New AACS Crack Called "Undefeatable" 554
Tuoqui writes "With all the focus on the infamous hexadecimal number, people may be ignoring a bigger weakness in the AACS armor, which emerged two weeks ago. Some hackers have figured out how to crack AACS in a way that cannot be defeated, even by revoking all the keys in circulation."
Perhaps if this is proven to be true.... (Score:4, Insightful)
Let's celebrate DRM (Score:5, Insightful)
Maybe it's better to pirate afterall. Less hassles that way.
I'll believe it when me shit turns purple (Score:5, Insightful)
Erm (Score:1, Insightful)
I'm probably misunderstanding something, though
dear music/ movie industry: (Score:5, Insightful)
you should give up. you've lost, and will keep losing. it's just silly to keep going down this path. there is only more pain in store for you
people will still make movies. people will still make music. it's just that your particular pre-internet business model is now obsolete
go ask the aztecs or the incans if the appearance of new technology was fair to their empires
it wasn't. but it didn't stop technology in the form of gunpowder and sailing ships and metal armor from rendering them obsolete
so it is with you and the internet
sorry
reality is a bitch
Re:At what point... (Score:5, Insightful)
Re:Perhaps if this is proven to be true.... (Score:3, Insightful)
Re:Let's celebrate DRM (Score:3, Insightful)
The fact is, this is a losing battle for the MAFIAA... Any DRM scheme that can be dreamed up can be cracked eventually. They would benefit more form making their content easily accessible, readily available, and cheap enough for people to get at that piracy becomes a background issue. Eventually, all that content is going to get from DVDs to the Internet -- if I were them I'd given up trying to stop people via DRM and start trying to woo people by giving some content away.
Re:dear music/ movie industry: (Score:4, Insightful)
I can't wait to see all the product placement blockbusters. And all those ad-laden songs are going to be really cool to dance to. </sarcasm>
Just because distribution is easier on the internet does not give anyone with access to a computer the right to distribute content they do not hold the copyrights to. Many new services of downloadable content are springing up and work just fine and they support the production studios. Use them if you want to download movies/music or don't consume copyrighted entertainment. It is really they simple.
Re:At what point... (Score:5, Insightful)
Them: "Hey, want to buy a movie?"
You: "Sure, how much?"
Them: "$100,000,000.00."
You: "F*** off."
Them: "Sorry, that was the price to purchase all rights to the movie, including redistribution and royalties. Would you like to buy a subset of those rights instead?"
You: "Sure, like what?"
Them: "How about, the right to public exhibition, and reproduction of media for sale, but no royalties? That'll be just $5,000,000.00."
You: "No thanks, too much."
Them: "How about, the right to public exhibition? Just $500,000.00."
You: "Do I look like I'm made of money?"
Them: "Sorry. How about, the right to private exhibition? Only $5."
You: "Now you're talkin'!"
Them: "So we have a deal?"
You: "Yep." [you hand them a fiver, and they hand you a DVD.]
Them: "Have a nice day."
You: "Hey, wait, this DVD is copy-protected! I want to copy it!"
Them: "Yes, sorry, we didn't sell you the right to do that. If you have more money -- equal to the amount we'll lose on average for each copy-producing customer -- you can buy that right too."
You: "But I paid for this!" [you shake the DVD at them]
Them: "Do you understand that you paid for limited ownership, and that you consented to the limits stated and known to you at the time of sale?"
You: "No, I'm too dumb-stupid to grasp that. I can only handle concrete meanings of the idea of ownership."
Them: "Yeah, we figured. You probably also think HOAs are usurping your god-given right to paint your house pink, eh?"
Certainly the movie studios are obnoxiously attempting to prevent format-shifting, in order to sell you the same movie twice. But that doesn't mean they are violating any of your rights.
Re:Get 'em while you can (Score:2, Insightful)
Additionally, you could also just download the un-encrypted version of the movie in question and burn it to your own HD-DVD or Blu-Ray and go from there.
No need to stockpile hackable drives... one or two would be sufficient. There's thousands, so I think we're safe for a while.
Re:Poor Sony? (Score:3, Insightful)
The funny thing is, that means I would actually *buy* movies in the hackable format. I wouldn't make copies, I would purchase physical disks! I'm not interested in distributing copies, either - but if I want to cut out clips from movies and edit them together, or if I want to add funny subtitles for my own entertainment, or if I want to copy the data to a streaming server, or if I want to do a million other things with my copy of the data, then I'll be damned if I'm gonna buy it in a format with DRM that I can't easily get around.
