HDCP Master Key Is Legitimate; Blu-ray Is Cracked

adeelarshad82 writes "Intel has confirmed that the leaked HDCP master key protecting millions of Blu-ray discs and devices that was posted to the Web this week is legitimate. The disclosure means, in effect, that all Blu-ray discs can now be unlocked and copied. HDCP (High Definition Content Protection), which was created by Intel and is administered by Digital Content Protection LLP, is the content encryption scheme that protects data, typically movies, as they pass across a DVI or an HDMI cable. According to an Intel official, the most likely scenario for a hacker would be to create a computer chip with the master key embedded it, that could be used to decode Blu-ray discs."

not protects

[Lord+Ender]

content encryption scheme that protects data

It restricts data. It restricts my rights. It does not protect anything.

Re:not protects

[Andorin]

Where is there any indication that "pirates" were behind the leak of this master key?

Re:not protects

[aoteoroa]

Not everybody who uses DeCSS is a pirate....some of us just want to watch our legally obtained DVD's from our linux laptops. As a side note does one need DeCSS to read a VOB file then convert to AVI (I've never tried). Or can it be done on a windows computer using a legally obtained DVD codec?

Re:not protects

[sjames]

It could well be rights. Waste Management takes your waste away, so Digital Rights Management takes your digital rights away.

Re:not protects

[Andorin]

> but the manufacturers also have the "right" to put encryption on media.
Cool. We have the right to try to break it, and to succeed.

Re:not protects

[TheRaven64]

The rights in question are fair use / fair dealings rights. You have the right, for example, to extract short clips from a video and quote them in commentary and so on, for example including screen captures in reviews. DRM on BluRays prevents you from exercising this right, among others. In some countries, you have the explicit right to format shift, which DRM also prevents.

DRM is vigilante action by the publishers, and it should be treated as any other vigilante action.

Re:not protects

[SloWave]

Actually, the expansion of corporate monopolies by use of DRM and DMCA restricts what used to be inalienable rights of both artists and users far more that most people imagine. It is a very dangerous situation right now. Anything to weaken DRM and DMCA is good, at least until the the political process starts working for the people again.

Eh?

[wampus]

Now we all need to buy new TVs and Blu-Ray players with HDCP2 support. You fuckers should have just caved and got a new 3D TV when they were trying to drive uptake the polite way.

Mod parent up, wtf. "flamebait?"

[lindseyp]

A strongly worded opinion. Well written, with references and links. It's not even a controversial topic, From what I see this is rather a majority opinion on slashdot.

Who the hell modded this flamebait?

Weve seen that argument before

[Weaselmancer]

You know and I know, this is primarily a tool for piracy.

No, it's primarily a tool. How you use it is up to the user.

Much like a gun is a tool. You can use it for target practice, hunting, home defense - and murder. The tool doesn't get to decide how it is used. The user does. The tool is blameless.

Another point. Most people aren't pirates, and most of the people "content protection" screws with are the paying customers. It absolutely is about rights. You buy it - you own it. That's how it used to be. Now the industry is trying to change that. It is important to let those people know they are selling snake oil. That's how I see this event. It's not about a BluRay player for Linux, it's not about piracy. It's about stopping snake oil salesmen from infringing on our rights with these increasingly bogus copy protection schemes.

That's why I love watching things like this happen. I love it when people who are clearly in the wrong (both philosophically and mathematically) get called on their hubris. It fills me with joy.

Re:Weve seen that argument before

[spire3661]

I would be very hard pressed to name even one media corporation who has not attempted to re-write law in its own favor.

Re:Weve seen that argument before

[Jafafa+Hots]

Exactly. I don't own a blu-ray player, I don't intend to ever own a blu-ray player, I don't rip blu-ray movies, I don't intend to ever rip them, I don't download ripped blu-rays (and of course don't burn them, since I don't have a blu-ray burner.

Yet I am thrilled by this news. Why? How does it effect me? I've never played a blu-ray dics, legit or otherwise in my life and never will... so why do I care?

