Slashdot Mirror


User: Goaway

Goaway's activity in the archive.

Stories
0
Comments
4,507
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,507

  1. Re:Prediction of next article's title on DVD Security Group Says It Has Fixed AACS Flaws · · Score: 1

    And no, that probably won't require stripping the cpu like you claim in other posts. All modern hardware players will have CPUs, ROMs, and RAM, and there's a lot you can get from monitoring those. How do you think all the consoles got hacked?

    Because they are far more complex devices and can't just integrate all circuitry onto a single chip, like you can with a media player? I doubt they would allow anything critical to be transferred on externally accessible buses. If they do, that's a big fuckup.

    Or do believe that obfuscation will actually stop people from finding the key?

    I believe it will drastically shrink the pool of people who have the necessary skills to break the obfuscation. All the content providers need to do is make it hard enough to do that there is nobody among those who have the skills to do it that are interested in doing it. If this is possible or not is an open question as of yet, but it's obviously only going to get harder from here out.

    Your other posts reveal similar misunderstandings, such as this one where you state that each player has a single unique key

    Well, excuse me for not wanting to write a pages-long explanation of the subset-difference algorithm every time I want to make a point. I see you did the same thing when you said that the "set of keys is finite", which obviously isn't the problem here - it's finite but much too large to exhaust - but instead there are side effects when revoking large numbers of keys.

    Then there's this post, which shows you don't know about the player "bricking" ability build into AACS

    I did in fact not know about that, but nor will I take any slashdotters word for it, as the miscomprehensions about AACS flow freely around these parts.

  2. Re:"Fixed Flaws"? on DVD Security Group Says It Has Fixed AACS Flaws · · Score: 1

    You kind of have an obligation to actually understand the things you are making arguments about.

  3. Re:"Fixed Flaws"? on DVD Security Group Says It Has Fixed AACS Flaws · · Score: 1

    I think you have the obligation here.

    The subset-difference algorithm takes some effort to explain properly, and I will not go into that just because somebody on the internet is too lazy to look up the references themselves. I can, however, supply the required Google search:
    http://www.google.co.uk/search?q=subset-difference &start=0&ie=utf-8&oe=utf-8

    As for the reverse engineering you're talking about the first device.

    Re-read my reply, where I specifically addressed that already. The reverse engineering part applies mostly to the first device. The actual physical work of stripping and scanning a circuit applies to every subsequent attempt too.

  4. Re:"Fixed Flaws"? on DVD Security Group Says It Has Fixed AACS Flaws · · Score: 1

    This part?

    AACS LA shall not Expire AACS Keys [...] to disable
    products or devices where the security of the AACS Technology has been compromised by third parties, other than as described in Sections 10.3.1 through 10.3.5 above.


    Not only does it talk about not disabling devices, but it does not describe a mechanism for disabling devices beyond the normal key revocation, which does not affect old discs.

    Perhaps you were thinking of some other document?

  5. Re:AACS == Barn - Horse on DVD Security Group Says It Has Fixed AACS Flaws · · Score: 1

    If you can't think of a way to do a decryption without storing keys in plaintext in RAM, you're not a very good programmer.

    First, you can keep things in registers and never write them to RAM. Those can still be snooped, but it is harder. Second, you do not need to keep the entire key even in registers at one time, especially as it won't fit in a single register anyway. And thirdly, you can obfuscate the algorithm itself so that it does not use the plaintext key values, but obfuscated ones.

  6. Re:"Fixed Flaws"? on DVD Security Group Says It Has Fixed AACS Flaws · · Score: 1

    1. See the AACS specs.

    2. It is certainly not trivial to get the keys out of a hardware player. It takes a significant amount of work at a facility that can strip and electron-scan microchips, and then the reverse engineering work to figure out the results from that scan (and the keys might not even exist in plaintext at that level so you may have to reverse engineer the entire workings of the chip to find the keys). The reverse engineering step might be signigicantly easier the second time, but actually getting at the internals of the chips is still very costly. As those keys can then be made useless with hardly any effort, it does not make economic sense to engage in that battle.

    3. Physical devices get individual keys. Software players share a key, which is supposed to be revoked every six months even if there are NO breaks, because updating the keys in a software player is easy and one does not need to go to the same lenghts as with hardware players.

  7. Re:AACS == Barn - Horse on DVD Security Group Says It Has Fixed AACS Flaws · · Score: 1

    By tightening up the code so that it does not store the key in plaintext in RAM where it can be easily snooped? I'd expect somebody posting here to be able to work that part out for themselves.

    That is not to say that they actually did that, but it is certainly something they could do.

