Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

First AACS Blu-Ray/HD-DVD Key Revoked

CowboyNeal posted more than 7 years ago | from the changing-the-locks dept.

Movies 254

Thomas Charron writes "An update posted for Intervideo WinDVD 8 confirms that it's AACS key has been possibly revoked. WinDVD 8 is the software which had its device key compromised, allowing unfettered access to Blu-Ray and HD-DVD content, resulting in HD movies being made available via many torrent sites online. This is possibly the first known key revocation which has taken place, and little is known of the actual process used for key revocation. According to the release, 'Please be aware that failure to apply the update will result in AACS-protected HD DVD and BD playback being disabled,' which pretty much confirms that the key revocation has already taken place for all newly released Blu-Ray and HD-DVD discs."

cancel ×

254 comments

Sorry! There are no comments related to the filter you selected.

I don't completely get it. (5, Interesting)

yagu (721525) | more than 7 years ago | (#18646729)

I don't completely understand what's going on here. And that's exactly my point. I don't want to understand. Does this breach disable any user's player until they update their hardware? Will some disks play and others not? (I'm kind of making this up, but I'm role-playing what most consumers are experiencing based on my limited anecdotal observations).

I don't want to know the ins and outs of the security of the media. I want it to work like the old CD players. I insert a disk, I watch a movie. Simple. Easy. Done.

I think above and beyond the hurdle of introducing a new format, ahem, two new formats, for DVDs this kind of hiccup could be fatal to the rollout. People are annoyed enough with little things (cables plugged in wrong way, audio/video receivers improperly configured, etc.), when it comes to having to update firmware to be able to play stuff they've paid for, they're going to be mad. And maybe some, maybe many are going to rethink their upgrade plans and find regular DVD okay enough. And maybe people who have been considering HD DVD will stay away in droves. Fingers crossed.

Re:I don't completely get it. (3, Insightful)

Gossi (731861) | more than 7 years ago | (#18646777)

What this means is that *NEW* HD-DVD and Bluray discs won't work on old players, unless patched. It's a consumer nightmare as they won't know nor care about HD-DVD piracy -- they just want a disc which works.



Put simply: industry + clueless = idiots who damage their own profits. The music industry has proven this well already -- now it's time for the movie industry to not learn from the past.

Re:I don't completely get it. (5, Informative)

scottnews (237707) | more than 7 years ago | (#18647067)

It means *NEW* HD-DVD and Bluray discs won't work on WinDVD 8. The key for WinDVD 8 has been revoked. Other players use different keys. Those have not been revoked. WinDVD has released a free update with a new key, and presumably an attempt to encrypt it.

This is why HD-DVD and Bluray players require a network jack. It allows for old keys to be removed and new ones to be implemented, among other things.

Network jack?? (0)

Anonymous Coward | more than 7 years ago | (#18647117)

My Samsung (BD-P1000 iirc) doesn't have a network jack unless I am missing it somewhere.

Re:Network jack?? (3, Informative)

badfish99 (826052) | more than 7 years ago | (#18647551)

So when the key of your Samsung BD-P1000 is revoked, your player will no longer play any new disks that you buy. You will have to go out and buy a new player.

Re:Network jack?? (1, Informative)

Anonymous Coward | more than 7 years ago | (#18647615)

This entire thread is complete bullshit. Keys are not revoked via a network jack. Keys are revoked by the simple act of releasing new discs that don't support them.

Re:Network jack?? (3, Informative)

Dogtanian (588974) | more than 7 years ago | (#18647891)

This entire thread is complete bullshit. Keys are not revoked via a network jack. Keys are revoked by the simple act of releasing new discs that don't support them.
Well, yes; I believe that was the point. WinDVD is able to be updated over the Internet, but this option isn't available for the Samsung DVD player (etc). If that were the only way of updating the firmware, then the industry would be faced with a choice of revoking the keys (i.e. having future releases no longer support that player) or not revoking them, thus leaving the crack open for exploit.

Of course, this is not the case; there are likely other ways of updating firmware on "real" HD-DVD players, but they're likely to be less transparent to consumers.

Re:Network jack?? (2, Insightful)

JWW (79176) | more than 7 years ago | (#18648021)

Oh, thats #$%#$% great, I can just see it now.

Instructions for continuing to be able to use your (friken expensive) player.

1) Use your computer to download the latest firmware.
2) Burn a CD/DVD (you sure as hell had better not need to burn a blu-ray or hd dvd disk!!)
3) Insert in you player and power cycle and hope the upgrade works and doesn't leave you with a brick.
4) Continue to pay a premium for content for your player knowing that you'll probably have to do this firmware shuffle at least twice a year.

or

Don't by a blu-ray or hd dvd player ... ever. Honestly, I really don't want one of these things at all. With the cracking of CSS I have total rights to use the content I own on DVD. I won't quickly give that up for a few more lines of resolution and their draconian changable key system. Screw em'.

