Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Building the AACS Next-Gen Copy Protection Scheme

michael posted more than 9 years ago | from the ties-that-bind dept.

Encryption 491

Anonymous Slashdotter writes "The IEEE Spectrum has a piece that discusses the proposed encryption scheme for the upcoming HD-DVD standard. 'The key to the spirit of compromise is an agreement that the AACS specification will allow consumers to move the data on an optical disc to the various devices they own, including video servers and portable video players, either directly or via a home network.' AACS will use a so-called strong key, the 128-bit Advanced Encryption Standard approved by the U.S. National Institute of Standards and Technology."

cancel ×

491 comments

One step forward... (-1, Troll)

Chuck Bucket (142633) | more than 9 years ago | (#11255712)

Really, how is this not dealing with the root issue? They take one step forward, then the opposition finds a way around it, and then end up two steps back. More open standards and how they relate to the DSS need to be considered, else the AACS will be the next DCMA.

CB

Re:One step forward... (3, Insightful)

Anonymous Coward | more than 9 years ago | (#11255861)

...else the AACS will be the next DCMA.

I don't think you have any idea what you're talking about...

Re:One step forward... (-1, Troll)

Chuck Bucket (142633) | more than 9 years ago | (#11255893)

Uh, I actually have a law degree, and am studying the effects of the release of the DSS code on more 'closed' format restrictions such as Apple's much aligned ACC format. While it's lossy, it's far from 'free *AND* open'.

I still wish OGG would have become the next MP3, but without hardware support it seems to be withering on the vine much as I hope WMA will...ah, but I digress.

CB

Re:One step forward... (0)

Anonymous Coward | more than 9 years ago | (#11255992)

Uh, I actually have a law degree...

Scary. Stick to your area of 'expertise' if you don't know the difference between a copyright act and an encryption scheme.

Re:One step forward... (-1, Flamebait)

Anonymous Coward | more than 9 years ago | (#11256057)

Psst! Hey clueless, YHBT!

HAND

Right, right... (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11256017)

Uh, I actually have a law degree[...]

Then I'm sure you should be aware of the difference between a specification and a piece of legislation (as the original AC was pointing out).

Re:One step forward... (0)

Anonymous Coward | more than 9 years ago | (#11256028)

Do not open the link in the sig. It automatically spawns many shitty pr0n windows...
It seems that mozilla popup blocker does not work for that link :(

Re:One step forward... (-1)

Chuck Bucket (142633) | more than 9 years ago | (#11256108)

I think you're confusing me with someone else, my accout was once hacked and someone changed my sig, but I've fixed it before. I dont' see it, what link do they have it pointing to?

I'll go change my password again, Is there another way they could be 'hacking' into my account?

CB

So compromised keys make for faulty hardware? (5, Insightful)

pegr (46683) | more than 9 years ago | (#11255717)

According to the article, a compromised key will be dropped so that device will no longer be able to decode new content. So the vendor has to explain to his customer why his product doesn't work anymore, likely through no fault of his own? Yeah, that'll fly...

Re:So compromised keys make for faulty hardware? (3, Funny)

grub (11606) | more than 9 years ago | (#11255747)


I was wondering how they industry would know what player it was that was compromised. Sounds like a bunch of suits have been sold some snake oil.

Re:So compromised keys make for faulty hardware? (1)

ad0gg (594412) | more than 9 years ago | (#11255804)

Each vendor gets their own key, same way it is done today with DVDs.

Re:So compromised keys make for faulty hardware? (3, Funny)

rincebrain (776480) | more than 9 years ago | (#11255844)

And just like DVDs today, all it takes is a decent amount of time and effort, and suddenly the keys you thought were secure are now being used to playback content under Linux.

Re:So compromised keys make for faulty hardware? (4, Insightful)

tomstdenis (446163) | more than 9 years ago | (#11255846)

sounds like?

First indication was the word [well acronym] "DRM". Just because it uses AES doesn't mean it's secure. It's very easy to use AES insecurely [hint: constant key in ECB mode...]

Likely another 17 yr old from some europe'like nation will break this and "deacss" tools will appear on the net.

Why don't the media producers focus on more talent and less "blockbuster stars".

Instead of paying one star 20 million for a picture why not pay 200 actors 100,000 for several movies? Duh cuz that would make sense...[well not for the self-centered power-tripping millionaire fake people].

Tom

Re:So compromised keys make for faulty hardware? (1)

Rich0 (548339) | more than 9 years ago | (#11255908)

That is easy enough. When somebody starts circulating the source code to the CSS-breaker they simply examine it and figure out what key they're using.

However, that still leaves a major problem. So, you know that the key was stolen from a Sony DVD player - do you now make every Sony DVD player useless for playing new movies? What would the cost of the resulting recalls be?

Re:So compromised keys make for faulty hardware? (5, Insightful)

silicon-pyro (217988) | more than 9 years ago | (#11255813)

Agreed. From TFA:
The basic idea in recovering from cracking is to make a compromised player key obsolete. Compromised players could continue to play old discs, but not new releases. And crackers would have to start all over again.

