What is Digg?Sponsored by Bing
How Many Calories Are In Alcohol? view!
bing.com - Handy guidelines help you get your drink on and keep the weight off.
102 Comments
- MisurA, on 10/12/2007, -6/+69BlueRay huh?
- herrshuster, on 10/12/2007, -10/+60made by SQNY
- herrshuster, on 10/12/2007, -0/+50They should make an age limit on digg, so third-graders can't get on
- ScottMaximus1, on 10/12/2007, -8/+49im in ur diskz riiipin yo filez
- scabbers, on 10/12/2007, -0/+27Don't copy that floppy!
- skyhighrockets, on 10/12/2007, -3/+28http://www.woot.com/Images/sale/blog/signage-worstcorrection.jpg
- edzieba, on 10/12/2007, -6/+30Except for music CDs. "Oh, but that was a collaboration!" they cry, but so is Blu-Ray!
- bhavi, on 10/12/2007, -0/+20Link to the discussion topic :
http://forum.doom9.org/showthread.php?t=120869 - chris4404, on 10/12/2007, -0/+17Penalty on both accounts for misusing sex/tech analogies.
- puck, on 10/12/2007, -1/+17Great link! Best part (or worst part depending on how you look at it) is muslix64 gave a rather good explanation how he aquired the keys this time. Here's the post:
"Many people ask me more details about the known-plaintext attack. This is a very basic, but powerfull crypto attack that I have used to decrypt both format.
After reading posts of people trying to get the keys in memory, I realized, I have a different way of looking into the problem.
A lot of people try to attack the software, I'm attacking the data!
So I spent more time analysing the data, to look for patterns or something special to mount my known-plaintext attack. Because I know the keys are unprotected in memory, I can skip all the painfull process of code reversal.
I don't have any Blu-Ray equipment but I was able to recover the keys anyways... because I had access to a memory dump file and a media file.
To give you an example, let's take the Blu-Ray case.
First, I had to read the documentation about the media file format.
In the case of Blu-Ray, the media files are divided in blocks called "Aligned unit". Let's simply call them "Unit" for short. A Unit is a block of 6144 bytes. The first 16 bytes are unencrypted, and the rest are encrypted using AES in CBC mode.
A unit is composed of 32 blocks called "MPEG source packet". Each packet is 192 bytes long. The first 16 bytes of the first MPEG source packet of a Unit are decrypted.
Just to see the decrypted part of the packet, I have printed a few. Have a look:
D13BF428474000100000B0110000C100
D13C5DE84710111C6E3468D1861B8D1A
D13CC7A84710111CE3468D1861B8D1A3
D13D31684710111C1A346186E3468D18
D13D9B284710111C6186E3468D1861B8
D13E04E84710111C8D1861B8D1A34618
D13E6EA84710111CD1861B8D1A346186
D13ED8684710111C186E3468D1861B8D
D14D57924710111CFCC810FE80107F08
D14DC1524710111C1007647E401C002E
D14E2B124710111C8001880350400300
D14E94D24710111C007690DE581426A3
D14EFE924710111C80800E8081F9E081
D14F68524710111CA01300C007408C00
D14FD2124710111C005200B002E00D49
Do you see something special? Do you see any pattern?
The first byte is always D1 and the 5th byte is always 47. Can we use that to mount the known-plaintext attack? Of course!
Because we know we have multiple MPEG source packet inside a Unit, we know the decrypted version of the unit at position 192 will probably look like the sequences shown above.
In most cases, the know-plaintext attack is in fact a guessed-plaintext attack. We "assume" the data will look like something we "guessed" when decrypted. Most of the time, it works!
Knowing that, all you have to do, is to write a small program that scan a memory dump file, that comes from of a software player while it was playing the movie. The key is in that file, you have to locate it.
You just have to decrypt the first 2 MPEG source packets of the first unit until, you find a key that decrypt to something like:
D1??????47?????????????????????? at position 192.
That's it!
I also do something similar for the HD-DVD format.
Once you know the value and the position of the key in memory, you can do like people are doing here. Use "memory landmark" to locate the key.
Any questions?" - inactive, on 10/12/2007, -9/+24This is wonderful news. This means that we can now copy bluray discs until the media fails just like every other sony media has.
- pabster, on 10/12/2007, -2/+15Now the conspiracy theorists can STFU. It was hilarious to see people attacking muslix64 as some sort of "partisan hacker" for only working on HD DVD.
It was inevitable. Both formats use AACS and suffer from the same weak links in the chain.
I'll now wait for the Sony fanboys to chime in with "But what about BD+..." - scabbers, on 10/12/2007, -4/+16It's not spread open like DVD on her wedding night. It's more like Bluray gave some dude a quick handjob.
- sirloin, on 10/12/2007, -2/+14it is LEGO.. all caps..
- trogdor282, on 10/12/2007, -0/+12Riiight, just like how VHS destroyed the TV industry...
- _Caboose_, on 10/12/2007, -0/+12You really don't get it, do you?