BECAUSE. There is a trend to remove rights from people, to get people to pay multiple times for the same content (the head of the RIAA even admitted in a 1980s interview that they were aiming towards a play-per-play model)

They create artificial scarcity through region codes and corrupt legislation to allow them to sell a product which costs a fraction of a percent of what it used to cost to "manufacture & distribute" while using law & restrictions to force people into paying essentially HIGHER prices for it - and the end product actually has less tangible value and "permanence" than what came before.

All because they determined that there would be higher profits in this business model - but it's an unnatural business model that is illogical and would not WORK, without them purchasing laws to FORCE people to adhere to it.

This is immoral and corrupt, and would never stand in a true free market or for that matter in a socialist one either... can ONLY exist in a corrupted "democracy" and would require draconian police powers to enforce.

This is a blow against that. This is a blow against a propped-up failed business model.

More like this and eventually they will have to figure out a LEGITIMATE business model, or die.

Re:Weve seen that argument before

[Jafafa+Hots]

Oh incidentally, re: region codes - this is particularly slimy.

They take advantage of the "global market" to reduce their costs and increase their profits by offshoring production to a society where wages are less, then shipping their product to a society where they can charge more. Using region codes, they prevent their customers from doing the SAME THING.

The customer is NOT allowed to take advantage of the global market by "outsourcing" THEIR suppliers of media by ordering from a different, cheaper region.

This is the ultimate in hypocrisy, this is the ultimate FUCK YOU to their own consumers - we'll deprive YOU of the jobs making your own consumer items, not shit you can do about it - we'll charge you the same as if they WERE made locally, not shit you can do about it... and we'll prevent YOU from going offshore to get the same benefit we do.

I can't think of a much sleazier business practice.

Re:Weve seen that argument before

[HungryHobo]

You know I sometimes wonder if the world would be a richer or poorer place without copyright, pleanty of things would be different certainly and those who make their money from the current system will of course tell you the world would be a poorer worse off world for it.

It's almost taken as a given that the world would have less creativity without copyright but I do wonder.

If the chef at your local restaurant had to pay royalties whenever he used a recipe published by a celebrity chef would you have a tastier and more enjoyable meal?
What if he risked being sued into the ground if he created a derivative work by altering the recipe slightly without a liscence?
or would you just have a more bland, unoriginal, uninspired and ultimately vastly more expensive meal.

If your hairdresser had to pay royalties whenever some kid comes in with a magazine picture and says they want their hair to "look like that".
Would everyone have far more interesting hairstyles or would it just cost far more and see people getting sued for doing their own hair at home in a copyrighted style?

Both these things are creative and also involve a skill much like storytelling or playing a musical instrument and in both cases I've heard of people trying to get copyright protections extended to cover them.

Imagine a world where in the 17th century someone had decided that recipes and cooking should fall under copyright along with books.
You can be sure that were someone to call for it's repeal 300 years later there'd be no lack of "professional recipe composers" who would talk about how much work they put into working out new recipes and the time and effort it takes and how we're bad people for implying that they haven't worked hard and that they somehow don't deserve a cut whenever someone follows their recipies.

of course in a world where we're all free to take someone elses recipe, use it, copy it, publish it or even claim it as our own we know very well that fuck all harm has been done to the industry for the lack of legal protection on such creativity.
We live in a world where everyone has family recipes but hardly anyone has family music.

In a world where such legal protections existed and nobody ever knew such an open and unprotected situation as we have in this world it would be very easy to claim that there would be no creativity, no well paid chefs and that setting up a kitchen would be pointless since someone else would just copy the chefs recipes.

Similarly it's taken almost as a given that the world would have less good books, less good stories and less without copyright but try questioning that even for a moment.

Of course no someone is going to complain that composing and cooking a good meal can't be compared to composing and playing a good piece of music because..... well just because!

Re:Weve seen that argument before

[MrNaz]

If the law is so out of sync with reality that everybody find adherence to be too difficult to do, or too invasive to want to abide by, then isn't that an indication that the law is out of sync with reality?

The purpose of art is not the enrichment of media companies, but the recognition of artists. If the entire system requires the militant enforcement of government in order to prop it up because people cannot or will not play by its rules, then in my books, the entire system is the problem, not the people.

Re:Weve seen that argument before

[LambdaWolf]

The customer is NOT allowed to take advantage of the global market by "outsourcing" THEIR suppliers of media by ordering from a different, cheaper region.

