enthusiasts and/or governmental and charitable concerns. Publicly funded academia was always, until very recent times, responsible for the corresponding support of authors in the realm of science.

Please note, and this is a very important element, that art is not commerce. It is not a business. It is not an "industry". Music "Industry" isn't. Film "Industry" isn't. Art is an effort by an artist to share his thoughts with as wide an audience as possible, and to be rewarded by recognition and fullfillment of his artistic desires. Money is completely incidental to art and only enters the equation in terms of giving artists freedom to create. Same goes for science, whereby scientists pursue knowledge for their personal gratification (and recognition amongst peers) and not for money. An "artist" who does his "art" for money is no longer an artist, he becomes a kitsch peddler. A scientist who wishes to charge everyone for his discoveries is very quickly reduced to being a crackpot, because none of his discoveries can be corroborated.

The whole idea of greed being the main motivator of artistic expression and scientific progress is a recent abberration, introduced by avarice-worshipping market-religion ideologues, and it is patently, and demonstrably false. In the realm of art one only has to look at the present choices in film or music to see what I mean. In science, the costs of research are escalating and whole segments of the scientific community are practically crippled by the greed-oriented concerns which are diametrically opposed to the whole concept of science where free sharing of research results is the very foundation of progress. If Albert Einstein had to pay the current rates for the scientific journals he read in the 1920s, he would have died still a patent clerk.

Michael, you're dumb even by MAFIAA standards

[elrous0]

"This is the first round and will not be the last," he added.

Well, he certainly has that part right. What he fails to appreciate is that he will be on the losing end of every single one of those rounds. Even as he tries to downplay the key by saying it has been revoked, AACS has already lost the second round (as hackers have created a hack that CAN'T be revoked).

Always a step behind, buddy. But feel free to keep wasting your money and pissing people off.

Re:Michael, you're dumb even by MAFIAA standards

[Goaway]

They most definitely won't be on the losing side in every round - they just won one, by revoking the key making it useless for future discs. There will be new rounds, and they will go back-and-forth in this fashion for quite some time.

And that Ars Technica article is widely misunderstood and misinterpreted. That hack is, indeed, irrevokable, but it is also completely impractical for anyone but the most dedicated hacker, and it doesn't give you all the data needed to decrypt a disc, but only the Volume ID.

Re:Michael, you're dumb even by MAFIAA standards

[dteichman2]

It only takes one dedicated hacker to rip the disc. Once it hits BitTorrent and IRC, it might as well be everywhere.

Re:Michael, you're dumb even by MAFIAA standards

[LordKronos]

Thats an odd definition of "winning the round"...that the key won't be useful on future discs? That's kind of like a boxer getting the crap beat out of them in round 1 and then claiming they won round 1 because they are going to come back fighting in round 2.

09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

[AKAImBatman]

RC4; Base64 Encoding; Key = "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0"

mI0mUyOUE8S24UAsIVqR12Z8_P1WveIRFqpBO4FEeH_TPGuc0t Ds1V97iWQx
QDhXbGpiERffrXz6lvQpcOFlDY_AXJWGw7f9saosuSBDj7c4ex ySmgi8Bded
l4APCHQIzYXETWu"xkhR4MNnw7zI_mBf5YJOLJ3DKD6wSQ6PvG AsLVTLLTc0
ZAPkCzunB7xarymAJEOOu0fe"tdhy"rZZY5XOSiipi6vf_84xJ Yg11Y576o"
rPfhQQNneUX"JGXWhN3bgRIZwIOoIUu8c282MQ5_Grb6ALolIj Ue7R919DRx
j7cWlf2G2V467N4EjnJbR"9j_4oDCytfpkQBFX0jGOCsjRYcLl wzs_UvVSRh
HH7DzXzB2tPz7i"L1Unvljgh05d1qoFs2N38qWugtaUMGM9RXh nyCcADUH6G
yUXVAbsO9ZcD33UKD80sulFF0FiSxIr4NOiRv4EZBoIU3eY1Ff GSm7HfCs_i
yi4NfhRLz3ai50dbx0CWCJwlvti_gsXgQLJrE70ihDROzdUyjy BTwMZnuZYL
9AM2M99"s2d"hQxtoj7yTTki2M4dK3Y8_wvSyM8fp5fyyDpJWI Wn1KXh6_Rx
z3W8iYIMIObDRG1H914rayBqj3EPhUDsz2NfVhjYBIxHBPgeW2 q3ZzeFJD5M
saZXht6YNavXOyFLh24D84kXC4weBrJsI598yUpFhg41NB694Q nlxHfxzWhl
vZaHrMlSDxODtGlaU5rfJkODjrCr99Rr6hgQaegXnHE6Oe6iKj P8of4TEJU0
DwDtOw3"khTuVWYDStjRd4w2eOt2wvl24XvC3iDQBIA40uJQhk Fg3voVVPEp
29XXEh_9hplaGD1YBw6pW2yiuyW8ifdaS4Mm7IGdH"6JMgSFgn ceesWk6v0r
k8"H70be7kCOdyDSLX9jLkz"4MF_LD"yaYdWopVnoryVQ9YD5G oYSEXQH_Bo
RqZmxLv2loAoM5WFs2""qGG4yATAMz9zhyuc4wMPZZLiZJhTt_ qmXGJlSjF"
pNNm045ma6vnqBdwtEE00zdjJBhBjz5VMoqPS6EZvQbwbEyiUw wPLEWhn1kz
KJdzO7ATz47fYRWQZNWjy7Uda1P8RPnhSd2FbrL"aOegRzUX_s A1_faWxcxe
Azf

Re:09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

[ivan256]

How did you manage to get *that* past the lameness filter?

Re:09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

[AKAImBatman]

The lameness filter is built on compression ratios and obvious problems with the post. (e.g. ALL CAPS!) Encrypted text rarely compresses well, so it passes with flying colors.

Re:09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

For those of you having trouble reading that, there's a Javascript RC4 decrypter here:

http://shop-js.sourceforge.net/crypto.htm

Re:09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

[kebes]

RC4; Base64 Encoding; Key = "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0"

Very cute. If the "forbidden number" is fully suppressed, then your post can no longer be decrypted. Hence, suppression of the "forbidden number" does indeed infringe your free speech rights.

But once the information is in the public realm, it effectively becomes a lost "trade secret".

Quite right, and moreover, since it is a "lost trade secret", I would argue it has now become "common knowledge." I don't see how any law (DMCA, copyright, etc.) can be used to suppress common knowledge. For instance, Star Wars may be still protected by copyright, but no one can prevent people from quoting it to their heart's content. So many of the quotes have become a part of our culture, our communal consciousness, that they are very much ours, and no amount of government or corporate power can take them from us.

As others have noted in this discussion, this isn't merely about freedom of speech, it is a spontaneous and massive civil disobedience, basically highlighting how the citizens affected by these DMCA do not respect the law, do not want the law, and increasingly do not tolerate the law.

Re:09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

[DShard]

You are now my hero.

Re:09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

[pjrc]

this isn't merely about freedom of speech, it is a spontaneous and massive civil disobedience, basically highlighting how the citizens affected by these DMCA do not respect the law, do not want the law, and increasingly do not tolerate the law.

Actually, the bulk of the civil disobedience could be attributed as a reaction to heavy-handed censorship at Digg - at site that claimed to give users editorial control. By heavy-handed, I mean not only deleting anything with the number, and banning users who posted it, and then deleting any negative commentary even if it didn't have the number, and banning any users critical of them, and denying they had a financial relationship with the AACS LA, and deleting any comments pointing that out, and banning any users who attempted to call attention to that relationship (even if they never posted about the number itself).

