What is Digg?97 Comments
- Terc, on 10/12/2007, -2/+57Serenity Volume Unique Key: D075568AE6BB0B3F85446927B3794C28
KingKong Volume Unique Key: 802F78B1B20D1183638D84E1A96D6EDD
12 Monkeys Volume Unique Key: 2662C05B5238B0C50BD1BDF693223712 - BlackAdderIII, on 10/12/2007, -0/+47Encrypted content on discs is a big waste of time for all concerned - here's why:
1. Encrypted content only really affects legitimately obtained content that has been paid for, pirated content is not going to be re-encrypted so it's probably pointless.
2. Content encryption is never likely to stop people being able to pirate content and redestribute it, because with the content, comes the means to produce sound and images, which can be recorded.
3. Despite this, content encryption can affect how functional it is for people who have legitimately obtained it (see 1).
4. If someone makes a exact duplicate of encrypted content, it will still play anyway - although nobody's likely to do this (see 2).
5. Even if someone is a supposed "convenience pirate", the moment encryption, propietary interfaces and associated technologies are so effective that it's easier to just record the media as it plays back, we're back to where we were with tapes, the convenience copier will just do that. It's also practically impossible to mathematically bork the physical output in a way that will always work.
6. Encrypted content takes up the time, money, effort and resources of companies, users and the planet, all to no avail at all (see 1,2,3,4,5).
People who work out ways to access encrypted/protected content should do so without moral reproach imo, since the only content you will ever need to do that with, is legitimately obtained content. - hayhehes, on 10/12/2007, -1/+28For those just joining us.....
According to AACS specs there are 3 keys required to decrypt an HD-DVD (or blue-ray since they use the same encryption specs):
1) A device key (from the player)
2) A volume key (from the disc)
3) A number of title keys (from the disc)
It goes in that order as well. When you first put the disc in the player it uses its device key (#1) to obtain the volume key (#2). It then uses the volume key to decrypt any title key (#3) corresponding to the title that you want to play. A title is just a segment of video. The largest title is the movie itself. Other smaller titles include previews, logos, menus, and extras.
What has happened here is the doom9 community (inspired by muslix64's implementation of the public AACS specs to decode HD-discs if given the right keys) has exhaustively searched for any title keys or volume keys left in memory by insecure software players such as winDVD. It took some time but they eventually did uncover the proper memory addresses where these keys were stored.
Note that no one has actually cracked AACS, merely circumvented it, and only temporarily (see below). The cracking community still relies entirely on an insecure device key to do the heavy lifitng and decrypt the volume and title keys for them. AACS has prepared for situations like this.
The AACS will most likely revoke the device key of any insecure software player in the near future so that newly pressed movies do not allow those players (and their associated device keys) to perform the decryption. At that point everyone is back to square one, looking for another insecure player to exploit its device key.
Will there always be an insecure player + device key? Is non-trusted-computing always going to be vulnerable to memory searches such as this one? Will this be a continual cat&mouse game between the AACS, MPAA, and their opponents? Or will one side eventually gain the upper hand and prove to be the smarter contender. Only time will tell. - Bytor, on 10/12/2007, -1/+24What is absolutely hilarious, is the who completely screwed up chain of junk this crap was forcing anyone to get who wanted to play these movies legitimately. HDCP video card. HDCP monitors etc. All for the super secure system that was hacked in weeks of being released. So now, as usual all of this garbage will only inconvenience the standard consumer while the Pirate/Torrent community can play the movie anywhere on any equipment.
Pirate Nelson Says. HA, HA! Arrrrrrrrrrr!
