Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Media Encryption Security Your Rights Online

New AACS Crack Called "Undefeatable" 554

Posted by kdawson
from the go-ahead-revoke-all-the-keys dept.
Tuoqui writes "With all the focus on the infamous hexadecimal number, people may be ignoring a bigger weakness in the AACS armor, which emerged two weeks ago. Some hackers have figured out how to crack AACS in a way that cannot be defeated, even by revoking all the keys in circulation."
This discussion has been archived. No new comments can be posted.

New AACS Crack Called "Undefeatable"

Comments Filter:
  • by Anonymous Coward on Thursday May 03, 2007 @10:17AM (#18973009)
    I'm just enjoying my coffee, and suddenly I'm faced with an article about somebody's crack!
    • Re: (Score:3, Funny)

      by spun (1352)
      If you see a post with a link claiming "You could pound away at this crack with a jackhammer and not defeat it," or "An even bigger crack," or even "Expanding the crack," DO NOT CLICK IT!
  • Got it! (Score:3, Funny)

    by otacon (445694) on Thursday May 03, 2007 @10:17AM (#18973025)
    Oh I know, don't use HD-DVD...there...defeated.
    • Re:Got it! (Score:5, Interesting)

      by elrous0 (869638) * on Thursday May 03, 2007 @10:21AM (#18973077)
      Blu-ray will be effected too, since it uses AACS. Of course, Blu-ray has an added layer of protection which they've never actually used before. This will prompt Sony to tout Blu-ray to studios as a solution to the crack. It will also prompt Sony to cry when, exactly 5 minutes after it's first used, a hacker cracks it too.
      • Re:Got it! (Score:5, Funny)

        by WED Fan (911325) <(akahige) (at) (trashmail.net)> on Thursday May 03, 2007 @10:56AM (#18973657) Homepage Journal
        Sony has the added security feature in that in a few short years, like Betamax, MiniDisc, etc, the Sony backed format will fail, players and computer devices will disappear and the format will be safe from cracking. Security Through Undesired Format.
        • Re:Got it! (Score:5, Funny)

          by An ominous Cow art (320322) on Thursday May 03, 2007 @11:03AM (#18973809) Journal

          Security Through Undesired Format.
          Sounds like a good name for a standard. Perhaps we can use the French form of the acronym, STFU. :-)

        • Re:Got it! (Score:5, Funny)

          by IdleTime (561841) on Thursday May 03, 2007 @11:24AM (#18974233) Journal
          I think you mean:
          Security Through Undesired Format - Intelligent Termination or STUF-IT..
        • Re:Got it! (Score:5, Funny)

          by Anonymous Coward on Thursday May 03, 2007 @01:38PM (#18976443)
          Not to be outdone, the MPAA is working with filmmakers to ensure that movies encoded onto BlueRay disks will be undesired long before Sony has managed to kill their superior format through stupid business practices. Leading the way is George Lucas who's company, LucasArts, has been the driving force behind many of the technological innovations in movies over the past 30 years. Says Lucas, "Our initial testing has been very positive. Test films like "Episode I" were almost unwatchable. And while the addition of a semi-coherent plot weakened the protection scheme from the two subsequent sequels, we've learned our lesson."

          Lucas claims that his proprietary JarJar technology is showing incredible promise and that many of the summer's biggest blockbusters are planning to include this protection scheme. Yet the technology is not only effective for new movies. "One of our biggest markets is in the protection of older movies as they are released onto the higher definition formats. For example, we've added a 10 minute scene to 'Forrest Gump' featuring a conversation between JarJar and the title character which test audiences have indicated is 'more painful than child birth', as one woman put it."
  • by Rik Sweeney (471717) on Thursday May 03, 2007 @10:18AM (#18973029) Homepage
    Nothing for you to see here. Please move along.

    Huh, looks like the new strategy is issuing DMCA Takedown orders against anyone who suggests that it is undefeatable...
    • by elrous0 (869638) * on Thursday May 03, 2007 @10:27AM (#18973191)
      Funny, when you said "DMCA" I heard a loud thump. It sounded a lot like Kevin Rose's knees hitting the floor.

