Slashdot Mirror
AACS Revision Cracked A Week Before Release
stevedcc writes "Ars Technica is running a story about next week's release of AACS, which is intended to fix the currently compromised version. The only problem is, the patched version has already been cracked. From the article: 'AACS LA's attempts to stifle dissemination of AACS keys and prevent hackers from compromising new keys are obviously meeting with extremely limited success. The hacker collective continues to adapt to AACS revisions and is demonstrating a capacity to assimilate new volume keys at a rate which truly reveals the futility of resistance. If keys can be compromised before HD DVDs bearing those keys are even released into the wild, one has to question the viability of the entire key revocation model.'"
If they put this much effort into making crappy movies not suck instead, they'd save a lot more money than trying to control every customer's lives
Google's Super Secret Search Algorithm: SELECT @search_results FROM internet WHERE @search_results = 'good'
...I'm sure someone will solve the problem by writing more laws.
That's always the solution, isn't it?
(oy.)
A cheerful little bird is sitting here singing.
Damn you long-haired smellies! Why can't you get with the program and just passively CONSUME!
you had me at #!
You mean "failure"?
Remember, kids: It's not torture, it's "enhanced interrogation techniques".
The article is missing the key, who's got it? I need to start a protest on digg!
The Farewell Tour II
Black hat not white.
Suck it!
.
.
.
.
Seriously. do any of these people see any other future where this "enabling" software isn't hated and despised to the point where we chear that it's been broken and can use our paid for media how we wish?
) Human Kind Vs Human Creation
) It'd be interesting to see how many humans would survive to serve us.
This is quickly making DRM look less like rights management and more like digital restrictions mockery. Of course, we knew this from the start. Any security strategy that depends on giving the attacker both the key and lock is doomed to fail.
The guys who make this DRM know its flawed but they still get paid when it fails. They must be quietly laughing all the way to the bank. Yet like morons the record labels keep handing money over. It's no wonder CD sales are declining when you're *that* clue-proof.
EMI has the right idea. Shock horror, if you give the customer what they want, they'll pay you for it. I never would have guessed!
Simon
If keys can be compromised before HD DVDs bearing those keys are even released into the wild, one has to question the viability of the entire key revocation model.'
Really? You're kidding. I thought that made it more viable.
I'll leave it to someone else to explain how.
Sounds like the old days of the C64 boards. It started with 1day warez, soon there were 0day warez, before it was all done there were boards that only accepted -7day warez. That was warez (Cracked software) that were released no later than 7 days before the program was to hit the market!
Give up now and stop waisting money on something that will never work!
In anything DRM, the corporations move fast to protect their content, but the hackers on the other end always move faster. I have already heard this story told with HD-DVD replaced with almost any other type of physical media trying to employ a DRM scheme.
Well, back to rejecting software patent applications.
I just gave my dual 21" dell lcds a mountain dew bath after reading "damned-time-traveling-pirates dept". I salute you editors - you have given me my happy thought. Now quickly, fly! Second star to the right and straight on until morning!
That's the dumbest fucking idea I've heard since I've been at Microsoft.
...feel like this will be one of those anthropological head-scratchers to historians in 50-100 years? DRM? What an odd culture they had there....
u-bend
Is this the same collective responsible for releasing Spiderman 3 on the streets of Shanghai a week before the release of the movie?
On one end, a business conglomerate with procedures to heed and to follow, with people working for money, getting paid whether or not their implementation works, as long as it is to specs.
On the other end, a bunch of people with no marketing, no PR, no quarter reports to heed and the goal to remove that crap, and whose only "payment" is to get the content the way they want it.
Which one do you think adapts faster and more efficiently?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
How is this economical for these companies? It should be simple:
ProfitA = $MEDIA_INCOME - DRM R&D - DRM content - lawsuits - alienated customers - recalls (i.e. rootkit)
ProfitB = $MEDIA_INCOME - piracy loss
I would bet that ProfitB is significantly larger then ProfitA.
about the great Consumer Revolt of 2007 in history classes.