The truth is, the key was made public on February 11. This whole thing didn't blow up until Digg started their poorly advised, heavy-handed censorship, of the key and of all dissenting opinions. Had Digg handled this differently, such as posting conspicuously what they were doing, and only deleted the messages with the key, and not banned anyone, and allowed dissenting viewpoints (perhaps calmly stating their case), and honestly disclosed their relationship with the AACS LA, then in all likelihood this never would have blown up and caused the key to be replicated everywhere by rightfully angry users. The key had been public for 7 weeks, but it hadn't become widely published until only a few days ago when Digg handled this whole thing in about the worst possible way (given the nature of their site and userbase).

Re:09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

[kripkenstein]

That was very clever, I take my hat off to you.

Now, this got me to thinking. How about if a person - call him/her X - posts the AACS number, but encrypted with some new key K. Then replicating that key, K, is an offense, as it circumvents a digital lock, meant to protect X's encrypted data. So if K is published, person X can sue, just like the AACS can sue right now. Now we get to the tricky part.

Let's say that it is public knowledge that the encrypted data is, in fact, the AACS key. No-one can legally (in the US) test if that is true! Now, person X won't go around suing people, of course. But the AACS-LA can't sue person X for publishing the AACS key, since if they do that, in order to prove that the encrypted data is, in fact, the AACS key, they need to break the law, i.e. violate the DMCA, which is exactly what they would want to sue person X for doing...

Make sense? Possibly there is some loophole I am missing...

Re:09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

[AKAImBatman]

Almost forgot to mention: Base64 encoding also chops two bits of information off of each byte. So part of the compressibility of the message is right there in the encoding.

To the AACS: Get real.

[KingSkippus]

I don't care how hard you fight the damn cat, it's out of the bag, and it's not getting back in.

One part of the article I find funny is this:

But [Michael Ayers, chair of the AACS business group] accepted that DVDs that had had their copy protection removed were 'now in the clear' and could be copied.

Isn't that the point? I'm neither trying to justify nor rebuke file sharers, but think about it, man, and be practical for a change. Among those who download and share movies, who really cares about the nitty-gritty details of how keys are cracked, who all gets them, which ones get revoked, what players are and aren't affected, and so on? Most of them only care about one thing: Can I download the HD-DVD of [insert movie titles here]?

And as long as a key out there is cracked enough for the answer to that question to be "yes," the copy protection industry has lost. They can fight all they want to, but the thing is that unless they literally shut everyone down everywhere, they're doomed. As soon as one single solitary person is able to crack a key and unlock the encrypted data, all of their massive—and expensive—efforts will be in vain.

I also thought this was funny:

He said tracking down everyone who had published the keys was a 'resource intensive exercise'. A search on Google shows almost 700,000 pages have published the key. Mr. Ayers said that while he could not reveal the specific steps the group would be taking, it would be using both 'legal and technical' steps to prevent the circumvention of copy protection.

To Mr. Ayers, I would say this: Get real. For one thing, how many times has it been proven that your technical efforts are futile? How much more time and money are you going to waste developing something that consumers at best don't want and at worst outright resent? For another, what exactly do you plan to legally do to people who live in places where publishing the cracked keys is not illegal? As much as people like you would love to have the U.S.'s misguided laws apply to the whole world, it will never happen, and even if it did, people would still break such laws in civil disobedience.

If only they could figure out how to fight a winning battle for the hearts and minds of paying customers instead of this inevitable losing battle against people who are much, much smarter than they are, maybe everyone could be happier. This industry could sure learn a few things about the direction the music industry is headed, finally dropping DRM after realizing how useless it is.

Re:To the AACS: Get real.

[catwh0re]

Their technical efforts only harm themselves, here's why I think so

When a consumer goes to buy a HD player, they expect that it'll be the same as the VHS player they bought in the 80s, or the DVD player they bought in the 90s. Which is you buy the player, then you get a tape or a disc of some sort, you put it into the player and you press play and it shows on your screen. Now when you buy a HD player there is all this stuff about plugging it into an internet connection and running an update on the device. Because some disks won't work until it's updated - all of this is counter intuitive, there is nothing about connecting your device to the internet which makes sense to a basic consumer, they think "I have the player, I have the disc, what gives?" they don't know why on earth the internet needs to be involved. Despite this being new and advanced technology it requires more work than the old technology, and all it delivers is more resolution; all of this effort for just a clearer picture and sound?

This might seem obvious, but it is not consumer friendly. Sure I bet you anyone on /. would think these steps are easy, but there are still lots of people out there who need help plugging in the cables from their player to their TV/Panel/etc. Who can't use a computer, write an email or even subscribe to an ISP.

This approach is only going to further harm the adoption of HD content. Especially when you combine this with the fact that the average consumer isn't going to care for the difference HD provides over DVD SD when all the hassle comes into play. (Remember in the 90s studios advertised that DVD was "HD", plus lots of consumers are running it on SD televisions were it's downscaled.)

It'll be a long time before we all have gorgeous panel displays which make DVD SD look like rubbish.

The consumer experience must be held above all else, otherwise the consumer will simply not buy it and the only HD players out there will be the ones shipped in PS3 and 360.

Re:To the AACS: Get real.

[Ford+Prefect]

I don't care how hard you fight the damn cat, it's out of the bag, and it's not getting back in.

Have you checked Google recently?

Results 1 - 10 of about 746,000 for "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0". (0.11 seconds)

The cat isn't just out of the bag, it's having kittens...

Re:To the AACS: Get real.

[evil_aar0n]

> I don't care how hard you fight the damn cat, it's out of the bag, and it's not getting back in. This is easy. Turn the bag inside-out. Put your hand in the bag, and use that hand to grab the cat. Then, flip the bag right-side-out. Problem solved. :-)

Oh, is that so?

[laughingcoyote]

"There is no intent from us to interfere with people's right to discuss copy protection. We respect free speech."

A comparison comes to mind here. Here's a hint, Mr. Ayers. It comes from a bull and it ain't a steak.

The hubris of thinking they can ban the mention of a number, and then turn around and say they "respect free speech", is breathtaking doublethink. Part of free speech is the right to discuss things you don't like. Part of it is the right to discuss them in as specific of terms as anyone wants. And part of it is being able to mention any number one wants to, from zero either direction to infinity. There's not a bit of respect for free speech here.

Re:Oh, is that so?

[Mateo_LeFou]

You just got a bad transmission. I believe the full quote was

"There is no intent from us to interfere with people's right to discuss how much they love copy protection, and how good we are at building it. We respect free speech."

Surely that's what he meant to say. Otherwise he'd be some kind of idiot.

Re:Oh, is that so?

[sglider]

Falcon: I think you are forgetting a few documents:

The Declaration of Independence, which says in part:

We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain inalienable rights, that among these are life, liberty and the pursuit of happiness.

The Government doesn't give me any rights. Since they can't give me any rights, they can't take them away, either. You'll notice that the Constitution doesn't say "Congress shall ensure that all citizens have the right to Free Speech", instead it specifically prohibits them from taking them away. The Founding fathers weren't stupid: Both the Declaration and the Constitution are Natural Law Documents -- and people today would be well pressed to stop trying to get rid of natural law theory.

In conclusion: Your argument is moot. The US Laws do not give us rights, we give the Government the right to exist to help preserve our rights.

Re:Oh, is that so?

