kamma Posted March 15, 2007 Posted March 15, 2007 http://www.theage.com.au/news/security/cra...3722475394.html March 15, 2007 LiveWire The system designed to protect next-generation DVDs from pirates has been cracked. Even the hackers are surprised at how easy it was, reports Bobbie Johnson. JUST a few weeks ago, Hollywood studio executives were all smiles at the annual Oscars ceremony. But behind the grins, champagne and glamorous gowns, they were contemplating the biggest blockbuster flop in history. This time it's not a movie, but studio technology that hasn't lived up to its billing. The systems intended to lock pirates out of the new generation of high-definition DVDs have been cracked. Both of the next-generation DVD formats - Sony's Blu-ray and Toshiba's HD DVD - use a protection mechanism called the Advanced Access Content System (AACS), a hugely complex and expensive beast aimed at rendering unauthorised copies useless. But what took countless dollars and years of work to create was undone in just a few weeks by a hacker who in effect unlocked every single Blu-ray and HD DVD disc now in circulation. "The developers spent billions, the hackers spent pennies," said Cory Doctorow, an opponent of digital rights management (DRM, also called copy protection) who blogs at BoingBoing.net. "For DRM to work it has to be airtight - there can't be a single mistake. It's like a balloon that pops with the first prick." The hacker, "Arnezami", posted a blow-by-blow account of the process on the Doom9 website, a famous haunt for crackers and pirates. It wasn't even a particularly complex attack; the only weapons used were an Xbox 360, a computer and a copy of King Kong. And instead of deciphering the complex cryptography that protects every high-definition movie, the hackers circumvented the entire process by discovering one of the crucial keys that unlocks the information. Watching the protection unravel was like watching a cat playing with a ball of string - and even those doing the work could hardly believe such luck. "Wow, I think I did it," Arnezami wrote. "It's pretty incredible that a carefully thought-of encryption system is now reduced to, at worst, a guessing game. Somebody should feel very ashamed." Over the years, the Hollywood machine has become as famous for its flops as its successes. Where films like Jaws once ruled the cinemas all summer, modern blockbusters are built for impact. Lavish multimillion-dollar productions may spend a week on top of the box-office charts before fading into history. The same seems to be true of DRM systems, which are costing more and more to develop despite being broken with increasing speed. In the late 1990s it took a Norwegian teenager, Jon Lech Johansen, months to crack DVD's Content Scrambling System (CSS) protection. These days that must seem like a luxury. "Blu-ray is incredibly well-designed," says Bruce Schneier, the chief technology officer of BT Counterpane and a respected security expert. "If they're smart, they'll have been expecting this and if they're lucky they'll be able to fix it - not with the DVDs that are already out there, but with ones coming in the future." At first some doubted Arnezami's claims, but it quickly became apparent that the processing key was able to unlock almost anything that came its way. Within days the system's creator, the AACS licensing authority, responded. "AACS has confirmed that an additional key has been published on public websites without authorisation. This is a variation of the previously reported attack on one or more players sold by AACS licensees," said a statement. "Although a different key was extracted, this represents no adverse impact on the ability of the AACS ecosystem to address the attack. All technical and legal measures applicable to the previously reported attack will be applicable against this attack as well." The language is measured, but reading between the lines reveals otherwise. Arnezami's revelation is treated dismissively, but is not refuted; in fact, it is only the "AACS ecosystem" that has survived. In other words, producers will be able to change the keys on forthcoming products to try to prevent this crack from being successful in the future. The effects have already rippled through the industry. Fox, one of the major backers of Blu-ray, has delayed a raft of high-definition movies it was preparing to release, presumably to recode them and tighten up procedures. In the meantime, customers are left waiting empty-handed while Hollywood carries on spending money on a system that failed to do its job properly. Even the assumption that AACS has a back-up plan is debatable, because nobody can be sure what measures are being taken. The AACS licensing authority was invited to take part in this article, but refused. Campaigners continue to argue about the rights and wrongs of digital rights mechanisms - but what good is any protection system if it fails? Meanwhile, as the studios look to restrict their official products even further, the Swedish anti-copyright group The Pirate Bay - identified by the US-based International Intellectual Property Alliance as one of the most dangerous groups in the world - is distributing BitTorrent versions of Oscar-nominated movies with impunity at oscartorrents.org. "The movie industry learned from the music industry's lesson - that you should never offer too perfect a product, so that you can sell your customers an improved version later," says John Buckman, whose online record label, Magnatune, does not use protection systems. "The appeal of BitTorrent files is not only that they're free - they are a better product than you can buy at any price." And free, too, of DRM. Experts say vested interests are at play and a whole industry of companies and experts is profiting from the false promise of a silver bullet for piracy. "It is an impossible problem, like making water not wet," Mr Schneier says. "These systems are supposed to be able to recover from breaks, but the cracks are going to get better. It's a never-ending arms race." The Guardian How the hackers did it BOTH Arnezami and another hacker, Muslix64, who managed a similar attack, realised that it is easier to bypass the protection system than try to decode it. A high-definition DVD includes a number of software "keys" to decrypt the content; there's also one built into the player. One of the keys identifies the movie. By watching the information streaming from the DVD itself, Arnezami was able to pick up one of those codes - and realised that the "unique" identifiers were actually based on simple information such as the title of the movie. A couple of steps later, Arnezami was able to spot another, more useful, key which helped circumvent the decryption process. Hackers are now building software that can exploit the hack and play any high-definition disc in any computer - which in turn will open the door to free copying. Fixing the crack will be expensive and awkward for the movie studios: future pressings of DVDs will need to use different, unbroken keys and it is likely they will have to randomise the codes on every future HD and Blu-ray DVD rather than use the same one for every copy of a movie.
AndrewW Posted March 15, 2007 Posted March 15, 2007 Good to see they finally noticed, they are only more than a month late ... Andrew. The hacker, "Arnezami", actually muslix64 was first the only weapons used were an Xbox 360, a computer and a copy of King. I thhink they mean xbox 360 hd dvd add-on
Skid_MacMarx Posted October 17, 2007 Posted October 17, 2007 We just received a parcel of SD DVDs from a relative visiting thailand.. the relative said they picked them up for $3 each.. all brand new... the PQ and SQ are of a high quality.. The Simpsons Movie was included in the batch... $3 for a movie that has not been released here as yet.. and when it does it will probably be $30 and very little , if any, difference in quality.... ......I noticed that the discs had "Region 3" on them but they played fine on my R4 DVD player. This makes one question how much we are ripped off by the major studios, and I question myself for outlaying $35 to $40 for HD discs. The joke is, we are the ones who pay full cost.. must put up with stupid anti piracy ads and must suffer the inconvenience of firmware upgrades.. when it appears, these measures have no effect on those who do profit....
ajm1503559545 Posted October 17, 2007 Posted October 17, 2007 The "pirates" do have the luxury of not having to pay anything to make the actual movie so covering costs for them is not a big issue but I agree, DVD pricing is still ridiculously high. The sweet spot is around $10 I reckon. Anything in that price bracket is an easy impulse buy. It's the price people seem willing to pay for dodgy knock offs at the Sunday market as well - so even knowing it will be an inferior isn't enough for people to resist the bargain price tag. Truth is the studios are too tight, too proud and too stubborn to compete with the pirates directly and would prefer that legit customers be burdened with their pointless efforts to defeat "pirates". A better product at the same (or near to) price could pretty much wipe out the copying trade in next to no time.
marcusd1503561159 Posted October 17, 2007 Posted October 17, 2007 We just received a parcel of SD DVDs from a relative visiting thailand.. the relative said they picked them up for $3 each.. all brand new... the PQ and SQ are of a high quality.. The Simpsons Movie was included in the batch... $3 for a movie that has not been released here as yet.. and when it does it will probably be $30 and very little , if any, difference in quality.......... I doubt very much that these are legit copies skid, looking forward to the day when we can pick up copy HD-DVD and Blu Ray in Thailand or Bali. Shouldn't be too far away. This is probably the only way Blu Ray owners will get to see Transformers.
Fouler Posted October 18, 2007 Posted October 18, 2007 This is probably the only way Blu Ray owners will get to see Transformers. ...or wait another 16 months for the paramount exclusivity deal to lapse.