....
The list of revolt-ish type actions lately is getting quite long. I think the Internet is really starting to make its true value known.
Companies who want to force DRM on the consumers are simply terrified that they have no product and must force consumers to pay for distribution. The sad part is that they are wasting so much time, money, effort, and lobbying to try to stop what they never could before, and have no hope of stopping in the future; the sneaker-net is still alive and apparently doing very well with 500GB USB drives selling for less than 2 seasons of the Sopranos.
Digg, AACS, XM radio, and all that came before it. Oh, also that deal with the King and feet, the actress having sex on the beach... who knows how many more it will take
Support NYCountryLawyer RIAA vs People
"If keys can be compromised before HD DVDs bearing those keys are even released into the wild, one has to question the viability of the entire key revocation model.'" DRM won't be called into question. The real question to those with power and their minions is: what's the best punishment for offenders? Is it life imprisonment, the "solution" for such things as hacking the main page of a corporate website or committing "attempted piracy"?
As long as the people in basements world wide outnumber the security programmers 10000 to 1 (if not more), such codes etc will be broken. Doesn't matter if they are software only, or embedded into chips etc, someone will find a way around it.
that they have been over inflating the value* of IP for years to the creators of this type of content. So they wuiold ahve to go to them and say they were wrong...or blame the canumers. Which is another way of blaming the market, but they can't do that wothout admitting 'defeat' Or more accuratly, that DRM can not stop the people stamping bit by bit copies and selling them by the thousands. WHich is where there significant copyright inringement loss is.
*I do believe it has value, but not nearly what the media industry says it is.
The Kruger Dunning explains most post on
I think it would be fun to generate a big text file listing every possible string of 16 hex digits. We could post and mirror it everywhere, and pre-emptively cause another uproar when yet another of them turns out to be the new AACS key.
Slashdot Burying Stories About Slashdot Media Owned
To which they replied, "Foolish boy, that was just a vapid and insincere corporate slogan designed to sound vaguely cool to wannabe-rebellious (and utterly conformist) 13-year-olds..."
My mistake.
"Slashdot - News and Chat Sites Deviant". (Click "homepage" link above for details).
you have folks designing a roadblock into the process of decoding media, that doesn't always work, that is not supported on any of the minority OS... and they wonder why other folks keep cracking it?
you think maybe somebody out there in MogulLand would look at the swirling Warez underground, and for once think maybe, "geez, the free market says we are bumbling goons?"
apparently it only happens in Britain, where somebody at Electric Music Industries Ltd. woke up sober and straight one morning...
if this is supposed to be a new economy, how come they still want my old fashioned money?
... which this internet is too narrow to contain.
They are not just up against a determined people. They are up against SMART, determined people. These are the kind of people who will circumvent a problem before circle a petition.
The AACS LA is really fighting a losing battle on this one. The question I have to ask is where and when are they going to cut their losses.
I don't think hackers are always going to publically tell which software they found vulnerable, or if they went for the hardware, or exactly what. But it's quite clear they now understand where to look for the keys, so just changing them won't help anymore. And when you know the protection structure, I think this system is now pretty much as busted as the DVD protection became. GG
Beware: In C++, your friends can see your privates!
I don't remember seeing anything like that until I got a PC (and I think the first game I remember that has it was Elite, or Elite+).
Boffoonery - downloadable Comedy Benefit for Bletchley Park
It amazes me that the movie industry remains convinced that they save more money by developing and implementing DRM than they would lose to piracy. The cost for a system like AACS must have been well into the millions, and I hope they realize that with all DRM systems it takes orders of magnitude less money to bypass them then it does to create them (and once a crack is known, that's all it takes). At the very best, DRM only buys them some time until it is cracked, and at worst is frustrates consumers to the point that they boycott the product. While the number of pirates may increase a bit if all media was DRM free, I don't believe it would be a significant increase from the amount who pirate now. I do believe the amount lost to new piracy would be less than the amount spent developing DRM, and perhaps the increase in sales due to people who only pirate because they hate DRM will off set that even more.
