Slashdot Mirror
Doom9 Researchers Break BD+
An anonymous reader writes "BD+, the Blu-ray copy protection system that was supposed to last 10 years, has now been solidly broken by a group of doom9 researchers. Earlier, BD+ had been broken by the commercial company SlySoft." Someone from SlySoft posts a hint early in the thread, but then backs off for fear of getting fired. The break is announced on page 15.
A hearty congratulations to the brilliant programmers of Doom9, including Oopho2ei - who claims not to be a "professional programmer".
Help stamp out iliturcy.
Unfortunately this will probably just mean that a ton of consumers will be SOL when they implement new encryption schemes on BluRay that aren't supported by some existing players.
Well done.
The common man proves that if man can make it, man can break it.
This is a lesson companies will NEVER LEARN when it comes to DRM.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
The content must contain sufficient information for the content to be decoded. Anything one software can do, another software can do (see Knuth, et seq). Therefore if there's an available software that can decode the encrypted content it must be possible for open software to decode the encrypted content. Removing the encryption using open software eliminates the protections against copying provided by the closed software and the game is over.
Thus DRM is a fool's errand. It always has been.
The illusion of protectability is however easy to sell for vast sums of cash to content owners who desperately want it to be possible.
Help stamp out iliturcy.
I don't really care if I can copy my BluRay disks or not (I'm too lazy to back up my movies - if I break a disk and I like the film, I get a new one).
But I would love to be able to play my legally bought films under Linux without having to reboot (or having to go to jail for that matter). Maybe one day. :)
Fortunately, citizens outside the United States of Asshats* doesn't have to bother with this whole DMCA crap.
* Referring to lawyers et.al.
Hoping some expert can describe how this all works to the masses out here. From a quick glance through the forum, this is what I think is happening...
BD+ movies are released with corrupted data
A conversion table is required to fix the corruption
The conversion table is built using code on the BD+ disk that runs on the BDVM.
The bulk of the work on the forum thread seems to be an effort to reverse engineer the opcodes and libraries (called TRAPs?) available in the BDVM, and to reimplement the VM.
I'm not a security or crypt expert, but I can't imagine how anyone can expect this kind of security to remain secure for 10 years.
I think a quote from a famous internet wordsmith is in order here:
gadgetophile.com
A lot of people are just not buying content - even though they would like to buy content - because they know that money spent that way is wasted and they don't want to throw their money away again. Of these I believe that many are just avoiding the content rather than downloading it through any of the myriad options for that, and that's demand destruction. Once the content is available unprotected, a huge market of people is opened up who would prefer to pay for what they get if they can pay for it in a way that's not stupid. See the MP3 sales of Amazon and iTunes and even Walmart.com.
Making content available DRM-free is actually a huge win for the content industry, even if it makes it harder to prove unauthorized distribution. Hopefully soon they'll see this.
OTOH, brick and mortar content sales outlets are pretty much toast. They sell a digital product in a digital age with an analog method. And, they close. The Internet doesn't close.
Help stamp out iliturcy.
I don't really care if I can copy my BluRay disks or not (I'm too lazy to back up my movies - if I break a disk and I like the film, I get a new one).
Clearly you have no children living with you.
When information is power, privacy is freedom.
Except bank vaults don't also vastly decrease the usefulness of banks for legitimate customers...
no one I know seems to fall into your generalization of people not buying Blu-Ray discs or players because of DRM.
We shall see. Most people don't know really why they're not trusting of innovation in content technology. The advantages of open content though are immediately obvious and so when the content owners open up the content it starts flying out the door.
All in all, because Blu-Ray is 10x the bandwidth of any online "HD" movie source (and I use that term loosely for online offerings) and because online DRM is so much worse, I don't see it going away. Instead I see it likely to win over DVD-- DRM or not-- but not until manufacturing costs ramp down due to better technologies and economies of scale.
"Never underestimate the bandwidth of a station wagon full of backup tapes." Technology has passed this one by, but the truth of it remains. Content providers would do well to sell the right to the content separately, and let people figure out how to get the content on their own. If they must, they can offer content at kiosks you take your external hard drive to. The tree huggers should like the idea of transport-media free content distribution at the very least - that's less mylar disc in the landfill.