With DRM, it's not going to be useful no matter how many times we buy the damn thing. DRM limits what we can do with the disk that we purchased. Not everyone is a pirate - some people just want to have more options with the media they've paid good money for (and in the case of Blu-ray, REALLY good money for). - xerox, on 10/12/2007, -4/+15i guess they didn't catch it was a joke about their being no such thing as "blueray" while there is "blu-ray" or "blu ray", i cant remember if its hyphenated normally.
- forgiste, on 10/12/2007, -0/+11@veegeeksk
your statement makes no logical sense. - shit, on 10/12/2007, -1/+10Moot point.
- davymac, on 10/12/2007, -0/+8From Muslix64:
This release is not for everyone! This is only for those who wants to experiment with early version of Blu-ray decryption.
Known limitations:
Don't support BD+
Don't support Volume unique key
Only support one CPS unit key per disc
I don't clear the HDMV_copy_control_descriptor in the stream
Don't have any FAQ or document so far...
You have to provide your own CPS unit key.
The playback seems to work with VideoLan
Because I don't have any Blu-ray equipment, I will need the help of the community to go further with Blu-ray decryption.
I have only test this with one video file...
Stay tuned!
Link:
http://www.sendspace.com/file/li9x37 - SuperSunny, on 10/12/2007, -0/+7Foolish Mortal Veegeeksk, people are not destroying the technology (bluray), people are destroying the protection inside the technology that doesn't let the technology be useful to the user!
- Otto, on 10/12/2007, -0/+7BD+ will not prevent people from extracting the AACS title keys on these players. However, it's possible for BD+ to be used to correct intentionally damaged or encrypted portions of the stream, so if somebody is extracting content directly, and not running the BD+ countermeasure in a VM, the stream they get will be corrupted. Since the BD+ code is actual code (either virtual machine code or potentially native code), and can be changed on a title by title basis, then future discs could require cracking on a title by title basis.
Either that, or a system will be developed to hide the stream ripper on the host machine, so that the BD+ code is executed for decryption but is unable to see outside its own little sandbox. This method seems more likely to me.
In any case, BD+ is one more reason not to get a BluRay drive or player software. The "Advanced Countermeasure" gives BluRay discs the ability to run native code during playback, by design. Forget AutoRun and rootkits, BluRay has rootkitting built right into the very specifications for it. - TechCF, on 10/12/2007, -1/+6Good thing these DRM systems get cracked. The world would be better without, and prices would be a lot lower without all the investments into copy protection
- REsplin, on 10/12/2007, -4/+9@NiGHTSChao
obviously, you're not a golfer - Beaver6813, on 10/12/2007, -2/+7What about it?
- hobbers, on 10/12/2007, -0/+5@ ExposeIT
Players should come down in price fairly quickly. Internal BlueRay drives (read/write) for computers are around $800 right now. Then you can back up any BlueRay disc you have. I think this is a great start.
And even with a healthy torrent, you can download 20 GB in less than 24 hours. Sure, that'll be a change from the current hour or two it takes for a normal DVD. But I recall a time (not too long ago, 6 or 7 years) when setting up a download from an ftp or other dump to run the whole night was no big deal. I think plenty of people will do HD DVD or BluRay via torrents. - Blazeix, on 10/12/2007, -1/+5Why is KibibyteBrain being dug down? He's right. DVD encryption was cracked very early on in its adoption, making DVD makers support a broken encryption scheme for every DVD made. Blu-Ray disks carry the method for encrypting on their disk, making it so you can change the method for encrypting the data if it gets cracked. This is called BD+.
- XTrek, on 10/12/2007, -3/+7You've got that right!
Now just look what MS did with Vista. It's a bloat-ware DRM platform for premium content providers that greedily want our money. All the engineering resources/money that was spent on Vista DRM should have been put into making the OS better.
I hate paying for DRM in the products I buy. The premium content providers should shoulder the cost 100%. - inactive, on 10/12/2007, -0/+4Sony loves you guys for defending their trademark. People will spell it however they want, and this "It's Blu-Ray Douche!" makes it easy to spot the retards supporting DRM.
- hobbers, on 10/12/2007, -1/+5I went the store yesterday and bought an eyePod. Greatest invention ever.
- BlackAdderIII, on 10/12/2007, -0/+3"""companies work hard in creating new technologies and we have other people trying to destroy them"""
Those poor companies. Let's have a whip round for them, and their orphaned children. - BlackAdderIII, on 10/12/2007, -0/+3I think you'll find that people who don't pay for the media, don't experience any effects of DRM.
Only people who pay for their media, have any reason to dislike DRM, because only people who pay for it, will be getting DRM - *OBVIOUSLY*.
Have you not thought about what you're saying at all? - rohanch, on 10/12/2007, -0/+3Well, in all seriousness, he's probably thinking about actually cracking AACS. Like he did with DeCSS for DVDs - we didn't have to enter any keys when decrypting with that. Johansen is (hopefully) thinking about a keyless decrypter that actually cracks the whole AACS algorithm instead of using stolen keys.
