Slashdot Mirror
Blu-ray BD+ Cracked
An anonymous reader writes "In July 2007, Richard Doherty of the Envisioneering Group (BD+ Standards Board) declared: 'BD+, unlike AACS which suffered a partial hack last year, won't likely be breached for 10 years.' Only eight months have passed since that bold statement, and Slysoft has done it again. According to the press release,
the latest version of their flagship product AnyDVD HD can automatically remove BD+ protection and allows you to back-up any Blu-ray title on the market."
I'm beginning to increasingly believe the old cliche, "Information wants to be free".
When will people learn that making bold statements about their technology's security will only make them look like a fool when it is finally broken?
Now that that's been handled, looks like it's time to start shopping for a BD player.
Wikipedia states that it only enables backups, which are then played with a software player which is Blu-Ray compatible. It doesn't look like VLC will be playing BD+ protected media anytime soon.
Inventions have long since reached their limit, and I see no hope for further development.-- Frontinus, 1st cent. AD
Its not really details of how it works, its a FBI sting to get people that are intent on learning 'forbidden knowledge".
---- Booth was a patriot ----
This is completely bogus marketing on Slysoft's part. They have "broken" the current titles by extracting the code from each one, but BD+ relies on code being downloaded from the disc itself to decode the data. The bar will just be raised now and new code will be added to newer titles.
Slysoft has made this claim before. It turned out to be bogus. The crack allowed a user to copy a BD to the harddrive and play it back from there using only a specific version of Cyberlink's PowerDVD (3319a), but not to transcode, otherwise manipulate the content or play it back from a burned BD-R or BD-RE. (Wiki)
Now I'd like everyone to remember that BD+ is not an `algorithm` per se. It's not a DRM one way function. BD+ is a virtual machine and a blu ray disk is a full fledged program that runs under the VM and can even run native code to patch and upgrade the virtual machine.
This is akin to running a java application that can inspect the java VM.
It's a cat and mouse game for now.
*Wiki: http://en.wikipedia.org/wiki/BD%2B
Nature journal lied in Britannica vs Wikipedia Ask to retrac
The whole problem with encrypted media is that in order for the customer to want to purchase it, they will need to access the media they have purchased. In order to access that media, they will at some point need the key(s) that unlock it. Simply put, the purchaser of the media has the locked media, but they will also have the key. If you give people the key to the lock along with the lock, it is only a matter of time before someone figures out how to get the key.
It however does a few things...
1. It tells that Blu-Ray is already supported enough to buy a player now
2. It allows you to even if Blu-Ray ends up failing, you can rip your Blu-Ray movies to the new format (and don't expect media storage to be made as long as VHS and DVD did anymore...)
3. It will allow various third-party projects to soon take advantage of this (even if right now it only lets you make backups) and add Blu-Ray support to media players on OSes such as Linux.
There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
I agree that is the reason for the vast majority, but there are some cases where people have a legitimate reason. I'm in the process of ripping my 600+ DVDs to an increasingly large hard drive array so I can access them all around the house without the need to get the discs. I know it's unusual but there are legitimate reasons.
It's all fun and games until a 200' robot dinosaur shows up and trashes Neo-Tokyo... Again
The vast majority of customers for blu-ray technology won't give a rats arse about this. I certainly don't
Well, I do. Let me tell you why:
I don't own a TV. I *do* however own a computer with a WUXGA display. In its current
config, my computer would not be "MAFIAA certified" to play BD discs, even if I hab a BD drive.
I want to be able to play the content on my computer.
With the OS of my choice. With a display of my choice. Without this HDCP crap.
I own a bunch of DVDs because deCSS has become ubiquitous today, and nearly every
computer with a DVD drive can play them, without any platform or software dependencies.
I'm waiting for the same to happen for BD - until then, no money from me.
Please make it happen soon, HD video looks great.