      Oh, wait a minute...I think I hear a zipper too.

    • Re:Undefeatable? (Score:5, Insightful)

      by Bonker (243350) on Thursday May 03, 2007 @11:04AM (#18973821)
      Interestingly enough, there is a very real defeat of the DMCA here: massive disobedience.

      The DMCA is an unpopular law passed by surreptitious means. The more people run into it, the more they're disgusted with it.

      Most Americans don't feel that it is ethically wrong to behave in ways that the DMCA marks as illegal. Worse, they're inconvenienced by the law and are actively looking for workarounds for the technology it impacts.

      The Digg vs. Hex number story is a good example. Digg tried to comply with the law, but its users revolted and forced the site's admins to acquiesce. Even if Digg is shut down by federal authorities, arresting thousands of users for posting a 32bit number is going to prove... difficult.

      The RIAA's spam lawsuit settlements have proven that it's massively difficult and probably more trouble than it's worth to go after widespread casual copyright infringement. Widespread casual DMCA infringement, like many other 'casual' crimes simply won't be prosecutable to the degree even the most vicious police force would like.

      The Doom9 Xbox crack is much the same. It's certainly a very technical challenge to the AACS scheme. Both its undertaking and disseminating how it's done is illegal under the DMCA. However, nobody cares any more.

      What's the worst that can happen? You get arrested, have to pay a fine, and maybe even go to jail. The RIAA is already trying to apply that same punishment to innocent people.

      Obeying this law doesn't even carry the benefit of being free from prosecution. Why should anyone worry about breaking it if those behind it are going to press charges anyway?

      The DMCA is dead-- killed by apathy.
      • Re: (Score:3, Informative)

        by spikedvodka (188722)
        $ `dd if=/dev/urandom of=File.txt bs=1 count=32 && cat File.txt`

        09f911029d74e35bd84156c5635688c0

        $

        "I swear you honor, my computer came up with it randomly"
      • Re:Undefeatable? (Score:5, Insightful)

        by pjrc (134994) <paul@pjrc.com> on Thursday May 03, 2007 @11:49AM (#18974635) Homepage Journal
        No, Digg did MUCH MORE than simply try to comply with a DMCA takedown notice.

        They censored all discussion critical of their actions. They banned users critical of them, even those who never posted the number. They deleted all commentary that pointed out their previous sponsorship by the AACS-LA, and banned anyone attempting to bring this to light.

        Their apology pretended like they had never deleted or banned anyone for simple dissent, or even banned anyone, only just deleted the magic number. Even after the apology, they continued to suppress stories calling attention to their censorship of pure, non-infringing dissent speech and mention of their financial relationship with the AACS-LA.

        THAT is what much of the Digg revolt was about. It's a LOT more than just the number. Here are a couple good articles with the real truth. The Digg folks would like nothing more than for everyone to believe this was ONLY about a 16 byte number. Please read these and next time you see this mistruth, you'll know better.

        Digg fights user revolt over HD-DVD ban - Digg founders took HD-DVD sponsorship. [texyt.com]

        Digg still isn't telling the whole truth about its HD-DVD sponsorship [texyt.com]
        • Re:Undefeatable? (Score:5, Insightful)

          by Platypii (132649) on Thursday May 03, 2007 @02:04PM (#18976913)
          I agree completely, and what baffles me even more about people accepting Kevin Rose's repsonse is that IT WAS NOT EVEN AN APOLOGY!

          Nowhere in it did they admit wrong doing or say "I'm sorry". He only said "we get it." What is that shit??

          Not to mention that the digg community would probably not have been mad if they removed posts with the numbers by court order, and were open about the process (like Slashdot did). Instead, they removed references to the numbers which the MPAA had not yet even complained about, and also banned the users! (none of which is required by the DMCA)

          And, to add icing to the cake, rather than being open about this and saying "look, we're removing these posts because we have to, we're sorry! write your comgressman about the DMCA." Instead, they deleted stories and posts in secret, and hoped that the truth would not come out.