720P compressed would be nice. I am not about to DL 20G. - EtherGnat, on 10/12/2007, -3/+22"I get dugg down for correcting the idiotic masses"
No, you got dugg-down for being an pre-tentious *****. - stian, on 10/12/2007, -0/+19Apollo 13 (USA) Volume Unique Key: 8BA9C422F93C9B4B4247814530B29C48
Superman Returns (USA) Volume Unique Key: EC2EC7F847F6D304B3C26F121CA578DA - omygroin, on 10/12/2007, -6/+24Wow, this is great, but I don't really know if this is good news or bad news for the HD-DVD camp. This could be another excuse for movie studios to just abandon HD-DVDs altogether and jump on the Blu-Ray bandwagon. Of course Blu-Ray will eventually get cracked, but the Hollywood Studios/MPAA are really paranoid, they might just ditch the HD-DVD format so they won't have to bother to deal with it being cracked/stolen. or they could see this as a blessing in disguise and a way to end this format war....
- mindless2, on 10/12/2007, -0/+13This was allready posted, but thats fine. The whole world has to know about this! This has been confirmed working, and I have played HD-DVD files on my pc with a non hdcp video card and without even having a HD-DVD drive!
And yes, The Serenity is almost 20gb. Not bad at all. - slider121, on 10/12/2007, -0/+13We all knew this was coming. Everyone expect Hollywood that is.
- mindless2, on 10/12/2007, -1/+12Yes, I am surprised this came so fast. Didn't DVD take a lot longer?
- jambarama, on 10/12/2007, -0/+9You know what is amazing to me? Last time Jon Lech Johansen (and friends) cracked CSS, they said it was for compatibility reasons. No licensed DVD player for Linux, so we circumvented the protection. That may or may not have been his real motivation, but regardless this defense worked in court (in Norway I believe).
Now the same thing will happen to AACS. No licensed player runs on Linux, someone will crack it, and use the defense "I did it for compatibility." In fact the DMCA explicitly allows reverse engineering for compatibility reason (though I doubt it'd hold up in a US court, a good defense is no match for **AA money). Why doesn't the MPAA just release a Linux/BSD player? I know there are thousands of OSes out there, but by hitting the big ones the MPAA could basically ensure that whoever breaks it pays some price in terms of a conviction (though I think this is bad). They just dont' learn.
I do think it is good for everyone for AACS to be broken. It will popularize the new HD formats with more early adopters, which will improve their prospects at being popular with normal people. If the the new formats become popular with normal people, most people will rebuy, again, the same movies in HD--good for the MPAA & constituents. Breaking the format is good for consumers--they can exercise fair use and unrestricted rights to phase and format shift. Incidentally it is also good for pirates : )
The new system isn't terribly secure anyway, it will be broken. Back in April a Princeton professor wrote about some of the insecurities associated with AACS: http://www.eff.org/deeplinks/archives/003513.php - mooninite, on 10/12/2007, -1/+10They CANNOT revoke VOLUME KEYS.
Good lord there is so much misinformation out there.
These keys CANNOT BE REVOKED! End of story. - sancho, on 10/12/2007, -0/+9Volume keys cannot be revoked under the standard. They are stored on the disc, and thus any drive (whether the /drive/ is revoked or not) will be able to run the backup program and extract the disc contents.
What's going to be difficult is when they start revoking the player keys and forcing WinDVD users to upgrade. Then no one will be able to extract new keys until they upgrade WinDVD and figure out how to grab the volume keys from the new player.
But for right now, assuming WinDVD doesn't auto-update, all HD-DVD discs currently on the market (and probably a good number of the ones in the pipeline, such as those that are already mastered and pressed, but not yet released) have effectively been compromised, because they have the current WinDVD key on them.
That's why this war is going to be hell. As long as there are software players on XP, the keys WILL be extractable, no matter how they're protected in the software. We'll see WinDVD start dying if it detects debuggers (kinda like copy protection on games die if they detect CD emulation software), evasion techniques in the debuggers, keys that aren't stored all at once in memory, and people disassembling and rethe binary itself to figure out the keys. Each time the key is discovered, there will be a revocation, an upgrade, and the whole cycle starts over. - dagamer34, on 10/12/2007, -0/+8Recalling discs? Are you crazy? So every time a player gets hacked, there will be a disc recall? I highly doubt it.
- inactive, on 10/12/2007, -0/+8If I was writing a fictional depiction of the Demise of HD-DVD movie (only available on Blu-ray) then yes, it would have gone something along those lines with Matt Damon and Brad Pitt playing the Blu-ray engineers. But, sadly the boring reality is that the HD-DVD specification had holes that were discovered and exploited.
