Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

AACS Hack Blamed on Bad Player Implementation

Zonk posted more than 7 years ago | from the finger-pointing-but-no-porn dept.

Media 272

seriouslywtf writes "The AACS LA, those responsible for the AACS protection used by HD DVD and Blu-ray, has issued a statement claiming that AACS has not been compromised. Instead, they blame the implementation of AACS on specific players and claim that the makers of those players should follow the Compliance and Robustness Rules. 'It's not us, it's them!' This, however, does not appear to be the entire truth. From the Ars Technica article: 'This is an curious accusation because, according to the AACS documentation reviewed by Ars Technica, the AACS specification does not, in fact, account for this attack vector. ... We believe the AACS LA may be able to stop this particular hack. While little is truly known about how effective the key revocation system in AACS is, in theory it should be possible for the AACS LA to identify the players responsible for the breach and prevent later pressings of discs from playing back on those players until they are updated. As such, if the hole can be patched in the players, the leak of volume keys could be limited to essentially what is already on the market. That is, until another hole is found.'"

Sorry! There are no comments related to the filter you selected.

To be expected (4, Insightful)

Iphtashu Fitz (263795) | more than 7 years ago | (#17776548)

Did anybody really expect the AACS LA to say anything other than what they did? (Besides, maybe "we give up"?)

Re:To be expected (3, Interesting)

purpledinoz (573045) | more than 7 years ago | (#17777116)

I wonder what they're going to say when it's brutally apparent that ALL software players can be compromised. From what I can see, they have a few options, and none of them are pretty.

- play the cat and mouse game, and have the keys updated on the players while revoking the old keys.

- disallow software players all together.

- admit defeat and forget about revoking keys.

Re:To be expected (1)

Reikk (534266) | more than 7 years ago | (#17777792)

This is an curious accusation
This is an great article!

I'm mixed on this. (5, Funny)

grub (11606) | more than 7 years ago | (#17776568)


Part of me wants them to find a proper fix for these holes. My CableCo phoned me because I've already gone way over my quota this month.

Re:I'm mixed on this. (2, Interesting)

Sheltem The Guardian (940038) | more than 7 years ago | (#17776778)

I am curious. If we've, let's say, pwned a hardware player. And AACS LA revokes original keys. They don't want buyers to kill them, so they have to reissue some keys. But if we've already pwned device, can't we happily receive these freshly-reissued keys, pretending we're this device? We might know every cryptokey this device holds at this moment!

Re:I'm mixed on this. (3, Interesting)

ThePiMan2003 (676665) | more than 7 years ago | (#17776968)

Actually that is part of the spec. They can kill your hardware player, and then blame it on a poorly made hardware and you the end user are SOL.

Re:I'm mixed on this. (1)

Sheltem The Guardian (940038) | more than 7 years ago | (#17777334)

I guess that'll be a big bang if they're ever recall keys for a large and still selling generation of players. Hardware makers didn't understand that they've gave hollywood just enough rope.

Of course not, dear... (5, Funny)

bhamlin (986048) | more than 7 years ago | (#17776576)

Of course it's not your fault. Your highly paid engineers are WAY smarter than anyone else.

DRM is silly (5, Insightful)

tfinniga (555989) | more than 7 years ago | (#17776580)

You give them the lock.

You give them the key.

You hope that they can't figure out how to put one into the other.

High fives.

Re:DRM is silly (5, Insightful)

Abnormal Coward (575651) | more than 7 years ago | (#17777074)

I agree. The only way to show that this DRM protected is shite is for people not to buy. Copying media in my option has never been a problem, I've had a a lot of tape copys from people and went and brought the cd/tape because I really like the music. Same with movies and TV, I've brought DVD's and TV boxed sets after downloading DIVX copys from the 'net. If the boys at the top (RIAA/MPAA) ensure there music is cheap enough its a no brainer. The real battle is here is that 'they' want to tell you want to buy and set any price they like. Its all about control (time to put on your tin hat). Well fuck them, where the consumers we should decide what to buy, and what is an accecptable price. So back to my orginal point, the only way to show is with your wallet ....

Not when Apple does it! (1)

mattgreen (701203) | more than 7 years ago | (#17777668)

Then it is Not That Bad Because I Can Waste Time Burning And Reripping. Don't forget about this important exception!

Re:DRM is silly (1)

CoughDropAddict (40792) | more than 7 years ago | (#17777828)

Putting the lock deep in silicon, where no software can touch it (or only specifically authenticated/authorized software), does not count as "giving them the key." This is the direction DRM is moving.

Re:DRM is silly (2, Informative)

et764 (837202) | more than 7 years ago | (#17778238)

Still, the machines are made up of electrical pulses moving across the chip. These electrical pulses can be observed and manipulated. As long as you have physical access to the playback device, which won't go away as long as you can use your media at home, there exists some way to get the hardware or software to reveal the key. It may take a whole lot of creativity, trial and error, but it can be done.

Blame Canada (5, Funny)

euri.ca (984408) | more than 7 years ago | (#17776596)

It's a widely known fact that Canada is responsible for 50% of the HD DVD piracy.

Even worse, the AACS specification does not, in fact, account for this large sparsely populated country.

Re:Blame Canada (1)

grub (11606) | more than 7 years ago | (#17776704)


It's a widely known fact that Canada is responsible for 50% of the HD DVD piracy.

The problem is all those HD-DVD bootlegs are cams done in Montreal.

Re:Blame Canada (1, Interesting)

Anonymous Coward | more than 7 years ago | (#17777086)

Unlikely. That story tells us that camcording is illegal in Canada. That the theaters are using night vision to catch people doing it. That Canadian police are arresting and convicting people who do it. And that anyone can rent the movie at blockbuster and copy it - in the US (which has ten times the population) as well as Canada.

This little statistic was almost certainly made up, to pressure Canada into taking away more fair use rights.

On the other hand, word has it that the guy who bypassed HD DVD's AACS encryption is a Canadian programmer. (With possible help from a NZ cryptographer. Google "My first experience with HD content being blocked", and compare his story with that of Muslix64.)