I think the recording industry is going to be shocked, SHOCKED! at how well DRM free music it going to do on iTunes. Its the beginning of the end for DRM...

Re:Network jack?? (1)

313373_bot (766001) | more than 7 years ago | (#18648213)

Or update some firmware, perhaps by disc? In any case, while updating a software player is trivial, therefore low cost, I'm really curious about how the manufacturers will deal with the logistical nightmare of updating thousands of hardware players.

Re:Network jack?? (0)

SleepyHappyDoc (813919) | more than 7 years ago | (#18647701)

Does it run WinDVD?

Re:I don't completely get it. (0)

Anonymous Coward | more than 7 years ago | (#18647175)

The problem isn't learning from the past, but overcoming greed. Remembering the purpose of being in the industry in the first place - providing entertainment to people.

Re:I don't completely get it. (1)

Original Replica (908688) | more than 7 years ago | (#18648115)

Remembering the purpose of being in the industry in the first place - selling entertainment to people.

Fixed that for ya.

Re:I don't completely get it. (4, Informative)

Kjella (173770) | more than 7 years ago | (#18647199)

What this means is that *NEW* HD-DVD and Bluray discs won't work on old players, unless patched.

Actually:
1. New discs won't play on the players who has had their keys revoked. Just to make that clear, this only has any effect for users of the WinDVD software player.
2. If I remember correctly, the player will keep a version of the revocation keys. So from what I've understood, once you put in a disc which says "Hey, you're supposed to be revoked" that player will stop working until you get an upgrade.

For a software player, this isn't more than what it just said - a required software update. It doesn't get nasty until hardware keys are found...

Re:I don't completely get it. (2, Insightful)

LarsG (31008) | more than 7 years ago | (#18647581)

If I remember correctly, the player will keep a version of the revocation keys. So from what I've understood, once you put in a disc which says "Hey, you're supposed to be revoked" that player will stop working until you get an upgrade.

Ouch. Imagine all the damage an enterprising anti-DRM vigilante can do if revocation lists can be faked. Or a SNAFU in the manufacturing plant.

Re:I don't completely get it. (1, Insightful)

Anonymous Coward | more than 7 years ago | (#18647639)

So can I then sue the movie studio for releasing defective product which destroyed my $500 machine?

Re:I don't completely get it. (1, Interesting)

evilviper (135110) | more than 7 years ago | (#18647739)

once you put in a disc which says "Hey, you're supposed to be revoked" that player will stop working until you get an upgrade.

This myth appears to have originated simply by a reporter from The Register misunderstanding an out-of-context quote, from someone who didn't entirely understand AACS to begin with.

Reading about AACS from the source, I didn't see anything like this at all. So please stop spreading bullshit myths.

And don't drink coke while you're eating pop rocks, or your stomach will explode, and you'll die.

Re:I don't completely get it. (1)

evilviper (135110) | more than 7 years ago | (#18647763)

Fastest mod-up ever? I just reload the comment I finished posting, and it's at +3...

Re:I don't completely get it. (0)

Anonymous Coward | more than 7 years ago | (#18648015)

It says right in the WinDVD forum [intervideo.com] :

"This update includes security enhancements as well as updated licensing keys that will be required to view both newly purchased HD DVD/BD titles and those in your existing HD DVD/BD collections."

The key words to note are: "required to view both newly purchased" "and" "existing".

So, apparently it is a widespread myth. Maybe interVideo doesn't understand AACS, or their PR person has seriously goofed by spreading the myth.

Re:I don't completely get it. (1)

midnighttoadstool (703941) | more than 7 years ago | (#18647201)

They are trying to address the problem of the rights of the copyright holder in this age of the internet. They aren't clueless idiots.

It may be that in the end the internet will bring an effective end to the mini-monopolies that copyright gives the holder, which may even be reflected in law as a recognition of a new reality. And we'll go back to musicians getting paid the same as anyone else.

They are afraid of that and working very hard to stop anyone realising that new reality, particularly law-makers.

Re:I don't completely get it. (0)

Anonymous Coward | more than 7 years ago | (#18647489)

And the real pirates will just make a copy of the full disk, protection and all

Re:I don't completely get it. (0)

Anonymous Coward | more than 7 years ago | (#18647247)

"What this means is that *NEW* HD-DVD and Bluray discs won't work on old players, unless patched."

No, according to the forum message linked in the original article:

"and those [discs] in your existing HD DVD/BD collections."

So, apparently not only "new" discs, but discs already purchased will be disabled too. If true, I'll guess that new discs inserted into an unpatched system will somehow trip the "don't play anything until patched" switch somewhere, breaking the playback for all other discs.

Those discs you bought? You don't own them anymore. Surprise!

Re:I don't completely get it. (1)

kinglink (195330) | more than 7 years ago | (#18647759)

This is the type of stupidity I expected to find.