Sadly, PS/2 was yet another victim of USB, which doesn't care what you plug into it, the electrical slut.
Nelson: Ha Ha!
..."I told you so" ?
or maybe "In your face" is more appropriate here.
It is with great pleasure I welcome our new borg overlords.
In the actual cinema, someone's going to get up and go to the bathroom, whereas in actual pirated movies, they aren't.
In fact, isn't that why we have the DMCA and DRM? Because they're so fucking terrified of a perfect 1:1 copy (DVD ISOs)?
Don't thank God, thank a doctor!
you still need to be faster than the internet. The hacks get around faster than you can follow.
Good luck with that.
-- You can't idiot-proof anything, because they're always coming out with better idiots.
Deliberate reference or a happy accident? I need to dig up a copy of this for the kids.
http://www.imdb.com/title/tt0081633/
XML is a known as a key material required to create SMD: Software of Mass Destruction
While I'm not one of them..... This target will attract the best and the brightest, for the challenge of the hack. The successful person will post results in such a way that he/she cannot be traced. The DRM model fails-even for the mildly informed computer user. (Those who open unknown attachments will always be with us) Meanwhile, with two incompatable formats, my money stays in my wallet. How much money have Sony and Toshiba lost on this debacle so far ? I must admit I am very entertained by this...although not on my TV set !
...on your definitions of good and evil with respect to DRM.
Weaselmancer
rediculous.
I never understood the MPAA/RIAA's approach to curbing piracy and increasing legitimate sales by imposing restrictions on those who pay for content. Think about it: a pirated album or movie comes with zero DRM and thus can be used for any purpose on any player an unlimited number of times. If I pay for that same album and purchase it through iTunes, I can only listen to it on my computer and my iPod. So here's my choice: pay for restricted content or download DRM-free content FOR free. Umm, who in their right mind would elect for the former?
A more proactive approach to curbing piracy would not restrict the rights of the consumer, but expand them. Instead of pouring millions of dollars into encryption schemes that are cracked before they're released, invest that money into innovations like exclusive or pre-release content for paying customers. I might feel better about buying an album online if a) I knew I could use that album any way I want and b) got a little extra in return, like an interview with the band, an exclusive track, preferential treatment for concert tickets, or whatever. I know these exclusive tracks and interviews could just as easily be pirated, but it's the thought that counts. If you (the RIAA/MPAA) respect my right and desire to use my movies and music how I want, I'll be more likely to respect your right to compensation for said goods. Either way, putting digital handcuffs on your paying customers is definitely *not* the right approach.
The keys being passed around before the release date shows that current laws aren't strong enough to stop piracy, and therefore successful lobbying for more draconian laws has a higher chance to proceed.
There's your pseudo-tinfoil hat answer. I hope I'm wrong.
Weaselmancer
rediculous.
Jail time a comin', courtesy Gonzales.
And then the utter fuckpuppets go on to say: "Buying pirated DVDs is stealing." This really gets my goat. Buying pirated DVDs is buying pirated DVDs. Stealing pirated DVDs would be stealing. Cnuts.
If it weren't for the rocks in its bed, the stream would have no songs.
Resistance is futile
Are we all lost in darkness or have we just not turned on the lights?
Well actually I can write down all the numbers with far less bytes than that. For example the sequence 123456789 contains not just three three digit sequences (123, 456 and 789) but seven! Like 234, 567 etc. Moreover, if I allow the numbers to be thought of as a 2D grid (allowing sequences go off one side or top or bottoma nd come back on the other side) and write 123 456 789 (3 digits per line) Then I have just written a whopping 73 different three digit sequences in 9 bytes. So I contend that you could do this all in a rather small file. Even better, if you write this in a text format that displays the letters in 3 (or say 1000000) dimensions, it is even easier. I,ll let someone else work out the optimal UNCOMPRESSED filesize needed to display all 16 hex digit sequences...
Did the article actually use the word "assimilate" and mention the "futility of resistance" in the same paragraph?