HD-DVD is in the lead. (Yes, I know Blu-Ray uses AACS, but HD-DVD is the one getting all of the press coverage!)
Re:So I am a Troll eh? (Score:0, Insightful)
Re:Get 'em while you can (Score:4, Insightful)
Re:dear music/ movie industry: (Score:5, Insightful)
Who said anything about that?
I buy a [HD-]DVD. I want to play it on my $OS-OF-CHOICE box, as well as my set-top box. However the [HD-]DVD consortium refuses to license a $OS-OF-CHOICE player. Therefore, I need to crack their DRM to make use of my legally purchased [HD-]DVD.
Re:Undefeatable? (Score:5, Insightful)
The DMCA is an unpopular law passed by surreptitious means. The more people run into it, the more they're disgusted with it.
Most Americans don't feel that it is ethically wrong to behave in ways that the DMCA marks as illegal. Worse, they're inconvenienced by the law and are actively looking for workarounds for the technology it impacts.
The Digg vs. Hex number story is a good example. Digg tried to comply with the law, but its users revolted and forced the site's admins to acquiesce. Even if Digg is shut down by federal authorities, arresting thousands of users for posting a 32bit number is going to prove... difficult.
The RIAA's spam lawsuit settlements have proven that it's massively difficult and probably more trouble than it's worth to go after widespread casual copyright infringement. Widespread casual DMCA infringement, like many other 'casual' crimes simply won't be prosecutable to the degree even the most vicious police force would like.
The Doom9 Xbox crack is much the same. It's certainly a very technical challenge to the AACS scheme. Both its undertaking and disseminating how it's done is illegal under the DMCA. However, nobody cares any more.
What's the worst that can happen? You get arrested, have to pay a fine, and maybe even go to jail. The RIAA is already trying to apply that same punishment to innocent people.
Obeying this law doesn't even carry the benefit of being free from prosecution. Why should anyone worry about breaking it if those behind it are going to press charges anyway?
The DMCA is dead-- killed by apathy.
Re:At what point... (Score:5, Insightful)
Or, there's always "Hey, I want to exercise my rights under fair use laws, which have always existed and which you don't have to pay a penny for." Or "Hey, I want to exercise my private-exhibition right (which I paid you for) on a platform of my choosing." Or "I want to make a backup of this, so I can continue to exercise that private-exhibition right (which, again, I paid you for) if my kids scratch the crap out of the original." It's not quite so black-and-white as you put it there.
Re:At what point... (Score:5, Insightful)
They are selling you an entire physical copy, which you can do whatever the hell you want, short of selling copies.
Look at their advertising. They don't say, "Purchase a license to private exhibition today!" They say, "Own it on HD-DVD, today!!!".
Re:At what point... (Score:4, Insightful)
Re:At what point... (Score:5, Insightful)
No because it was never explained to anyone buying a DVD nor is it printed in legible and readable size fonts on the DVD. Also the Advertising done for said DVD is the reverse of that by proclaiming "OWN IT TODAY!"
therefore, your contract is null and void because it was not presented at the time of sale AND your advertising suggest the reverse of what you claim your contract to say.
I would give THEM the benefit of the doubt if they made that fact clear. They do not because they know for a fact it will significantly impact DVD sales in a bad way.
Re:At what point... (Score:5, Insightful)
1)Legally, you have a right to make fair-use excerpts. DRM prevents that.
2)Legally, everything goes into the public domain eventually. DRM prevents that.
3)DRM is an enabling technology for censorship (eg "un-leakable documents") Do we really want that?
Lastly, there is NO natural right to the so-called "intellectual property". Society grants a temporary monopoly to artists as a concession.
Re:At what point... (Score:5, Insightful)
In the most pedantic sense, you're right. Nothing in copyright law dictates that the copyright owner make access to copyrighted works easy. Copyright law merely dictates that there are certain actions that an owner of a copy may not perform without the copyright owner's permission - namely distribution and public performance. The original intent was to insure that only the copyright owner could profit from distribution so that they'd be incented to create creative works.
The bit of the equation that violates my (and everyone else's rights) is the DMCA which says that it's illegal for the first guy to workaround the DRM to tell me and everybody else how he did it (remember, computer software is "speech" in the first ammendment sense). As soon as that law is properly neutered, then all will once again be right with the world.