          Why are people so willing to forgive Digg's admins for this offense without even an apology??
      • Re:Undefeatable? (Score:5, Insightful)

        by exi1ed0ne (647852) <exile@@@pessimists...net> on Thursday May 03, 2007 @11:50AM (#18974665) Homepage

        Most Americans don't feel that it is ethically wrong to behave in ways that the DMCA marks as illegal. Worse, they're inconvenienced by the law and are actively looking for workarounds for the technology it impacts.

        This is not just true with technology law. People obey laws because they are what they normally would do anyway, aren't overly inconvenienced by it, or it only affects a small percentage of people. Laws aren't effective ways to change behavior, which is why I just shake my head at all the folks who want more regulation to "fix" something.

        Speed to work anyone?

  • by rambag (961763) on Thursday May 03, 2007 @10:18AM (#18973039)
    "I reject your AACS crack and substitute my own"
  • by 8127972 (73495) on Thursday May 03, 2007 @10:19AM (#18973049)
    .... Then maybe media companies will give up this DRM non-sense which does nothing but frustrate consumers and slow the adoption rate of digital media in the mass market.
    • by Itchyeyes (908311) on Thursday May 03, 2007 @10:25AM (#18973161) Homepage
      If they didn't learn anything from the countless other times this has happened to other forms of DRM, I don't know what makes you think they'll learn anything from this one.
    • Re: (Score:3, Insightful)

      by aadvancedGIR (959466)
      Not a chance. A more likely outcome would be that only pirates would be able to read genuine HD disks after all the keys would have been invalidated.
      • Re: (Score:3, Funny)

        by Anonymous Coward
        1. Release HD movies
        2. Wait for adoption
        3. With ample support from a corrupt gouvernment, make it so that the only way to view the movies is to use a easily encountered but illegal circumvention tool
        4. ???^H^H^HLawsuits
        5. Profit!!!
        (6. Be the first against the wall when the revolution comes)
  • by Kadin2048 (468275) <`ten.yxox' `ta' `nidak.todhsals'> on Thursday May 03, 2007 @10:22AM (#18973081) Homepage Journal
    Basically this crack relies on using a Microsoft HD-DVD drive for the XBox 360, with a special firmware patch (which requires you to remove the firmware chip, flash it, and then solder it back in). With a hacked drive, you can apparently get the Volume ID, which is one of the parameters used in the encryption, directly off of the disc. Normally the Volume ID isn't passed to the host computer, I think.

    Anyway, in the bizarro-world that the people who write DRM systems inhabit, I think that this will probably just push them to make the drives harder to "tamper" with; I fully expect that they'll eventually just pot the circuit boards in epoxy or something, to keep you from desoldering the chips.

    So if you're interested in this stuff, you might as well go out and get one of the MS drives or other first-gen drives, because I suspect the hacking possibilities may decrease over time; it's going to be these early drives which are the most hackable.
    • So if you're interested in this stuff, you might as well go out and get one of the MS drives or other first-gen drives, because I suspect the hacking possibilities may decrease over time; it's going to be these early drives which are the most hackable.
      I'll buy one now in the hopes of selling it in a few years, when people will probably be willing to pay for a moddable drive.
      • by Anonymous Coward on Thursday May 03, 2007 @10:32AM (#18973299)
        I'll buy one now in the hopes of selling it in a few years, when people will probably be willing to pay for a moddable drive.

        Good thinking. After all, what better investment over time than computer hardware. I can't even begin to imagine how much I could get for my Atari 800 now. And to think I paid only $1,000 for it! But I'm no fool. I'm passing this one down to my grandkids to help fund their college education.

    • by Lumpy (12016) on Thursday May 03, 2007 @10:29AM (#18973237) Homepage
      I think that this will probably just push them to make the drives harder to "tamper" with; I fully expect that they'll eventually just pot the circuit boards in epoxy or something, to keep you from desoldering the chips.

      that did not even slow me down in the 80's and early 90's with the VideoCipher II boards. After 1 week we found a easy way to "unpot" the board and continue on.