[ajs318]

But it wasn't their $999 999 980. That money belonged to the people who ended up spending it on other things.

Suppose someone made a different movie that was not popular at all; you were the only person who bought it. Everybody's talking about it, but it's not nice things they're saying! Having paid $20 just to see what all the fuss was about, you decrypted it and posted it on the Internet anyway; but the movie was so utterly dire that nobody else even downloaded a copy without paying for it, let alone bought it.

This movie also made $20 in total, as opposed to the $1 000 000 000 that other movies made. Is anybody guilty of stealing $999 999 980 this time?

The fact is, you don't have an automatic right to make money just because you do things that you think people might pay you for.

It's called the Economics of Plenty -- you can't apply the old Economics of Scarcity to goods that are by nature not scarce. If you want to be able to sell things that other people can make for themselves, you have to offer better value than anyone else. Downloading a movie ties up your PC for days on end, and the use of a PC has Value. If you want people to buy movies from you rather than downloading them for themselves, you have to sell them at a price lower than their assessment of the Value of the Labour and Materials involved in downloading.

That's why people don't "pirate" newspapers, magazines and the latest Harry Potter novel, despite the total absence of copy-prevention technology in most printed material (though I believe some sheet music was printed in UV-reflective ink, which messed up any attempt to photocopy it on some older machines) and the presence of a photocopier in nearly every newsagent, bookshop and library: making a copy requires a greater outlay than just buying the item.

funniest bit I see on that AACS page

[way2trivial]

"Read about the trusted industry names behind AACS. "
emphasis mine...

yes, intel, microsoft and sony are three of the eight on the list...

Um, too late?

[failure-man]

The key is out there. It's too late to suppress it. Game over. The wombats have left the chicken coop!

(Wait, that's not right. What's the real metaphor?)

Re:Um, too late?

[Churla]

The bag, upon further inspection, seems to be devoid of any felines! It would appear they have recently vacated said container!

Re:Um, too late?

[Minwee]

You know, before you looked inside the cat was both in and out of the bag.

Hello World!

[CoolVibe]

#include <stdio.h>

int
main (int argc, char **argv)
{
        char *blah = "\x09\xf9\x11\x02"
                     "\x9d\x74\xe3\x5b"
                     "\xd8\x41\x56\xc5"
                     "\x63\x56\x88\xc0";
        printf("Hello AACS world! Here's a bunch of completely random non-ASCII characters:  %s\n", blah);
        return 0;
}

I wonder

[Rycross]

I wonder if anyone has told these guys that the idea of an uncrackable DRM scheme is fundamentally flawed. Encryption is about A sending information that B can't read, but C can. In DRM, B and C are the same person.

Re:I wonder

[AVee]

In DRM, B and C are the same person.

Now what's that supposed to mean? Did Bob give up on Alice to run off with Charlie, or did she dump them?

Can't they just stop this childish messages thing and watch a movie together or something?

Re:I wonder

[Zspdude]

Not quite. B and C aren't the same *person* - cryptographic parties don't have to be people. C is the hapless Consumer. B is their Black Box closed hardware player.

The only real difference between your analogy and mine however, is a screwdriver.

Good reporting

[malsdavis]

It's good to see the pretty even-handed way the BBC have approached this whole issue. I fear most mainstream news agencies would probably side 100% with the AACS and their media buddies, not least due to commercial interests and parent company ownership reasons.

I guess its times like these when it is good that there still are some news organizations independent of the big media conglomerates.

Re:Good reporting

That, of course, is why the BBC is specially supported by a levy on British subjects, but NOT by a government tax.

We each pay around $250 a year so that the world can have an unbiased mass communications system which is not driven by audience ratings and can produce quality. And, in the case of radio, in all the world's languages.

It would be nice if some of the anti-licence-fee Americans on /. realised that.

Two faces

[SnowZero]

I like how they are threatening people with the DMCA over the "09" key, while simultaneously pretending that it isn't a big deal. Maybe they should pick a consistent stance? Also, a better choice of words than "revoked" would be "stopped using", since the "09" key will work always work for any disks pressed before May, but it won't work for any disk made after then. Hm, I wonder how many titles that actually affects, maybe it isn't a big deal after all with such a tiny market :)

Re:Two faces

[wwwojtek]

It is not about this particular key. They are threatening so that the next time people think twice about spreading information about hacks. The real purpose is prevention not prosecution of what has already happened for the sake of prosecution. Now, whether it is going to work is a different story, but there is a logic to what they are doing.

this is the hallmark of the world we live in:

[circletimessquare]

we can all 'continue to enjoy content protected by AACS' by 'refreshing the encryption keys associated with their HD DVD and Blu-ray software players.'

we can all 'continue to enjoy being ignorant slaves' by 'reaffirming our desire to be shackled.'

the audacity to think of people as so supplicant to corporate will is incredible

Re:this is the hallmark of the world we live in:

[muellerr1]

we can all 'continue to enjoy content protected by AACS' by 'refreshing the encryption keys associated with their HD DVD and Blu-ray software players.'

I took this to mean 'your HD DVD player will be broken when you get home. You are required to jump through several hoops before it will work again. You see what happens when one of you steps out of line? We punish everyone else! Let that be a lesson to you."

Get a copyright

I know, they should copyright the encryption key so nobody else can post it. Or maybe they could patent the process of posting encryption keys on the internet. I'm sure the USPTO would grant that one.

Protected Free Speech

[Expertus]

FTA:

"But a line is crossed when we start seeing keys being distributed and tools for circumvention. You step outside of the realm of protected free speech then." I'm not so sure you do. IANAL, but since when has it become illegal to talk about circumventing locking mechanisms (and that's assuming that simply posting the key by itself constitutes that). I'm sure we have all read MIT's guide to lockpicking - it describes in detail how to create the tools and the actual process of bypassing the lock (granted, physical locks weren't covered under the DMCA). I would like to see someone with a legal background give some insight, but I would not take any note of AACS - anyone can issue cease and desist letters.

Re:Protected Free Speech

[Spazmania]

The key was a trade secret. Under state law in all 50 states its illegal to reveal a trade secret without the owners' authorization. Ordinarily you can legally reverse-engineer something in order to discover any trade secrets it embeds, but under the DMCA anti-circumvention provisions it was illegal reverse-engineer the player software in order to fetch the key.

Whoever did it first is in a world of hurt if he's ever caught.

On the other hand, open publication of a trade secret ends the trade secret. Unlicensed implementations of AACS are still copyright infringement and such implementations combined with the key are still violations of the DMCA, but the key by itself is probably beyond protection... Not that it would stop the movie folks from suing and making your life more interesting than you'd like for a couple years.

IANAL, but it is a hobby of mine.

Re:Protected Free Speech

[terrymr]

"Unlicensed implementations of AACS are still copyright infringement"

Under what legal theory ? I could see a patent infringement claim but writing your own software to play the disc isn't copyright infringement.

Could it be a DMCA violation - possibly ... however I don't think the limits of reverse engineering for interoperability have been tested yet.

"Protected free speech"?

[HTH+NE1]

Michael Ayers, chair of the AACS business group, said... "But a line is crossed when we start seeing keys being distributed and tools for circumvention. You step outside of the realm of protected free speech then."

You say that like "protected free speech" isn't redundant, Mr. Ayers.

Good point

[illuminatedwax]

They make a good point: this is not about people silencing free speech. Posting the crack online is about civil disobedience against the completely unfair DMCA. It's not about copyrighting a number. It's about keeping people from legally using copyrighted material you've legally purchased. This seems to be an important point missed by most people. It's not a First Amendment issue, it's an anti-consumer issue.