You own the discs, no one is going to take them away from you. You own the right to use those discs. However WinDVD8 lost to right to play those discs. WinDVD8 then is issued a new key, and will continue to be allowed to play those discs. It's just requiring a update for the software. That seems reasonable in this case. Completely locking out a hardware drive or something that can't update would be unreasonable, but right now this isn't sounding like a bad thing.

The group behind this owns the format, if you disagree with this policy (Which was public from the beginning) You don't have to buy either of these formats, dvd still works wonders. But they aren't being unreasonable here. It's the same way if you disagree with Microsoft you don't have to buy the 360.

Re:I don't completely get it. (1)

JWW (79176) | more than 7 years ago | (#18647961)

Yep, I think this might answer the whole question of which format will win question....

The answer is neither....

When screw the customer is one of the FEATURES of a product the people selling it are #$#$%$% morons!

Re:I don't completely get it. (0, Informative)

Anonymous Coward | more than 7 years ago | (#18646799)

On the hardware end, if your player's device key is revoked, that player is effectively dead. When you insert a BD/HDDVD, a blacklist on the disc checks your player's device key against the keys in its list. If it finds a match, your player disables itself from playing ANY disc. In essence, playing any pre-revocation disc is okay. Any post-revocation disc will prevent playback ability for both pre and post variants.

Supposedly this is a lot easier to deal with on the software end, though.

Re:I don't completely get it. (1)

SuperDre (982372) | more than 7 years ago | (#18646933)

that's not true.. new disks won't play, old disk will keep playing on your device..

It's hard to upgrade hardware (4, Insightful)

jfengel (409917) | more than 7 years ago | (#18646931)

It should be a lot more difficult to get the keys for a hardware player than for a software player. WinDVD made an easy target because it is running on a general-purpose computer, which means that the key is sitting there in memory at some point to be snooped out. It's not easy, I'm sure, to find that key among the many megabytes of code, but it's there.

A hardware player isn't a general purpose computer. I'm sure it's possible for somebody with the right hardware to snoop inside its memory (say, inserting a special thingamabob between the memory and the mother board that allows you to read all reads/writes as they go past), but it's not going to be readily available.

Presumably somebody will be the first one to do this, and that is sure going to be a bad day for both formats. People are prepared to upgrade their software; it happens all the time and it's a relatively painless process for most people. Upgrading your hardware is not going to be easy, and it may not even be possible. (I used to own a DVD player which was "upgraded" by downloading a patch, burning it onto a CD, and putting that in the machine, but I don't know if every DVD player supports that.)

If they start denying keys on hardware players, there will be a world of pain, but I don't expect this to shatter the world. They'll just advise everybody to download a patch with a new key.

Re:It's hard to upgrade hardware (1)

d-rock (113041) | more than 7 years ago | (#18647265)

And then they'll either hack the patch to get the new key or use the same method they used to extract the original key to get the new one...

Re:It's hard to upgrade hardware (1)

Ironsides (739422) | more than 7 years ago | (#18647321)

It should be a lot more difficult to get the keys for a hardware player than for a software player.

Only if you try to get the key directly from the hardware player. I remember reading with DeCSS on the standard DVDs, that the keys were guessable by a human once they found a pattern in them. While they are using 128bit encryption for Blu-Ray and HD-DVD and DVD only used 40 bit, they still use multiple keys for unlocking the content, effectively reducing the number of bits by who knows how many. It's possible that once enough keys are found, a smart brute-force of the keyspace could be executed that would find all the keys.

Re:It's hard to upgrade hardware (0)

Anonymous Coward | more than 7 years ago | (#18647343)

Actually the AACS key space is so large that every hardware player can have its own key. I imagine this is burned into write-once memory within the decoding chip. This is their solution to DeCSS-style attacks - there are so many keys that they actually can disable individual players.

The workaround for pirates is simple: distribute disc keys, but keep the AACS key secret so that the MPAA does not know which key to revoke. The disc keys can't be revoked.

Re:It's hard to upgrade hardware (1)

m0rph3us0 (549631) | more than 7 years ago | (#18647553)

The problem with that is then on every disc each key needs to be encoded.

Lets say the market is 580 million players.

580 million * 128 bits = 8.64267349 gigabytes

That is 8 gigabytes just for the keys. Let alone the amount of time required to try decoding each encrypted field.

Sorry, it just won't work.

Re:It's hard to upgrade hardware (1)

Jeremy Erwin (2054) | more than 7 years ago | (#18647897)

Not if you organize your keyblock as a binary tree.

Re:It's hard to upgrade hardware (2, Informative)

evilviper (135110) | more than 7 years ago | (#18647967)

The problem with that is then on every disc each key needs to be encoded.

No, it doesn't. Mathematics isn't nearly that primitive. You absolutely don't have to, nor does AACS store every individual key on a disk. It's called "broadcast encryption" and it existed before AACS. Each player doesn't have a single, globally unique key. It has several keys which, in combination, are globally unique. See: http://web.archive.org/web/20060604054302/http://w ww.lotspiech.com/AACS/ [archive.org]

Sorry, it just won't work.