Re:Blame Canada (1)

PitaBred (632671) | more than 7 years ago | (#17777822)

Holy balls are you really that obtuse?

Dig it [wikipedia.org]

Never! (5, Insightful)

Troed (102527) | more than 7 years ago | (#17776606)

if the hole can be patched in the players

It cannot, ever, unless they disallow software players from any platform not running on Trusted Computing enabled hardware and a Trusted Computing enabled operating system.

Until then, no DRM scheme works.

None.

It's that simple.

Re:Never! (4, Insightful)

CrystalFalcon (233559) | more than 7 years ago | (#17776720)

It cannot, ever, unless they disallow software players from any platform not running on Trusted Computing enabled hardware and a Trusted Computing enabled operating system.

And at that point, virtualization kits will become commonplace that run Windows in a sandbox so that Windows thinks it's in a Palladium environment, but where it's really not.

If it can be played, it can be copied. Playing is copying. Any manipulation of digital data is copying it. Trying to make bits not copyable is trying to make water not wet.

TPM is anti-virtualization (4, Informative)

tepples (727027) | more than 7 years ago | (#17776840)

And at that point, virtualization kits will become commonplace that run Windows in a sandbox so that Windows thinks it's in a Palladium environment, but where it's really not.

The express purpose of "Trusted" Computing is to distinguish an OS running on bare hardware from a virtualized OS. The virtualized Trusted Platform Module is issued not from a recognized mainboard manufacturer's keyspace but from VMware's.

Re:TPM is anti-virtualization (1)

theelectron (973857) | more than 7 years ago | (#17776948)

Could you not alter the TPM key the VMware server uses? Also, is this true for other virtualization, Xen etc., as well?

Re:TPM is anti-virtualization (3, Interesting)

JesseMcDonald (536341) | more than 7 years ago | (#17777162)

Sure, but the whole point is that you can't access the keys the "trusted" mainboard manufacturers encode into the hardware. You can program the emulator with any key you want, but it won't be one of the "trusted" keys. The keys are stored and used entirely within a single IC; the only way to extract one would be, in theory, to examine the IC directly (with an STM, for example), or somehow gain access to the master copy held by the manufacturer (and risk violating trade-secret laws).

IMHO this raises interesting legal issues, since it would tend to allow holders of one form of monopoly monopoly (copyright) to influence market shares in another industry (computer hardware). With TC the priviledged holders of media monopolies would be free to determine which hardware manufacturers succeed and which ones fail. Might not the RIAA/MPAA find themselves on the receiving end of an antitrust suit as a result of this cross-industry influence? (I don't support antitrust regulations myself, but I'm not the one they have to worry about.)

Re:TPM is anti-virtualization (2, Interesting)

theelectron (973857) | more than 7 years ago | (#17777394)

I'm not completely familiar with the TPMs, but would it be practical for me to 'guess and check' keys until I got something in a trusted namespace? How big are the keys?

Re:TPM is anti-virtualization (2, Insightful)

Rich0 (548339) | more than 7 years ago | (#17777952)

They would use SSL. Most likely 1024/2048 bit keys. You won't guess them.

And the manufacturer wouldn't know your key either. Most likely the chip will generate its own keypair, store it in flash, give the manufacturer a CSR, which would then be signed and returned to the chip as a certificate. At this point the only copy of the private key is in the chip - at best the vendor knows the public key, which is no good for bypassing TPM.

Now, what you could do is get the manufacturer's signing key and make your own certificates. That would certainly work. However, it hasn't really happened yet in the SSL world, and there is no reason to think that it will happen in the future - those keys would be kept under close guard.

Re:TPM is anti-virtualization (1)

tonigonenstein (912347) | more than 7 years ago | (#17777600)

Sure, but the whole point is that you can't access the keys the "trusted" mainboard manufacturers encode into the hardware.
I am not familiar with the TPM spec, but wouldn't it be possible for the virtual TPM to relay requests to the real TPM ? Then you could access the software player's state by querying the VM.

Re:TPM is anti-virtualization (1, Interesting)

Jherek Carnelian (831679) | more than 7 years ago | (#17777766)

Sure, but the whole point is that you can't access the keys the "trusted" mainboard manufacturers encode into the hardware. You can program the emulator with any key you want, but it won't be one of the "trusted" keys. The keys are stored and used entirely within a single IC;

What is to stop a guy with a real TPM system and a virtual environment from just proxying any TPM requests/responses from the virtualized system to the real TPM module?

The TPM is like a black box right? Nobody can see inside it, all anyone can do - including a "trusted OS" is send it inputs and read the output. So, there should be no way for the virtualized OS to tell the difference between a proxyed TPM and a "directly connected" one.

So, now you've got a fully virtualized system that thinks it is running not-virtualized. Its memory, even its cpu registers, are ripe for harvesting supposedly protected information. If the system is going to depend on the TPM to do the actual decryption without exposing any keys, you still have easy access to the decrypted data that comes out of the TPM.

Re:TPM is anti-virtualization (3, Interesting)

Mr2001 (90979) | more than 7 years ago | (#17778074)

The keys are stored and used entirely within a single IC; the only way to extract one would be, in theory, to examine the IC directly (with an STM, for example), or somehow gain access to the master copy held by the manufacturer (and risk violating trade-secret laws).
And as long as you're risking violating the trade secret laws, why not go all the way? I'd love to see a few dozen guys with machine guns just break down the TCPA's front door and steal the damn keys the old-fashioned way.

Re:TPM is anti-virtualization (1)

AuMatar (183847) | more than 7 years ago | (#17777008)

Then people will just write open source virtualization kits, that fake it from whatever keyspace we want.

If we own the physical hardware, DRM is never going to work. Period.

Re:TPM is anti-virtualization (4, Insightful)

CrystalFalcon (233559) | more than 7 years ago | (#17777066)

And would you bet money on the impossibility of spoofing a specific motherboard identity?

