Slashdot Mirror
Claim of a Blu-ray BD+ Crack
Google85 writes in with a brief Enquirer piece reporting on an announcement on a German site that SlySoft claims to have cracked BD+, the extra copy-protection layer in Blu-ray. Here is the German original.
← Back to Stories (view on slashdot.org)
The amount of time the MPAA claims it will take to crack something (in this case, 10 years) is inversely related to how long it will actually take (in this case, a few weeks).
I reckon that what Slysoft reckons and what Sony reckons don't reckoncile... Man, you reckon they used reckon enough in that article on the Inq?
Some more info about it at http://forum.doom9.org/showthread.php?t=130527&page=5 Knew it was only a matter of time...
Dare we credit this blatant act of piracy to, yet again, a Sharpie?
Those who believe the Internet is private,
find their privates are on the Internet.
TFA in English used the verb "reckon" four times in as many sentences. I reckon I ought to have struggled through the German.
we can safely expect flood of new signatures on /.? Or is this unrelated to any encryption key?
Was it this extra layer of protection that was causing some players to have some ungodly load times that was mentioned on /. a little while ago?
And if the companies spent half as much money on increasing space/fixing problems as they did useless protection schemes, we'd be on Terabyte sized dvd's by now :P
OK, now when will the T-Shirts be up on ThinkGeek?
I don't have an HD-capable TV, so I don't fool around with Blu-ray or any of that stuff yet.
.AVI files. While I could usually get the ripping done (Ripit4me worked), I could never get a re-encoding to work that didn't have audio/video sync issues.
.AVI). It has worked flawlessly.
But I wanted to take this opportunity to say how great Slysoft's software is.
I tried at least half a dozen pieces of "free" software trying to rip DVDs and re-encode them to
I plied all the forums, downloaded endless codecs and other whosit and whatsit pieces here and there and could never get it to work. So much for "open source".
So I laid out $80 to Slysoft. One package to rip the DVDs, and one package to re-encode them into a variety of formats (I use
I'm a big Slysoft fan now.
A work that expires before its copyright never enters the public domain and thus enjoys eternal copyright protection.
Well DRM is a pretty hefty mountain to climb. How do you:
1- Protect media with lock
2- ensure customer can open lock with key to use
3- ensure customer can't copy content with the same key
Given enough time clever customers will always find your keys and always figure a way to copy your media. Isn't it better to stop trying and just offer products not licenses. The alternate route is to simply make copying hard enough to deter most people (console games + mod chips) or dial home to get some nifty extra features (MMORPG's).
"There are more things in heaven and earth, Horatio, than are dreamt of in your philosophy."
English translation...
... Blu-ray player sales are up 4000%
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
I'd like to see Fox (or any other studio) sue the MPAA asking for arbitrarily large amounts of cash to compensate them for all the piracy this weak crypto causes. It would be really nice for the tables to turn a bit.
At one time it was a crack, then the crack turned into a crevice, then that crevice turned into a gorge.
The gorge then morphed into a GAPING HOLE OF NO RETURN.
I'm a bit confused about what has been cracked and not, lately quite a lot of BlueRay and HDDVD movies have shown up in 1080p format on my favorite torrent site. Ok, they might not have "cracked it" whatever that means, but they sure as hell have started distributing the movies.
This "War On Piracy" does nothing more than keep people in jobs, much like the "War On Drugs". Like the drug war, piracy cannot be stopped unless it's made legal, but to do that you would put those in charge of fighting said illegal activity out of a job.
It's stupid...
Any digital content that can be seen or heard can be duplicated with some form of analog technology. Copy protected CD's can be recorded with near perfect quality simply by flying the audio from a CD player into a PC equipped with a $100 pro-level audio card (like the Emu 0404 or M-Audio Audiophile 2496). DRM protected mp3/wma/etc files can be duplicated through two pc's in exactly the same fashion as a CD. Copy protected DVD's can be duplicated by recording it's content from a DVD player into a PC with a decent video capture card.
And that's just the tip of it.