Copyright law used to work just fine back in the days when making a copy of a copyrighted work was non-trivial. In the digital domain, because making a copy of a work is trivial, it is virtually impossible to police. As we have seen, DRM only makes it slightly more inconvenient for a little while.
Where this leads us, I don't know. The current system of copyrights is irreparably broken. Some new system based on the notion that copies are easy and trivial to create will need to replace it. But the problem there is that you need to compensate artists for their work. The Spiderman movie cost many hundreds of millions of dollars to create. If you want movies like that to be made in the future, then some way to gather those hundreds of millions to do it will need to be found. But there's more to copyright than huge Hollywood productions - it needs to work for the garage band selling CD-Rs at their concerts too.
Re:dear music/ movie industry: (Score:3, Insightful)
This is completely irrelevant to what I believe the majority of us who abhor DRM are all about.
First, understand that people who want to pirate/get "free" content will regardless of whatever DRM is created. If that means they get movies that are nothing more than low quality videos from pointing a home video camera at a monitor, then they won't care. Getting a perfect digital copy need not apply. They just don't want to pay for it. Ever. Whatever that takes.
Second, understand that DRM can never ever prevent material from being reproduced (whatever the quality of the copy). Ever.
Now that we have those two things out of the way, let's talk about what the fight is REALLY all about. When I buy a DVD, I would prefer to create a copy of it and put the original somewhere where I won't spill something on it, scratch it, the dog can't chew it up or allow it to get swiped by a visitor when you aren't looking (see the first point above). That copy may be a physical burned copy or it might be a copy put on a MythTV box where I can watch it any time without pulling out a disc.
What I'd really like is if I can just download it and skip the unnecessary initial physical copy part. I'll burn a local backup if need. Just let me re-download it should my own backup methods fail. Just let me pay for it, don't charge me stupid amounts for it and don't expect me to pay for it again when I download it the second time. Use bittorrent to distribute it so you don't have to pay an arm and a leg for the bandwidth. The technology has matured and there's no need to pay millions to reinvent the wheel. I will gladly provide a generous portion of my upload bandwidth to help you distribute what I've already paid for.
Do that, and despite your piracy fears, I allege that you will see fewer people pirating because you will have provided what the market wants--an inexpensive and hassle-free way to get content. And remember boys and girls--what the market wants, the market gets. If you don't provide it, someone else will.
Re:At what point... (Score:3, Insightful)
Once you move out of the rights given to you by copyright law (basically, the right to view for personal use, making fair use excerpts, and fair use copying -- backups and time shifting and format shifting and viewing, copyright expiration after a given time) you move into contract law supplemented by copyright law.
I don't sign contracts when I buy music or videos so your scenario doesn't apply. Here's a more accurate scenario:
Them: "Hey, want to buy a movie?"
You: "Sure, how much?"
Them: "$100,000,000.00. and we'll sign over all rights to the movie, including redistribution and royalties."
You: "I don't need all of that. Don't you have anything cheaper?"
Them: "Sure. We have a streaming version that allows you to watch it for 5 cents a minute, but you'll have to sign a contract stating you'll forgo your fair use rights."
You: "I just want a copy with all the freedom copyright law gives me."
Them: "$50"
You: "No thanks, too much."
Them: "Sorry. That's how much the market is willing to pay and we're here to make money. Are you sure you don't want the 5 cent a minute deal?"
You: "No thanks. I think I'll start looking for indie artists or wait for it to become less popular so I can get it on sale."
Them: "Okay. Unfortunately, we don't have any indie artists yet but we're working on it. As for the DVD, it's a very hot item so you'll have to wait a long time for a discount. But if you want to wait, we welcome your business. Be sure to come back to us when you do decide to buy. We might have a few indie artists by them you might be interested in."
That's the way it's supposed to work and how it was envisioned when copyright laws were created. It's just business, clean, simple, and efficient.
No confrontation, no hard feelings, no unfairness on either side, no teams of lawyers and copyright police hunting down 95 year old grand mothers because they *might* have possibly violated copyright law, and no hords of copyright violators who feel justified in ignoring copyright because they're treated like criminal scum even if they comply strictly with the law.
Re:At what point... (Score:0, Insightful)
On the other hand, as we've all seen, DRM does NOTHING to stop people who are determined to distribute pirated material.
Bottom line: DRM doesn't work, and pisses off honest consumers. But that doesn't mean that it is right for people to download movies from bittorrent.