Similar things have been done before in so many different scenarios... Just to take a trivial example, MAC addresses were supposed to be unique for each network card, too.

Re:TPM is anti-virtualization (1)

Rich0 (548339) | more than 7 years ago | (#17777996)

Yes, but MAC addresses aren't kept secret.

The private key for your motherboard will be - it will never leave a single chip. Sure, if you have the hardware you can in theory obtain it, but this will require stuff like electron microscopes.

You can't make it impossible - but you can make it REALLY hard.

Re:Never! (2, Interesting)

mugnyte (203225) | more than 7 years ago | (#17777118)

There are ways combat this - like requiring timing that only hardware can satisfy, but virtualization is a tough thing to hide from. In the end, it will require an dual-key system from each piece of hardware that the system accepts. You cannot write a virtual one because you cannot provide a valid key. Yes, yes, I know this is a terrible design.

  Then you degrade the problem to a Man in the Middle, where your microcode simulates a processor and performs some operations before/after sending to same/different hardware. Microcode is the standard for many OS's now.

  In these cases, the OS sends a public key to the hardware, and receives one in return, you can capture them but cannot mimic these pieces. Then, each buffer in the pipeline ends up encrypted, leaving you to decipher.

  This is the gist of the whole architecture: locking down anywhere one could put custom code. The problem is, in a heterogeneous environment, there's no much stability with asking a whole market to obey these specs. Someone is going to write hardware that conforms, but has an unencrypted out channel. In fact, companies will simple comply to the Trusted Computing program but sell this out at a high price. MS creates a valued market out of it's security scheme, losing both the anti-piracy initiative, and the content providers' trust, eventually.

  Until these phases come to pass, the market moves slowly to adjust to the new formats and pricing. Content providers pour into the channels believing the issue is "solved". Then, suddenly, an unrevokeable layer is compromised (as in: you cannot re-stamp all the discs already on the market) and much of the content appears in black market format. The market floods easily because people do not believe the cost of the model is worth the output (like music today).

  If you think I'm speculating, all of this has happened before. Hacking in all it's forms has never had any different lesson.

Re:Never! (1)

morgan_greywolf (835522) | more than 7 years ago | (#17777508)

And at that point, virtualization kits will become commonplace that run Windows in a sandbox so that Windows thinks it's in a Palladium environment, but where it's really not.
But will these virtualization kits have the TCPM-enabled BIOS? What about open source virtualization kits? IIRC, Mac OS X can run in a virtualized environment only once the checks for the hardware DRM are removed by a hack. It seems like there would be copyright or patent issues that would prevent a FOSS virtualization kit from running Windows in a Palladium environment.

Re:Never! (1)

Rich0 (548339) | more than 7 years ago | (#17778058)

Mac OS X can run in a virtualized environment only once the checks for the hardware DRM are removed by a hack,

And this only works because MacOS X needs to be able to run offline.

Once your HD-DVD player is required to be hooked up to the internet to work, that hack will stop working. The key to your DVD won't be stored on the DVD - instead you'll download it each time you play it. However, the server hosting the key won't provide it unless you pass a TCPM check - if the hashes of the bios/OS/player aren't trusted the key won't be provided. Without defeating the physical security on the TCPM chip you won't be able to simulate/virtualize/emulate/whatever this handshake - it ultimately relies on a private key buried in the chip that never leaves it.

Re:Never! (1)

purpledinoz (573045) | more than 7 years ago | (#17776742)

So the marketing department is telling the engineers to do something impossible. Sounds like a scene from a Dilbert comic.

Re:Never! (1)

AuMatar (183847) | more than 7 years ago | (#17777048)

Dilbert? I call that Friday afternoon.

sceurity holes (1)

stocke2 (600251) | more than 7 years ago | (#17776608)

all the windows security problems are caused by the computers these companies build to run it, I mean windows is perfectly secure so long as it sits in it's box there on the shelf....if these darn companies would just stop installing it on computers there would be no problem

No AACS, Blu-ray, HD-DVD for me. (4, Interesting)

Anonymous Coward | more than 7 years ago | (#17776634)

Since July of last year I have basically cut out the mass media from my life. I sold my TV, gave away my DVD player, and donated my CDs and DVDs to a charity auction. For entertainment, I've taken up a number of sports, including basketball and skiing. I also now listen to local bands live at pubs and restaurants, rather than listening to the radio or CDs. I never had any gaming consoles to begin with, and I uninstalled and gave away the few computer games I do have. I do rely on the BBC for news, but even that's become limited these days.

I'm glad I made that decision. All this new crap involving DRM and frivolous from the entertainment industry just goes to show you how full of horseshit they are. I'm very pleased that my money does not go to them. They don't deserve it. Not only that, but now that I play sports rather than just watching them on TV, I've become much more fit and far healthier. Getting away from the mainstream media was one of the best things I've ever done.

Re:No AACS, Blu-ray, HD-DVD for me. (1, Insightful)

Anonymous Coward | more than 7 years ago | (#17776738)

Good for you. That means the only reason you would be reading an article about those things you "gave up" was so you could blow your own horn. Guess what? We don't give a shit.

Re:No AACS, Blu-ray, HD-DVD for me. (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#17776750)

round of applause to the courageous for taking back their life!

Re:No AACS, Blu-ray, HD-DVD for me. (1)

Loconut1389 (455297) | more than 7 years ago | (#17776876)

Yes, yay to the courageous anonymous coward.

Re:No AACS, Blu-ray, HD-DVD for me. (1)

SEAL (88488) | more than 7 years ago | (#17776944)

Yes, yay to the courageous anonymous coward./i. ... because a Slashdot user-id is so much LESS anonymous?

Re:No AACS, Blu-ray, HD-DVD for me. (4, Funny)

nuzak (959558) | more than 7 years ago | (#17776848)

How about taking the next step and cutting out slashdot from your new life?

Re:No AACS, Blu-ray, HD-DVD for me. (4, Funny)

eln (21727) | more than 7 years ago | (#17776938)

Sure you have a more fulfilling life, but you're generating massive amounts of smug, which is highly toxic to the environment.