Re:Good point

[Just+Some+Guy]

Posting the crack online is about civil disobedience against the completely unfair DMCA.

No, it's not in 99.9% of the cases. It's about getting in on the fun of watching the class bully getting his butt handed to him while spins around crying for everyone to quit being mean.

Revenge doesn't make you a better person, but sometimes it sure is fun to watch.

T-shirt

[ProteusQ]

Someone send this man a t-shirt with the key on the front and "It's not over yet!" on the back.

Internet whack a mole is a game that

[zappepcs]

the **AA will not win. They do not have the resources to win it, will not have the resources to win at this game, and in the end, trying to win at IWaM(TM) will only make them look more foolish than they do now.

The part where he says over 700,000 pages on the Internet reference the code is fscking hilarious. I want to see AACS group try to sue 700,000 people. Before they even get started there would be 1.4 million more references to it on Google. That is how the IWaM game works and exactly why they can't win. The sheer volume of people working against their worn out DRM business model will overwhelm both their resources and those of the court systems around the world.

In the US it appears that the courts are still willing to waste time on this. Other countries, not so much. Sure, if they find commercial pirates distributing DVDs for profit they will shut those operations down, but there just are not enough law enforcement resources to stop this hack, or any other.

Playing IWaM = stupid and the more you play, the more money you lose. period.

Certainly, some will be harmed, and there will be small wins for the AACS group and **AAs of the world, but in the end all their money will be gone. The DMCA was ostensibly implemented to protect them from exactly this. Legislating DRM doesn't work, DRM doesn't work, and if your business model depends on DRM, it won't work either. It's time that Wall Street and VC groups started to act on this one principle. If their business model is DRM it's a bad investment.

Sure, you might argue that MS is an exception but I think that the sales performance of Vista is going to prove me right on this. MS has been trying to play Whack A Mole with malicious software and spam. Yeah, that has been working out well. Their new flagship DRM laden secure operating system ... did I just say secure? ooops mea culpa. The reason that MS is working so hard to ensure that you can only use genuine MS OS products is simple, they are trying to not play IWaM, and even this attempt won't work. From what I can see, people who used illegal copies of MS products before ARE turning to Linux now. Even if that is not huge numbers yet, it is happening.

Back on topic, the lawyers for the AACS group must be staggeringly stupefied. Maybe if they make an example of Digg and Mr Rose they can send a message, and if they try, every new key will be poste in blog comments on every blogging system around the globe. They literally need to surrender and rethink what they are doing. DRM DOES NOT work.

I'm not sure bloggers are the real audience

[Geof]

What he fails to appreciate is that he will be on the losing end of every single one of those rounds. Even as he tries to downplay the key by saying it has been revoked, AACS has already lost the second round (as hackers have created a hack that CAN'T be revoked).

The real target of this action is likely a different audience, namely Hollywood. The AACS doesn't have to make their DRM undefeatable. They do need to convince their customers - and remember, that's not us - of the value of their work. And when their DRM is broken and seen to be broken, they need to convince those who want to believe that they at least have not lost faith in the cause.

So we may talk about winning and losing, and people like use may be the targets of lawsuits. But I think we may be giving ourselves airs when we assume that for the other side it's about us. If, on the other hand, we figure out who our real audience is then we have a better chance.

Good luck with that!

[Deep+Fried+Geekboy]

Um, what, close to a million hits for the key right now on Google?

DMCA applies only in the United States.

What is that sound? A toilet flushing?

Almost Surreal....

[misleb]

I wonder if he actually believes that people "enjoy" content protection. How could you even say that with a straight face? It would be like a prison warden, after a jail break, saying, "soon the escapees will enjoy protection from the free world once again."

It is not intended for you.

[140Mandak262Jamuna]

Slashdotters, please dont get worked up.He knows it is a stupid thing to say to a tech savvy audience. He was talking to the chumps who paid big bucks to have their movies "protected by" the DRM. Some weasel clause in the contract would say something like, "while we dont guarantee that this mechanism will never be broken, all we promise to do is to take vigorous action". He will eventually argue that issuing such ridiculous statements constitutes vigorous action. That is all.

the AACS plan

[hachete]

"There are three things you can do:

1. Kill yourself.
2. Kill your manservant.
3. Kill everybody in the whole world."

Now 2 is fine, 1 is reccomended, but 3?

Still lying

[CustomDesigned]

But he accepted that DVDs that had had their copy protection removed were "now in the clear" and could be copied.

That is the part that ticks me off the most. The DVDs already could be copied without the key. Their "technology" is "playback protection", not "copy protection". The only honest sentence in the quote was earlier, where he said, "Some titles could now be played on more than one software player." Yes, THAT is what your evil scheme is trying to prevent. (Not that I will ever buy HD DVDs until I can actually play them whenever/wherever I want.)

As long as "playback protection" is working, you can't actually "buy" an HD DVD. You can only rent the privilege of playing it under conditions specified by the publisher. Whatever happened to laws against false advertising?

Re:Still lying

[flyingfsck]

Exactly, the scheme is not a 'copy protection device' at all and as such doesn't even fall under the DMCA.

Kind of reminds me of the a Movie.

[LWATCDR]

I think it was called the Manhattan project. At the end of the movie the scientist asks "What are you going to do? Make them all disappear?"
Simple fact is that it is out. It is a number. You forbid them from positing it in hex then they will octal, decimal, or binary. They will just invert it or flip the first two bytes so it is no longer the same number. I have a suggestion from now one when we post any HD keys we will just add 42 to each byte. That way we are encrypting it and any attempt to subtract 42 to prove that it is a key is a violation of the DMCA.
It is impossible to prevent the copying of audio or video if people can see it.
It is also rubs people the wrong way to try and control what they do with something they own. Yes if I BUY a DVD I own the DVD. Unless you start making me sign a contract I consider it no different than buying a piece of wood. If I want to watch it on my Ipod I will. If I want to rip it and put it on my server so I can watch it on my notebook I will.
If I sell it then yea you can sue me.
Go away RIAA and MPAA. You are boring us now. You will become irrelevant. Dear music companies I am going to write my congressman and tell them I don't want them to support you suing innocent people and getting government help for what should be civil court actions. I will also point out that you have a history of supporting drug use, profanity, and violence. Helping you is hurting the children.

Game over. The music industry can be such a jucy Judas Goat.

Re:Kind of reminds me of the a Movie.

[andrewd18]

I think it was called the Manhattan project.

Is that available on HD-DVD?

Re: Translation

[JoshRosenbaum]

Here's the translation for the lazy:

While I can respect his point about the issue being a legal one rather than a free speech issue, I would argue that they took the matter too far. It's one thing to revoke the key, then prosecute the original crackers under the DMCA. (As distasteful as that is.) But once the information is in the public realm, it effectively becomes a lost "trade secret".

09F9:1102:9D74:E35B:D841:56C5:6356:88C0 is an IPv6

[julie-h]

Dear helpdesk,
I am trying to ping my server at
09F9:1102:9D74:E35B:D841:56C5:6356:88C0. However,
it seems like the address is in the unallocated space.
Perhaps there's a typo somewhere?

AACS LA:
That's the Processing key. You are not allowed to publish it.

Hacker:
No sir. That's a IPv6 address. Surely you won't deny me to have links on my website? =)

Problem with barring publication of the key

[underwhelm]

The problem with barring publication of an encryption key, without more, is that it really is impossible--and I don't mean in a "the internet will route around censorship" fashion.