      I personally hope they try it, it will be amusic to watch their attempts fail as they try things that early hackers defeated decades ago.
      • by networkBoy (774728) on Thursday May 03, 2007 @11:01AM (#18973757) Homepage Journal
        And that is because hackers are much better at retaining tribal knowledge. Hackers tend to stay around a while, as their physical presence and on-line presence are disparate things, while corp. drones move to new jobs, taking the little bits of knowledge with them, as their on-line presence and physical presence within the company are immutable. New company, new on-line & physical presence, you are completely unavailable to your old company (there are exceptions of course, but the norm is the overwhelming majority).
    • by mhall119 (1035984) on Thursday May 03, 2007 @10:38AM (#18973417) Homepage Journal

      Anyway, in the bizarro-world that the people who write DRM systems inhabit, I think that this will probably just push them to make the drives harder to "tamper" with; I fully expect that they'll eventually just pot the circuit boards in epoxy or something, to keep you from desoldering the chips.

      The article is a little old, the links to the doom9 forum go to posts from early last month. Within a few days of those posts, there was a link to xboxhackers where they were able to accomplish the same thing without having to patch the firmware, ie, no desoldering.
    • by dave420 (699308) on Thursday May 03, 2007 @10:41AM (#18973467)
      This crack relies on just one person having one of these cracked drives, and using it to expose weaknesses that can be exploited on non-cracked hardware running custom software. Whether MS took these drives off the shelf tomorrow or not, it doesn't matter. The fact at least one cracked drive exists out there, in the hands of people looking to circumvent the DRM, means this crack can't be stopped. Us normal non-firmware-hacking types will have to wait for where this current hack takes us, as this is the first step to getting an unrevokable crack in the hands of johhny-no-soldering-iron.
      • Re: (Score:3, Insightful)

        by radtea (464814)
        This crack relies on just one person having one of these cracked drives

        More deeply, it depends on the fundamental mistake of trying to use encryption for content protection. As the article says:

        The real problem with trying to create an "uncrackable" copy protection is that the media must come with the keys used to decrypt it somewhere on the device and the media itself. Hiding these keys in different places--security by obscurity--merely delays the inevitable. Of course, for the content providers, any dela
    • by Nom du Keyboard (633989) on Thursday May 03, 2007 @10:42AM (#18973499)
      You're missing the point here. Everybody doesn't have to do this. One person does this and posts Volume Keys for each new release, allowing everyone else to simply decode with the volume key. If this truly can't be revoked, then it doesn't matter it they make it inaccessible tomorrow. Not until every existing modded player breaks beyond repair would it be secure again.
  • by Rik Sweeney (471717) on Thursday May 03, 2007 @10:22AM (#18973095) Homepage
    "No matter how many Private Host Keys they revoke we will still be able to get Volume IDs using patched xbox 360 HD DVD drives."

    I hope the hacker isn't suggesting that this whole encryption key debackle is somehow Microsoft's fault, could you imagine the lawsuit?
  • by rolfwind (528248) on Thursday May 03, 2007 @10:23AM (#18973113)
    Punishing legitimate customers since it's inception. I got reminded of this again today after not being able to play a DVD in my Powerbook because of region encoding. Funny thing is, this DVD is only really of extreme local interest and any outside interest/sales are negligible - since it's only sold in one region so why do the authors enforce region encoding? Do they not know what it is?

    Maybe it's better to pirate afterall. Less hassles that way.
    • Re: (Score:3, Insightful)

      by Billosaur (927319) *

      The fact is, this is a losing battle for the MAFIAA... Any DRM scheme that can be dreamed up can be cracked eventually. They would benefit more form making their content easily accessible, readily available, and cheap enough for people to get at that piracy becomes a background issue. Eventually, all that content is going to get from DVDs to the Internet -- if I were them I'd given up trying to stop people via DRM and start trying to woo people by giving some content away.

    • You got that right. (Score:4, Informative)

      by Kadin2048 (468275) <`ten.yxox' `ta' `nidak.todhsals'> on Thursday May 03, 2007 @10:38AM (#18973419) Homepage Journal
      HandBrake [m0k.org] is your friend.

      With the size of today's hard drives, carrying around physical DVDs to watch on one's Powerbook just seems silly. Rip 'em (I personally think most movies look fine using MPEG-4 2-pass, target size of 700MB) and chuck 'em on your hard drive; uses a lot less battery power and it's one less thing to have to keep in your laptop bag.