- BlackAdderIII, on 10/12/2007, -1/+9Wow, they've *REALLY* spent some time and effort to stop us using their format.
We should comply with their wishes.
It turns out if you buy it, they want to cause you problems, but for those who just go and download it,
everything's going to be fine.
So many people have had to "illegally download" a CD they've just bought because they got sold a disc
that doesn't play.
I wonder if the HD-DVD procedure will be the same - after buying and fitting upgrades to support the new format,
you'll pay your cash to see the film you want to see, but end up having to download it using a p2p network to actually
watch it because the publisher hates people who pay them money.
They're such idiots with content protection - the more they marginalize everyone and treat legit consumers like shabby thieves, whilst the
content sharer doesn't suffer any of it, the more of a sucker you feel when you pay for media that doesn't do *****.
I'm getting pretty damned ***** sick of media companies doing their best to stop me buying and playing media from them, and pretty sick
of good developers having to expend valuable time just to keep the media playable. - jambarama, on 10/12/2007, -1/+8To give credit where it is due, the Princeton Professor was Ed Felton. Here are the details on why AACS will be broken:
http://www.freedom-to-tinker.com/?p=1006
http://www.freedom-to-tinker.com/?p=1005
http://www.freedom-to-tinker.com/?p=1007 - inkubux, on 10/12/2007, -0/+7great I saw a coupe of HD rips this morning on my tracker I was wondering why suddenly they released 4 HD movies in a row :D
- mooninite, on 10/12/2007, -2/+9@MkKorn
They CANNOT revoke VOLUME KEYS.
Good lord there is so much misinformation out there.
These keys CANNOT BE REVOKED! End of story. - Jugalator, on 10/12/2007, -0/+7Wow, I think would pay at least a few dollars to see the face of an MPAA exec having invested a lot of money in this now.
I bet the MPAA will try to ban these hashcode-like keys due to copyright infrigement now. :-p - Mirag3, on 10/12/2007, -0/+7the copies are just disk images, right? we cant transcode it to a space saving mp4?
- ScottMaximus1, on 10/12/2007, -7/+14You obviously haven't been on Digg for long
- STKD, on 10/12/2007, -1/+7That or declare the posters as terrorists. It's 50/50 either way right now.
- rohanch, on 10/12/2007, -0/+6Ahh, but DVD was actually cracked properly. As in, although DVD does use keys in a similar way, the whole algorithm was cracked and therefore stolen keys weren't needed for decryption.
Here on the other hand, HD DVD is just being decrypted "legally" - the same way the players decrypt before outputting to your screen - the only difference is that the keys used are stolen from software and instead of decrypting to screen, it decrypts to a file. - BlackAdderIII, on 10/12/2007, -1/+7"Yea but do you want everyone to be able to illegally copy disks or just those with the know how and programs to crack it."
You've got it exactly the wrong way around.
Anybody who wants to make "illegal copies", ie to financially profit from it, affect the copyright holder, or reduce the media's market value, is in no way affected by content encryption.
Any ordinary consumer who's bought it (and so has the encrypted content) who wants to make a copy to watch on their computer, or to put away safe somewhere, or for use on their DVD player, is making a perfectly legal copy - there's no reason any copyright holder should, or could, be interested in stopping them according to nearly all copyright law.
The person making an illegal copy, say for distribution or sharing, is not stopped by encryption, they will use the techniques you describe. The perfectly legitimate paying sutomer making the legal copy is prevented, and that's wrong. - ScottMaximus1, on 10/12/2007, -3/+9Your MPAA executive needs food badly!
- vagarach, on 10/12/2007, -0/+5Remember that even OSS like VLC uses that decss to playback dvds, so a 'deaacs' will be needed first :D.
- SoxFanNH, on 10/12/2007, -0/+5Awesome, knew it would happen eventually
- Escamillo, on 10/12/2007, -3/+8You are the reason that DRM exists.
