What is Digg?Sponsored by Travelzoo
Take Advantage of Ridiculously Low Holiday Airfares view!
travelzoo.com - Flights $52 and up for Thanksgiving, Christmas & New Year. But move on it now.
25 Comments
- sephiroth99, on 10/12/2007, -0/+25link to the doom9 post :
http://forum.doom9.org/showthread.php?t=122664 - marcosc, on 10/12/2007, -0/+16Don't mean to sound like a jerk or anything, but AACS didn't get "cracked" at all.. yet. Merely, the entire process has been compromised by a found key. The AACS encryption itself wasn't cracked in the way CSS was cracked before it.
However, here's to hoping that will happen soon :D - realyst, on 10/12/2007, -0/+12Not only an impression, but a truth.
If it can be viewed(accessed, read, etc...) it can be broken.
DRM is as pointless and fruitless as it is annoying. - ripzone, on 10/12/2007, -1/+12Is it just my impression, or do all "unbreakable" schemes get cracked when they go the public?
- Gerz1219, on 10/12/2007, -0/+6AACS has only suckered the MPAA out of a ton of money if you buy the industry's propaganda line that every pirated copy is a lost sale. Once these exploits become as widely known as DeCSS, the result might actually be to increase sales of HD-DVD/Blu-Ray. People might be more likely to buy into these formats if they can play them on their computer without throwing out a perfectly good video card and monitor. And that's to say nothing of the millions of HD early adopters that the MPAA is demanding buy new television sets for absolutely no reason other than DRM.
- politech, on 10/12/2007, -0/+6Strike Three! The HD-DVD/BluRay cracks when considered as a whole, seem to be much more than simply another DRM defeat. It shows that the AACS DRM intended for HD formats was so poorly engineered and flawed that it simply can’t be considered “copy protection” at all. Thus bringing into question whether AACS is even enforceable under the DMCA law. Especially the second crack where the code was resident in memory and thus "plainly visible" to being read.
I have to hand it to the AACS though, they actually suckered the movie moguls and the media industry out of a ton of money. - siliconentity, on 10/12/2007, -0/+6It's hard to find good descriptions of what this means, because the AACS scheme is very complex. It involves overlayed binary trees that cover billions of nodes. Each device has 253 device keys that correspond to nodes in the binary trees. As devices get revoked (because their keys are cracked) AACS can encrypt new movies to device keys associated with nodes that none of the revoked devices possess.
Actually AACS does not encrypt to device keys themselves, but to processing keys, which are defined as one-way functions of the device key.
The new discovery published the device key for one node. Previously the processing key for that one node had been found. So it does not advance things very much. There are approximately 80 billion device keys in the whole tree. We now know one of them. Only 79 billion, 999 million, 999 thousand, and 999 to go! - catalysis, on 10/12/2007, -1/+5AES is impossible to crack with todays computing power.
- Phil246, on 10/12/2007, -1/+5@catalysis, its far from impossible with todays computing power. It does however take a long long long time to do.
- astatine, on 10/12/2007, -0/+3Linus' Law:
"Given enough eyeballs, all bugs are shallow"
Corollary:
"DRM is no more than a deliberately-placed bug". - CompIsMyRx, on 10/12/2007, -0/+2Might be hard to get people to devote cycles to a password. However, creating rainbow tables for AES128 might get a few people.
- starquake, on 10/12/2007, -0/+2I think the chance that it will become as widely known as DeCSS is very big. I wonder if it's even worth it to create such a protection to stop the average user.
- Tucan, on 10/12/2007, -2/+4/me nominates Mongo2 for banning.
- lump1, on 10/12/2007, -0/+2Thank you for that information, but now I'm curious: How does WinDVD actually read those disks so it could display frames on the screen? Does it have all the 80 billion keys programmed into it? I doubt it! Since a software player can read these disks, why can't a cracked piece of software also read them, and pass the frames on to a re-encoder?
- garugaga, on 10/12/2007, -0/+2Why doesn't someone create a Folding@Home like program for cracking AES128? I know that I would do my part.
- worxman02, on 10/12/2007, -0/+2Shhhhhh.....Dude, dont tell the MPAA how to do their job properly!
- vancanucksfan, on 10/12/2007, -3/+4This "crack" is nothing to be excited about. AACS was not compromised. All these hackers did was sniff out some keys from memory then used these keys to decrypt the files. Any asm programmer that has a good grasp of the language could do this easily. (i'm not knocking down these hackers that sniffed the keys, just explaining how it was/could be done).
Anyways, this hole is very easy to plug and we will be back at square one. Use new keys in newer releases of these discs and use better copy protection for the players. Yea you might think even if they use new copy protection, the keys will be sniffed again, but there are some good methods that make it nearly impossible to crack. Not because the copy protection is so hardcore, but because it would take a really really long time to crack, and no one in their right mind would attempt to crack it. What's this copy protection I speak of? Code morphing. For every instruction that is supposed to be executed, this instruction is obfuscated by using hundred of other instructions that net the same end result. Good luck tracing through that. A concern may be that this would slow things down, but code morphing doesn't have to be used on every instruction, just the really sensitive ones.
....Just saying - JamesMorris, on 10/12/2007, -0/+1DRM keeps getting owned day by day, when will companies realise it's pointless. It's a total waste of EVERYBODY'S time.
- unixer, on 10/12/2007, -1/+2Yes because now we will all click on the link.
(BLOCK) - GMorgan, on 10/12/2007, -0/+1Perhaps this is a job for BOINC + BT. Imagine it, a tool that decodes and transfers films over massive distances.
- mrsteveman1, on 10/12/2007, -0/+1Thats a good idea but it would still take a long time for a totally unknown key, and im positive it would be highly illegal. Tt would also be fairly transparent as to who was participating.
- siliconentity, on 10/12/2007, -0/+1Basically, the rule is that if you know a node's device key, you can calculate the device key for any node below it in the tree. So if you knew the node device key at the top of one of the trees, you could calculate the device keys for any node in that tree. One device key can clue you in to a whole bunch of others.
In practice, DVD players are never told the top device key, but they will be told some keys relatively high up in the tree. Most of the time they will use one of those keys, calculate the keys for nodes below it, and finally get to a processing key that can be used to decrypt the movie.
However the one device key which has been found, and which this article is about, is at the bottom of the tree, so it does not lead to any other node device keys. So it is a very small part of the big picture. - mrsteveman1, on 10/12/2007, -0/+0It might be hard to bruteforce AES128, but, like the MPAA and friends, if you are stupid enough to use the same random seed for every key you generate for every disc you make, it should be obvious to anyone who understands math that you have a huge advantage at this point, and it doesn't take long to check every possible key after that.
Its almost impossible to give someone something encrypted, AND the key, and expect it to remain encrypted, but they are going to keep trying to push things right up to that edge, where it becomes almost impossible to get around DRM without breaking something. It should also be obvious that a system like this, when functioning correctly, is already broken for everything except use as a media playback device. - rumor, on 10/12/2007, -5/+2you're a bit behind, bt.
- inactive, on 10/12/2007, -17/+0post first edit later.
© Digg Inc. 2009
— Content created and posted by Digg users is