Sorry, you know nothing about cryptography. That is, in fact, how AACS works. Your ignorance of it doesn't change reality.

thingamabob = logic analyzer (3, Interesting)

DeadCatX2 (950953) | more than 7 years ago | (#18647993)

Unfortunately, you're assuming that the memory holding the key is in a separate chip from the processor which will use it. These days, it's common for chips to have internal non-volatile storage (Flash). I bet (note: speculation) one of the design goals for AACS was to ensure that the key was never in-flight on a PCB trace. You can't probe a signal if it's routed internally in the silicon, never leaving the chip.

Re:It's hard to upgrade hardware (3, Interesting)

evilviper (135110) | more than 7 years ago | (#18648035)

A hardware player isn't a general purpose computer.

Actually, it is. Toshiba's first HD-DVD players are, in fact, Pentium 4 computers.

(I used to own a DVD player which was "upgraded" by downloading a patch, burning it onto a CD, and putting that in the machine, but I don't know if every DVD player supports that.)

Not ALL, but the vast majority of DVD players can be flashed in the same manner.

Awesome (4, Funny)

Vexorian (959249) | more than 7 years ago | (#18646737)

No one can deny how convenient this is for the customers. The companies love us.

Re:Awesome Monopoly Powers, Activate! (2, Insightful)

Migraineman (632203) | more than 7 years ago | (#18647157)

Thank you for using the word "customers" instead of "consumers." Consumers are force-fed; customers have a choice.

But therein lies the problem with this situation. The **AA cartels have purchased the necessary legislation to reinforce their monopolies. When they revoke a DRM key that effectively bricks your hardware player for future media releases, what are you going to do? They've cost-shifted the upgrade burden onto you, and since they own the entire distribution chain, you can't take your business elsewhere. I'm quite surprised that the media cartels haven't tried to mandate use of Scrip [wikipedia.org] to purchase a lease for their items-that-shall-not-be-owned-by-the-customer. Long live the Company Store!

This is a perfect example of why monopolies are bad. This will resonate all the way down to Joe Sixpack in a form that he'll understand - "Damned 'new' movies don't play in my DVD player." He may not understand the ins and outs of DRM legislation, but he sure as hell knows what getting screwed by the establishment means.

Re:Awesome Monopoly Powers, Activate! (1)

Anonymous Cowpat (788193) | more than 7 years ago | (#18647253)

and if people just refuse to buy the product, they'll but legislation that gives them a hefty subsidy to 'protect a core intellectual property industry'. Meaning we all pay, but now don't get a product either. Ah corruption - can't beat it (literally).

let's have a vote (3, Informative)

Anonymous Coward | more than 7 years ago | (#18646755)

How many of you like to have your computers controlled by media corporations and Microsoft? Voting time is now. http://defectivebydesign.org/ [defectivebydesign.org]

Re:let's have a vote (3, Insightful)

RightSaidFred99 (874576) | more than 7 years ago | (#18647513)

You know, it's the damnedest thing. My computer is controlled by me. Everytime I see people whining about DRM I wonder what the fuss is. I run Windows XP and have had no issues with DRM because I don't buy DRM'd media. Instead of whining, I just put my money where my mouth is and so far I haven't fallen asleep cursing Microsoft or anyone else because I don't have any DRM issues to speak of. It's God Damned amazing.

Re:let's have a vote (0)

Jartan (219704) | more than 7 years ago | (#18647777)

Instead of whining, I just put my money where my mouth is and so far I haven't fallen asleep cursing Microsoft or anyone else because I don't have any DRM issues to speak of.


That works at home but if you try this at work you won't have any job to speak of either.

Re:let's have a vote (1)

RightSaidFred99 (874576) | more than 7 years ago | (#18647939)

Guh? I don't have any DRM issues at work, either. Not sure what you could possibly mean.

Re:let's have a vote (0)

Anonymous Coward | more than 7 years ago | (#18647935)

So you have never bought a DVD movie or computer game?

Re:let's have a vote (1)

RightSaidFred99 (874576) | more than 7 years ago | (#18647971)

Oh yes, I have. I copy the DVD to my hard drive using AnyDVD and I put the DVD for the games in when I want to play. Not exactly rocket surgery. If a particular DRM scheme doesn't fit my needs, I don't use it. Otherwise, I don't care.

Case in point - Itunes. I used to use it because the Hymn project had a crack for the content. I could buy the music and decrypt it and use it however the hell I wanted. When they changed the Itunes scheme and Hymn no longer worked, I stopped buying Itunes. Problem solved with a minimum of tears or whining.

Re:let's have a vote (1)

Dare nMc (468959) | more than 7 years ago | (#18648069)

have had no issues with DRM because I don't buy DRM'd media.

I have only bought 3 un-cracked DRM'd media, I have plenty of DVD's but their cracked, so no worries they load up on my media player with just a couple clicks, and a hour later it'll be loaded on my player whenever it is next turned on.

odds are that what you meant as well, you purchase no DRM'd content that is still effective.