Consider this. Is a DRM-free H.264/AAC mp4 file more convenient, or is a DRM-laden disc that you can play in your car, computer, PS3, portable system, or friend's house by carrying around a 16 gram disc?
For the car and portable system a downrezzed movie that fits on an 8GB SDHC card are sufficent, and that form factor is considerably more convenient than a disc that doesn't even fit in your pocket - and is too fragile to carry that way anyway. People do this on their EEE all the time. A 360GB external 2.5" USB drive is bigger and heavier but smaller than a BD with case so it still fits in your pocket, is less susceptible to scratching, fits multiple movies on one disk, and has many other advantages.
Open content means you can make backups. You can convert to your target platform. You can move your content to where you want it and any technology that can play it will continue to play it for all time. DRM content does not have any of these advantages. Most importantly that last one.
Help stamp out iliturcy.
I own over 500 DVDs, I love to collect movies and my favorite shows and I look forward to collect BD as well, but I will never support any kind of "protection" that punishes a honest person. I travel all over the world and I often pick up movies from other countries, why shouldn't I have the right to play them back at home, in my living room? The region protection was stupid and any protection is stupid because it doesn't keep pirates away but just honest people like myself who paid dearly for their discs. If my DVD Player had not been unlocked I would not have spent a good chunk of that money on DVD. And I'll go even further: I should be able to send my original DVD of movie XY (not related to Kyle ;) ) and upgrade for a reasonable cost to the same movie on BD, after all it's movie studios that pushed the new standard.
...
Presumably they allowed software players for a reason, despite knowing they were way easier to hack than hardware players.
Uhm, you do realize that actually watching a BD movie on a laptop or computer is done in software? Obviously this has to be supported, even big companies are not that dumb. Heck, I bet BD is decoded in software on the PS3.
Nah, this DRM nonsense is just starting to heat up. There's a new Copyright Czar on the job now, and Hollywood will throw more cash than ever at lawmakers to try and shore up their busted protections. This will continue since US export numbers are propped up by Hollywood's entertainment distribution network. They'll see this as a "must-protect" industry. In the end they'll fail, but anyone who thinks the supporters of DRM are about to give up should think again.
"can even execute arbitrary code on the machine"
Oh excellent. I think I'll skip BD, thank you.
A hearty congratulations to the brilliant programmers of Doom9, including Oopho2ei - who claims not to be a "professional programmer".
I mean, it seems their programmers did it first, and then helped out the Doom9 people by providing hints here and there.
Not to diminish the value of the doom9, who gave us an open solution to the problem, but let's not forget the other guys.
Warning: Opinions known to be heavily biased.
Samsung has a $200 player which comes with 4 free movies. Given that the movies retail for $35 a pop, that is $140 in free movies with a $200 player. The rumors is said player will go for $150 on Black Friday. A player for $150 with $140 in free movies is a pretty good deal.
The biggest problem with BluRay is retail stores charging $35 for movies. DVDs are often selling for $10 or less. Knock BluRay prices down to $25 a movie or less and I'll bite.
Gotta be careful with that math. The movie is WORTH $10-$15 (based on DVD pricing and people's apparent willing to pay that), so it's $60 worth of movies claiming to be a $140 dollar value, just like the blue-screen commercials where they give away the '$100 value' worth of the stuff they couldn't sell in the last blue-screen ad and really just don't want cluttering up their warehouse (here, you throw this away!).
Millions bought our "shiny penny" for $100 and millions more bought our "crisp 10 spot" for $150, but if you act RIGHT NOW, you (yes, you) can have BOTH for the low low price of $99.95! You know It the deal of a lifetime BECAUSE I'M SHOUTING!
I am proud of having been a contributor of the Doom9 forums. Go and pay you tribute: they demonstrated to the industry once again that DRM is a sick idea and will NEVER work.
P.S. Now I can go and buy a BD recorder. Just as I did with the first DVD Writer after deCSS.
if I break a disk and I like the film, I get a new one
You are exactly the kind of customer that all big movie and music companies would like every customer to be. DRM is a way to make that happen. That way, they can make customers pay for the same content multiple times, growing their profits by leaps and bounds. While you pay through your nose, they laugh all the way to the bank.