One of the following series of hex values, according to the AACS, cannot be published by anyone besides them:

09-F9-11-02-9D-74-E3-5B-D8-41-56-C5-63-56-88-BF
09-F9-11-02-9D-74-E3-5B-D8-41-56-C5-63-56-88-C0
09-F9-11-02-9D-74-E3-5B-D8-41-56-C5-63-56-88-C1

Trying to bar one of them from publication will necessarily reveal what it is. As Wikipedia is discovering, you have to be able to describe what you're not allowed to publish in sufficient detail in order to effectively prevent its publication.

With other forms of intellectual property, the problem is avoided in various ways: in order to obtain a patent, the description itself becomes public domain. In copyright, the description is bounded by the creative content of that which you create. Trademarks are delimited by "confusion in the marketplace," and trade secrets are delimited by that which is actually kept secret.

The DMCA purports to create a fifth type of intellectual property, not limited in time, that would bar distribution of information (rather than just physical devices), but has no boundaries on the AACS's theory of what constitutes a "part" of an circumvention device. The boundary becomes "whatever the AACS moves to protect as a part of a circumvention device." But in order to enforce that right, we all have to know what we're not allowed to distribute.

So maybe the AACS, in order to avoid the paradox, can seek to protect a *range* of values. The scenario just gets even more absurd.

No. The answer is really that the key, without more, cannot be afforded protection as "part" of a circumvention device. It has to be a accompanied by something more, at the very least a description of how it can be used to circumvent. Otherwise it's just a string of text.

And that's where the DMCA falls apart, as people with an interest in circumventing can always break apart the information to such a degree to avoid any one part being classified as a "part."

It's a tough problem, and it should be brought to a court to evaluate. The court in Remierdes had an easy time, because the circumvention device was whole. Fair use will have to be read into the DMCA at some point when it comes to these alleged partial circumvention devices.

The 'unrevocable hack'

[Kadin2048]

(as hackers have created a hack that CAN'T be revoked)

I spent a while trying to get my head around AACS last night, and the bottom line is that what comes out of the un-revocable hack that you mention isn't the same thing as what's being posted around the internet, and what the AACSLA has the whole revocation scheme for.

Oversimplification ahead, and I may have some of the details wrong or, but this is the gist of it: the content -- the movie itself -- is encrypted with title keys. These title keys are encrypted with a volume unique key (VUK). The VUK is composed of two parts, a media key and a Volume ID.

The Media Key is the thing that you get with the code that's being posted all over the Internet (the Processing Key). Processing Keys can be revoked, but only for new discs -- so the discs that are out in circulation as of the compromise of the Processing Key, are out. They're cracked. However, future discs will use a new Processing Key, and that one that's around on the internet won't work ... so the hackers will need to go back and sniff/debug an updated software player to figure out the new Processing Key.

The "un-revocable hack" you mentioned, doesn't have anything to do with the Media Key, it's all about the Volume ID. The purpose of the Volume ID is to prevent bit-for-bit copying. In a lot of ways it's very similar to parts of the CSS system used on DVDs right now; it's a key specific to each batch of pressed discs, written to the disc in a way that's difficult to read off manually (the drive isn't supposed to let the user see it at all), and impossible to write to a blank disc ... so if you made a "bit-perfect" copy of a disc, the Volume ID wouldn't be there (because you can't read it and/or because you can't write it to the new disc) and you'd be missing one of the elements required to decrypt.

So: while the Volume ID hack involving the XBox360 drive is a major step forwards (backwards if you're the AACS!), it's not a silver bullet, and it doesn't make future titles trivial to compromise. There's still going to be a cat-and-mouse game in the near future, where the AACS will try to revoke Processing Keys and try to discourage the publication of new ones as discs are released. (It's been pointed out by several people now, that the AACS' over-the-top reaction to publication of the processing key, may indicate that they've realized that their revocation procedures aren't nearly as fast or as flexible as the people who are going to be compromising them.)

Re:The 'unrevocable hack'

[goombah99]

To try to extend your explanation a bit. And this may be incorrect info. But my appreciation is that if one has the volume ID one can now read in the bit image of the disk. As you say, transferring these bits to anew disk may not result in a playable disk if the volume ID cannot be physically written to it. However, just being able to read in the bits now allows one to search those bits for the Media key. Eventually it will be figured out where the media key is stored. at that point any software player that can access the bits can grab the keys. Of course I suppose the media key is encrypted with a player specific key that can be revoked. However if the player specific key for the Xbox is known it's unlikely they would actually dare revoke it.

So what it comes down to is a hardware hack, not generally available to the public, to access the Volume ID. One player key that is so widespread they can't dare revoke it. then the rest is just patience and software. Since individuals won't have access to the hardware, this won't be like DeCSS where anyone can use it. It will be pro-pirates that have this. People may be able to download cracked movies via piratebay and such but they won't be able to crack or backup their own movies.

Did I get this right?

Re:The 'unrevocable hack'

[Kadin2048]

However, just being able to read in the bits now allows one to search those bits for the Media key. Eventually it will be figured out where the media key is stored. at that point any software player that can access the bits can grab the keys. Of course I suppose the media key is encrypted with a player specific key that can be revoked. However if the player specific key for the Xbox is known it's unlikely they would actually dare revoke it.

Sort of. If you know the Volume ID, which you can now sniff from an XBox HD-DVD drive, then you can make a bit-by-bit copy of the rest of the disc. (Actually I don't know whether the drive even prevents you from doing this without a Volume ID.)

But as you started to surmise, although the Title Keys -- they're the real goal here, the MacGuffin in this little play -- are on the disc, they're encrypted at least two times; once with the combination of the [Media Key + Volume ID] which together comprise the Volume Unique Key, but also encrypted with the Player/Processing Key. And this player or processing key is what the AACSLA has the whole revocation scheme for.

Just to clarify, the processing key for the XBox360 has not been compromised. To date, I don't think the processing key for any hardware player has been compromised. (Each hardware player, each individual machine, has its own key...however, software players aren't so unique. Each version of the software shares one key.) The keys that have been compromised have been sniffed from the memory of software HD-DVD players. Although the new versions of HD-DVD software will probably try to encrypt and obfuscate their memory more, this will probably continue to happen until the AACSLA either gives up or abandons the concept of software players entirely (Microsoft would probably try to kill them, because it would destroy the software-based HTPC concept).

So far, the processing key that has been found is one that the AACSLA people will happily revoke. This doesn't do anything for all the movies that have currently been released, though. But in order to decrypt new movies, the Doom9 guys will need to get their paws on a new version of a software player, and do the sniffing thing all over again, in order to get a new processing key.

The threat to the AACSLA is that, over time, the Doom9 and other hackers will find ways of discovering the new processing keys very quickly, to the point where it becomes impractical for them to even issue discs with the new keys anymore. (Just remember, it takes them probably a month or so to issue a new key and get it into production, and even when they do, it doesn't "fix" the old discs, it just means that the hackers need to rinse and repeat with the new key. If the hackers can demonstrate that they can find every new key, then AACS is effectively impotent.)

Is it just me or

[JamesP]

continue to enjoy content protected by AACS

reads like

"continue to enjoy having a sword through your lung"

ho-hum, time for me to go and buy some new clothes

[mengu]

https://www.spreadshirt.com/shop.php?sid=114476I want a t-shirt....

Last I checked. . .

[kimvette]

You cannot copyright a number. Good luck with that wild goose chase!