Re:No AACS, Blu-ray, HD-DVD for me. (0)

Anonymous Coward | more than 7 years ago | (#17777084)

You no longer belong here.

You are not one of us
You are one of them

Kill the outsider!!

Re:No AACS, Blu-ray, HD-DVD for me. (0)

Anonymous Coward | more than 7 years ago | (#17778164)

Have you ever tried listening to a live band on your commute to work?
How about skiing on a lazy, summer afternoon?

Good luck with your new lifestyle.

Why not go to the real source? (1)

kad77 (805601) | more than 7 years ago | (#17776636)

AACS LA executive decision maker:

A. Test their player key detection procedures (prove they can't reverse Volume Unique Key)

B. Read the public forums that have trumpeted the players and methods involved directly.

Ed Felten writes about an economic model... (4, Informative)

Saint Aardvark (159009) | more than 7 years ago | (#17776654)

...for this fight at freedom-to-tinker.com [freedom-to-tinker.com] . The whole series on AACS [freedom-to-tinker.com] is worth reading, as is every single thing he posts.

Ahh... the fun begins! (5, Interesting)

monopole (44023) | more than 7 years ago | (#17776672)

If they are really going to use the device revocation option, things are going to get way fun.
Players which will only play certain discs and not others, instant obsolescence for entire classes of $1000 players.
This makes the format wars look like a sales promotion!

Re:Ahh... the fun begins! (2, Informative)

Sircus (16869) | more than 7 years ago | (#17776716)

I'm no fan of the content mafia, but all they're talking about at the moment is disabling certain software players which the publishers could easily offer free updates for. The current crack isn't applicable to hardware players.

Re:Ahh... the fun begins! (1)

Rich0 (548339) | more than 7 years ago | (#17777878)

The current crack isn't applicable to hardware players.

Well, sure it is - but it would be a lot harder to pull off.

Yeahbut... (1)

Iphtashu Fitz (263795) | more than 7 years ago | (#17776724)

Don't forget that if you drink the *AA koolaid and bend over properly for them then you've hooked up your DRM infested HD-DVD or Blu-Ray player to the internet not only so that they can track what you watch but so that the players can automagically download updated keys so that you'll never even see any non-functioning disks. That, and monkeys may fly out of their respective butts.

Re:Ahh... the fun begins! (4, Insightful)

H0ek (86256) | more than 7 years ago | (#17776940)

This is also a sure-fire way to kill a format. Usually technology is promoted via word-of-mouth, and when the drive of the early adopters begin to fail, the word will spread that you can't trust either Blu-Ray or HD-DVD.

In short, AACS is doomed if it does, doomed if it doesn't.

Re:Ahh... the fun begins! (2, Interesting)

sdo1 (213835) | more than 7 years ago | (#17777366)

Agreed. If one of my friends asks me about these formats (and they do, knowing what a home theater and media junkie I am), I roll through all of the DRM hoops that they'll have to jump through in order to play the things the way they want it.

The industry NEEDS the word-of-mouth. And as it stands, that word-of-mouth is negative. It's "yea, the picture is great, but then there's all this other stuff you'll have to deal with." That's not going to fly.

-S

Individual players are revoked, not classes (1)

Wesley Felter (138342) | more than 7 years ago | (#17777050)

If one hacker's player gets revoked, it won't affect regular users at all. And the hacker will probably just buy another one.

Re:Individual players are revoked, not classes (1)

Rich0 (548339) | more than 7 years ago | (#17777658)

How many keys does the system support? They'd need an awful lot of them if they're going to encode every disc with one unique key per copy of software / hardware sold.

A billion keys isn't all that unrealistic a number. Sure, I guess it could be done, but it sure is an interesting approach.

Plus, in this particular case they wouldn't know the key for the piece of hacked hardware - they didn't disclose the software key - only the media keys.

Re:Individual players are revoked, not classes (1)

Wesley Felter (138342) | more than 7 years ago | (#17777856)

Yes, AACS supports billions of keys.

Obviously AACS LA will have to know which players to revoke, but I suspect hackers will start leaking player keys soon, since they're more useful than title keys.

Re:Individual players are revoked, not classes (1)

Joe5678 (135227) | more than 7 years ago | (#17777712)

They don't generate unique decryption keys for each and every player. Individual players are NOT revoked. It is at least a class of players (in this case we're only dealing with software players as a sibling post has pointed out) and I wouldn't be surprised if they keys were only unique on the manufacturer level (i.e. Sony has one key for all the players it makes).

Even if each player did have a unique decryption key though, they would have no way of knowing which key to revoke. This is the reason the person who decrypted the data hasn't said "I used player X" since he doesn't want to make it easy for them to revoke the key for "player X".

Re:Individual players are revoked, not classes (1)

Wesley Felter (138342) | more than 7 years ago | (#17777986)

They don't generate unique decryption keys for each and every player.

My interpretation of the spec is that every individual player has unique keys. Software players may be a little more relaxed, though.

It is at least a class of players (in this case we're only dealing with software players as a sibling post has pointed out) and I wouldn't be surprised if they keys were only unique on the manufacturer level (i.e. Sony has one key for all the players it makes).

The software players may have one set of keys for each app, but then it's easy to update software to change out keys. After several such updates, the software player developers may end up implementing individual keys using online activation to reduce the hassle. Either way, the collateral damage would appear to be minimal.

Even if each player did have a unique decryption key though, they would have no way of knowing which key to revoke.

IMO it's only a matter of time until someone releases a DeCSS-style crack with player keys included. ...the person who decrypted the data hasn't said "I used player X" since he doesn't want to make it easy for them to revoke the key for "player X".

Plenty of people on the Doom9 forums have admitted to using WinDVD 8 Japanse edition. Besides, there are only two software HD-DVD/Blu-ray players anyway, so AACS LA could just revoke both.

Player Keys (1, Insightful)

Anonymous Coward | more than 7 years ago | (#17776680)

Just wait until they start finding some *player* keys (not volume keys).