Nothing they do keeps DVD's off the streets. Every trip to the grocery store I make, I get a guy or gal coming up to me selling the latest movie for $10 on DVD (3 for $25!) or the latest yet-to-be-released CD for $5.
It's not going to stop. No amount of copy protection will help, no law passed will deter, it's a useless waste of money, but it keeps a few folks in a job.
Fifty watts per channel, baby cakes.
I lost my sig.
They knew it would be cracked this way, but they expect BD+ to protect them trough the first weeks of release (when most money is made), unlike AACS which was fully cracked and now completely useless.
As of now there are no universal cracks in the wild for BD+ and no vulnerabilities were found in BD+ yet. The keys need to be cracked from a new software players version, every cycle of disk release. This doesn't make the scheme uncrackable, but it takes time to crack every time and that was the whole idea. It requires time, cannot be done computationally, and most importantly the work needs to be done every cycle of release.
If you read the doom9 forum, SlySoft explained that they cracked specific discs, and they said it took them 3 week to extract the keys from the software player. Now these keys will be revoked in the next cycle, and the software player they extract the keys from will have it's key revoked and will require an update. This update will use a new obscuring scheme for the keys, and it will require another 3 weeks to crack.
Can you legally order someone to take downers?
This just brings me back to my original hypothesis that it is impossible to encrypt something one time that you want to be easily distributed to the masses. There's just no way to say "here's the encrypted content and the key, but the key only works when we say so" unless you have some kind of root server doing the authentication in real-time and creates randomize keys for every download/view (think TSL). Even then, the user on the recieving end can (in theory) just record the incoming stream and redistribute.
It's time for the media distributors of the world to wise up and realize that they just cannot protect their content through DRM. The best they can hope for is to make it tough on Joe Sixpack, and rely on legal means to tackle the large scale pirates. (think 1980's style).
If BD+ is cracked, then the writing is pretty much on the wall for DVDs and we'll see a faster migration to online, streaming content. So let the "you cannot save this file" wars begin (ala Flash and QuickTime) - soon people (smarter than me) will spend time on fixing, er um... breaking that too.
- I voted for Nintendo and against Bush
This is a bit off-topic, but on the subject of HD encryption, is it me or does it seem like HD-DVD/BR discs are getting harder to crack? There have been several big releases lately that have taken a while to crack the encryption on and rip; the HD-DVD version of Transformers for example wasn't broken until some two weeks after the disc was released. Obviously the MPAA's engineers can't completely fix AACS due to flaws in its design, but they seem to be getting better at using what they have and keeping groups from cracking their discs for a bit longer.
On the whole this is still a loss for the MPAA, but none the less being able to stop people for even a couple of weeks would likely encourage anxious people to buy movies they'd otherwise pirate, so it would seem the MPAA hasn't completely lost yet.
This raises an interesting point... why don't the movie moguls just go to a smart card based system? All hardware players are shipped with a SIM that comes from the distributors, software players require a reader hooked up to the PC. If a key is cracked, the SIM range is blocked on future discs, and a person needs to get their SIM replaced but can keep the same hardware. As with Direct TV, there are multiple ways to beat the system, but the moving target is MUCH easier for the media moguls to keep up with. On the PC side, this SIM card could also be used to provide online content to people with a specific disc in their drive, which would tie the SIM into a service agreement that could be revoked when evidence of tampering is found. Not that I'm FOR any of this mind you (except for the online streaming content), but this system seems so much more obviously effective than what they're trying to do right now. Think about it: buy the box set to your favourite TV show and get access to bonus features, interviews, and a sampling of later shows not included in the set via an online service via keys stored on your SIM and on the disc. They wouldn't even need user-side DRM, but could use it as device verification for your free subscription account instead.
http://www.guardian.co.uk/media/2003/oct/29/tvnews.internationalnews
It's not unheard of...
Hmm... I guess I must not be keeping up with the changing definition of Pirate -- my immediate thought was, "wait a minute, the people mass producing the discs with the old code can still do so; the old code doesn't cease to be valid...." Then I realized you were talking about people ripping a legally purchased video to a DRM-less format, not people mass distributing discs for profit.