Heiser202 Posted October 18, 2007 Posted October 18, 2007 Now both formats will kick off bigtime. Will be the same as the Playstation. It took off heaps when pirated games became available. I think its good. After all $49 for a Blu Ray or HD-DVD is stupid.
Talos Posted October 18, 2007 Posted October 18, 2007 ...or wait another 16 months for the paramount exclusivity deal to lapse. The paramount deal is for an indefinite time period not for 18 months... the 18 months things was ome blubot FUD... In the interview with the paramount CEO just after the deal was made he was quoted as saying it was an indefinite time length deal.
mwd Posted October 19, 2007 Posted October 19, 2007 The "pirates" do have the luxury of not having to pay anything to make the actual movie so covering costs for them is not a big issue but I agree, DVD pricing is still ridiculously high. The sweet spot is around $10 I reckon. Anything in that price bracket is an easy impulse buy. Agree with that 100% At $30.00 + a throw I think do I really need that ? No go buy a case of beer instead.
Fouler Posted October 20, 2007 Posted October 20, 2007 The paramount deal is for an indefinite time period not for 18 months... the 18 months things was ome blubot FUD... In the interview with the paramount CEO just after the deal was made he was quoted as saying it was an indefinite time length deal. Both CNN and NY Times reported it as 18 months. The two studios may have left themselves wiggle room, however. Paramount’s agreement to use only HD DVD is limited to only 18 months. And Paramount noted that no films directed by Steven Spielberg were included in the deal “as his films are not exclusive to either format.” Mr. Spielberg is a co-founder of DreamWorks SKG, a unit of Paramount. Source NY Times
AndrewW Posted October 20, 2007 Posted October 20, 2007 Both CNN and NY Times reported it as 18 months. Yeah, I'll take the word of two "unnamed sources" over the CEO of Paramount
Guest JimboTHX1138 Posted October 20, 2007 Posted October 20, 2007 Yeah, I'll take the word of two "unnamed sources" over the CEO of Paramount Actually NY Times say they were Viacom execs, Viacom owns Paramount. I think any reasonable person knows they recieved payment of some kind, what incentives were given and how much we will never know. As for the 18 months thing, I guess we'll find out in 18 months.
Fouler Posted October 20, 2007 Posted October 20, 2007 "Only because they feel this is the right product" did Paramount and DreamWorks Animation agree to back HD DVD exclusively, Fujii said. "This is a fact," he declared. Then that's two CEO's with one hand on heart and the other spooning apple pie from a bowl... Guess when the bowl is empty we'll know for sure.
mwd Posted October 20, 2007 Posted October 20, 2007 (edited) Is that Avatar a Rover Badge Fouler ? Biff Off Topic !!# Edited October 20, 2007 by mwd
Fouler Posted October 21, 2007 Posted October 21, 2007 Yeah it is - every time I look at it, reminds me not to get an unusual car again. Sold it a couple of months ago - nice - but lost a heap since they went bust. Back on topic - as far as I know its dvd player was format neutral - it couldn't play either
kamma Posted October 21, 2007 Author Posted October 21, 2007 Yeah it is - every time I look at it, reminds me not to get an unusual car again. Sold it a couple of months ago - nice - but lost a heap since they went bust.Back on topic - as far as I know its dvd player was format neutral - it couldn't play either i believe last remaining stock of 75's and mgzt's were sold under the hammer for low $20k's. all diagnostic and servicing tools were sold to some relatively small obscure service centre whos name escapes me right now good luck finding someone to fix the bastards or even diagnose a problem with them im frightened to think how much you lost on your rover
Fouler Posted October 21, 2007 Posted October 21, 2007 Yeah, I was at the auction, watching. Parts and repairs were available and quick, in Sydney anyway. But since everyone thought the parts were an issue - despite me giving copies to potential buyers of the letter from Caterpillar UK guaranteeing worlwide supply - it sent the resale value down. In a way it's a bit like superseded electronic equipment. How much for a Blu-ray profile 1.0 player once 1.1 and 2.0 players are readily available? (And to be even handed as this is the Blu side) the same will happen for HD-DVD players as better featured boot/load time models appear.
Recommended Posts