I own and rip my DVDs to put them on my media server. I pay, and I "crack", so I can watch DVDs on demand without hunting them down, sitting through ads, and even on the road on my iPhone. So where do I fit into your argument? I'll concede that some people will borrow / rent DVDs to rip them, but honestly, it's much easier to torrent the movie you want than to rip / encode for 99% of the people out there. I'd say at least 50% of rippers do so legitimately, DMCA not withstanding.
Good people do not need laws to tell them to act responsibly, while bad people will find a way around the laws-Plato
The crack allows you to play the media at full quality on systems that do not have a fully HDCP compliant chain. Example: If you have a home theater TV hooked up to an older HDTV that only has component inputs, or if you have a non HDCP video card, you can use this "crack" to play your discs at full quality.
Have you ever thought that your own paid-for movies are just data?
not every movie copied has to be stolen. and i doubt he was planning on stealing. especially since he said he also wants to wait for the prices of the movies to come down. which he has a point with. i mean, i've seen some movies go for $35.
1. This won't affect piracy, the places where you can get pirated movies are already full of BD releases so obviously those creating the pirated releases were already able to get the data (probably by ripping it out of the decoded video stream at some point).
2. Software patents or no, I believe that I should be able to do what I want with something I purchase as long as it's not harming others. Moving my movies from physical disks to my media server is not harming anybody.
3. As others have already said, DRM is fundamentally broken. To view DRM encrypted content you have to have the keys. If you have the keys then the encryption can't be secure. The sooner people (the content industries) realise this the sooner they can stop pissing off their legitimate consumers without actually denting piracy. This is a win for all. EMI have realised this, and I think a couple of other music studios, now it's just a waiting game until the rest of them get it.
The blue ray encryption geniuses should read my subject line over and over and over and over.
Ok, yes, books are more than *just* dead trees with ink squirted on them. But guess what, they also *are* dead trees. . . with ink squirted on them. Meaning they share at least some of the properties dead trees. For example, if you needed to, you could burn them in a fire place for warmth, if it came down to it. They have a high quantity of cellulose, so if you needed a source of cellulose for some sort of chemical reaction, you could possibly use books (or other paper - magazines, newspapers, etc) if you had to.
I think the GP's point was, he should be able to backup his movies to his computer, because at a low level, Blue Ray movies are just data on the disc. He should be able to backup *any* data on a BD to his computer. Yes, movies are more than data, but they also *are* data too. The power of abstraction is that I can usually treat any two *similar* things similarly, even when they aren't identical.
So that I can drive a Chevy Corvette or a Cavalier, a Ford F-150 pickup truck, or a Toyota Camry all on the same road, because they are all automobiles. Yes, a pickup truck is *more than* a set of wheels, a frame, and a motor, which collectively fit within a certain standardized set of dimensions and under a certain maximum weight, but it *is* also a set of wheels, a frame, and a motor which collectively fit within a certain standardized set of dimensions and under a certain maximum weight, which is why it can drive on the same road as the other vehicles.
I think one of the distinguishing features of most geeks, that sets them apart from the general populace, is the fact that they have the ability to see, when it's useful, that "a book is just a dead tree", and to be able to figure out when that fact is useful. It is the foundational principle of much of engineering and computer science. Most people see the forest, or maybe the trees. A good hacker sees the forest *and* the trees.
Your response to the GP just shows that you just don't get it. It doesn't mean he's any less correct. I hope this post helps you to see that.
No, you don't. It's uncompressed, but not "perfect" because it still has the compression artifacts. Then, when you recompress it, it has two sets of compression artifacts. Although it's higher quality than aiming a video camera at the display, it's still more-or-less the same as the "analog hole."
To really count as "cracking," the attacker needs to get access to the decrypted but still encoded stream.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
24 Carat Pure Slashdot Gold.
We have a winner. I call for a slashdot version of the Godwin; any technical thread on the viability of any technology is over the moment anyone claims something to the effect of "... We could install Linux on it!"
However, asking "... does it run on Linux?" is still fair game.
If I mod you up, it doesn't necessarily mean I agree with what you've said, sorry.
I'm beginning to increasingly believe the old cliche, "Information wants to be free".
I am also beginning to increasingly believe that if you create a good enough dare, people will take you up on it, just to prove you wrong.