And here's the hilarious part: as soon as they (the movie publishing industry) do start trying to be clever with BD+ attacks trying to find the Doom9 VM and variants thereof, they'll screw up discs so they're unplayable on numerous legitimate players. Pretty much the only thing that hasn't sunk BD+ so far is the fact that there are very few different models of player in circulation. As it is, it's still fallen over before.
You are not alone. This is not normal. None of this is normal.
Uhm, does it? I know you can run Linux on it, but does it really use Linux for basic usage such as running a game or the media players?
Use the word Cell multicore processor if anything because it's not multiple PPC cores, just one.
I honestly have no idea what proportion of BluRay watchers watch via their PCs, but the equation is simple - take a graph of disc sales. Presumably at some point its BD+ program is cracked and sales will fall as high quality rips show up on the internet - I'd imagine the graph looks like a sharp rise upwards on release week followed by a gradual decay into nothingness over time, with a sharp drop around the time the BD+ program is cracked (assuming it lasts long enough that you can even get a sales baseline, ie, not within a few days).
By this theory, you should see DVD sales drop to nothing almost instantaneously.
Even if Blu-Ray copy protection were as utterly broken as DVD copy protection is, the disks would still sell fine. Of course, then there are the people like me, who don't pirate anything, but refuse to buy media they can't copy at will. I'll stick with DVDs until the Blu-Ray cracks are so automated and key distribution infrastructure so well-developed that I can do what I want with Blu-Ray media.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Um, wat.
I'd expect bluray sales to start skyrocketting soon. At least for blank media and burners/drives, and a lot of people ready for bluray as long as the players are not overly restricted (ie think a bluray player in your car limited to today's grade restrictions).
Right now I'm willing to buy a bluray burner when the prices approach 50$-60$ for a drive. I'm sure I'm not alone, and plenty others might go for 100$ drives.
Now, the question is, do we play the nice card, and buy up bluray drives to drive down the price and make them more popular compared to players... Or do we play the evil card, and refuse to buy into bluray and simply start organising "darknets" based on a bunch of people with eSATA hard drives, killing off whatever chance they had of us buying bluray like we did DVD? I could easily imagine a whole bunch of people getting together, sharing their rips of movies in get-togethers, passing them along. Internet speeds may not be fast enough but cars are.
Personally I'd go #2. This time they can go fucking die. But I don't know. And should they decide to be dipshits and break compatibility for more restraints, #2 is definately the way to go.
It would be nice, for once, to fuck them over. But if they don't harden encryption, if they leave it as is, I think it's fair to buy burners; if only for data.
You apparently shop in some sort of weird parallel universe version of those stores. I assure you that Wal-mart, Office Max and Fry's are certainly not moving huge volumes of large capacity NAS devices. You would be hard pressed to find one on the shelf at Wal-mart, that's for sure. I see you can buy smaller NAS devices on their website, but their in store selection consists, if they even carry a NAS, is only about 1TB. They mostly carry internal and USB drives up to 1 TB. Office Max and Fry's carry them, but relegated to a small section of the higher end business class equipment. Again, they're selling smaller 1TB and lower internal and USB drives.
I'm not sure where you get this idea that NAS devices are a hot seller for the general public. I work in IT and none of us in the office has one, and I'll bet if I walked outside out door and started asking random people in the office if they owned a Network Attached Storage device they would just stare blankly.
You seem to have confused "network attached storage" with just plain old "storage".
Yes, the PS3 decodes BD in software (they used it as an example of parallel processing on the Cell).
Unfortunately, the PS3 runs -either- Linux -or- the BD decoding program (inside its own O/S).
This makes tracing the BD program from inside Linux impossible.
"I was in love with a beautiful blonde once, dear. She drove me to drink. It's the one thing I am indebted to her for."
I think it's more about fear of losses than actual losses itself. Most people who buy pirated stuff cannot afford buying (the same amount of) legal stuff, so it is incorrect to count all the counterfeit sales as "losses".
As an example: people in Russia earn about $400/month on average - do you think it increases the chances for Linux/free software popularity? No, everyone just buys counterfeited Windows, which costs about 2-3$ in semi-legal shops. You can even find custom Windows "distros" on the net. Does that count as "loss of sales" for Microsoft? I doubt that.
Coding etudes