FYI, of those 3 I bought, 1 I never got anything to work (e-book), the other 2 I got video only, no sound (HD content on DVD).

soo.... (2, Insightful)

Anonymous Coward | more than 7 years ago | (#18646767)

so if WinDVD 8's AACS key gets banned, basically all WinDVD 8 has to do is issue a patch to give it a new key, so that future discs will work? seems like that would be something that would be hackable and exploitable... especially if other aacs keys are known, i imagine hacks would come out to change the program's aacs key to any known unblocked aacs key...

it's entirely possible that i have this all wrong.

Re:soo.... (2, Insightful)

Dachannien (617929) | more than 7 years ago | (#18647795)

Knowing the key in the first place is the exploit.

.. but what if a hardware player is compromised? (2, Interesting)

uncleFester (29998) | more than 7 years ago | (#18646811)

this is what's more curious to me.. when/if a hardware player ever is compromised, what are you gonna do then? the content owner denies your access to their content.. you think the manufacturer will step up with an "oops, our bad; here's a new unit to play stuff.." har.

i don't even know if this has happened with dvd or how possible it is.. but i have to think the potential is out there, and unless the unit has some sort of design foresight to resolve some issue (firmware updates to my bluRay player? and what kinda new 'security' hole is that?!?) i'd think you could be toast. .. that might actually be one class-action suit i could hop on and enjoy, just to watch potential legal fallout. :)

-r

Re:.. but what if a hardware player is compromised (1)

zippthorne (748122) | more than 7 years ago | (#18646901)

Spam a bunch of new disks with an update patch?

Re:.. but what if a hardware player is compromised (1)

Firehed (942385) | more than 7 years ago | (#18647679)

At least we'd be getting free movies out of the deal, and thereby completely defeating the point of the copy protection. I doubt spammers would be nearly as successful as they are if you had to pay thirty bucks a message.

Re:.. but what if a hardware player is compromised (1)

denmarkw00t (892627) | more than 7 years ago | (#18647041)

(firmware updates to my bluRay player? and what kinda new 'security' hole is that?!?)

You may gawk at the idea, and though you are correct that it would probably present a security hole for hardware and networks aren't well protected, with more and more of the home becoming wired/wireless (TVs, toasters, media centers, stereo systems, the Wii/360/PS3) it won't be long before your cutting edge Blu-Ray players are also on-line 24/7, getting firmware updates while you sleep.

Re:.. but what if a hardware player is compromised (1)

Joe The Dragon (967727) | more than 7 years ago | (#18648091)

But what about the people who can't get high speed internet and only have dial up?

Re:.. but what if a hardware player is compromised (1)

Soul-Burn666 (574119) | more than 7 years ago | (#18647485)

I don't know if it's done, but if they give each individual hardware player its own key, then there should not be any problem. The only system won't be able to play vids anymore is the one that was used to hack the key.

You'd be surprised, but AACS uses a pretty clever system for key revocation which can revoke a single key without having to change anything in players with a different set of keys.

The keys are nodes of a binary tree where the leaves are the individual keys per player. Each player has the keys from itself to the root node.
The movie itself is encrypted with a symmetric key which is then encrypted as follows:
Initially, it is encrypted using the root key. Every player can play it because it they all have the root node in their "key path".
When a player is to be revoked, the symmetric key is then encrypted log(n) times with the keys just not the revoked key's path.
It includes the key neighboring the revoked key so it doesn't get hurt, it includes the key neighboring the revoked key's parent so keys on that side don't get hurt and so on.

So all you have to do is release disk keys. (0)

Anonymous Coward | more than 7 years ago | (#18647719)

The solution to AACS, from my understanding, is to release the key the disk is bulk encrypted with, and not your own decryption key. For practical reasons, it's not that the entire disk is encrypted with each of the keys (then you'd need a separate copy of the disk for each key!) what happens instead is that a single encryption key is encrypted with each of the keys mentioned in the parent. If you release that key, you can free the disk without giving away which player you used to do it! Use of Freenet from behind Tor is recommended :-)

Copyedit? (3, Insightful)

interiot (50685) | more than 7 years ago | (#18646817)

Can't Slashdot do a minimal amount of copyediting to stories before posting them?

An update posted for Intervideo WinDVD 8 confirms that it's AACS key has been possibly revoked. WinDVD 8 is the software which had it's device key compromised,
"Possibly" "confirmed" appears on its face as a likely contradiction, and it is... the linked article says "please be aware that failure to apply the update will result in AACS-protected HD DVD and BD playback being disabled".

Re:Copyedit? (5, Insightful)

Anonymous Coward | more than 7 years ago | (#18646851)

... and for G*d's sake, it's "its," not "it's"!

(World's easiest job: slashdot "editor.")

Re:Copyedit? (0)

Anonymous Coward | more than 7 years ago | (#18648119)

> (World's easiest job: slashdot "editor.")