Until your post, we could pretend that this hacking was done in the name of "fair use". But you immediatlely used it for piracy. - CaptRR, on 10/12/2007, -0/+5Perhaps I don't understand this all the way, but I was under the impression that HD-DVD keys can be retired almost at will, so while this hack may work for movies that have already been released it would not work for any future releases. Am I wrong on this?
- Escamillo, on 10/12/2007, -1/+6In other words, the doom guys were used as proxies in the format war, and were played. There actions will lead to HD-DVD's demise, which would defeat their purpose of hacking the format in the first place.
- sdbryan, on 10/12/2007, -1/+5Escamillo,
Do you really believe a 30 GB file on a P2P network is a factor of any economic significance? Anyone too cheap to spend $20 and instead is willing to tie up bandwidth for weeks is a market that just doesn't matter. I'm sure there will be many more copies shoplifted rather than downloaded and they will get the nice customized case and printed disc. But shoplifting is not going to doom the market either. I'm not going to pretend that every motive and intention is clear and obvious but this:
If it weren't for piracy, we could have total fair use, totally unencumbered.
is just a fairy tale. - marnaq, on 10/12/2007, -3/+7You are correct. PowerDVD will have it's device key revoked and future HDDVDs will not work in that player anymore. This will happen to all insecure players. So this hack is a rather temporary solution.
- Reap, on 10/12/2007, -2/+6Honestly, I CAN see both sides of the coin- the *IAAs do have to protect their lines of revenue, but it does completly screw over the consumer. I think the problem is that the *IAAs have the wrong idea about content protection- they shouldn't make it SO restrictive and SO draconian that they don't think anyone will be able to crack it- they should make it just bad enough that the really lazy people won't bother. As an analogy, think of CD keys for online games or the flag that makes it so the CD must be in the drive for single player games. Neither of these really hampers the legal consumer (the CD thing might be a BIT annoying, but in the whole scheme of things it really dosn't do anything). What it does do is keep joe schmoe from saying "Oh, you got Oblivion 2.0? Mind copying it for me with Nero?" which is the only guy you can really be sure of stopping from pirating.
- hexydes, on 10/12/2007, -2/+6Perhaps the movie industry should concentrate more on simply trying to get people to *use* the new HD formats, rather than using so many resources to attempt to stop the copying. At this point, most people still don't have HD-capable displays, and certainly not HD-capable players. If I were an executive in the movie industry, I would be much more interested in jumping that hurdle at the moment, than stopping a few people from copying movies.
- Wyzard, on 10/12/2007, -0/+4Once you have the volume key for a disc, there's nothing they can do about it. That key can be used to decrypt the contents of the disc directly, without needing a player to do it for you. (Yes, theoretically, you could recall all the discs and re-issue new ones encrypted with a different volume key, but good luck getting all the discs back. You'd have to convince every single person who's bought that disc to voluntarily mail it back to you. Not gonna happen.)
Revoking WinDVD's player key, though, would take effect in future discs that are released (*not* the ones that have already been released) and prevent WinDVD from getting volume keys from those newer discs. This would also prevent it from actually playing the newer discs at all.
Then, a new version of WinDVD would be released, which has a new player key that's not revoked, so it can play the new discs, and which has additional protective measures to prevent people from extracting volume keys from its memory. People start working on ways to get volume keys from this new version of the software, and the cycle begins again. - CosyCat, on 10/12/2007, -2/+5Thank you "muslix64"
- S1ngular1ty1, on 10/12/2007, -0/+3There is NO "fair use clause" for DRM protected material. You cannot legally make a copy of any material that is protected by DRM for any reason in the USA. In fact you cannot even explore ways to circumvent the DRM even if you don't copy the data. In fact it is illegal to even talk about ways to circumvent the copy protection (DRM).
I don't like DRM but I'm just letting you know that when people talk about the fair use clause, that only applies to data that isn't copy protected like CDs. - ironyinc, on 10/12/2007, -0/+3Well, you could burn it to a blu-ray disc...