Seriously, I think the one thing this format has going for it is that unless the master copy is pirated and distributed in a DRM-less format, the MPAA members will have a window with each release where the market won't be flooded with free versions of their product, so people who want "zero-day" entertainment will be more likely to see it on TV/in the theatre/buy the DVD.
I looked in my DVD collection the other day and I realized had purchased well over 300 DVD's. It just sorta happened. And I realized it's a tremendous waste of money and space for discs that, for the most part, are watched once and done. But the price point is low enough that they're an impulse buy every time we go to the warehouse club, and so everybody throws one in. I should probably sell them on ebay.
Anyway, to my point. When I go to the store, new releases are $13-15, and 2-3 year old releases are typically under $10. I can't believe anybody copies for that price, particularly when you only watch once.
So DVD piracy is effectively solved by lowering the price so it's just not worth it to the vast majority of people. If they get high definition disks down to under $15, this is really a moot point.
The only reasons I can think spending this much time and effort by the record companies is either (a) They think that they'll eventually drive piracy out of the market allowing them to raise prices or (b) they're crazy control freaks who aren't completely rational. Or maybe both.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
Ah, no. People are cracking these because they enforce usage controls that many - myself included - believe go too far. Some of us like to use media centers that play video that's been ripped (not necessarily pirated). I've got a nice collection of video files that I've ripped from DVDs that I own that I stream to my living room media center. It's extremely convenient and the video quality is quite good. I'm not out there distributing the ripped versions of these films, and I'm not out there downloading pirated versions of them, either. I'm doing nothing more than utilizing an alternative method to view content I paid for in the privacy of my own home. At present, I cannot do this with Blu-Ray or HD-DVD.
To be fair, commercial DVDs contain copy protections designed to thwart this kind of activity, but thanks to the diligent efforts by the very same kind of people (and likely the same people in many cases) who are working to crack the new schemes, the process is convenient and effectively one-click. Until I can do the same thing with HD-DVD and Blu-Ray discs, I won't be buying any of either, and I'll continue to recommend to the people who ask my opinion that they stay away.
In short, people aren't just doing it because they can. They're doing it because there are legitimate reasons for doing so. Not everyone who rips discs is a pirate, but this DRM punishes all equally.
AACS hasn't been "fully cracked" -- the encryption scheme remains unbroken. It's just proving impossible to keep people from extracting the keys once they're in memory -- which they have to be to decrypt the movie. Software players have evidently gotten extremely sneaky at obfuscating keys, yet it's not enough.
So AACS isn't really cracked. It's just trying to do what can't be done.
Kythe
Wait, whoa... I'm confused. They're milking a cow for snake oil now?
I think that would just make it easier. People can eavesdrop on smart cards.
Fox can't sue the MPAA because the MPAA is an organization made up of the studios. The organization Fox would sue for this would be the AACS-LA, and they could maybe sue them for failing to meet contractual obligations or something. But even that would be a stretch.
I think because you would have a LONG way to go to get Joe Average consumer to even understand what this new paradigm is that you're touting.
Remember, most people do not have broadband....many do not have any internet connectivity at all...and MOST people out there...assume once you buy a player, it will play forever till it breaks. They would never assume that they, as a consumer would ever have to change out anything or update anything just to keep it working legally. They don't have home networks that can connect to all their components....and I can't see expecting Joe Average to periodically have to run somewhere to change out a piece of hardware....hell, changing batteries on things is beyond many in Joe Average's family, seriously.
Take this scenario in your world. The sim for the new blockbuster kids movie XYZ has been cracked. It is Xmas day, and 'Santa' brings the XYZ dvd to little joey average....Dad pops it into the player...it won't play. Now...even if Dad knows the reason and needs a new sim...nothing is open on Xmas day...little joey is crying, and Dad's not happy. That kind of stuff in consumer-land, just isn't going to work. A consumer expects that if he buys a player for music or video....once he can actually get it hooked up (no small feat for JA), that it will just work when he pops in the media.
Light travels faster than sound. This is why some people appear bright until you hear them speak.........