And if you've ever bought used textbooks on the Internet, you'll probably quickly discover what a sweet discount you can get when the global market stays global for you. I've bought plenty of (English-language) textbooks that were originally sold to the Indian subcontinent; they're exactly the same between the covers as the American editions but priced quite differently, and you can often save some good money. (Competitive pricing keeps the prices all pretty much the same, but the foreign editions are often the cheapest, sometimes by as much as $10-$20. And I'd have to guess that they pull down the prices of the other editions.)

The catch is that there's a small but visible red box announcing that the book was for such-and-such countries and that any sale outside those countries is "UNAUTHORIZED"—which is true, but it refers to the publishers' contracts with their own retailers. They indeed do not authorize secondhand sale to the U.S., but that doesn't make it the least bit illegal or unethical. (They also don't authorize me to scribble in the margin or dip the book in peanut butter or whatever, but who's asking their permission? After the publisher sells the book to a contract-bound vendor, who sells it to a private citizen, the publisher's power to authorize anything is null.) But they sure as hell don't mind letting some Westerner assume that they'd be buying stolen property, so they're no clearer than they need to be about whether such an "UNAUTHORIZED" sale is actually dishonest.

The parent poster is absolutely right about what the region codes do: divide the market into pieces where each one can be charged a different price, while keeping the pieces from trading with each other and benefiting from a free secondary market as I did with my books. To criminalize breaking the codes has no purpose other than to help publishers make more money in a sickeningly anti-capitalistic way. Good for whoever cracked the codes: they've done something for the little guy and his ability to buy and sell his own property like a capitalist. (And perhaps you thought that "capitalist" always meant "pro-corporation"...)

Re:Weve seen that argument before

[h4rm0ny]

No, you have it backwards. It's the media producers who live off other people.

Yep. Just the other day, a "media producer" came to my home and ate all my food. Sarcastic? Yes, a little. But providing me with something that I want in exchange for an agreed price is not "living off me". If someone publishes a book or releases a movie and says they're selling it for X amount of money, that's my choice. Are they offering me something I think is worth X money, yes or no. If yes, I buy it. If no, I don't. If that's living off other people, then so is pretty much any job, and many much more so than the "media producer".

Is it not they, who expect to profit forever, without bound, from a limited amount of work? They, who don't want to accept the market as it exists, and want to impose their own rules on the general population, so that they can live off them without effort?

Wow. That's some dramatic prose in defense of taking for free what others who paid to produce. It's pirates "who don't want to accept the market as it exists" as they are the ones bypassing the market and setting their own conditions on others without that party's agreement. A "market" is agreed exchange. If author Jane offers her work for amount X, that imposes nothing on you. You are free to negotiate or walk away, and that is the market. If some freeloader says to Jane: you have no ability to negotiate with me - I'm taking this and there's nothing you can do about it, then that meets your flowery language of "imposing their own rules" does it not? That meets your definition of "living off them without effort" does it not?

We owe them nothing.

Someone produces a book, movie, song, game that you enjoy and you say you "owe them nothing".

to encourage these lazy persons to produce our music

The "lazy persons produce our music", eh? You see no contradiction in that sentence? You condemn as lazy people who write novels, record albums, film movies, develop games. You have no conception of how much work or expense any of these things involve, clearly. If it's so trivial, and you're so not lazy, why don't you make your own novels, albums, movies and games? Surely not because that would require effort / money / expertise.

but they have abused our trust and taken it to the extreme.

How, in precise words, has someone abused your trust? Because I've always been under the impression that movies / novels / music / games, were being sold to me. I was never "trusting" that these things were all being thrust into my hands for free only to suddenly find that my trust was broken because someone asked for money as I left the shop or clicked the "Confirm Order" button.

They deserve no pity. The problem is not solved by forcing the population to spend all their extra money on copies of bits

Yes. They are demons, irrevocably damned. We must not pity people who spend their time or money on producing things.

The problem is not solved by forcing the population to spend all their extra money on copies of bits.

Disingenuous in the extreme. When was the last time anyone forced you to spend your money on a movie or TV show or a novel or whatever? Really - when were you forced to spend this money?