Mother nature likes to join in too sometimes, as one ship has shown us.
Jumpstart the tartan drive.
What I want to do is get an HD DVD burner (this is very hard BTW), a lot of blank media, and a Blu-ray drive, and then buy Blu-ray movies and convert them into HD DVDs. That way I'd really be sticking it to the man. Yeah. Wooo! You know it!
Erm. Ok. It's probably the stupidist idea ever, but what the hell.
You are not alone. This is not normal. None of this is normal.
HAHAHAHAHahhahaha, oh man, that was funny.
"...just sufficiently hard that the cat and mouse game is too much effort for the pirates."
Except the pirate have the time, and the skills, and the same computer power as the companies. Add to that they don't have an arbitrary budget and they get an Ego boost from doing it? do you really think these snake oil salesmen have a chance?
What next, a scheme for hiding porn magazines in your house from teenagers?
At least more and more media companies are beginning to realize the futility of these scheme, hopefully they will go away. Really, I want to buy by disk, put it on my computer and call it up when ever I want. That's the future, that is what consumers want and expect.
"You can't hide secrets from the future with math." - MS Frontalot.
The Kruger Dunning explains most post on
hmmm... I do see your point. However it does 'want to be free' in that people like to sharing information.
Which is a huge deal in that it's a very basic part of human nature. That is what the expressionmean. nobody believe information actually wants something, it's just a observation of human nature.
Like saying "Cars like to clump up in traffic." doesn't actually mean the cars like anything, it's just an observation of what car operators tend to do.
The Kruger Dunning explains most post on
So we're having a low-UID pissing contest . . . but in reverse???
cat and mouse game is too much effort for the pirates
Just to be clear, pirates aren't the ones playing that cat and mouse game. When you see a street vendor selling pirated copies of Star Wars, he's selling actual Blu-ray discs. He made bit-for-bit copies and he didn't need to decrypt anything to do it. The fact that Blu-ray is encrypted didn't do anything to prevent the pirate from stealing the content.
Decryption is needed by people who want to *gasp* watch the discs they legally purchased at BestBuy.
I will give BD+ credit though, it managed to hold them off for 8 months
Nope. 5 months.
According to the link they sat on this for 3 months for strategic reasons, waiting for the format war to end.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
I don't think many people take the phrase literally. All it means is that it is very hard to keep a secret, human nature being what it is. Governments, companies, individuals all expend tons of effort to try and keep information locked down - and yet even the best systems are compromised.
In other words, the path of least resistance is to structure our society such that it isn't dependent on the keeping of secrets. The fewer secrets, the better - though all except the most extreme nuts would argue that some secrets are in fact necessary.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
and you should read mine over and over again.
The Kruger Dunning explains most post on
The same thing happened with cd and dvd. At first blanks were expensive (and generally half the capacity) but once it became the dominant media the economies of scale kicked in.
I'd say if Bluray becomes the dominant media (which isn't certain, I happen to think discs are doomed) we'll see spools of blanks for $20, just like the last two times.
Man, you really need that seminar!
Actually, I think the whole meme reads as such :
- Information wants to be free
- Entertainment wants to be paid
- You just want to be cheap
After 3 days without programming, life becomes meaningless
- The Tao of Programming
>if you create a good enough dare, people will take you up on it, just to prove you wrong.
That's sounds like a dare to me.
The surprise isn't how often we make bad choices; the surprise is how seldom they defeat us.
Its also an entropy thing. It may well be that like almost everything else we observe information follows a concentration gradient. That is if you concentrate information with a small group of people you have to constantly expend energy keeping it there. So if you decide gee I only want people who purchase a certain bit of plastic to watch my move you have to put alot of energy into keeping the movie on the plastic. Eventually it will get off if you don't. It may well be that DRM is like heating your house; the more insulation you have(stronger DRM scheme) the better but as soon as you take the input energy away (turn off the heater)/(complete your encrypting) the temperature will always equalize with the outside(the movie will propagate to places where the disk is not present).