Insert witty comment *here*. I'm fresh out of wit...
DRM == LOL
~Vexed and loving it!
Any law that makes a criminal out of the majority is a bad law by definition.
But I liked your analogy too.
Python coder | PyQt Applications | Writer
why it had a horrible first weekend... well it didn't, but it deserved one!
Seriously:
DRM won't stop BIT by BIT pirates, or people inside the industry leaking the film.
The Kruger Dunning explains most post on
I do enjoy it. I do avoid peak times.
I have yet to see a home theater system that is as good as a good movie house.
The Kruger Dunning explains most post on
...with century-old laws like "a man must run in front of a car that's not dragged by horses, waving a flag or lamp". Put them on Dumb Laws.
It would be fitting. They, too, were created to protect an obsolete, outdated business model.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I am Locutus of Hackers. You will join the collective. Resistance is futile.
What about the people who have nothing better to do then sue makers of violent video games? At the very least someone burning a DVD is giving something back to society... either free media or the money from his enormous fines.
Why release a key before the discs that use it are out. Why not wait about 6 months, to let discs become available first. Then release the key when it's actually useful for whatever was released in that time frame...
As for DMCA and related B.S. laws, I say that they should recieve the same respect from the middle class that the gov't gives the middle class in regards to soverignty/security and the actual (not made up numbers) employment situation. That should give 'em something to think about.
Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
I don't know why I hadn't thought of it before but it just struck me that one of the ways we might be able to get the public to better understand the problems with DRM is to remind them of the horrible atrocity that was Divx. Most people with DVD players might at least remember hearing about that stupid plan, and if we could draw the parallels for people they might actually start to understand the problems with DRM. It goes a bit like this:
:)
Them - "Okay, so what is so bad about DRM?"
Us - "Do you remember that kind of DVD that would stop working a few days or a few plays after you bought it?"
Them - "Yeah. It was stupid."
Us - "This is just like that, only worse because you won't even know when they might make it stop working."
Them - "Oh. That REALLY sucks."
Job done.
So don't go telling me that we can't use McDonald's as an example provider of poor quality food.
People don't seem to get it... DRM has nothing to do with piracy. That's just a marketing friendly excuse.
The purpose of DRM is to make it less convenient for people to format-shift and time-shift content, thus increasing revenue from attempting to sell content multiple times.
The *IAA aren't idiots. They don't care about piracy, but they do use it as a tool to lobby for increased protection of their content. Any increase in piracy is used as an argument for increased restrictions, which in turn destroy fair use and allow for more restrictive business models.
These sorts of hacks get unprotected content on the file sharing sites, but they don't change the fact that Joe Consumer still faces an added barrier to watching his HD-DVD on his HD-iPod without buying a second copy on HD-iTunes. That barrier is more legal than technical -- there will never be a shrink wrapped software package on the shelves of Best Buy that does this for him.
I hate to say it, but for all but us nerds, these sort of hacks play right into the *PAA's hand. They lose nothing that they hadn't already lost, and they gain political leverage to impliment yet more DMCA-style legislation.
What we really need is a ten day waiting period and a background check before you can buy a congressman.
This seems to be a problem of the big boys.
On the anime DVDs I have watched, and other such niche entertainment, I don't get bludgeoned to death.
Only on Disney DVDs and DVDs of U.S. theater released films do I get harrassed. That could be the reason I avoid any such DVDs in the first place.
when has the world record for cracking drm merged into the negatives in time??
destiny, chance, fate, fortune; they're all ways of claiming your fortunes, without claiming your failures. -gerrard
I bet more people would go to the cinema, if you got a copy of the movie together with your ticket. Not to mention, that it would work both ways. Some would just by the ticket to get the movie. As I see it, more ticket sales, and more DVD/ticket sales.
So, is it a crime to publish a number that may be used as a copy protection device at a future date?