Consumers are really going to be interested in continuously buying new players or upgrading their current firmware to play new realeases because someone broke through their brand of player. Save for the fact that once someone breaks it once, it will just get easier to do it the second time.

I can see how this would solve the cracking problem entirely. Consumers have the money, thus, consumers have the power. The simple fact is, people won't buy a disc that won't play in their player -- At least I'm not about to new player to play their new disc every time this happens.

In case they think up some scheme that means I won't have to pay anything for the upgraded player: my time is as valuable to me as money, so I had also better not have to spend any of that on getting my machine to work again either.

Re:So compromised keys make for faulty hardware? (1)

ecki (115356) | more than 9 years ago | (#11256003)

...because someone broke through their brand of player

That's not how AACS works. The keys are unique per individual player, not per brand or model.

Re:So compromised keys make for faulty hardware? (3, Interesting)

Wesley Felter (138342) | more than 9 years ago | (#11256151)

But that doesn't make sense. How can the content key be encrypted with (e.g.) 100 million different player keys?

Re:So compromised keys make for faulty hardware? (4, Funny)

k12linux (627320) | more than 9 years ago | (#11256018)

Consumers are really going to be interested in continuously buying new players or upgrading their current firmware to play new realeases because someone broke through their brand of player.
This all seems like a set-up to me.
  1. Consumers buy scads of DVD equipment without knowing a compromized key will disable their player.
  2. Keys start to be cracked.
  3. Industry tells upset consumers that the reason they have to buy new equipment is evil cracker (not poor design/planning.)
  4. Consumers buy new equipment and demand that something be done to prevent this from happening again.
  5. MPAA and others get new super-DMCA laws passed.
  6. Attempting to watch a DVD on Linux is now punishable by death. (At least in Texas.)

Yeah, I can see how the consumer wins in that scenario.

Re:So compromised keys make for faulty hardware? (1)

Quixote (154172) | more than 9 years ago | (#11256180)

Ha ha ha... this is great!... for vendors!

Imagine this: Vendor sells a million players. Suddenly, (oopsie!) the key becomes "compromised". Now the customers have to buy new players, all over again!

Here's what I'd love to see: a no-name Chinese outfit makes 10MM players for, say, Sony; and then key gets "compromised" (wink wink). Suddenly, outfit gets an order for 10MM more! Yay!! Sure, the customers won't buy Sony again; but they'll probably buy some other brand, again made by one of these no-name outfits.

Welcome to a brave new world.

Heh... (5, Funny)

grub (11606) | more than 9 years ago | (#11255718)


I can see the ads in the theaters already. "I'm John Weiner and I design ciphers for the movie industry. Downloading movies hurts me."

Re:Heh... (2, Informative)

TheGavster (774657) | more than 9 years ago | (#11255784)

If he designs the ciphers, people cracking them is job security :) I don't think the guy with that job will ever design a good solution, even if it were possible.

Not that its really feasible to make an unbreakable encoding for movies. Allowing the user to have the player in their house is like giving the British an enigma machine encased in concrete during WW2; they can't immediately break your codes, but its not like they're going to refrain from cracking it out and using it.

U571 (0)

Anonymous Coward | more than 9 years ago | (#11255887)

Don't you mean the Americans? !!!!!

> :)

Ladies And Gentlemen... (2, Funny)

rincebrain (776480) | more than 9 years ago | (#11255734)

START YOUR CLUSTERS!

*makes sure his copies of john are all up to date*

Re:Ladies And Gentlemen... (1)

crow (16139) | more than 9 years ago | (#11255845)

Nope. I wouldn't expect this to be cracked using brute force.

More likely, someone will dissassemble a player and read the key out of an eprom. Most likely, once it's been done for one player, it will be relatively trivial to get a bunch of keys from different brands.

Personally, I won't be buying into this technology until I can play the discs with MythTV.

first post! (0)

Anonymous Coward | more than 9 years ago | (#11255742)

like the title says

Re:first post! (-1)

Chuck Bucket (142633) | more than 9 years ago | (#11255757)

Your fp has been copy protected, and thus, unuseable to you without proper authorization.

CB

Jail Time... Again (1)

nullman (68771) | more than 9 years ago | (#11255749)

So, who's going to go to jail for breaking this encryption scheme? Any takers?

so.. they want to protect copyright by (1)

the_2nd_coming (444906) | more than 9 years ago | (#11255755)

allowing customers to do what ever they like with the files as long as their devices can some how communicate with home base...

umm..................

May I ask a simple question? (2, Interesting)

onemorechip (816444) | more than 9 years ago | (#11255761)

Why is encryption necessary on a product that the user must be able to read in the first place?

What's next, encrypted books, newspapers, and magazines?

Re:May I ask a simple question? (1)

SMQ (241278) | more than 9 years ago | (#11255868)

Er, Adobe eBook/US DoJ vs. Elcomsoft, anyone?