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
I don't know about satellite TV in the US, but...
Virtually every satellite TV encryption system available has been broken, often many times over. These range from simple hardware hacks, such as subscribing to all channels then sticking a resistor in the decoder to prevent the card's EEPROM from being changed then unsubscribing again, through complete reverse-engineering of the cards. Cards were routinely modified to recieve all channels, card details were copied onto deactivated cards, and some were even re-implemented from scratch using a PIC soldered onto a PCB, or even using programmable cards.
These systems relied on security through obscurity - the pirates didn't know how the cards worked, so there was no way they could compromise them. Yeah, right...
This continued until very recently. Most newer encryption systems follow the pattern that BSkyB used with their analog and digital encryption systems. BSkyB's analog system relied on replacing the cards. Each time a revision of the cards was breached, they would issue a new one that fixed the holes in the last, and often fundamentally changed the way the card worked. Sky retired the system before it was fully compromised, but other providers kept using it. They had to face the fact that computing power had advanced so much that it was possible to brute-force decode the signal in real-time with no card.
Most modern cards are programmable, as are the CAMs (the modules that talk to the card, and pass the final decryption keys to the STB). So the current encryption systems change the firmware in both card and CAM periodically. Any breach will only work for a limited time. Even after all these years, the arms race continues - pirates have found all kinds of creative ways around these things, such as sharing a single card across the internet.
It's also possible to buy a PCI satellite card that allows a PC to recieve satellite TV. Combine that with an official card and CAM, which work as normal. You can't change the card, but you can do whatever you like with the decryption keys it generates, or the decrypted TV signals. That includes recording it, and uploading it to the internet. You could even do that in real-time if you wanted to.
The continual update thing is what Sony are trying with BD+. The idea is that the BD+ portion contains code, unique to each disc, which verifies that the player is authentic and hasn't been compromised. Once it's done that, it provides decryption keys to the player.
The general idea is that, while it may be possible to compromise AACS in the same was as CSS, each BluRay disc will contain unique encrpytion code for that disc. The idea is that each disc will need to be cracked individually, just like PC games. And we all know how well that approach works in practice.
This assumes that each BluRay disc will have completely unique BD+ code, and that's just not going to happen - they have to maintain compatibility with existing players, which means the BD+ code has to be extensively tested. Hackers can move much more quickly - even if they did have to crack each batch of BluRay discs individually, they'll be able to update their decryption tools much quicker than Sony can update their BD+ code.
It also assumes that nobody knows how BD+ works (security through obscurity), and that nobody will be able to independently implement a BD+ VM that pretends to be a real player. That's exactly what SlySoft have done. Their VM isn't complete yet - it only implements the portions of BD+ that current discs are actually using. It is known not to work on one disc (Hitman, I believe), simply because it uses parts of the BD+ VM that they've not implemented. Yet.
The point is that the pirates are far more agile than Sony, and have unlimited time in which to devise a solution. There is no such thing as making it too much effort. At least with the satellite TV analogy, you can't keep using a hack once the hole it exploited has been patched, so there is a time factor. There is no time factor with BluR
I would say that you are only half right. If Dish is easier to hack, saying that DirectTV is unhacked is like saying that my front door is secure because it's easier to throw a rock through the 4x8 window right next to it. Largely pointless for the conversation. After all, have you succeeded if the hacker is still getting the data through another channel? Then there is Netflix. Most of the people I knew that hacked DirecTV did were subscribers to DirecTV. They hacked the system for the PPV channels. At $19 a month for way better selection, I know a lot of people switched from hacked DirectTV to Netflix because it was a better value.
There is nothing stopping a dedicated pirate from going, pixel by pixel, dumping the current pixel color values into a massive 2d array
-- -- --
Actually, there is. It's called HDCP, and means that only "authenticated" output devices will get digital data.
I doubt those devices will stop a dedicated pirate with good soldering talents. The data has to go to the screen at some point.
Out of modpoints but really liked a post? 1BDkF6TtmmeZ3yqXbz9yhdYVqRYnwFoXDj