Maybe the USA should just put everybody under the age of 80 in jail and be done with it.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
Stricter laws won't work, but maybe a Coup-de-tat by the MPAA and a constitutional amendment similar to the one below might:
---
Amendment XXVIII:
Patents and copyrights shall be perpetual and never expire. Violation of a patent, copyright, trade secret, or end user license agreement shall be a capital offense and punishable by death. Circumvention of technology used to restrict copying and viewing methods is also a capital offense and punishable by death. There will be no rights including but not limited to: due process, attorney, or habeas corpus for persons accused of these offenses. Persons accused shall be tried by a military tribunal without a jury and held in a supermax prison in solitary confinement without visitation rights while waiting for their trial to commence. Trial dates can be indefinitely postponed. Torture may be used to extract confessions. This amendment takes precedence over amendments 1-27 in the constitution as well as all previously written articles and sections.
---
In other words, to enforce IP laws to the satisfaction of the MPAA RIAA, and others, you need a police state.
lol
rofl
super rofl
What DVDs have *you* bought lately? Mine have all come with 10 freakin' minutes of advertisements at the front that can't be skipped!
Yes they can. Use a PC instead of a DVD player. If you are stuck with Windows and think you are still stuck with the problem, a simple fix is to download GeeXbox. Burn it as an ISO to a CD. Boot the CD and wait for it to give back the CD. Play the DVD... Enjoy the movie.
The truth shall set you free!
Who is Ron Paul?
With the quality of most of the overhyped, trash sequels that Hollywood churns out these days, I can barely sit through a first watching of some movies, let alone DVD reruns.
Gentoo Linux - another day, another USE flag.
Basically correct but should read "In Russia, the government controls the commerce." Soviet Russia has been out of existence for 16 years now, long enough even for /.ers to notice ;-)
open (SIG, "</dev/zero"); $sig = <SIG>; close SIG;
I thought that false advertising was illegal or atleast frowned upon. They show pirated movies as being poor quality camera copies and containing virii etc. Couldn't be farther from the truth as AVI and MKV are not known for carrying virii and the quality is outstanding, especially in the .mkv 720p rips. Or atleast so I hear from a friend of a friend :)
What old school DVD player are _you_ using? Really, I'm just bustin balls. I know all COTS players can be forced to deny skip ahead. However, I have lately been using a media player for TV, DVDs and music. Wonderful OSS allows you to bypass "Would you steal a handbag?" and PLAY the movie.
... where the hell has all the common sense gone in the copyright debate? I also assumed that we had a certain level of civility on Slashdot, and that calling your fellow Slashdotters "fuckpuppets" was enough to land you a -1 flamebait mod.
What really gets my goat is that the parent deserves not one, but all the negative moderations, and mine will be the one to be buried.
You know, there is a difference between trolling and pointing out the flaws in your reasoning. Just saying.
In other news the crackers apologise for taking so long and say that they expect the next updates to be available at least 3 weeks before...
Brewing beer is legal because it's not very easy to transport/sell illegal beer - an van full of moonshine could be worth hundreds of thousands, whereas you'd need a few articulated trucks to carry that much value in beer. Beer also has all kinds of storage constraints if it's going to be nice to drink - you can't just bury 100 gallons of beer and come back to it in a year to sell it. Bootlegging is only really economical when you're moving high ABV stuff.
Also, brewing beer used to be illegal in the UK - it was banned because the powers that be didn't want the average factory worker being able to drink cheap strong beer at all times of the day. At the time of the first world war the strength cost and availability of beer was strictly controlled, and has been every since. Homebrewing was finally allowed some time in the sixties.
Home wine-making was legal all through that period though, because poor people don't generally drink wine.
(Cause the FDA regulates food production. Why, you ask? Upton Sinclair's 'The Jungle'.)
For the record, I do support being able to make pretty much whatever you want for your own use, but I do think anything that's going to get sold should have inspection & regulation processes behind it. The early part of last century & the late part of the previous demonstrated why outside inspectors need to be involved.
True, you could have something along the lines of an Underwriter's Laboratory for food, but it would still need to have some kind of legal force. (For instance, the NEC being given force of law in many local jurisdictions.)
Have you been touched by his noodly appendage?