Simple (4, Insightful)

paranode (671698) | more than 9 years ago | (#11255904)

It's not necessary, but the movie industry has the illusion that if they make it harder to copy then somehow they will sell more. Remember, in their fantasy world each illegal copy is retail price lost.

Re:May I ask a simple question? (0)

Anonymous Coward | more than 9 years ago | (#11255922)

Until replicator technology is available, you won't be able
to make an exact copy of that hardcover book in a few seconds.

Re:May I ask a simple question? (1)

YrWrstNtmr (564987) | more than 9 years ago | (#11255988)

What's next, encrypted books, newspapers, and magazines?

Actually, they really want to move on to the next step, encrypting your ears and eyeballs. After that, the brain.

Re:May I ask a simple question? (2, Interesting)

tepples (727027) | more than 9 years ago | (#11256144)

What's next, encrypted books, newspapers, and magazines?

Stallman seemed to think so, eight years ago [gnu.org] .

Distribution control (5, Insightful)

Space cowboy (13680) | more than 9 years ago | (#11255762)

The main flaw I can see in this is that as soon as it has been 'cracked' (which could be as simple as re-digitising the stream being sent to the video device), it can be reformatted into an MPEG2 / H264 stream and put onto BitTorrent. The simple fact is that it only needs to be broken *once*, and *everyone* can get it.

The movie business is going to hit the same wall as the audio business did, and the solution the audio business came up with (well, more accurately, were forced into) was to make the downloading of songs relatively cheap (under $1). As soon as it's not worth it to go through the hassle of copying the data, it is once again a viable product. At the moment, the movies are not viable products...

Simon.

Re:Distribution control (1)

Blue-Footed Boobie (799209) | more than 9 years ago | (#11255839)

I honestly don't understand why anyones pirates movies. There is no issue, with price or distribution as I see it, at this point.

I can get NEW releases at Walmart or Target for $14.99, and other month(s) old releases for $9.99. I see that as more than fair, and see no reason to pirate a movie.

As for theaters, I am just very selective about which movies get my hard-earned dollar in a theater.

Re:Distribution control (1)

Roland Piquepaille (780675) | more than 9 years ago | (#11255966)

I can get NEW releases at Walmart or Target for $14.99, and other month(s) old releases for $9.99. I see that as more than fair, and see no reason to pirate a movie.

You're right, and you're wrong: Yes, movies (and even music these days) are cheap enough that it's not necessarily that financially interesting to get free rips. But the real added value of downloading them is that you can search and obtain what you want fast, easily, in the comfort of your home, without having to go to Walmart, physically peruse the shelf, and then wait in line to pay the stuff and come back home. Not to mention, the internet is open 24/7.

The music industry seems to have gotten that part. They offer music online too now. Once they understand the format has to be unencumbered, maybe their online sales will really take off...

Re:Distribution control (2, Insightful)

Sexy Bern (596779) | more than 9 years ago | (#11256013)

I assume you're in the US, but many, many of us aren't.

You have the luxury of (usually) having the first cinema screenings of films and the first releases to DVD. You also don't get the shitty $1 = £1 currency conversion that the media companies think is perfectly acceptable.

I personally don't think I'm getting value for money (£30) every time I take my wife and three kids to a cinema filled with chavs and twats that don't know where the "off" button is on their mobile phone.

It's not just about cost, but certainly outside the US the cost of films (either at the cinema or DVD purchase) is extortionate.

So I vote with my feet. I rarely go to the cinema and I wait until it comes out on rental. Three days' rental for £3.50 without said chavs is a bargain!

Re:Distribution control (1)

Tony Hoyle (11698) | more than 9 years ago | (#11256123)

Has anyone noticed it's got worse lately?

At one time, people were usually quiet while the film was playing. Now it sounds like a childrens playgroup all the way through the film.

The cinema is now usually half empty... probably not a coincidence.

If I want to see a film I'll download it just to avoid that, then buy the DVD later (usually 6 months after it's been on at the cinema).

Re:Distribution control (0)

Anonymous Coward | more than 9 years ago | (#11256022)

UK new release:

£19.99

=> £19.99*1.813 = $36.24 at UK prices

US new release:

$14.99

=> $14.99/1.813 = £8.24 at US prices

Wooooooo!!!!!!!!!

We pay about £11($21) more than you do.

Especially considering (3, Funny)

melted (227442) | more than 9 years ago | (#11255889)

that re-digitized HDTV stream will have better quality than direct rip from a DVD.

Re:Especially considering (2, Informative)

rokzy (687636) | more than 9 years ago | (#11256039)

> that re-digitized HDTV stream will have better quality than direct rip from a DVD.

how?

on this website we obey the laws of thermodynamics!

Re:Especially considering (1)

MindStalker (22827) | more than 9 years ago | (#11256141)

Because DVD is actually fairly low quality as things go, non HDTV cable broadcast are infact higher quality than DVDs by a small margin. HDTV broadcast are by definition hugly higher quality.
Whats always confused me is that one channel that has the "DVD-on-TV" specials, why the hell would I want you to lower the quality of your broadcast to DVD quality?? I don't get it.