    • Re: (Score:3, Informative)

      by element-o.p. (939033)
      For Linux, there's a utility called regionset (Google it) to reset the region codes on a DVD drive. I would imagine there's one for Macs as well, but be warned: I've read that some DVD drives only allow you to change the region code a fixed number of times. So, you might be better off acquiring an external DVD drive to play DVDs from this region and use the built in drive to play DVDs from whatever region you normally use.
  • Poor Sony? (Score:4, Funny)

    by shawnmchorse (442605) on Thursday May 03, 2007 @10:26AM (#18973177) Homepage
    I have to wonder if the huge amount of HD-DVD hack coverage lately is starting to make Sony wish that someone would spend more time hacking Blu-Ray. There's no such thing as bad press?
    • Re:Poor Sony? (Score:5, Informative)

      by tlhIngan (30335) <slashdot@wor[ ]et ['f.n' in gap]> on Thursday May 03, 2007 @10:43AM (#18973511)

      I have to wonder if the huge amount of HD-DVD hack coverage lately is starting to make Sony wish that someone would spend more time hacking Blu-Ray. There's no such thing as bad press?


      Sony's probably really happy about it, actually. If they can show that HD-DVD is worthless, studios will drop it in favor of the far more DRM-heavy Blu-Ray.

      There are things that Blu-Ray could use (they're in the spec) but possibly aren't at the moment.

      Basically, HD-DVD only has AACS to protect it. It doesn't have region coding (yet?) or other crap that just didn't work on DVD (someone at the DVD Forum saw the writing on the wall for region codes and just didn't put them in for HD-DVD). Every HD-DVD/DVD combo has the Region 1 logo, followed by "DVD Only" - implying that the region code is strictly for the DVD part. Same goes on the HD-DVD player - Region 1 logo, "DVD Only".

      Blu-Ray has the BD+ protection, plus something they call ROM Mark. And of course, region codes. Though, Sony at least tried to be reasonable, and instead of the 9-odd regions of DVD, they reduced it to 3. ROM Mark protection basically says every Blu-Ray disc has to have a fingerprint that tells the type of the disc, and who pressed it. So if a flood of pressed Blu-Ray discs come out, the Blu-Ray association can find out who pressed it, pull their license and shut them down. (And discs without said mark... just don't work). It also keeps stuff like movies from being played if they're on the wrong medium (e.g., BD-R).

      Blu-Ray is far more technologically advanced (25GB/layer) than HD-DVD, however, the latter makes use of existing DVD production lines (trivial upgrade, which is why HD-DVD/DVD flipper discs are around), and uses lessons learned about DVDs to produce a better product (like the uselessness of region coding). I suspect that the DVD production tools also underwent just minor changes (support for new codecs and JavaScript) since the HD-DVD releases seem to be of better quality despite the fact that they're 20GB smaller (dual layer BD vs. dual layer HD-DVD) to fit the data... (extras and everything).
    • Re: (Score:3, Insightful)

      by |/|/||| (179020)
      I don't know, but "easily hackable" is certainly one of my top criteria in picking a format. HD-DVD is getting a lot of very good press the past couple of days.

      The funny thing is, that means I would actually *buy* movies in the hackable format. I wouldn't make copies, I would purchase physical disks! I'm not interested in distributing copies, either - but if I want to cut out clips from movies and edit them together, or if I want to add funny subtitles for my own entertainment, or if I want to copy the d

  • you are attempting to control the flow of ones and zeros in a world where an electronic communication system designed to withstand a nuclear attack is now ubiquitous

    you should give up. you've lost, and will keep losing. it's just silly to keep going down this path. there is only more pain in store for you

    people will still make movies. people will still make music. it's just that your particular pre-internet business model is now obsolete

    go ask the aztecs or the incans if the appearance of new technology was fair to their empires

    it wasn't. but it didn't stop technology in the form of gunpowder and sailing ships and metal armor from rendering them obsolete

    so it is with you and the internet

    sorry

    reality is a bitch
    • by stubear (130454) on Thursday May 03, 2007 @10:40AM (#18973459)
      "people will still make movies. people will still make music."