Last I heard, they were getting paid something like $28K a year.

Of course they could hire no end of qualified people in India for that, and aside from hearing how the AACS consortium would "do the needful" of revoking the keys, the spelling and grammar would otherwise be perfect.

Re:Copyedit? (1)

denmarkw00t (892627) | more than 7 years ago | (#18647111)

Mod parent up! (I would, but I've already commented on this article.) /.'s editing is quite shallow - at least every sentence is properly capitalized. Maybe we need a 'Grammar or GTFO' meme... oh shi- this isn't eBaum's my bad.

Re:Copyedit? (0)

Anonymous Coward | more than 7 years ago | (#18647189)

> /.'s editing is quite shallow

You must be new here.

Re:Copyedit? (1)

Dogtanian (588974) | more than 7 years ago | (#18647177)

Can't Slashdot do a minimal amount of copyediting to stories before posting them? "Possibly" "confirmed" appears on its face as a likely contradiction
CowboyNeal reports that Slashdot will "definitely maybe" take up your suggestion. Noel Gallagher unavailable for comment.

In other words, (1)

bjdevil66 (583941) | more than 7 years ago | (#18646833)

Update your software now because you are may be guilty of a crime.

hardware players? (2, Interesting)

MoOsEb0y (2177) | more than 7 years ago | (#18646837)

What are the implications for hardware players? Will they now need to be updated, or does this key revocation only apply for WinDVD in particular. If so, does this mean that it would be possible to hack apart a hardware HDDVD/Bluray player and take its key? This doesn't seem like a very secure system if that kind of attack is possible.

Re:hardware players? (1)

Kjella (173770) | more than 7 years ago | (#18647243)

What are the implications for hardware players?

None.

would [it] be possible to hack apart a hardware HDDVD/Bluray player and take its key?

Nobody's done it, but if it happened they coudl revoke that key. Of course, if you found a way to extract it from a class of players, they might have to recall all those players.

Re:hardware players? (1)

bhima (46039) | more than 7 years ago | (#18647725)

Doubtless, a update could be achieved with a properly written DVD.

Still I'd love to see the necessity.

Re:hardware players? (0)

Anonymous Coward | more than 7 years ago | (#18647357)

1. No players (hardware or software) other than WinDVD will be affected.
2. Unpatched WinDVD will only be able discs published before the exploit.
3. Patched WinDVD will be able to play any disc.

PS3 (1, Interesting)

Sobieski (1032500) | more than 7 years ago | (#18646843)

Soo, what if PS3s key gets revoked? Would all the owners have to return their machine?

Re:PS3 (4, Insightful)

ivan256 (17499) | more than 7 years ago | (#18646885)

It's a networked device. They'd just put out a firmware update. Sorry to shatter your dreams.

It would be more interesting to find out what would happen if the key to the Sony standalone BluRay players was discovered.

Yes, but... if it was hacked once.... (1)

Fallen Kell (165468) | more than 7 years ago | (#18647255)

If the player was already hacked once, the probability only goes up that it would be hacked again. Especially if a hardware level flaw was uncovered (i.e. a physical attack which was able to intercept the key as it is being read/used would make any new key given the device just as exposed as the last key).

Re:PS3 (1)

fimbulvetr (598306) | more than 7 years ago | (#18647271)

It's not that simple. If they got the first key, it's pretty likely they'll get the second, third, etc. The inconvenience of always having to flash, + the failure rate of these flashes doesn't make for a very good experience.

Re:PS3 (1)

Odin's Raven (145278) | more than 7 years ago | (#18647415)

It would be more interesting to find out what would happen if the key to the Sony standalone BluRay players was discovered.

They'd probably do what standalone DVD player vendors do - release a firmware update as a disc image that customers could download, burn, and insert into their standalone player. From there, it works much the same way as flashing a desktop computer's BIOS - the DVD player starts to load the disc, recognizes it as an update, and flashes its firmware. (For example, Pansonic has nearly two dozen updates like this available in the DVD Firmware [panasonic.com] section of their support site.)

From a quick check on the Sony support site, they've already released a disc-based firmware upgrade for their BDP-S1 BluRay Player [sony.com] , so this seems like the route Sony would use if they ever had to push out new keys.

Re:PS3 (1)

badfish99 (826052) | more than 7 years ago | (#18647643)

This will work fine for a few years, while there are only a few models of player, and they are expensive enough for it to be worthwhile supporting them.

But after a while it will become impossible to get updates for older models of players. People will have to keep on buying new ones as the keys for their old ones are revoked.

Perhaps the stores will start having special offers: "buy this disk for $100 and get a free player that will play it".

Re:PS3 (1)

mccoma (64578) | more than 7 years ago | (#18648051)

I don't think it will work fine. No normal consumer will "download a disc image, etc." They will take the player back and complain it is not playing anything anymore, or start a "virus" scare with the disc that "destroyed" their player.