- S1ngular1ty1, on 10/12/2007, -0/+3You can't decrypt AES without an encryption key (if the info was encrypted with a long key like 128 bits which AACS uses). NO ONE HAS EVER DONE IT. Some 2 bit hacker will not do what thousands of mathematicians cannot do. By the way, AES is used for a lot of other things than copy protection on video discs. Governments use it to secure secret information, WPA uses it to secure wireless, etc, etc.
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
The only way anyone has ever gotten around this encryption is not by actually breaking the encryption but by figuring out ways to steal the decryption keys from poorly implemented software or hardware just like what was done to copy the HD DVDs and Blu-Ray discs. - SuperSunny, on 10/12/2007, -1/+4Bluray does NOT get destroyed whatsoever. The protection technology gets destroyed. This sparks up more job offers :P So companies can get more people to help protect. Bluray does not get destroyed. It's still bluray.
- Otto, on 10/12/2007, -0/+3Unfortunately, this only works as long as they keep the key in memory in an unencrypted form. If they were to simply XOR the key's bytes with some value, then change the decryption algorithm to XOR with the same value during the decryption process, then the key would no longer be visible in a memory dump. This wouldn't affect the speed of decryption at all, since XOR is fast as hell.
In other words, this is simply the fault of the player program not using obfuscation techniques. If that player is invalidated and an updated player issued, it would make this sort of attack one hell of a lot harder. Still, some enterprising hacker could reverse engineer the decryption algorithm and figure out the obfuscation method (which wouldn't necessarily be a simple XOR, of course), but it would take more effort than simply brute force searching of a memory dump using known-plaintext. - coldphoenix, on 10/12/2007, -0/+3Ahh yes, the tragic circle of corporate vs. the people.
- inactive, on 10/12/2007, -2/+5Yay for haxxorz
- hobbers, on 10/12/2007, -0/+3Actually, if you read the forums you'll see that they released a little program as a proof of concept. You can download it yourself and try it on your own BluRay disc.
- matx, on 10/12/2007, -0/+2cracking a technology that is suposably secure would be a good ego boost ;) and drm is bad.
- BlackAdderIII, on 10/12/2007, -0/+2"""That will never happen... ..No one has ever cracked it."""
I remember the same thing being said about DVDs - a LOT.
Luckily, DVD Jon gave our video purchases to us by just going ahead and doing it anyway. - theboohi, on 10/12/2007, -1/+3I'm in your internets over-using your catchphrases.
- skinrock, on 10/12/2007, -1/+3And what the hell did you just do?
- BlackAdderIII, on 10/12/2007, -0/+2...because illegal copies of videos are encrypted, aren't they?
If someone wants to decrypt their purchased media to watch it, what makes you decide they're a thief?
It's typical of corporate brainwashed scum to call people "thieves" without noticing that ONLY LEGITIMATELY PURCHASED MEDIA CARRIES THIS ENCRYPTION.
You're probably someone who thinks DeCSS or pymusique were for "thieves" too.
I can't express what I think about such profound idiocy without being obscene, to be honest. - BlackAdderIII, on 10/12/2007, -1/+3BlueRay or Blu-Ray, it's still better than HDD-VD.
- hobbers, on 10/12/2007, -0/+2@ Remmy
Good point. That just reminded me why condoms are called "protection". - BlackAdderIII, on 10/12/2007, -0/+2How many people would you say were laid off/evicted/murdered in their sleep by people recording films onto video from the TV?
What about cassette tapes? How many people (at a guess) had their homes repossessed because I taped music of the radio when I was a small kid?
Just a rough guess? - S1ngular1ty1, on 10/12/2007, -0/+1Microsoft Patent possibly (actually likely) aimed at trying to stop Blu-Ray and HDVD pirating.
http://digg.com/software/Microsoft_files_for_patent_to_battle_HD_DVD_decryption_methoids - barryq, on 10/12/2007, -0/+1What is BD+ ?
" Note that I don't address BD+. The file don't seem to be BD+ protected." - S1ngular1ty1, on 10/12/2007, -0/+1Actually, I knew how he did it before he published his method because that is the only way possible to break this kind of encryption. I knew he didn't crack the encryption because AES is world renown state of the art encryption that everybody and their brother has tried to break and have failed.
I knew about AES from other sources (Security Now Podcasts like 1 year ago) and I just linked to wikipedia so everyone can see how impossible it is to imagine that anyone will ever break AES outright.
Finally, another digg story shows a patent Microsoft had just applied for which outlines methods of handling encryption keys in computer memory so that they can't be stolen like this in the future. So when SP1 comes out no one will be able to do this hack any more, or it won't be as easy. Basically the patent says that the entire key will never be entirely in memory in the clear at once so you would have to piece the key together to do this hack. It would be much much harder or impossible to do. -
Show 51 - 100 of 102 discussions
© Digg Inc. 2009
— Content created and posted by Digg users is 