      I can't wait to see all the product placement blockbusters. And all those ad-laden songs are going to be really cool to dance to. </sarcasm>

      Just because distribution is easier on the internet does not give anyone with access to a computer the right to distribute content they do not hold the copyrights to. Many new services of downloadable content are springing up and work just fine and they support the production studios. Use them if you want to download movies/music or don't consume copyrighted entertainment. It is really they simple.
      • by sconeu (64226) on Thursday May 03, 2007 @11:03AM (#18973793) Homepage Journal
        Just because distribution is easier on the internet does not give anyone with access to a computer the right to distribute content they do not hold the copyrights to.

        Who said anything about that?

        I buy a [HD-]DVD. I want to play it on my $OS-OF-CHOICE box, as well as my set-top box. However the [HD-]DVD consortium refuses to license a $OS-OF-CHOICE player. Therefore, I need to crack their DRM to make use of my legally purchased [HD-]DVD.
      • Re: (Score:3, Insightful)

        by div_2n (525075)
        Just because distribution is easier on the internet does not give anyone with access to a computer the right to distribute content they do not hold the copyrights to.

        This is completely irrelevant to what I believe the majority of us who abhor DRM are all about.

        First, understand that people who want to pirate/get "free" content will regardless of whatever DRM is created. If that means they get movies that are nothing more than low quality videos from pointing a home video camera at a monitor, then they won't
      • by Skye16 (685048) on Thursday May 03, 2007 @11:55AM (#18974749)
        Why doesn't it give them the right? Seriously.

        Copyright was considered a necessary evil. I make this claim solely because of this reason; if it were considered a true right to own "intellectual property", the founding fathers never would have given this "right" a shelf-life.

        The fact is, they did. On the one hand, they recognized the lunacy of giving anyone the sole ownership of publicized thoughts, ideas, and concepts, whether artistic or other. It is one thing to own a physical object. That is core to almost every single society that ever existed on earth (there are exceptions, of course). But the perversity of feeling one can "own" intellectual property is quite ridiculous. It may be "the way things have been" for the last hundred years or so, but the fact of the matter is, it is still wrong.

        The founding fathers recognized the fact that entrepreneurial types would see no reason to pay someone to produce new works, both artistic and scientific (or do it themselves) if they could not get any money for it. So they decided on a plan that would essentially subsidize the creation of such information via many small-scale monopolies that were to last for a very short period of time, one monopoly per copyrighted creation.

        If this "right" were a true Right, it would not have been limited by time. It would have been perpetual, just as physical ownership of an object is a perpetual right, to you and your heirs, unto the ending of your line (or you forget to pay bills and they take your shit and sell it off). But the fact is, it was a very limited "right", whose sole purpose was to provide a vast amount of intellectual "property" for the masses to consume, remake, reuse, reproduce, and better society as a whole.

        Instead, publishers of intellectual content (whether it's the recording industry, the motion picture industry, or literary industry) began to claim that they could not afford to subsidize the creation of such intellectual works - at least not on such a large scale - unless these miniature monopolies were extended far beyond their initial terms. Conveniently forgetting (or, more accurately, ignoring) the true reasons for copyright protection, these content publishers raised a tremendous cry with the United States Congress, which was easily able to ignore those same reasons for copyright protection as campaign contributions steadily flowed into their warchests.

        Were these content publishers only able to publish these intellectual works for 17 years, it's true that many wouldn't take a chance at producing works such as Waterworld or Lord of the Rings. The money spent on these productions might take an exceptional amount of time to recoup, much less profit from. So society would lose works such as these, but be able to take pictures such as Star Wars and expand it out well past what Lucas would have wanted. In some ways, this is bad (I don't trust many people would do better than Lucas with any prequels or sequels), but in some ways, it is good (I can certainly imagine there are more than a few people who would do a stellar job expanding on the Star Wars universe).