Re:Distribution control (0)

Anonymous Coward | more than 9 years ago | (#11255995)

So, you think $1/song is "relatively cheap"? I think the xxAA's of the world have pulled one over on you, as another poster has pointed out about movies - namely, the cost of just buying the damn CD/DVD! On CD's w/10-15 songs, the cost comes out about the same either way.

Although, to be fair, you still run into the whole quality issue - most CD's nowadays are 90% filler, IMHO - the $1/song model does allow you to save, in the long run.

Re:Distribution control (1)

Muttonhead (109583) | more than 9 years ago | (#11256132)

You've just described a market economy controlled by the forces of supply and demand. The music and movie industries don't want to be controlled by these forces. They want these artificial constructs so they can keep prices high.

How is this gonna stop large scale piracy? (3, Interesting)

slakdrgn (531347) | more than 9 years ago | (#11255765)

I'm cerious on how (mabey I don't understand how they are made from the get-go) this is going to stop large scale counterfitting, those with access to machines that make perfect dupilcate copies, bit by bit, groove by groove, notch by notch. I can see how this will effect personal piracy, even mom-pop dvd rental places and possiable internet, but I thought counterfit was still a rather huge loss.


Mabey I'm wrong?

Re:How is this gonna stop large scale piracy? (-1, Troll)

Anonymous Coward | more than 9 years ago | (#11255807)

Mabey I'm wrong?

Dear God, man. How can we tell? Your drool-soaked paragraph is laden with spelling mistakes and grammatical issues!

Re:How is this gonna stop large scale piracy? (4, Insightful)

Ironsides (739422) | more than 9 years ago | (#11255825)

I'm cerious on how (mabey I don't understand how they are made from the get-go) this is going to stop large scale counterfitting, those with access to machines that make perfect dupilcate copies, bit by bit, groove by groove, notch by notch.

It won't. There is nothing you can do to stop a copy like that unless they figure out how to put data on the disk in an area that can't be burned to (say like the disks serial number or information type on a CDR/RW or DVDR/RW). Even then, the proffesional piraters will probably still figure out a way since they use the EXACT SAME EQUIPMENT that hollywood uses to make their own disks.

Re:How is this gonna stop large scale piracy? (0)

Anonymous Coward | more than 9 years ago | (#11255860)

thought counterfit was still a rather huge loss.

It is, but the problem is most of the large-scale counterfeiting goes on outside of the country. So while China gets $2 copies of the Matrix days after (or before) the US release, not a whole lot of those $2 copies make it to the US where American companies bother to care.

The interesting part of that is that you can't throw a rock on the internet without hitting a site selling chinese/hk bootlegs (yay chinese subtitles!) of anime, but not a single one of those stores would sell you a region-free copy of the matrix with chinese subs.

Re:How is this gonna stop large scale piracy? (1)

Anita Coney (648748) | more than 9 years ago | (#11255917)

It doesn't stop large scale counterfeiting and it is not intended to do so.

Think about it. Does Microsoft's Product Activation stop real counterfeiting? Nope, Asia is filled with nearly free copies of Windows XP.

Does the music industry's attempts to stop CD ripping stop files from showing up on P2P? Nope. The Velvet Underground's CD had DRM, but it was widely available on all P2P applications weeks before the CD was even released.

Does CSS stop bootleg movies from being sold? Nope, once again, cites are filled with places where you can buy bootleg DVDs.

So, you're probably thinking, what's the point of DRM? I see two possibilities:

The first one is that those in charge of content companies simply do not understand DRM. These corporate suits hold on to the irrational belief that one day a perfect encryption system will be developed which will make all piracy disappear. That's probably what their engineers are telling them, because those engineers want to keep their jobs coming up with new DRM systems every couple years.

The other possibility is that the content industries simply want to stop as much copying as possible. They probably know that pirating will exist no matter what, but for every copy they stop which leads to a sale, they make a little money.

I don't know which one is right, but I do know for a fact that DRM only pisses off those users who actually bothered to pay. Pirates aren't pissed off by it, at best it gives them a challenge and makes it harder to become a pirate. The fewer the pirates, the bigger the pie for each pirate.

Everyone re-encodes anyways. (2, Insightful)

Anonymous Coward | more than 9 years ago | (#11255768)

So all it takes is a DirectShow filter, frame capture to re-encoding program... what, it'll protect content for all of a week. Maybe?

Bah (3, Funny)

The Cisco Kid (31490) | more than 9 years ago | (#11255780)

Unless I can extract the content to a non-encrypted format that I can play using non-proprietary software on stock hardware, it can go to hell.

Re:Bah (3, Interesting)

Geoff-with-a-G (762688) | more than 9 years ago | (#11256067)

And unless you're willing to pay them what they're asking for the product that they're selling, YOU can go to hell (as far as they're concerned).