Question to the AACS

[OldeTimeGeek]

Completely aside from the question of whether the new key, the old key or any other key assists me in "enjoying my protected content", your response covers seems to cover only software-driven players.

What about hardware-only players?

Assuming that the old key was imbedded in the the player firmware, and that the existing crop of HD-DVD/BluRay players are as locked down as their DVD brethren, how do you plan to "update" standalone players to work with newly-released content? A recall?

Re: Translation

[JoshRosenbaum]

Whoops. 4 hours of sleep does that to me. ;) I should've posted as AC too, but too late now.

Here ya go: ;)

While I can respect his point about the issue being a legal one rather than a free speech issue, I would argue that they took the matter too far. It's one thing to revoke the key, then prosecute the original crackers under the DMCA. (As distasteful as that is.) But once the information is in the public realm, it effectively becomes a lost "trade secret".

The DMCA may not recognize encryption keys as trade secrets, but that's all they are. Once the secret is lost, you cannot recover it. You simply have to move on and extract any damages from the party that disclosed the secret in the first place.

As Mr. Ayers stated, the key was already revoked. If they hadn't tried to put the genie back in the bottle, they wouldn't now have a several-million member strong community of talented and bright individuals trying to crack HD-DVD just to spite them.

lol battle of the dumb AACS Michaels

[Mateo_LeFou]

Here's Michael Ripley from back before AACS was finished.

"Backers of the protection method are betting that AACS technology will finally thwart unauthorized copying of DVDs while allowing consumers to distribute movies legitimately over networks within their homes, play them on a variety of devices (standard televisions, portable movie players, and laptop computers), and store them on home media servers. "We wouldn't be investing our time otherwise," says Michael Ripley, the chairman of the AACS alliance's technical working group."

Well, Michael(s): any high school student could've told you this would never work. The reason is the same as always: you have to provide the machine with everything it needs to play back the disc. It's difficult (college students would say "impossible") to provide those things to the machine without providing those things to the machine. Cf. Cory's age-old piece;
http://craphound.com/hpdrm.txt

Re:Since they're just using Primes

[alanxyzzy]

But it's not a prime - that's obvious, since the last digit of the decimal expansion is 0.

Oops - have I just infringed someone's valuable intellectual property?

What if I said it's also divisible by 19?

Or that the next-to-last digit is 4?

Could a lawyer please advise how many clues I can provide before I might get sued?

Re:What about hardware players?

[Grave]

And the 99% of owners who are not tech-savvy enough to handle flashing the firmware of their players will call up the manufacturer, outraged that their rather expensive piece of equipment doesn't work. Only a limited number of people owning these players are actually going to be willing/able to do those sort of updates. Continue fighting against the AACS, as their stated plan of retaliation will destroy their own business model.

A conversation with mom

[lullabud]

The AACS website tells consumers how they can continue to enjoy content protected by AACS by refreshing the encryption keys associated with their HD DVD and Blu-ray software players.

Mom: My new dvd player isn't working anymore.
Me: You probably need to refresh the AACS encryption keys.
Mom: *blinks* ...what?
Me: Your encryption keys need to be refreshed in order for you to play protected content.
Mom: I don't have encryption keys or protected content, whatever those are, I just have this movie that won't play.
Me: Right... in order for your movie to play you need to refresh the encryption keys that unlock the protected content on the disc.
Mom: I never had to do that before.
Me: No, no you didn't.
Mom: So how do I do that?
Me: I'm not really sure... I heard the assholes that made this all so hard in the first place have instructions on how to fix this mess on their website. I don't know if that applies to your model of HD DVD player though.
Mom: So if it doesn't, then what?
Me: Then you'll have to get the owners manual for your HD DVD player out and look through it.
Mom: Why does this have to be so difficult? I just want to watch my movie...

Or something like that. Then she'd start crying because she's easily frustrated by technology when it doesn't work. My parents have called me from half-way across the country because they didn't know what button to press on the remote to get sound out of the TV. There's no way they'll be able to "refresh their AACS encryption keys" if it's not automatically done for them. It's not like there's a "Refresh AACS encryption keys" button on the remote that I can tell them to press...

DRM = media content + frustrating, crippling, broken security

AACS Founding Members

[giafly]

AACS has confirmed that an additional key (called a "processing key") has been published on public websites without authorization. This is a variation of the previously reported attack

"Attack"? (They use this word repeatedly.) What planet are these guys on that re-publishing a number which is already in the public domain counts as an attack? I guess this means journalists are terrorists and the noble AACS are the moral equivalent of American troops.

The AACS Founding members IBM, INTEL, MICROSOFT, PANASONIC, SONY, TOSHIBA, WALT DISNEY and WARNER BROS should be ashamed.

Extended Metaphor Meme

[DG]

While I can appreciate the level of craftsmanship and artistry that went into the repair of the barn door, I cannot fail to note that the cows seem to have escaped in the interim.....

DG

Re:Extended Metaphor Meme

[TheLetterPsy]

It appears also that a large seafaring vessel has, under the power of wind, vacated its prior location in port.

Oh noes!

[Legion303]

I hope they don't "take action" against the digital painting I did, which is featured on the front page of my website and incorporates the key. I also hope they don't "take action" against the HDDVD song I wrote here: http://www.myspace.com/stevepordon (I made an arp synth line by converting to binary and using C1 for zeros and C2 for ones). Both of these things are, naturally, original works of art and are clearly protected by the first amendment, DMCA or not.

Fuck you, AACS, and fuck you, MPAA.

Ironically, I wouldn't be so eager to kick the MPAA in the balls if they hadn't claimed under perjury that I was hosting DeCSS about a year after I voluntarily removed it from my site. Oops!

Revoking keys? Finally? Finally!

[Opportunist]

Now, it may sound as something bad when they start revoking keys. Bah. My hacked key doesn't work anymore.

Kids, the mafiaa revoking keys is a good thing in the fight against DRM. Find more keys and publish them, so they revoke them! The more the better!

What happens when a key gets revoked? Some player stops working. Actually, a whole batch of players stop working. And thus, Joe Shmoe Average might get a clue. It might not matter to him that DRM exists ("Duh, I buy my movies anyway"). It might not matter to him that DRM restricts him ("Duh, I don't copy them anyway"). It might not matter to him that it takes away his ability to actually play that content on other media ("Duh, I only use it in that DVD player anyway, not the computer").

But it does matter to him when that new blockbuster doesn't work in his DVD player anymore.

It does matter to him when his DVD is "broken" and he has to get a new one or has to get his fixed. It is a hassle. He might not know how to update his player. He might have to get a friend to do it. He will get angry 'cause why the heck doesn't it "work" anymore the way it used to?

Maybe, just maybe, it's a wakeup call for Joe Average. And maybe he'll stop buying crap that suddenly stops working.

we need MORE mirrors

[TheGratefulNet]

He said tracking down everyone who had published the keys was a "resource intensive exercise". A search on Google shows almost 700,000 pages have published the key.

only 700k sites?

come on guys, get CRACKIN'.

if you want to really make their jobs harder, embed that number EVERYWHERE. keep their minions searching for this for YEARS.

afterall, they have nothing better (truely) to do with their time ;)

I hope they tell us the new keys

[JBv]

I hope they publish the new keys. I don't want to post some random number and find myself in court because of it.

For small values of "free"

[Guppy06]

"Some people clearly think it's a First Amendment issue. There is no intent from us to interfere with people's right to discuss copy protection."

Yeah, we can "discuss copy protection" as much as we want so long as the DMCA and the Sonny Bono Copyright Act still stand, hm?