Gather enough of those and you can screw revocation by subverting the master key authority. Hopefully, they'll quietly hack the player key, get them to issue a new one, hack that and....

Re:Player Keys (1)

Goaway (82658) | more than 7 years ago | (#17777206)

No, you can't. Hardware players use individual key sets and can be individually revoked, and player keys are revoked every six months anyway.

Updated? Battle of the Rootkits! (3, Interesting)

Tackhead (54550) | more than 7 years ago | (#17776758)

> While little is truly known about how effective the key revocation system in AACS is, in theory it should be possible for the AACS LA to identify the players responsible for the breach and prevent later pressings of discs from playing back on those players until they are updated. As such, if the hole can be patched in the players [emphasis added], the leak of volume keys could be limited to essentially what is already on the market.

If the players are non-patchable:

1) We will live in a universe in which, every year or so, an unknown number of players will play discs produced up to, but not after, a certain date.

Consider the sales/support implications of customers selecting products for Christmas 2008: "Well, sir, this Foobar-1000 plays discs up produced in 2006-2007, a Foobar-1130 plays discs produced from 2006-2008, and a Fonybaz-1900 plays discs produced from 2006 to August 2008."

If the players are patchable, it's even worse for the industry:

1) Your Foobar 1000 will play discs produced in 2006 and 2007. It ceases to work for discs produced between February 2007 until you buy a disc produced a few months later that happens to contains some code that query the player whether it's a Foobar 1000... and if so, to automatically/silently patch the firmware. Then all your discs work again.

That's a good thing for the user, and a bad thing for the industry, because as soon as you've got a firmware patch on a DVD, the obvious thing for an enterprising hacker to do is to put his own firmware patch on his own DVD, and your Foobar 1000, all of a sudden, ceases to implement the DRMish crap which the MPAA crammed onto it...

...until, of course, a few months after that hack, where the firmware-updating discs are modified to downgrade any hacked players to MPAA-compliant revisions of the firmware (or even to self-destruct)...

...and someone else comes up with a better hack to make the hacked firmware indistinguishable from the "approved" firmware...

In short, if players can be patched in the field (and this applies to both hardware/firmware-based players in embedded systems and to PC-based disc-playing software), it's a long-term battle of the rootkits, and that's a battle that MPAA is likely to lose.

Re:Updated? Battle of the Rootkits! (0)

Goaway (82658) | more than 7 years ago | (#17777412)

AACS can revoke individual player keys. No need to revoke a whole line of players.

Re:Updated? Battle of the Rootkits! (1)

Todd Knarr (15451) | more than 7 years ago | (#17778216)

Except that this is a "class break": it affects all players of the same type. If they revoke the cracker's player's individual key, the next 100 crackers continue blithely along unaffected. They have to revoke the keys for all players of the vulnerable type to stop the break. Which will always affect more legitimate customers than crackers.

I thought the player key hadn't been revealed? (4, Insightful)

Jartan (219704) | more than 7 years ago | (#17776788)

Why is Ars saying they believe they can stop this hack by revoking the player key? The original person who cracked it specifically didn't release the key I thought and was only releasing TITLE keys which will be much more dangerous to revoke yes?

Not that it matters much either way because this attack vector will always exist for any kind of system they come up with. Since it will always exist someone will rip it and post the movie on bittorrent.

They are actually probably pretty happy that this is the only possible hack anyways since it isn't anywhere near as useful as DeCSS.

Re:I thought the player key hadn't been revealed? (1)

Iphtashu Fitz (263795) | more than 7 years ago | (#17776816)

Since it will always exist someone will rip it and post the movie on bittorrent.

And that's the lynchpin to the whole DRM debacle. All it takes is one individual somewhere on the planet to manage to crack or circumvent the encryption on any given movie to make it available to everybody. It may take some time but it's likely to happen eventually.

Re:I thought the player key hadn't been revealed? (4, Funny)

nuzak (959558) | more than 7 years ago | (#17776906)

All it takes is one individual somewhere on the planet to manage to crack or circumvent the encryption on any given movie to make it available to everybody.

And, unlike the disc you legally purchased, the cracked version is pretty much guaranteed to actually play on your hardware.

Re:I thought the player key hadn't been revealed? (1)

Pootie Tang (414915) | more than 7 years ago | (#17777788)

The hack extracts the title key by grabbing out of memory. It's in memory because the (software) player puts it there, at least temporarily.

If they revoke the key for that player on future discs then (that particular) software player won't be able to extract the title key, thus the hack can't access it.

In theory this should work, but not for any discs already created, only going forward. Of course all that really accomplishes is making someone have to compromise a different player, it's not exactly checkmate.

bwa.ha.ha. (2, Interesting)

geekoid (135745) | more than 7 years ago | (#17776806)

Dear consumer:
Please check our website so you can download a patch and intall it on your DVD player.

BWahahaha..

That will go over like a lead balloon.
as will a machine that no longer playing new movies every few months so you have to buy a new player.

Which is good. DRM is just causing more consumer frustration and less value.

they can't patch these holes away (1)

idlake (850372) | more than 7 years ago | (#17776812)

You can play around with keys so that the same player won't play both old and new discs, but that doesn't change the fact that the old software will continue to be out there and will continue to be able to play old discs. And next time someone screws up, all the discs up to that point will be compromised, and on and on.

Revocation is pointless (2, Insightful)

asc99c (938635) | more than 7 years ago | (#17776838)

I don't understand the point of revoking a hacked key. Now the key has been found and discs have been hacked, the output of the process is an unencrypted file with no key. Until something like AnyDVD comes out that just silently and automatically strips encryption on the fly, the primary use of the program will be to get unencrypted content onto P2P networks.

Why bother revoking the key? I must be missing something. Sure, don't use the same key on future discs, but pirated copies will have no encryption - key revocation only seems to affect legitimate users of the disc.

Oh yeah, I'd forgotten, DRM isn't about piracy...