If it comes down to MPAA vs. [the set of people who are unwilling to use closed, propreitary DRM systems], MPAA is gonna win.

They can live without the 3% of their market that's made up of hardcore nerds, but the nerds probably won't live without the 25% or more of their entertainment that comes from mainstream media distributors.

I want the same thing you want, but if you think you can just write them off, you're sadly mistaken.

Pardon Me (0)

Anonymous Coward | more than 9 years ago | (#11255793)

...but that's GNU-plus-AACS.

Thanks for your cooperation.

Feature? (4, Funny)

jacobcaz (91509) | more than 9 years ago | (#11255795)

Isn't not being able to copy "Who's Your Daddy?" multiple times a feature and not a bug?

Copy protection my butt (5, Interesting)

Roland Piquepaille (780675) | more than 9 years ago | (#11255801)

The only thing they can hope to achieve is to make it harder to copy originals.

What I mean is, the problem isn't preventing people from copying a Blockbuster DVD, it's more a problem of preventing one guy, dedicated enough, from making a unencrypted copy and posting it on P2P. Once that's done, the cat's out of the bag and the copy-protection scheme will just annoy legit users. All the others will download the free copy.

So, what will happen is, when Joe Pirate wants to make a copy, instead of just sticking the disk in the drive and wait, he'll make himself some setup to capture the video from the DVD player and he'll re-encode the video. Added cost: a capture card and a cable. Period. And once the captured video is on the net, the game's over. And I'm ready to wager there's an awful lot of people out there who hate the *AAs enough to take the (small) trouble of doing exactly that, just to shaft them.

Re:Copy protection my butt (1)

Se7enLC (714730) | more than 9 years ago | (#11255885)

It's the same thing with trying to copy-protect cds and other digital music. The bottom line is, if you can hear it, you can have a copy of it. Period.

They can do all the encryption they want, but if I REALLY want an mp3 of it, I'll just loop a cable from the headphone out into the aux input and record. And there's nothing they can do to prevent it.

Re:Copy protection my butt (1)

afd8856 (700296) | more than 9 years ago | (#11256113)

You forget macrovision. The capture card will, for sure, scramble the content if it's comming with a macrovision signal (and all consumer VCRs and DVD players have). Better put your money on some kind of screen capture software, but those are slower and need more computing power.

Re:Copy protection my butt (2, Informative)

Chirs (87576) | more than 9 years ago | (#11256200)

It's actually pretty easy to remove macrovision. You can buy black boxes to do it pretty easily.

Copying your butt (2, Funny)

AtariAmarok (451306) | more than 9 years ago | (#11255953)

Is this device [thetoque.net] compatible with DRM?

It could also work against copyright owners (1)

tallbill (819601) | more than 9 years ago | (#11255958)

OR there might be a totally oposite effect: The pirated material could be encrypted and the keys only given to trusted people. Thus only the one who is involved in the illegal activity will be able to view the video or even know what it is. And if they all keep their mouths shut they could never be prosecuted because there would be no way to know what the material is, if it is copyrighted or in the public domain or what. It might be stolen, and the holders would never be able to know what it is.

Realistically, this can't work. (4, Insightful)

rincebrain (776480) | more than 9 years ago | (#11255802)

I don't care how secure the encryption is, as everyone has already said, all it takes is a "legal" DVD player outputting a high quality signal into a capture card, and you have a decrypted copy.

I doubt that the industry is foolish enough to force consumers to upgrade their televisions to support some form of signal encryption, therefore this must fail.

Re:Realistically, this can't work. (1)

Roland Piquepaille (780675) | more than 9 years ago | (#11255863)

I doubt that the industry is foolish enough to force consumers to upgrade their televisions to support some form of signal encryption,

So what if they do? someone's bound to video-tape the TV screen. The copy will be shitty, but that's never prevented people from downloading shitty copies to get movies before everybody else, and/or for free. Just look at the number of bad rips of Fahrenheit 9/11 that went out when the movie was released...

Re:Realistically, this can't work. (1)

rincebrain (776480) | more than 9 years ago | (#11255906)

Indeed.

I'm just arguing for high quality encodes, because there is absolutely no way of preventing low quality encodes. The cat is, as has been said, out of the bag; we all have VCRs, and camcorders.

Re:Realistically, this can't work. (1)

mikeee (137160) | more than 9 years ago | (#11255970)

I wonder if it has to be low-quality. I'm sure it's possible to merge either multiple low-resolution captures zoomed on different regions of the screen, or just to average multiple low-resolution captures to get closer to a high-resolution image.

How hard would that be, really? And it only has to be done once, unless they can kill the P2P networks, also...

Re:Realistically, this can't work. (2, Insightful)

Wesley Felter (138342) | more than 9 years ago | (#11256202)

I don't care how secure the encryption is, as everyone has already said, all it takes is a "legal" DVD player outputting a high quality signal into a capture card, and you have a decrypted copy.

And where can you buy an analog HD component capture card?

