Slashdot Mirror
$350 Hardware Cracks HDMI Copy Protection
New submitter LBeee writes "German Researchers at the Ruhr University Bochum built an FPGA board-based man-in-the-middle attack against the HDCP copy protection used in HDMI connections. After the leak of an HDCP master key in 2010, Intel proclaimed that the copy protection was still secure, as it would be too expensive to build a system that could conduct a real-time decryption of the data stream. It has now been proven that a system can be built for around $350 (€200) to do the task. However, the solution is of no great practical use for pirates. It can easily be used to burn films from Blu-ray discs, but receivers which can deliver HDTV recordings are already available — and they provide the data in compressed form. In contrast, recording directly from an HDMI port results in a large amount of data."
Because we all know once data has been uncompressed it can never be compressed again...
...it would be too expensive to build a system that could conduct a real-time decryption of the data stream.
Then how, exactly, is anyone supposed to be able to ever watch? Oh, yeah, right. Duh. Every freaking HDTV with HDMI input has to conduct real-time decryption of the data stream. Where do these companies even find these fucktard spokespeople???
Maybe this will finally make HDMI manageable for audio/visual crews when faced with multiple HDCP encumbered HDMI sources that need to switched and/or crossfaded in real time. Right now it is damn near impossible to implement any form of HDMI switching due to the ridiculous handshake times needed when protected HDMI sources see changes in the destination. Currently the only way to handle it is with a black market HDMI to component converter which introduces often unacceptable video delays in addition to requiring multiple Digital-to-Analog and Analog-to-Digital transitions along the way.
NetInfo connection failed for server 127.0.0.1/local
Since some people seem confused as to why this is special and what it actually does.... I'll try to explain some things.
Yes, HDCP happens right at the I/O chip, and you can extract unencrypted raw video bitstreams in a variety of ways. All involve actually opening up the receiver device and soldering on wires.
Typical HDCP compliant devices use a ROM with a vendor key that's attached right to the I/O device. Industry standard devices such as the ADV7441 or AD9889 from Analog Devices fully support this, and interface to the rest of the system with a standard raw video bit stream. The contents of these vendor ROMs are typically unique to each vendor and their contents are not even disclosed to the vendor. They do not contain the master key, but are somehow related to it. This is cheap - the ROM's probably cost pennies, and the cost is more about registering as a certified HDCP compliant device. It's pretty much a plug-and-play solution for display device vendors - simply attach the vendor code ROM to the receiver chip, and the device just outputs unencrypted video to the rest of the system.
There are various mod kits for adding SDI or unencrypted DVI/HDMI outputs to things like Blu-Ray players, but they all work just by connecting to the raw bitstream lines AFTER the decryption at the actual HDMI receiver chip.
On an HDMI cable, the actual encryption that takes place is specific to keys on both sides, so can't generally be universally cracked. If a vendor key becomes compromised, future Blu-Ray players can blacklist it.
What makes this solution useful, is that it's just about the only way to crack the encryption on-the-wire without having to open anything up or solder anything, and it can't be prevented by simply blacklisting vendor keys.
That's not how it works in practice. The TV doesn't have a specific chip for decoding HDCP.
This $8 chip disagrees with you.
Load it up with some keys and you get the unencrypted audio/video stream on the output pins.
We both said a lot of things that you are going to regret.
So someone comes up with a working product capable of keyless, real-time HDCP decryption, and the first thing you want to do is use it to throw content up on bittorrent. You see, this is why the rest of us can't have nice things...
I store all my stuff as MD5 hashes. Why keep a 4.5 GB MKV file when it can be hashed down to 16 bytes? That's just stupid. Haven't watched anything yet, waiting for the holidays.
Trolling is a art,
You lose data because the differences between the lossy version after decompression and the lossless version are compounded by recompression. If you have a sufficiently high quality original, even if it technically is not lossless, the differences are minimal. To the point that you won't really be able to see the difference after recompressing it.
By contrast, YouTube is particularly bad because most people start with a low quality video and then YouTube recompresses it at a low bitrate.
Gonna suck to be you when you find out that there's a collision between "Frosty the Snowman" and "Trans-Midget Scat Sluts XIX"