Re:Revocation is pointless (1)

Wesley Felter (138342) | more than 7 years ago | (#17777164)

Not everyone can afford to download 20GB files. Plenty of people rip DVDs that they own/rent even though the same movies are available for download, and those same people will want tools to locally rip HD-DVD and Blu-ray discs.

Re:Revocation is pointless (1)

discordia666 (940470) | more than 7 years ago | (#17777222)

Well that's a damn good point. But you may be mixing up your keys. Easy to do. But hacked player keys in the wild will allow people to decrypt any disk. Hacked volume and title keys are the ones tied to the disk itself. No mechanism to revoke those, until new disks are manuafactured. But by that time your point comes into play and it doesn't matter.

Looks the same (0)

Anonymous Coward | more than 7 years ago | (#17776874)

This is the hole security expects have been telling them about since they started using cryptography in DRM.
Currently all encrypted content and keys must exist in unencrypted from at some point in memory.
Also, as long as the contents of memory are viewable this hole will exist. The strength of the
crypto doesn't matter if the user can get the key. Currently scanning the contents of memory and
trying each group bits against something known, like an encrypted MPEG headers is reasonably quick and effective.

Re:Looks the same (0)

Anonymous Coward | more than 7 years ago | (#17778020)

Precisely why lots of new PCs (Intel Apple Macs, for example)... come with TPMs. To make sure you, as the owner of the machine, can't see what a "trusted app" is doing. The fact that they also gives the likes of Gates, Jobs and whichever suit is running IBM at the moment, access to undreamed of levels of control of the customer is also a benefit.

Hmmm i swear thats not the way i read it.... (1)

jkerman (74317) | more than 7 years ago | (#17776902)

"to identify the players responsible for the breach and prevent later pressings of discs from playing back on those players until they are updated."

wasnt this attack based on being able to extract the title-key from the disc, then run it through stock AACS decryption libraries? they could revoke whatever keys they wanted, but wouldnt the existing un-retractably released software still have to read the key (making it visible, unencrypted, in ram....) before it could deny playing it?

The way i understand it the "player" gets the title key, normal AACS libraries are used to decrypt into a format (no-drm) that any player will play back. it has no key to block!

Re:Hmmm i swear thats not the way i read it.... (1, Informative)

Anonymous Coward | more than 7 years ago | (#17777178)

wasnt this attack based on being able to extract the title-key from the disc, then run it through stock AACS decryption libraries?
It was, but the title keys are encrypted with the disk key. There are lots of copies of the disk key in a single file on the disk, all encrypted with one of the many player keys. If a player key is revoked, there will simply be no copy of the disk key that this player will be able to decrypt on any future disks.

Another blow struck for free entertainment (-1, Troll)

heinousjay (683506) | more than 7 years ago | (#17776914)

It warms my heart to know that there are people out there watching out for my right to free entertainment. If it weren't for them, the people who invested in, assisted with, created, and distributed my entertainment would be getting their greedy little mitts on my money. Now I don't have to worry about that happening, and I can have the massive entertainment collection I deserve.

Re:Another blow struck for free entertainment (1, Informative)

HomelessInLaJolla (1026842) | more than 7 years ago | (#17777046)

You would make sense if a money map of the industry didn't show that the vast majority of the profit goes to CxOs, VPs, board directors, and career stock investors who have little or no real interest in the actual entertainment content.

When you can separate honest entertainment interest from pure and erated business interest then you may pull your head from your backside.

Re:Another blow struck for free entertainment (2, Insightful)

drinkypoo (153816) | more than 7 years ago | (#17777130)

It warms my heart to know that there are people out there watching out for my right to free entertainment. If it weren't for them, the people who invested in, assisted with, created, and distributed my entertainment would be getting their greedy little mitts on my money. Now I don't have to worry about that happening, and I can have the massive entertainment collection I deserve.

It warms my heart to know that there are people out there watching out for my fair use rights. If it weren't for them, the people who (blah blah blah) my entertainment would be able to prevent me from taking actions which are supposedly explicitly protected by law, based on legislation which they bought and paid for. Now I don't have to worry about that happening, and I can do the things I'm supposed to be able to do with my entertainment collection.

There, fixed that for you.

I bet you are in favor of banning water since it's possible to drown someone in it, too.

Re:Another blow struck for free entertainment (1)

optikSmoke (264261) | more than 7 years ago | (#17777544)

I think you miss the point. By the very nature of how any of these encryption schemes HAVE to be used (ie, within someone's home with key and encrypted data all existing on some device), they can be broken. Always. Therefore, the pirates will break them. The more difficult the studios make it, the more sport it will become to the pirates. I honestly don't see a way they can solve the piracy problem this way.

On the other hand, I purchase my movies (currently on DVD) and am very happy that DeCSS exists. It allows me to watch legally-purchased DVDs on linux, and possibly back them up if I wish. I hope a similarly useful scheme for breaking AACS exists if/when I ever get a high-def drive for my computer (could be a big if).

At the same time, the only people really detrimentally affected by these schemes are legitimate consumers. Once hardware players start getting keys revoked, this is going to become even more apparent. The studios will achieve:

a) Not stopping piracy (and possibly adding to the "fun" by making it marginally more challenging)
b) Starting an ongoing war of revoke keys / break keys / revoke / break / revoke / ...
c) Monumentally frustrating their legitimate customers. Even more so than the few linux/etc users annoyed by CSS.

And Don't Forget.. (1)

JohnnyOpcode (929170) | more than 7 years ago | (#17776932)

Just because some 'software player' has been compromised and will get revoked, there are a few hardware models out there that also have 'weak' firmware and a JTAG port to jack into. I just wish this hacking business would get me some hotter lookin' chicks like in the movies..the ones we can decrypt now..and forever!

I hail our new hacker overloads!