Actually, this sounds like a great new business for "Geek Squad". We can rescue your player from those evil hackers - pay us.

Re:PS3 (1)

stewwy (687854) | more than 7 years ago | (#18648211)

yes so how do you find the new ps3 key .... you compare the new firmware with the old and voilà ( well not quite that straight forwards but you get the idea)
Its been hacked once therefore the security will be much lower as both the known key and the unknown key will be out there, the key must be transmitted with the "upgrade" or what's the point. you can also make a pretty good guess as to where in the code the information was and now is.

Re:PS3 (0, Troll)

Null537 (772236) | more than 7 years ago | (#18647063)

Yes, all 10 of them.

Re:PS3 (0)

Anonymous Coward | more than 7 years ago | (#18647385)

You're just jealous cause you don't get to fight giant CRABS!!11oneoneoneeleventyone111!

Great! (5, Insightful)

Bri3D (584578) | more than 7 years ago | (#18646847)

And the update must have the new key in it!
And we know how smart InterVideo have been about protecting the keys so far...

The fact of the matter is that if it can be decrypted and the user has physical access, there is *no way* to make "unbreakable" DRM. None. At all.
Especially on most modern CPU architectures where memory and the bus are unencrypted. The data *has* to go through RAM and over the bus.
Therefore there *is no protection*
It takes *one* decrypt to defeat their supposed purpose "keeping them dirty pirates from getting it" and this decrypt will *always* happen. But yet they waste millions in R+D money making ridiculously bad systems to try to prevent something that's physically impossible to prevent.

The Zero-day race is on (1)

jms (11418) | more than 7 years ago | (#18646961)

Does anyone seriously doubt that there will be a day-zero crack of the new keys?

Re:Great! (4, Interesting)

Nasarius (593729) | more than 7 years ago | (#18647023)

And the clever cracking groups will grab a key and not tell anyone, just keep using it to make releases. It'll be amusing to watch and see what happens, though. Will they keep playing whack-a-mole when they can find which key has been extracted? Will they finally realize it's just not worth the effort? Or will they end up revoking all software player keys and forcing you to buy and use the hardware players? I'm betting on the latter.

Re:Great! (1)

julesh (229690) | more than 7 years ago | (#18648191)

Or will they end up revoking all software player keys and forcing you to buy and use the hardware players? I'm betting on the latter.

They can try it if they want to face a class action from everyone who's bought an HDDVD drive for their PC. I still don't see that intentionally and specifically disabling somebody's property can be legal.

Microsoft might object to that! (1)

debest (471937) | more than 7 years ago | (#18648271)

Or will they end up revoking all software player keys and forcing you to buy and use the hardware players? I'm betting on the latter.

I know that Microsoft has the Xbox 360 with the HD-DVD add-on drive, but surely they might have a bit of incentive to be in the "media centre" market where Vista is the focus of an HD home theatre? If there are only "hardware" solutions, they would be shut out. Could Microsoft afford that?

Re:Great! (1)

d-rock (113041) | more than 7 years ago | (#18647039)

Exactly. I'm interested in how Corel is protecting the new key it's trying to distribute. I mean, if they can hack the AACS key out of the player why do they think that they won't break the update to get the new key? Even if they're using some sort of public/private key pair embedded in the software, that too should be easily extracted. I'd wager that the new key will be available very soon.

Derek

Re:Great! (1)

Lumpy (12016) | more than 7 years ago | (#18647223)

You are missing the fun part. Every one of these they do gets us closer to completely cracking it. and once they do we can have the entire pool of keys on a disc and that will kill their ability right there.

Re:Great! (1)

evilviper (135110) | more than 7 years ago | (#18647459)

there is *no way* to make "unbreakable" DRM. None. At all.

There's no way to make DRM unbreakable IN SOFTWARE. However, even there, there are numerous ways to make it so ridiculously difficult to find the key, that it would either require millions of dollars in equipment and thousands of man-hours for each key (which can be trivially revoked) or perhaps waiting many years until technology improves, until they don't really care anymore if the DRM is broken.

In hardware, however, DRM can be absolutely impossible to break, though the cost in doing so would be prohibitive, currently.

Upgrade Cycle (1, Insightful)

Anonymous Coward | more than 7 years ago | (#18646917)

This is another new "Upgrade Cycle" that the (legit) consumer has to pay for in the end. How so? How long is WinDVD 8 going to be supported; aka how many patches are going to be issued for said software, also for how long.

Grammar nazi ahead (1)

JamesP (688957) | more than 7 years ago | (#18646959)

Oh, come ON!

"An update posted for Intervideo WinDVD 8 confirms that it's AACS key has been possibly revoked. WinDVD 8 is the software which had it's device key compromised,

Really, IT'S != ITS

First AACS Blu-Ray/HD-DVD Key Revoked (4, Insightful)

denmarkw00t (892627) | more than 7 years ago | (#18646985)

...and certainly not the last. Beware, HD-DVD/Blu-Ray consumers, you're in for a bumby road of software patches and exploits that move twice as fast!