I doubt that the industry is foolish enough to force consumers to upgrade their televisions to support some form of signal encryption

They did; it's called HDCP. If your HDTV doesn't support HDCP, you'll only get an analog signal.

Same old, same old. (4, Insightful)

sqlrob (173498) | more than 9 years ago | (#11255815)

This has the same flaws as all of them.

The authorized user and the attacker are one and the same. You can't protect against that, not with cryptography.

Re:Same old, same old. (1)

Rich0 (548339) | more than 9 years ago | (#11255944)

True enough - ultimately the player has to possess the key, and a hacker will be able to obtain it. When that happens they'll have to revoke that key - which will almost certainly impact more than just a single player.

How many keys to they plan on issuing? Unless they plan on having an individual key for every individual player, they'll be in trouble when a key gets out. If they want a billion keys out there, then they'll need about a gigabyte of disk space just to store the session keys for each disk...

Re:Same old, same old. (1)

sqlrob (173498) | more than 9 years ago | (#11256136)

You're off by more than an order of magnitude. A billion keys would be 16 GB (128 bits = 16 Bytes)

Maintaining a list that size across all the vendors would be a logistical nightmare.

And if it's one key per player model/production run, I can see crackers putting a DOS on particular models just for the heck of it or for blackmail.

Encryption? (1)

YrWrstNtmr (564987) | more than 9 years ago | (#11255819)

If it's encrypted, how is my WhatEver player supposed to know how to decrypt it?

And if it doesn't have to decrypt on its own, once I move it out of the encrypted realm, I can move it anywhere. P2P, torrent, whatever.

Or will this trigger a new round of hardware buying. Only an approved, decryption capable, iPod can be used...

FTA, this appears to be true.
"The basic idea in recovering from cracking is to make a compromised player key obsolete. Compromised players could continue to play old discs, but not new releases. And crackers would have to start all over again."
"there are actually two keys--one is on the disc itself, but it doesn't work until it is decoded by a second key installed in each player."

Making everyone's new players obsolete? HA!

Let's all remind DVD Jon how cool he is! (0, Funny)

Anonymous Coward | more than 9 years ago | (#11255833)

With positive reinforcement from /. he'll have this thing broken in a week.

Another copy protection? (1)

jskline (301574) | more than 9 years ago | (#11255836)

Sorry.

It'll never ever fly. Simply put the motion picture industry wants total and complete control over everything. They don't even want you copying this. How do they expect this to be accepted??? Word has it that even the old Beta vs MCA thing is about to come up again in a strong lobby attempt to kill the idea of consumers having access to recording equipment. Part of me wonders how true is that, but on the other hand, they're not much different then the way Mr Gates, and Mr. Balmer have acted either.

Such effort to prevent such an easy workaround... (4, Insightful)

StevenMaurer (115071) | more than 9 years ago | (#11255876)

Honestly - I work in the industry, and I'm still amazed at the lengths content providers will go to to try to prevent a single D-to-A, A-to-D conversion.

Apparently they just don't get that people - who seem willing to buy cheap videos recorded on consumer cameras in movie theaters - are going to be completely unable to see the difference in a re-recorded playback of what they see on T.V.

Folks - if you're too stupid to realize the network effect will swamp the casual copyright infringement, do something simple: don't release it. That's your only option.

Re:Such effort to prevent such an easy workaround. (1)

pjrc (134994) | more than 9 years ago | (#11256068)

Honestly - I work in the industry, and I'm still amazed at the lengths content providers will go to to try to prevent a single D-to-A, A-to-D conversion.

And exactly what length is that?

Last I heard, the royalty for macrovision is about 5 cents per disc.

It was news (here on slashdot some time ago) when the 2nd Happry Potter disc was released without macrovision enabled (just a single flag on the disc) to save the royalty cost. Many, many millions of copies sold within the opening days. That was the exception.

Just keep the "lengths the content providers [are] will to go" into perspective. It's several pennies per disc that retails for about $25 (US), and sometimes discounts to about half that.

Those pennies add up quickly, and there are plenty of folks who'd love to "tap that market" by offering DRM to the content providers. But ultimately, it's all about money. Studio execs aren't sitting around thinking about crypto. It's just a product they buy.

Re:Such effort to prevent such an easy workaround. (2, Interesting)

micromoog (206608) | more than 9 years ago | (#11256089)

Indeed. This will just accomplish nothing to solve their problem, and will just create more problems similar to mine:

I can't play discs 3 and 4 (the appendices) of the Two Towers Extended Release on my standards-compliant Zenith DVD player, because of a botched copy-protection attempt by the manufacturer.

If this problem keeps getting worse, the number of movies I buy will continue its asymtotic approach of zero.

What I want to know is (2, Funny)

Lurker McLurker (730170) | more than 9 years ago | (#11255879)

Will this work on linux or will we have to rely on a HD-DVD Jon?