  8. Re:What about the lazy customer? on DVD Security Group Says It Has Fixed AACS Flaws · · Score: 1

    the new efforts to close AACS is just not a solution, just another workaround in a loosing battle

    It may be a "loosing" battle, but it's not a workaround, it's part of the plan from day one. AACS was designed to be resistant against leaked keys of all kinds, because the designers knew this was going to happen sooner or later, and the measures put into effect now are those that were put into place for dealing with this.

  9. Re:"Fixed Flaws"? on DVD Security Group Says It Has Fixed AACS Flaws · · Score: 2, Informative

    For the millionth time: AACS players have individual keys. You never need to revoke an entire line of players, because you can just revoke a single physical unit.

  10. Re:"Fixed Flaws"? on DVD Security Group Says It Has Fixed AACS Flaws · · Score: 1

    A slight correction.. Playing a new movie with a revoked key will disable the player the key was issued to. Playing a new movie in the compromised model player kills it. It will no longer play ANY movie until it is replaced or updated (software player).

    Would you like to point us to the part of the AACS specs that specify this functionality?

  11. Re:Prediction of next article's title on DVD Security Group Says It Has Fixed AACS Flaws · · Score: 1

    It's pretty safe to say that you know nothing about AACS nor the current hacks against it.

  12. Re:Serious Question on DVD Security Group Says It Has Fixed AACS Flaws · · Score: 1

    It means that they are changing the keys on future discs, and they will not play in an old player that does not have the new keys.

  13. Re:Give it time... on DVD Security Group Says It Has Fixed AACS Flaws · · Score: 1

    Except that AACS is actually significantly better than pretty much "every other DRM mechanism devised". That is not to say it has solved the un-solvable problem of making it possible to watch something while at the same time making it impossible, but it definitely stands a better chance than most and it will not go down easily.

  14. Re:or not on Hackers Offer Subscription, Support for Malware · · Score: 0, Flamebait

    Even better, don't give them write permission. Or read permission. Hell, don't give them a computer.

  15. Re:ARGH! on Solar Power-Cell Breakthrough · · Score: 0, Redundant

    Yes, Al Gore, there is a Global Warming, but it's not going to kill us today, and it's not going to kill us tomorrow, and it may start to make things uncomfortable in the coming decades but we're going to be a lot better equipped to deal with it then.

    How are we going to be better equipped with dealing with it then if we don't get off our asses and start working because "it's not going to kill use tomorrow" anyway?

  16. Re:Chimps are not people! on Should Chimps Have Human Rights? · · Score: 0, Flamebait

    sentient if you ask me (but don't ask me to define it)

    Here, let me do that for you:

    sentient
    adj.

          1. Having sense perception; conscious: "The living knew themselves just sentient puppets on God's stage" (T.E. Lawrence).
          2. Experiencing sensation or feeling.


    This includes pretty much all animals. So yes, you are right that they are sentient. You should also consider getting yourself a dictionary for that vocabulary problem. I hear they even have them on the internet these days.

  17. Re:Sigh. on X Prize For a 100-MPG Car · · Score: 0, Troll

    Slashdot "editors" do not "edit" submissions. This makes Slashdot "more real", according to CmdrTaco.

    http://slashdot.org/comments.pl?sid=174297&thresho ld=0&commentsort=0&mode=thread&pid=14502339#145024 84

  18. Re:Interesting on GTA IV Trailer Released, Slows Sites · · Score: 0, Troll

    "More stylized"? I don't think that word means what you think it does.

  19. Re:Colour me apathetic. on Inside The Search For Jim Gray · · Score: 5, Insightful

    Wow, you are a fucking psychopath. Congratulations.

  20. Re:Low Flying? on Inside The Search For Jim Gray · · Score: 0, Offtopic

    You have an 'average' DSLR that can take 1.6 million shots?

  21. Re:OOH, Kerning! on OpenOffice 2.2 Released · · Score: 0, Flamebait

    No, seriously. Bragging that you've implemented kerning in 2007 is... just plain pathetic. Makes you wonder what other basics of text rendering it doesn't support yet.

  22. Re:Yellow light? on MIT Shows How to Shut Down Brain With Light · · Score: 0, Flamebait

    I know the spectrum of sunlight very well, thank you. A spectrum is not the same as a colour. A colour is something that only exists as a subjectively preceived sensation.

    And the closest we can get to saying anything about the colour of sunlight is that we preceive it as white.

  23. Re:Nothing says you 3 your customers on The Elite's Sour Side · · Score: 0, Troll

    Nothing says "intelligent argument" like a laboured attempt at vulgar ASCII art.

    And then an verbal explanation of said ASCII art.

  24. What is this? on Intel Next-Gen CPU Has Memory Controller and GPU · · Score: -1, Offtopic

    Opinion Center: Intel?

  25. Re:Yellow light? on MIT Shows How to Shut Down Brain With Light · · Score: 2, Informative

    As far as it is possible to make any kind of statement about this, sunlight is white.