        Back to your comment, which I have not honestly or accurately addressed yet: just because reproduction and distribution of content is easier in the "digital world" than it was previously, it does not imply that others have the right to distribute content. However, to treat copyright as a sacrosanct right, akin to that of the other Rights enumerated in the Bill of Rights, without taking into consideration its initial (noble) intent and its current manifestation is another miscarriage of justice as well. We, as society, have been wronged by the content publishers, the producers, and our elected congressmen and women, all so the above mentioned parties could get more rich, without truly benefiting society in any real tangible way outside of the economic sector. I agree this is an important sector, but it should not be considered the
        • by MikeBabcock (65886) <mtb-slashdot@mikebabcock.ca> on Thursday May 03, 2007 @01:19PM (#18976093) Homepage Journal
          And something more students need to be taught in school. Copyright is the temporary right to limit copies of your work to stimulate authors to create works with the potential of profits. Copyright isn't even a necessary evil, but it seems to work (to stimulate the creation of more books / music / paintings / etc.) so we leave it alone. Unfortunately, there are people who will try to claim that Copyright is more than this, and those people would be wrong.

          120 years after death isn't quite the temporary they were thinking though, what do you think?
  • by apodyopsis (1048476) on Thursday May 03, 2007 @10:29AM (#18973233)
    a fitting quote might be:-

    "what physical science can devise and synthesize, physical science can analyse and duplicate" - e. e. doc smith (one of my favorite authors).

    sorry almost forgot the obligatory 09F911029D74E35BD84156C5635688C0!
  • by Nom du Keyboard (633989) on Thursday May 03, 2007 @10:34AM (#18973331)
    For a real laugh, check-out the formerly-known-as Secret Number as Photoshop art. [wired.com] My personal favorite is #12. The funniest part of all was as I went through the list, an animated ad for Blu-Ray high-definition movie playback popped in after image #9. It doesn't get better than that!
  • Thanks! (Score:4, Funny)

    by Applekid (993327) on Thursday May 03, 2007 @10:47AM (#18973561)
    Good, because now I don't have to admit I'm getting old and can't remember that 09 F-something something.
  • Developing an overblown DRM system: Millions of dollars.

    Hiring consultants to tell you it'll really, really work this time after firing all the ones who informed you copy protection is a cryptographic impossibility: Thousands of dollars.

    Paying lawyers to send cease-and-desist letters to thousands of websites after the key leaks: $500/hour.

    Watching yet another DRM scheme go up in flames shortly after its release: Priceless.

  • by blindd0t (855876) on Thursday May 03, 2007 @11:13AM (#18974009)
    I own 2 legitimately, untampered-with DVD players, several computers with DVD drives, and an old XBox. When I rent or purchase a DVD that I am unable to play on any of these devices, nothing makes me more livid (especially when I'm already moody because I'm hungry and planned to eat while watching the DVD). It's actually to the point now where I look at the back of the DVD to see who the publisher is before renting or purchasing it, because I've found my devices especially have trouble with Sony DVDs, of course. I've never even made a copy of a DVD or pirated any DVDs, but I can honestly say that as it becomes more painful for me to legitimately watch my DVDs, I will eventually be driven to circumvent their DRM entirely as that would be less painful of a process. It just pisses me off, but there are some movies I would really enjoy watching and owning a legitimate copy of, but I simply won't spend a penny of mine if Sony's name is on it. Furthermore, Sony's BS about hardware manufacturers needing to keep up-to-date with their latest DRM mechanisms doesn't bode well either - I'm not replacing any of these devices which work perfectly fine with the exception of their purposely fouled media.
  • by JudgeSlash (823985) on Thursday May 03, 2007 @11:21AM (#18974163)
    The sky above the port was the color of bittorrent, tuned to a dead tracker.

    "It's not like I'm leeching," MPAAse heard someone say, as he shouldered his way through the crowd around the door of Reality. "It's like my body's developed this massive plot deficiency." It was a Slashdot voice and a Slashdot joke...


    Apologies to Gibson.
  • by pjrc (134994) <paul@pjrc.com> on Thursday May 03, 2007 @11:35AM (#18974419) Homepage Journal
    Reading the slashdot summary, and even the article itself, you may not realize that the Volume ID is just one piece of the puzzle.