- mindless2, on 10/12/2007, -1/+4But they cannot do anything about movies that have already been decrypted! And this will turn into one big game of cat and mouse.
And for future dvd's, it will still take a while, seeing as they have to work something out. And I am pretty sure that they used an older version of Power DVD, so the new version is already more secure. It will just take a little time.
For now, there are a bunch of HD-DVD's available to buy and crack. - kris33, on 10/12/2007, -0/+3It is totaly uncompressed and exactly same quality as the HD-DVD itself. As far as I know, there aren't any HD-DVD burners for pc our yet on a resonable price, but they will come. Right now, the only thng you can do, is to watch it on your pc.
- surfactant, on 10/12/2007, -0/+3Escamillo,
What if someone bought the *****-up DRM-infected HD copy of Serenity and wanted to play it on their non-HDCP compliant hardware (or software)? Maybe they don't have the know-how to find the keys themselves, but are able to pull down a decrypted copy using bittorrent. It's the ***** content providers who are acting as the true ass-pirates and sodomizing the average consumer at every turn.
And
"If it weren't for piracy, we could have total fair use, totally unencumbered."
is complete idiocy. You really think DRM is about piracy? You must be exceptionally gullible. - LurkerSteve2, on 10/12/2007, -1/+4Just keeping up with the cat and mouse game is what can kill HD-DVD. It's already annoying with the hoops they are making people jump through. If customers find their discs can no longer play, etc., they're going to give up on the format. Most people are not technical enough to understand the mechanics of copy protection, but they are going to notice that their movies won't play and will stop using the discs.
- HappyScrappy, on 10/12/2007, -0/+2Yes, you cannot revoke volume keys. Read the two posts you responded to.
If they revoke the player key for WinDVD, then new discs will not play on it, and people won't be able to break them using the techniques listed here.
That's why I said all the existing titles would remain broken, but not new ones. - Tippis, on 10/12/2007, -0/+2Also, DVDs weren't quite the "instant hit" HD DVD/BR is -- it took a couple of years before the format had gained enough wide-spread acceptance, and had enough content, to become interesting.
- Jugalator, on 10/12/2007, -1/+3Yes, and the more draconian DRM is, the gap (and problem) with pirates gaining very convenient usage while legitimate users don't grows wider. Exactly because of DRM, I think this could hurt HD-DVD sales even more than DVD is. At least people don't pirate DVD's out of skipping protections as much, since it's just about region coding. Now we'll have pirates on HD-DVD both because of the DRM *and* because of the price.
- FreydNot, on 10/12/2007, -0/+2The catch is that the MPAA can't tell which player has been compromised just by looking at the published volume keys. Right now its easy to guess that WinDVD or PowerDVD is the source of the problem, but what happens when someone pulls keys out of a set top box? They publish volume keys and keep their mouth shut about their methods. Then the MPAA doesn't know which player keys to revoke.
- IQ70, on 10/12/2007, -9/+11@billygreen
Not everyone is an idiot. :) - unreal32, on 10/12/2007, -0/+2@hayhehes: Excellent summary. I finally understand what's going on here. +1
- stevetures, on 10/12/2007, -0/+2Somehow this feels like the WWII Germans (don't say the 'E' word) battle of cryptography and cryptanalysis. Weaknesses tend to be found easily, but system is smart enough to change. Like the bombes and the daily cryptanalysis, and the different Enigma machines (more wheels).
Anyone even mildly interested in this should read "The Code Book" by Simon Singh. Its really interesting and an easy read. The only part that dragged was the rosetta stone part (though its related and academically interesting, skimming this section won't affect the other sections of this book) Here's a few links:
http://www.simonsingh.net/The_Code_Book.html
http://www.salon.com/books/review/1999/10/06/singh/
http://www.amazon.com/Code-Book-Science-Secrecy-Cryptography/dp/0385495323
(p.s. I am not Simon Singh hehehe) -
Show 51 - 95 of 95 discussions
Digg is coming to a city (and computer) near you! Check out all the details on our 
© Digg Inc. 2009
— Content created and posted by Digg users is