It's funny how everybody agrees that speech should be free so long as that speech is completely impotent. It's the speech that empowers, empassions, that enables legitimate users to do with their purchased media what they will that suddenly gets declared "unprotected."

"We respect free speech."

This from the same industry that wants to ban cell phone usage from movie theaters not because they annoy the rest of the audience, but because they don't want to let people warn others just how bad a particular movie is?

You said the magic words...

[DG]

...when you said "in the present business model".

The present - perhaps "previous"? - business model relied upon scarcity. If you held the negative to a photo, you held the only thing capable of producing a high-quality reproduction of that image. It was possible to make new negative from positive prints, but doing so resulted in a marked loss of quality, and the negative itself was irreplaceable.

Plus there was a certain investment of time, skill, and resources involved with producing a new print from the negative.

If I broke into your place of work and stole/destroyed your negative, that photo was gone forever.

But nowadays, the digital file can be copied without loss of quality ad infinitum. If I make a copy of your raw data file, you have not been materially harmed - you can still make copies - and all that has happened is you have lost exclusivity to that image.

And that image can be reproduced almost anywhere with minimal skill and investment in resources.

Effectively, the scarcity of the ability to duplicate images has been eliminated. There is next to zero cost involved with the duplication of images once they are in the memory card. As such, the image files themselves have next to no actual value.

What HASN'T changed is the necessity for a skilled photographer to take that image in the first place.

This implies - hell, it yells at the top of its lungs - that the business model of selling exclusive prints is now utterly broken, and pro photographers (and other media producers) need to find other business models. If the automobile obsoletes your buggy whip manufacturing business model, you need to adapt.

My suggestion is that you regard photography as a service. You are being contracted for your ability to take artistically skilled photos. You price your services based on the amount of time you have invested and your level of artistic skill, and you sell the customer the digital data files you produce for him.

I know photogs working to this model now, and they seem to be doing well. The days of the reprint gravy train are over, but people seem to be willing to pay for the quality of SERVICE they get.

DG

Precedent: BATF

[dazedNconfuzed]

A comparable problem faced another industry years ago. In trying to implement regulations, the government discoverd that firearms are not monolithic devices, but instead consist of a number of parts, each of which can be replaced and which can do nothing harmful on their own or even fully assembled save for one part.

The legal solution was to declare a key part, the "receiver", as the regulated item. That hunk of metal is harmless/useless on its own, yet - due to intentions to control an industry - was declared THE essential part and is thus is the precise subject of otherwise over-broadly worded "firearms" regulations.

Relevance? Considering the billions of $$$ perceived at stake and intense motivation of the *AA, coupled with the intense opposition's creativity, the DCMA will be modified to declare decryption keys something equivalent to a firearm's receiver: federally registered, and if you're caught possessing one (even if plainly harmless on its own) without proper licensing, very bad things will happen to you.

Yes, the key on its own is useless - as is they decryption software lacking the key. However, the intention is clear and the motivation to regulate/restrict combining and using them is powerful, so possession of the essence of decryption - the key - will eventually be regulated.

And yes, they WILL hunt down anyone distributing decryption keys without a license. While warm fuzzy arguments about "anyone with a lathe & drill press..." may be true, nonetheless the BATFE exists as a very large, powerful and motivated government agency.

Someone paid a quarter-billion dollars to make SpiderMan 3, not to mention hundreds of other 9-digit-buget movies. That someone will see to it that a government agency is enacted, empowered, and funded enough to be motivated to ensure every bit moving from camera/mic to screen/speakers moves entirely within a fully licensed (i.e.: aggregating massive royalties) environment.

You just want a few free movies, and to play movies on hardware of your choice.
They're not going to let you.
Don't underestimate their motivation.

It happened before. It will happen again.

Movie companies

[hksld99]

Don't blame that poor AACS-LA spokesperson. He is just doing what he is required to do, i.e. claim that AACS "has not been broken", is "very robust" and that they will "vigourously fight" those oh-so-evil hackers who distribute keys. If he did not do that then he might jeopardize their future chances in DMCA litigation, and movie companies would sue AACS-LA into oblivion. If he admitted the obvious, that AACS simply cannot effectively protect content then the movie companies would jump ship and he would lose his job. I petty that guy, really. He is in a no-win situation.

The real issue here is if movie companies will learn from this. Let's see... first they spent millions of dollars to finance the development of AACS and have it peer-reviewed, then they held back their movies past the optimum release date to wait until AACS is "ready" (whatever that means -- bus encryption still did not make it into the standard, so volume IDs are transfered in the clear -- ROTFL). Then they spent lots more money on buying new software, training their staff how to use AACS and on following AACS procedures (content-signing by AACS-LA etc.), next there were the inevitable DRM-related compatibility problems leading to recalls and bad press. Shortly afterwards (and long before HD ever reached critical mass in the market) AACS was broken. Now they are holding back movie releases yet again, hoping for some magic AACS fix, and in the case of Blu-ray hoping for BD+ to magically solve all problems. Exactly how much money did they spend on all of that, how much revenue did they lose by delaying releases while waiting for DRM, and how many movies could they have produced with that money instead ?

The funny thing is that they made all those bad decisions after they had already been burned by the DVD DeCSS fiasco, and after industry experts had predicted that exactly this would happen again. Bruce Schneier's May 2001 CryptoGram article should have been required reading for all of them http://www.schneier.com/crypto-gram-0105.html#3. I wonder just how long it will take for them to learn. From what I have seen so far I fully expect the next round of AACS to be broken within one day, and BD+, once it is used, within one week, and no "technical measures" or take-down threats by AACS-LA will be able to stop that.

Comment removed

[account_deleted]

Comment removed based on user account deletion

The symbolic fight for freedom of speech

[Geof]

I just want to add who I think our audience is or should be: the public. Not Hollywood: unless we can align their interests with ours, convincing them of the futility of DRM will only alter their strategy.

The processing key protest has taken on symbolic importance. If we can frame the event in terms of free speech, we will have won. I don't think we're succeeding. Hollywood and the AACS folks are explaining it in terms of property and theft. News media are reporting about mobs and an online riot. The wider public may end up believing that a mob of hackers and teenage vandals attacked Digg, disregarding the property rights of others and in order to enable theft - and that users must be prevented from controlling the Web. If that's what they believe, they may start passing laws to back it up (witness the attacks on MySpace and other social networking sites).

I believe this is wrong on every count. Most in this "mob" have a better understanding of the issues involved than do their opponents. The distinction between theft and copyright violation (never mind trafficing a circumvention device) has been covered numerous times on Slashdot. And criticism of user participation displays a tragic ignorance both of who creates the value of web sites like Digg, and of the original purpose of the World Wide Web which was supposed to allow the browsing and creation of content by all of its users.

The sheer absurdity and irrelevance of the number itself makes it the perfect issue. The courts may see otherwise, but for the vast majority of the public and of the protesters, it is a symbol, not a "circumvention device". Protesters are not going home and using that number to pirate videos, so their protest must be seen as an act of disobedience, not of self-interested theft.

We have a good story. We need to get it out to the people that matter. The AACS LA may be the opponent, but winning on their terms gets us nowhere. Winning the minds of the public, however, is the first step to getting these disastrous and immoral laws fixed.

Re:Since they're just using Primes

[cortana]

AFAIK, AACS is just AES. So they key is just 128 bits of random data; it does not have to have any other special qualities.

HAND!

I am against posting this number!