And If I don't want copy protection for my content (1)

tallbill (819601) | more than 9 years ago | (#11255882)

I think that a lot of people do not want to have to have keys to look at their own content. And they would like to share their material with others freely.
The problem that I see with the model of requireing a key to view saved video or audio is that if I don't want to use a key for what I do, then I shouldn't have to use it.

The Entertainment Industry assumes that all uses of recorders is for stealing copyrighted material. But that simply is not the case.

They assume we are all guilty, no innocence allowed.

They want everyone to always have to do a 'mother may I' when ever they want to watch or listen to content that they produced themselves.

What are the long term effects of this? Eventually all content might be unviewable or unlistenable. It will be like those Incan knotted ropes. We will have the physical device but be unable to ever know what it means.

Stealing using recorders ??? (4, Funny)

AtariAmarok (451306) | more than 9 years ago | (#11255920)

"The Entertainment Industry assumes that all uses of recorders is for stealing copyrighted material. But that simply is not the case"

Correct. It is technically impossible to steal a thing using a recorder, unless you do something really odd like club a victim witha VCR during a mugging, or heave a reel-to-reel unit through a jewelry store window in order to break in and burglarize it.

This is a social issue (3, Insightful)

grasshoppa (657393) | more than 9 years ago | (#11255898)

Copy right violations and the like are a social problem, and are going to be solved with a social solution.

We can throw all the technology and litigation we want at the problem, but it won't be solved until we come up with a social solution.

Re:This is a social issue (2, Insightful)

HarveyBirdman (627248) | more than 9 years ago | (#11256154)

Copy right violations and the like are a social problem...

And therefore insolvable.

Does the scheme include (1)

afstanton (822402) | more than 9 years ago | (#11255901)

a way to re-enable keys? If so, then the meta-encryption is what will get cracked, not individual keys. Actually, that will happen anyway - if these things are networked, just wait for something that disables mass blocks of keys all at once as an attack against a given hardware manufacturer. That or someone will pass out free HD-DVD's that disable competitor's machinery completely.

A question for the crypto-experts (4, Interesting)

P-Nuts (592605) | more than 9 years ago | (#11255913)

So the proposal seems to be, content on DVD is encrypted with AES, using some random key. The key is stored on the DVD, but encrypted against another key, which is part of the player. How do you distribute this key inside players, without people being able to dig it out? Is it by putting it in a hardware-only form, like the chip on a smart-card? How easy is it to hide such a key in compiled software?

Re:A question for the crypto-experts (0)

Anonymous Coward | more than 9 years ago | (#11256187)

It's not hard, it's impossible.

Analog Hole Anyone? (1)

ewanrg (446949) | more than 9 years ago | (#11255921)

Let's see all the ways you can get around this without worrying about cracking the encryption:

1) Video recording off a flat-screen TV. Right refresh rate and proper camera setup make this one darn near impossible to defeat as long as the camera is going to work in any reasonable setting.

2) Grab it off the RCA leads that are likely to be attached to the player to allow it to still talk to the large number of TVs and other A/V equipment that is out there.

3) Develop a player that doesn't "honor" the blocking flag (when moving from the source to a mobile player) and rip directly.

How is it that the industry still doesn't "get" it? Copy protection is at best a road bump, and in most cases only prevents the users who are least likely to share from doing so.

Are we still going to be having this debate in 20 years? I certainly hope not...

---

Home Media Manifesto [blogspot.com]

What if... (1)

erykjj (213892) | more than 9 years ago | (#11255946)

What if you have a device that can play it "legally", but at the same time stream it out to another device that records it without the encryption (a la DVD to VCR copying)?

Re:What if... (1)

martok (7123) | more than 9 years ago | (#11256128)

I'm not sure if I'm missing something here but
the various copying methods suggested, cameras,
using rca leads etc would certainly reduce the
quality of HD-dvd. The whole move from DVD to HD
is for quality reasons anyway so analogue copying
would not be ideal. If the pirates wanted to do
that, they can just rip the VHS tape and be done
with it.

Last paragraph sums it up well (1)

arvindn (542080) | more than 9 years ago | (#11255993)

"It is not a matter of if--it is a matter of when. As long as I have the technology in my living room to watch it for myself, I can modify the system to extract the video. They can make it hard, but they can't make it impossible.

"They are living in a fantasy world," he concludes.

Nice article (3, Insightful)

Xcott Craver (615642) | more than 9 years ago | (#11256001)

Glad to see a magazine article quoting a real security expert (Dan Wallach) rather than some random VP of marketing for a "content management" company. Spectrum doesn't even commit the common media sin of giving equal time to some crazy guy in the name of artificial fairness.

In any case, I am less worried about the crypto, which doesn't affect video quality. Fingerprinting of video and audio with watermarks can affect quality; in copy protection circles, you'll see iffy technologies proposed simply because they "can't hurt" to throw them in---but then some of them are detectable by golden eyes/ears. IMHO even that much quality loss is not worth whatever security a watermark offers.