    The Volume ID is a small bit of data that's stored partially in the lead-in section, and partially in some other non-data area physically on the disc (which I don't fully understand, and apparently isn't available in the public HD-DVD documentation and is only available under NDA). Compliant drives only read and provide the volume ID after completing a cryptographic handshake, which hasn't been broken yet. So now they've made a firmware patch so the drive reads the Volume ID without authorization, without going through the as-yet-uncracked crpyto authorization process.

    The purpose of the Volume ID is to prevent copying a disc by simply copying all its data. Because the Volume ID isn't stored within the data sectors, it can't be read normally. Well, that is, without impersonating the software (which hasn't been accomplished yet), or without a modified drive that doesn't require the software to authenticate before reading and returning the data.

    That's all. Just one piece, not a full crack of AACS.
  • Old security law... (Score:3, Interesting)

    by geoff lane (93738) on Thursday May 03, 2007 @11:53AM (#18974729)
    When you have access to the replay hardware, no "encryption" can ever be secure.
  • by DrBuzzo (913503) on Thursday May 03, 2007 @12:01PM (#18974857) Homepage
    This is horrible news... if people can copy HDDVD or Blu Ray content, it will be impossible to sell HDDVDs or Blurays because people will just pirate them. There will be no point in having them on the shelves and profits will be small to nonexistant with only a few honest customers buying them to support the industry! This is just like what happened with DVD's... oh wait. Don't they... still sell DVD's? Don't they... still make tons of money on them? Despite the fact that DVD protection was hacked to pieces, it seems they're still selling remarkably well. I suppose some money may have been lost from piracy, but (speaking only for myself) it actually makes me want to buy DVD's *more* knowing I can rip them to an iPod, back them up, play them in my preferred media player and so on.

    We must be careful though not to put Hollywood studios out of business. It is DVD sales and movie tickets which pay for the cinematic magic that the studios provide us. Imagine a world in which studios were not able to make money on new movies. We would be stuck watching crappy old crap like Citizen Kane, Dr Strangelove, North By Northwest and The Wall. We would live in a world devoid of movies like Gili, Dude Where's My Car and Biodome.

    Man... that would be really tough.
  • by sat1308 (784251) on Thursday May 03, 2007 @12:29PM (#18975239)
    I have mod points, but what the heck. The slashdot editors strike again - posting stories without checking their facts. I've been following this since the muslix64 hack, so I do know what I'm talking about. I'm quoting the 'hacker' (arnezami - great guy) mentioned in the Ars Technica article:

    QUOTE - Original post [doom9.org]

    In order to decrypt a disc you need the keys the content is encrypted with. These we usually refer to as Volume Unique Keys (although technically VUKs give Title Keys which are used to decrypt the content but this amounts to the same thing). What is important is that VUKs cannot be revoked. In other words: once we have a VUK for a disc then the AACS decryption-protection is broken for that disc. AACS cannot undo this.

    So how can we get VUKs?

    There are several ways to get VUKs for discs. But none of them are permanent solutions for retrieving all VUKs for all discs (released in the future).

    * Get the VUKs out of "old" versions of a Software Player * Get a Volume ID (unique per movie) and a Processing Key (unique per Media Key Block version) and calculate the VUK.

    The first method will expire quickly: we can now use WinDVD to retrieve VUKs out of its memory. But when new discs come out they won't work with this old version of WinDVD so you would have to install a new version. Therefore making this method obsolete for new discs.

    The second method requires not one piece of information (like taking a single VUK out of the memory of WinDVD) but two pieces of information. We have several techniques now for a drive to reveal the Volume ID of a disc. So this part of the method is permanent. However the Processing Key will change every time they change to a new MKB version. And since we also need this second piece of information to calculate a VUK for a disc we always need to get the new Processing Key out of some player (whether its a Software Player or a standalone). The Processing Key (or better a Device Key) is very powerful though: if found it makes it possible to decrypt all discs released so far (assuming we can also retrieve the Volume IDs of those discs).

    UNQUOTE

    Moral of the story: We still need the processing key and that can be changed by the AACS, or by the abuse of language, "revoked". So the new AACS Crack is not "Undefeatable".

    The only development since the time this article was written is that the firmware doesn't need to be changed anymore for the drive to reveal the VolumeID. There are some standard commands which get the job done.

Invest in physics -- own a piece of Dirac!

Working...