[tupletuple]

I don't think the number should be posted, I've put a write up about it on my site! http://www.nelson-techonline.com/09-F9-11-02-9D-74 -E3-5B-D8-41-56-C5-63-56-88-C0/index.html

inapt analogy

[underwhelm]

Every one of the words in your post can be used as a password. That doesn't justify prohibiting their publication.

The AACS key is a password that's, in effect, distributed to everyone who owns a HDDVD and is furthermore useless to you unless you possess an HDDVD. It's an open secret. In that respect it's different from a credit card, and your analogy is inapt.

And it's not illegal to post a string of digits that may or may not be a credit card, without more, and the same should apply in the case of the HDDVD key.

I would never say what the AACS key is...

[rbarreira]

I would never say what the AACS key is... I just say what it is NOT (see sig).

Re:Since they're just using Primes

[swilver]

I use numbers a lot, to avoid getting sued, I now ask the AACS permission for every number I use. It's cumbersome, but hell I don't want to get sued. I wonder what a lifetime license for the first 10 billion numbers is gonna cost me.

790,815,794,162,126,871,771,506,399,625

[SpaceLifeForm]

Seems a bit easier.

Hey *AA!

[Greyfox]

Whenever you get done suing the owners of that over half million pages on the Internet with your number in it, I have some shit I'd like to see you try to put back in the dog.

How about while we wait for them to get back to me on that we start a little political activism to start bringing consumer rights back to consumers in our various countries? Writing your representative is OK but if you really want to get their attention you need to be wielding a block of about 200,000 voters. Hop to it!

Re:09F9:1102:9D74:E35B:D841:56C5:6356:88C0 is an I

[swilver]

Welcome to the new world then, where the AACS can sue ANY IPv6 address and claim that it just so happens to be their "secret number" and you must Cease & Desist immediately. Of course they won't have to proof that or anything, you just have take their word for it.

It's nothing to do with free speech...

[argent]

This has nothing to do with freedom of speech. The Internet's response to censorship is very much stronger than that... the Internet is built on protocols that are designed to avoid information loss and enable communication no matter what. It's got an abhorance of any kind of censorship... no matter how valuable and useful that censorship might be... baked into its genes, and that is one of the things that's made it so successful. Even if you tried to replace it, it can and will outcompete any closed environment that doesn't have that attribute.

So it's not a free speech issue, it's a "you can't win this race" issue. They're not so much *wrong* to try and fight, they're simply foolish and doomed.

Other representations

[benhocking]

"I feel something hilarious has happened. As if 13,256,278,887,989,457,651,018,865,901,401,704,640 geeks cried out in laughter, and were never silenced."

So, if they wouldn't let you sneak the decimal version by them, I wonder if they would object to the prime factorization:
2^6 x 5 x 19 x 12,043 x 216,493 x 836,256,503,069,278,983,442,067

Re:A conversation with mom - scenario #2

[Kiralan]

All she has to do is something like this: (Typical update process with a consumer stand-alone Blu-Ray player)

Option A:
1. Go to website (Mom: Website, what's a website? I don't have a computer)
2. Download the appropriate file (Mom: Download a file? Which one? From where?)
3. Burn it onto a CD-R (Mom: Burn it? CD-R ??)
4. Put in player and wait for it to install, hopefully it works
5. Watch movie (finally!!!)
6. Get fed up with new Blu-Ray player, and stop buying movies, possibly taking player back to store for a refund.

Option B:
1. Go to website to get support phone #
2. Wait on hold for minutes / hours (YMMV)
3. Get asked what model you have (Mom: Where is the model? On the back/bottom? I gotta unplug the cables ?!?!?)
4. Start over at step 2 when you know the model
5. Give them your name, address, other personal info, along with the serial # (Mom: see #3) If no serial #, get it and start over at step 2, again!
6. Wait until they can ship it to you, could be days or weeks
7. Put in player and wait for it to install, hopefully it works
8. Watch movie (finally!!!)
9. Get fed up with new Blu-Ray player, and stop buying movies, possibly taking player back to store for a refund.

Option C:
1. Decide disk is defective (Mom: My other disks work, so it must be this disk)
2. Drive to store and get new copy
3. New copy fails, too. Store won't refund, until you raise a ruckus.
4. Get fed up with new Blu-Ray player, and stop buying movies, possibly taking player back to store for a refund.

You will note that all three cases lead to rejection of Blu-Ray by average consumer. Mom, or your average consumer, wants a player where they can:
1. Buy any Blu-Ray disk
2. Put it in the player
3. Push play
4. Movie plays!!!

Anything beyond that, and you alienate your customer. Simple.

I heard a great joke...

[Jeff+Carr]

I wouldn't say anything about it either, but I did hear this great joke the other day...

A man walks into a talent agent's office, and says, "We're a family act, and we'd like you to represent us."

The agent says, "Sorry, I don't represent family acts. They're a little too old-fashioned."

The man says, "But this is really special."

The agent says, "Okay, well what's the act?"

He replies, "Well, my wife and I come out on stage and she begins to sing the "Star Spangled Banner" while I take her roughly from behind. After a minute of this, my kids come out and begin to do the same, but my daughter's singing the original "To Anacreon in Heaven" lyrics while my son performs anal sex on her."

The agent looks uncomfortable, but the man continues, "Just when my daughter hits the highest note in the song, my son and I switch partners. He turns my wife around and gives her a dirty Sanchez before having her perform oral sex on him. When the song's over and we're both getting close, we all stop and lie down on the stage."

The man smiles fondly as he recalls, "This is the best part: our dog then comes out on the stage, and he's trained to lick each one of us to orgasm in turn. He just goes right down the line, looking as happy as can be! We all get up and take a bow."

He looks at the agent and says, "Well, that's the act. What do you think?"

The agent just sits in silence for a long time. Finally, he manages, "That's a hell of an act. What do you call yourselves?"

"09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0!"

Google

[yakumo.unr]

Google's intelisense auto complete thing now has it as the 2nd suggestiong after typing '09 F', lol.

The Inquirer joins the bloggers

[mariushm]

I started laughing when I let the mouse hover on the third picture in this TheInq article : http://www.theinq.com/default.aspx?article=39411, the alt text says "And the magic number is: 09 f9 11 02 9d 74 e3 5b d8 41 56 c5 63 56 88 c0" . Good job , Kudos The Inquirer ! :D

Fuck-you RIAA

[Pig+Hogger]

Fuck-you RIAA and consorts. (see .sig)

Le Monde too

[cpghost]

France's highly regarded mainstream paper Le Monde also published the key, repeating it on purpose in their article. Now imagine how those AACS-LA lawyers will get laughed out of french courts should they try to curb Le Monde's freedom of press! C'est trop tard messieurs, get over it.

Re:The FDebDCC-code

[blitziod]

but now that they REVOKED the key have they not made it legal to post under the DMCA? I mean if the key is rovoked it can not be used to bypass a DRM so how can they say it does?

Re:In the end, they will lose the war...

[Goaway]

I'm not sure if you're very confused here or mostly getting it right, but just in case, I'll clarify:

1. Hardware players can be individually revoked. That is, per physical unit, not per product line.
2. However, the X-box is not a hardware player. It can't even read HD-DVDs at all.
3. However, the X-box add-on HD-DVD drive exists, but it is not a hardware players, it is a device to be accessed by a software player. Those follow different rules, and as far as I know cannot be indivdually revoked.

And as it turns out, it is mostly the X-box drive people are hacking at this point. This is not so much because it is hard to revoke, which is true, but because it is cheap and ubiquitous and can be connected to a computer instead of an X-box just as well.