Something they seem to be ignoring (3, Interesting)

Iphtashu Fitz (263795) | more than 7 years ago | (#17776950)

All the focus, and for good reasons, has been on software-based DVD players. They're easy for any hacker to play around with. However there are plenty of people out there who happen to be hardware hackers as well. I wonder how long (probably just a matter of time) before some hardware/firmware hacker disects a standalone HD player and is able to extract keys from that. Hardware hacking hasn't been as glamourous as software hacking in recent years, but a mere 20 years ago it was all about hardware hacking. Read a book like the Cuckoos Egg - a sysadmin physically tapped into communication lines and directed the output to line printers so that a hacker he'd been hunting wouldn't know he was being tracked. I'd be willing to bet that some hardware/firmware gurus with the right tools would be able to hack a standalone HD player if they had the desire to do it. And if they can pull that off it'd be a LOT harder for the AACS LA to plug that hole.

I would like to suggest a better solution (0)

Anonymous Coward | more than 7 years ago | (#17777018)

How about adapting to the market, recognizing that Fair Use is allowed by Copyright Law, and arriving at the logical conclusion:

Given that Fair Use is a right protected by law (it's NOT a defense as some love to claim) in exchange for a limited monopoly on distribution of the work in entirety, make the product more attractive to paying customers. Don't try to make money on both ends; recognize that timeshifting and formatshifting and copying of excerpts for use in reviews, parodies, etc. are all allowed in exchange for your limited monopoly, and improve your packaging, product quality, and pricing. Also: recognize that you are selling a commodity product identical in every way to a book; first sale doctrine applies; it is NOT licensed. If you do not offer a refund after the transaction is made PRIOR TO acceptance of any such license, then it is clear that it is not licensed, but a commodity good sold as is, and as such, the purchaser can do with it as he or she damn well pleases after the point of sale. Otherwise, offer refunds and back your product with a warranty.

Also, when a DVD/Blu-Ray Disc/HD-DVD delaminates or becomes too scratched to use or breaks, happily replace it for the customer, or at least provide a mechanism for making a 1-for-1 backup, as provided for under Fair Use and many court precedents.

Also, you should also quit conveniently selectively reading and interpreting the DMCA: recall the exclusions allowing for interoperability, and that cracking it for exercising Fair Use such as format shifting and viewing on alternate platforms and devices is explicitly allowed even under the draconian DMCA.

I reiterate: The Best solution is to drop DRM and increase value for legitimate paying customers. Give them a reason to WANT to buy your product.

I usually buy at least five DVDs per month, usually closer to 15 (my DVD collection is rapidly approaching 500). This month I bought "only" 3 (well, seven, if you consider that the extended edition of The Lion, The Witch, and The Wardrobe is four DVDs, and another movie I bought was a two-DVD collectors edition) because I incurred large expenses (a vacation, new PDA and other electronic equipment, and promptly ripped 5 DVDs for viewing on the PDA while traveling - interoperability format shifting provided for by DMCA exclusions and Fair Use I might add).

I occasionally download in a "try before I buy" scenario. I purchased THX1138 and T3 and many other movies after I decided they were worth buying (honestly, there hasn't been anything I downloaded that I didn't end up deciding to buy, except for material which falls into public domain). Some I won't pay more than $7 for and look for used DVDs, but I buy most DVDs new.

I was holding out on HD-DVD and Blu-Ray pending cracks to enable Fair Use and Linux interoperability, but now I am going to wait longer to see how it pans out. Will they actually revoke the keys? Will downsampling be turned on? If so, then I'll stick with DVD's 720x480 resolution, and use Blu-Ray solely as a read-write medium for backing up data, and buy exactly zero high-definition discs. It is not as though the increased resolution improves poor writing, and makes a bad movie worth watching (although in some cases, such as Plan 9 from Outer Space, or Starship Troopers, it is possible that a movie is so horribly bad that it enters the must-own/must-see category). Futurama or Stargate (ignoring the seasons with the Ori) or Seinfeld is equally entertaining to watch at 320x240 (roughly VHS resolution), 720x480 (DVD), or 1920x1080p (high def's top resolution).

Posting anon for the benefit of litigious MPAA assholes. MPAA: FUCK YOU.

Selective keying using the whole .exe from memory. (4, Informative)

russ1337 (938915) | more than 7 years ago | (#17777028)

They talk about this on Security Now, Episode #76 (http://www.grc.com/securitynow.htm)

It seems muslix64 just had a snapshot of the entire .exe running in memory, then used selective keying - serially trying bytes 1-4, then 2-5, 3-6 etc as the keys until the mpeg frame decrypted. (which, of course this is much faster than a pure brute force attack, and took only seconds).

So as long as a software player has the key in the clear and is loaded in memory 'somewhere', this type of attack will continue to work.

AACS is still 'unbroken' but like many failed encryption schemes, it was circumvented due to poor implementation.

Re:Selective keying using the whole .exe from memo (1)

3.14159265 (644043) | more than 7 years ago | (#17778082)

Now, see, this is the part I don't understand.
Even if the key is not loaded in memory, isn't reverse-engineering the exe enough to find that key, wherever it is?

I need to buy, rip, and store the content (5, Interesting)

sdo1 (213835) | more than 7 years ago | (#17777072)

Open letter to the MPAA: I hope a true "CSS" style hack is found. Otherwise, I'm remaining on the sidelines and I won't be buying any HD-DVD or Blu-Ray discs.

Hear that, MPAA!?!?! I said BUYING. You claim piracy costs sales, but you MUST then subtract the lost sales due to your overbearing copy protection. I have about 2000 CDs and about 600 DVDs in my collection. I have no HD-DVD or Blu-Ray discs. And I don't plan on it either unless things change.

It's a new world. And in this new world, I have an expectation of device portability. That means when I buy a 5" media-containing silver platter, I expect to be able to store it on a server in my house to stream it to my living room or my computer or my bedroom. I expect to be able to re-compress it for my laptop or my ipod (or -like device) for watching when traveling. I have no desire to be tied to a specific (and expensive) playback device in a specific location. You're terrified of future storage capacity that will reach into the terrabytes on small devices, but to me, that's the thing that's keeping me interested at the moment in the stuff you have to sell... the knowledge that I can have that portability in movies and TV the same way I have it for the music that I've collected over the years. The RIAA freaked out when MP3's came along, but to be honest, my interest in music had waned significantly. But now, with so much available at my fingertips, I'm VERY interested in hearing new things and I'm buying probably more than ever before (though none through the DRM-crippled iTunes store).