Re:First AACS Blu-Ray/HD-DVD Key Revoked (1, Insightful)

that this is not und (1026860) | more than 7 years ago | (#18647213)

The same people at work who I hear carrying on about their HD-DVD/Blu-Ray video gear are also the ones carrying on about having the latest, biggest SUV with all the power options and the biggest engine.

It's okay being in the background, a few cubicles down, hearing them carry on. I try not to gloat secretly inside at the train-wrecks they find themselves, and their credit card balance, trapped in. It's more righteous to quietly pity them.

They ain't nerds, that is for sure. They're the nemesis of us. Marketing folks love 'em though, and will always try to maintain the myth that they are 'the techno-elite.'

Analog hole, thanks Thailand flea-markets (0, Troll)

Gothmolly (148874) | more than 7 years ago | (#18647019)

And the uber encrypted movie only on BluRay will be filmed in a Thai movie cinema and sold for $2 on the street... where's the protection again?

Re:Analog hole, thanks Thailand flea-markets (1)

deejaymaxx (253408) | more than 7 years ago | (#18647325)

Well I would call the rattling of candybags, popcorn boxes and snickering of all those thai kids in the audience protection enough. Because that's what you get when you buy a crappy camcorded dvd on the black market. (okay so telesync removes distracting audience noises but please, the video quality..)

It's not so much a question of "how soon it will be available on the net and/or thai market", rather than "how soon it will be available on the net/and or thai market in a format that you can actually watch without having your eyes and ears bleed."

Oh and a simple point: a hardware drive was already hacked, it was actually the first method used to retrieve the hd/bluray-keys (check older news for the doom9 link). It doesn't matter how many updates the companies push out, the old hacked drive can still be used to retrieve keys from the new discs.

Incorruptible projectionists? (1)

mangu (126918) | more than 7 years ago | (#18647823)

I would call the rattling of candybags, popcorn boxes and snickering of all those thai kids in the audience protection enough


Even if it's not part of their job description [careerplanner.com] to "install a camcorder where it can film the screen from above the heads of patrons and use a Y-cable to patch the sound directly to the camcorder", I can't imagine how anyone can pretend it's impossible for someone to arrange a special screening with the projectionist at one of the tens of thousands of movie theaters available worldwide.

Funny how similar this is to WEP (1)

Wishful (526901) | more than 7 years ago | (#18647029)

You distribute a shared secret, it gets compromised you have to update every user with the new key.

What really happens.....people get annoyed with the hassles and either choose a better method, or no encryption at all.

Not a happy future for the current generation of HD players.

Ahh, certainty (5, Funny)

Moridineas (213502) | more than 7 years ago | (#18647181)

"confirms that it's AACS key has been possibly revoked"

Well, I'm glad that's been confirmed...

New use for PS3 Linux (5, Funny)

supabeast! (84658) | more than 7 years ago | (#18647249)

If anyone really wants to piss off Sony, start a PS3 Linux project to build a PS3-based supercomputer that can be used to crack all of the Blu-Ray keys.

Re:New use for PS3 Linux (0)

Anonymous Coward | more than 7 years ago | (#18647963)

Yes, firmware 1.61 is going to offer cracking@home clients.

The power of the dollar (1)

HycoWhit (833923) | more than 7 years ago | (#18647257)

The industry will never listen/read a bunch of slashdot posts and change. Now if every /. reader went out and bought a few Blu-Ray/HD-DVD's then returned them as unplayable and asked for money back--now that might start to get the industry's attention.

Re:The power of the dollar (1)

AndrewNeo (979708) | more than 7 years ago | (#18648189)

You want us to slashdot the market?

Anybody remember... (1)

NoseBag (243097) | more than 7 years ago | (#18647613)

...VideoCipher II?
As quick as the satellite broadcasters changed keys, the hackers would crack and distribute them.

As far as I know... (0)

Anonymous Coward | more than 7 years ago | (#18648185)

...that hasn't happened with BSkyB in the UK. Their encryption is secure, and has been for many years, unless anyone can correct me!

What happens when V9 is available? (1)

AmiMoJo (196126) | more than 7 years ago | (#18647817)

What happens when they release a new version of the software that you have to pay for? Say someone then cracks V8 again, will they release a free update or will everyone be expected to pay for V9 in order to watch new movies?

Apostrophe revoked (0)

Anonymous Coward | more than 7 years ago | (#18648269)

Please learn it once and for all. IT'S stands for IT IS, IT IS a CONTRACTION.

right of first sale? (2, Interesting)

mrcubehead (693754) | more than 7 years ago | (#18648283)

I was wondering, what if you bought a commercial disk and made a copy without protection (via copy circumvention in a country where fair use isn't demolished by the dmca, like in sweden), and then destroyed the original, and resold it as a "drm-free" version? No one can argue the content has changed... so doesn't this then fall under the right of first sale, which was upheld by the supreme court some time ago?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>