It is solved by introducing sane copyright law, that brings balance back into the game.

After the illogical, unsupported and self-contradicting post you just made, you have as much right to talk about "sane" as King Herod does to talk about "child care"

No not so much

[Sycraft-fu]

They've already had trouble selling HD technology. Were they to just invalidate everything and declare you had to buy new stuff this would not only lead to lawsuits, but just difficulty on the consumer market. If someone already has their TV and Blu-ray player they aren't going to rush out and buy a new one. The content producres will release for what people have, or they'll get no business, thus they'll keep making older formats.

You might notice that DVDs aren't gone, nor for that matter are CDs. The media industry loved the DVD-Audio idea because they had better protection (CPPM) and of course CDs had none. Problem was they couldn't move DVD-A players. Very few people outside of audiophiles bought them. As such the content kept being produced for CD because it was that or have almost no sales.

As I said, Blu-ray is proving to be somewhat of a hard sell as it is, since all it offers is a better picture (DVD offered a ton of better features). If they just said "Nope, you have to buy all new hardware," it would be a total non-starter. People wouldn't buy the HDCP2 players, since they'd have HDCP1 TVs and they'd want them to work. Thus electronics companies wouldn't be interested in selling HDCP2 players. Since people wouldn't have HDCP2 players, you couldn't make discs require HDCP2 or nobody could play them.

Things can be forced on consumers only in certain circumstances. All the encryption on Blu-ray worked because nobody really noticed, it was just a part of the format. Likewise HDCP wasn't something most people encountered problems with only the early adopters got fucked. However you now have a massive installed base of HDCP TVs, and growing every day. Try to screw that over and it just won't work. Your shit won't sell and if it won't sell, companies will stop making it.

Interesting

[dcposch]

It seems to me that many media companies are in denial about a simple fact--you can't share a secret with a million people and expect them to keep it.

Want to send your account password to your bank? One sender, one trusted recipient, and a world of potential eavesdroppers. That's a problem crypto can solve.

But if the final destination of your precious content is every Joe's TV, iPod, and computer screen, any "encryption" you have between here and there is fundamentally futile. It only takes one of those Joes to start seeding it on BitTorrent, and the more annoying you try make the DRM, the more likely people will be to simply use that as their source instead of paying you.

Besides, after all that work designing and implementing a complex DRM scheme, every single frame of that movie you just sold me is gonna be rendered to my computer's framebuffer. Which gets sent to the display driver. Which is... drumroll... whatever I felt like installing. In theory, I can make my own driver that writes an AVI. So even in theory, DRM is broken.

It's the same kind of denial that leads companies to think streaming video is meaningfully different from just giving me a file to download. If you're sending the bits to my computer, you cannot possibly control what I subsequently do with them.

IMO, the RIAA could make so much more money if they just accepted filesharing as fact and focused on monetizing it. They should look at the bright side--way more people are listening to way more music now than they did back in the day when songs came in plastic cartridges and brick-sized Walkmen roamed the earth. Organize some shows. Sell some merchandise. Sell me a DVD that has awesome-quality 24K soundfiles on it. Get your song on the next Rock Band.

A couple of weeks ago, I went to Lollapalooza 2010. It was awesome, worth every penny of the $180 I paid. How did I decide to go? I found a bunch of the lesser-known artists on Youtube, and liked what I saw. They earned their cash. The record execs, trying to prop an obsolete business model with lawsuits, did not.

Re:TFS is confusing

[clone53421]

No he isn’t. He’s being forced to go to extreme lengths to exercise his fair use.

breaks HDCP, not AACS

[AceJohnny]

People are confusing this master key that breaks HDCP, saying it can help decrypt Blu-Ray discs. That's not the case: Blu-Ray is encrypted with AACS, which has a similar concept of device keys derived by a master key. AACS has a mechanism of revoking compromised device keys. Getting the AACS master key would bypass that mechanism, and would be great news.

This key isn't the AACS master key This is an HDCP key, which would allow one to create a "unauthorized" device that can connect to HDCP-encrypted HDMI and succesfully decrypt the HD stream.

HDCP has been known to be nearly broken since 2001, in that obtaining the device keys of 40-50 devices is enough to calculate the master key.