I will gladly buy the media, but I expect that at that point, our relationship is OVER. Thanks, goodbye. Now if I want to extract images from the movie, print them out, and wall-paper my room with them, that's MY business, not yours.

-S

Re:I need to buy, rip, and store the content (2, Funny)

suv4x4 (956391) | more than 7 years ago | (#17777704)

Hear that, MPAA!?!?! I said BUYING.

I think MPAA just pissed its pants.

Re:I need to buy, rip, and store the content (1)

guzzirider (551141) | more than 7 years ago | (#17777852)

Funny thing about DRM schemes,

Now not like this new information but historically when some kind of a secret code was used to keep a secret message secret the intent of the code was to prevent the 'un-trusted' from reading it. When the message is / if delivered the trusted party they would have the means to decipher it.

Now 'secret messages' are being used where the content is delivered to the 'un-trusted'. ..

If it was not tragic it would be pretty damn funny that now we have terms like 'trusted computing' WTFO ? I mean now I am supposed to buy something from a manufacture, by laying down my hard earned green, for a product where I the customer is not to be trusted. ?? What next, ya' buy a house and don't get the keys ??

I have been called a lot of things, maybe some of them deserving but 'un-trusted'?

I guess the only power I have here (which is minuscule) is to not lay down my green. I can only hope others will join me.

Re:I need to buy, rip, and store the content (2, Funny)

ClamIAm (926466) | more than 7 years ago | (#17778050)

when I buy a 5" media-containing silver platter
They hand you the keys on a silver platter...

The mere fact (1)

diff2uni (1049624) | more than 7 years ago | (#17777102)

That AACS protection can be easily cracked because some player manufacturer did not make the player right goes to show just how ridiculous the whole proposition is in the first place.

Bring it on! (3, Insightful)

nobodyman (90587) | more than 7 years ago | (#17777140)

This is starting to get interesting.


In theory it should be possible for the AACS LA to identify the players responsible for the breach and prevent later pressings of discs from playing back on those players until they are updated.
Personally, I can't wait for this key revocation to happen. The thing is, 95% of consumers have no idea what the hell DRM is. I'd wager that 95% of the people that own a hi-def player are blissfully unaware of the implications of key revocation are. Send out the key revocation lists and all that is about to change.

So magine the shit-storm when customers start flooding the Best Buy customer support aisle thinking that their machine is broken, when if fact it "works" just fine and the movie industry has shut down your player because some hacker is using its AACS key.

I can't wait.

Re:Bring it on! (1)

markbt73 (1032962) | more than 7 years ago | (#17777464)

It'll play right into the MPAA's hands, though. "See? Those filthy pirates stole the key for YOUR player! It's their fault, not ours!"

Re:Bring it on! (1)

HairyCanary (688865) | more than 7 years ago | (#17778068)

Won't matter. The average consumer will stop at "It does not work, give me my money back, NOW." They will not really care how it got that way.

do7l (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#17777250)

To the original users', BigAAz, fucking m4rket of OpenBSD versus

And in other news: (5, Funny)

dpbsmith (263124) | more than 7 years ago | (#17777252)

The Hindenburg did not catch fire, it was merely the hydrogen in the Hindenburg that caught fire.

The Titanic did not sink, it was just that Captain Smith did not adhere to the specifications as to how the Titanic should be operated (it says clearly on page 216, "Do not allow icebergs to rip open more than four of the water-tight compartments.")

And talk of "blunders" in the Battle of Balaclava are hogwash.

early adopters, instantly obsolete! (1)

swschrad (312009) | more than 7 years ago | (#17777346)

quoting the weasels,

"in theory it should be possible for the AACS LA to identify the players responsible for the breach and prevent later pressings of discs from playing back on those players until they are updated. As such, if the hole can be patched in the players.."

which roughly translated into English means

"anybody hacks the Belchfire player, we just lock out new titles. Belchfire fixes it for you, or you pound tar, customers. Bwa-ha-ha-ha-ha!"

just what we all needed to hear to make us want to run out and dump a mortgage payment down the rathole on one of these things. thanks for clearing it all up for us, industry!

Re:early adopters, instantly obsolete! (1)

PitaBred (632671) | more than 7 years ago | (#17778000)

I'll bet Belchfire will be much less willing to keep making players, too. Way to alienate even your cohorts, MPAA!

Their only logical option (3, Insightful)

Jugalator (259273) | more than 7 years ago | (#17777470)

If they admitted this was in fact a miss in the AACS specification about protecting the keys, AACS LA could have their algorithm face a quite severe dent in its reputation. By blaming it on player implementations, it's not their problem. However, the real problem still remains despite whatever they say -- it's the end result that matters, not whom's fault it is.

No more player software (1, Insightful)

Anonymous Coward | more than 7 years ago | (#17777684)

So there simply won't be any more PC-based player software. The outcome of this will be that no more software-based HD players will be licenced. Only stand-alone boxes, and sealed black boxes that sit between your PC/Mac and an HDCP-compliant monitor.

Otherwise the next time a programmer complains to a cryptographer that his DVDs won't play, a bypass will be found. Google "My first experience with HD content being blocked" to see this in action - about 8 days later, AACS was bypassed.

Vicious circle of blame (2, Informative)

ThePhilips (752041) | more than 7 years ago | (#17777884)

AACS hack is blamed on bad player implementation

As programmer, I can tell that it work both ways. Any deficiency (or bug) can be blamed on poor implementation. At the same time, big companies which actually looked and benchmarked development process (e.g. IBM) claim that 75% bugs are caused by erroneous specifications.

IOW, players were implemented as good as AACS has told what/how to implement.

Somehow, I doubt that documentation from AACS would be much better than that of Microsoft [slashdot.org] .

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?