Caj

For androids only? (1)

AtariAmarok (451306) | more than 9 years ago | (#11256129)

""but then some of them are detectable by golden eyes"

Like this fellow? [tripod.com]

Goldeneye? (1)

tepples (727027) | more than 9 years ago | (#11256205)

in copy protection circles, you'll see iffy technologies proposed simply because they "can't hurt" to throw them in---but then some of them are detectable by golden eyes/ears.

Shh! Please don't give Sony/MGM an idea for the next James Bond film.

What about the XBOX? (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11256004)

The XBOX has been around for years and they still haven't been able to crack its encyption. How will this be any less secure?

Yeah, you can copy games and play them on a *modded* xbox, but the encryption method still hasn't been broken.

Oooh, 128 bit! (1)

stonedyak (267348) | more than 9 years ago | (#11256070)

Does this mean it will now take two days from the release of the first HD-DVD player for 'DeAACS' to appear online?

Or will this be the movie industry's dream DRM solution? Something so secure that you can't even watch it!

Also for Blu-Ray? (1)

crow (16139) | more than 9 years ago | (#11256111)

This is presented as being for use with the HD-DVD standard. What about the competing Blu-Ray standard? Are they planning on using this, too, or do they have their own approach to the perceived problem?

Optical disks? Pffft (1)

Safety Cap (253500) | more than 9 years ago | (#11256126)

I'm waiting for the keychain 50 gig driveto be available RSN; just copy the film and go. You can keep your plastic wafers.

They must be on crack... (2, Insightful)

Otto (17870) | more than 9 years ago | (#11256127)

Seriously. I can't come up with another plausible reason for anybody to think this would work. Example:

The key to the spirit of compromise is an agreement that the AACS specification will allow consumers to move the data on an optical disc to the various devices they own, including video servers and portable video players, either directly or via a home network. In all the scenarios developed by the AACS alliance, that data would exist on the disc in encrypted form. It would stay encrypted when transferred to other devices and would be decrypted by those devices. The details of this portability have not been announced, but the technological underpinnings are expected to be included when the first version of the copy protection specification is released.


Now, understand that the encrypted content will be encrypted with a different key for each piece of content. This is just obvious and similar to how CSS works. The reason is so if you break one DVD, you don't break 'em all.

But this means that the key to decrypting the content must also be on the DVD itself. So that must be transferred to the portable device as well, in order for it to be playable.

So there's two ways this can work:

Method 1: Transfer the key along with the encrypted content in a plain form. In which case the attacker figures out where the key is, decrypts the content, creates an unencrypted version. Tada!

Method 2: The player key system whereby every company/player has a key and they are each used to encrypt a copy of the content key, which is placed on the disc. Thus this keyring must be transferred to the portable device and the portable device must itself have a player key to decrypt the content. I'm betting this is the method they're going for.

In which case the crack is simple: Compromise the player key. The player key must be embedded in the device somehow. In fact it'll have to be embedded in *every* device. All it takes is one hardware hacker to yank out a player key and voila, every disc up to that point can be decrypted.

So they invalidate the player key for future releases, breaking all existing hardware using that key. They could have done this with CSS, BTW, but they didn't for fairly obvious reasons.

In any case, this helps them not in the slightest. Because now you have a means by which to crack the rest of the player keys. Look, you get one player key. You have a disc with encrypted content for all player keys. You know the plaintext for what these are encrypting (the content key). Furthermore, every disc made that you can decrypt (probably a lot) gives you a new data set. How long do you think it'll take some bright boy to come up with a known plaintext attack on AES to retrieve these keys? It might be computationally intensive, but certainly it'll be less than a brute force attack.

And then what do they do when all keys are broken? They're straight fucked then.

The very idea itself is stupid. It's bound to fail in the same way CSS did. It'll just take a little more time, that's all.

Two words... (1)

Bob McCown (8411) | more than 9 years ago | (#11256134)

...analog hole.

Can anybody say DIVX? (0)

Anonymous Coward | more than 9 years ago | (#11256166)

There was a time when DVD's were purchased for a single use.

This business model worked fine for a very short term then *gasp* failed.

Are we again moving toward the day when dvd users must request permission to play their DVD's?

This is a sure business model that will stand the test of the week.

digital hole (1)

Alesis1001 (846305) | more than 9 years ago | (#11256194)

If somebody made a hardware that captures from DVI output, it should be possible to make perfect digital copies, or am I wrong? This would by pass just about anything including hdtv broadcast bit.

The Emperor Has No Clothes (1)

shoolz (752000) | more than 9 years ago | (#11256206)

As long as a signal (video, audio, whatever) is sent to an output device (monitor, speaker, whatever), it will be easy to capture and duplicate.

There will never be an end to 'undesired' duplication.

Same old (1)

SilverspurG (844751) | more than 9 years ago | (#11256207)

Radar detectors, speed guns, copy protection, eavesdropping...

Let's try a new discussion thread: /. insider trading. Who can be the first to tell me which fabrication plants are going to get the lucrative production contracts for these players? I just want to know where to put my money to earn a profit.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...