Re:Undefeatable? (Score:5, Insightful)
They censored all discussion critical of their actions. They banned users critical of them, even those who never posted the number. They deleted all commentary that pointed out their previous sponsorship by the AACS-LA, and banned anyone attempting to bring this to light.
Their apology pretended like they had never deleted or banned anyone for simple dissent, or even banned anyone, only just deleted the magic number. Even after the apology, they continued to suppress stories calling attention to their censorship of pure, non-infringing dissent speech and mention of their financial relationship with the AACS-LA.
THAT is what much of the Digg revolt was about. It's a LOT more than just the number. Here are a couple good articles with the real truth. The Digg folks would like nothing more than for everyone to believe this was ONLY about a 16 byte number. Please read these and next time you see this mistruth, you'll know better.
Digg fights user revolt over HD-DVD ban - Digg founders took HD-DVD sponsorship. [texyt.com]
Digg still isn't telling the whole truth about its HD-DVD sponsorship [texyt.com]
Re:Undefeatable? (Score:5, Insightful)
This is not just true with technology law. People obey laws because they are what they normally would do anyway, aren't overly inconvenienced by it, or it only affects a small percentage of people. Laws aren't effective ways to change behavior, which is why I just shake my head at all the folks who want more regulation to "fix" something.
Speed to work anyone?
Re:Perhaps if this is proven to be true.... (Score:3, Insightful)
Quite the scam, eh?
Re:dear music/ movie industry: (Score:5, Insightful)
Copyright was considered a necessary evil. I make this claim solely because of this reason; if it were considered a true right to own "intellectual property", the founding fathers never would have given this "right" a shelf-life.
The fact is, they did. On the one hand, they recognized the lunacy of giving anyone the sole ownership of publicized thoughts, ideas, and concepts, whether artistic or other. It is one thing to own a physical object. That is core to almost every single society that ever existed on earth (there are exceptions, of course). But the perversity of feeling one can "own" intellectual property is quite ridiculous. It may be "the way things have been" for the last hundred years or so, but the fact of the matter is, it is still wrong.
The founding fathers recognized the fact that entrepreneurial types would see no reason to pay someone to produce new works, both artistic and scientific (or do it themselves) if they could not get any money for it. So they decided on a plan that would essentially subsidize the creation of such information via many small-scale monopolies that were to last for a very short period of time, one monopoly per copyrighted creation.
If this "right" were a true Right, it would not have been limited by time. It would have been perpetual, just as physical ownership of an object is a perpetual right, to you and your heirs, unto the ending of your line (or you forget to pay bills and they take your shit and sell it off). But the fact is, it was a very limited "right", whose sole purpose was to provide a vast amount of intellectual "property" for the masses to consume, remake, reuse, reproduce, and better society as a whole.
Instead, publishers of intellectual content (whether it's the recording industry, the motion picture industry, or literary industry) began to claim that they could not afford to subsidize the creation of such intellectual works - at least not on such a large scale - unless these miniature monopolies were extended far beyond their initial terms. Conveniently forgetting (or, more accurately, ignoring) the true reasons for copyright protection, these content publishers raised a tremendous cry with the United States Congress, which was easily able to ignore those same reasons for copyright protection as campaign contributions steadily flowed into their warchests.
Were these content publishers only able to publish these intellectual works for 17 years, it's true that many wouldn't take a chance at producing works such as Waterworld or Lord of the Rings. The money spent on these productions might take an exceptional amount of time to recoup, much less profit from. So society would lose works such as these, but be able to take pictures such as Star Wars and expand it out well past what Lucas would have wanted. In some ways, this is bad (I don't trust many people would do better than Lucas with any prequels or sequels), but in some ways, it is good (I can certainly imagine there are more than a few people who would do a stellar job expanding on the Star Wars universe).
Back to your comment, which I have not honestly or accurately addressed yet: just because reproduction and distribution of content is easier in the "digital world" than it was previously, it does not imply that others have the right to distribute content. However, to treat copyright as a sacrosanct right, akin to that of the other Rights enumerated in the Bill of Rights, without taking into consideration its initial (noble) intent and its current manifestation is another miscarriage of justice as well. We, as society, have been wronged by the content publishers, the producers, and our elected congressmen and women, all so the above mentioned parties could get more rich, without truly benefiting society in any real tangible way outside of the economic sector. I agree this is an important sector, but it should not be considered the
Control (Score:3, Insightful)
This isn't just about DRM, it's about dictating every part of your media playback system: no participation in creating content (home, low-budget & independent movies/music, etc.) nor in creating playback systems (no MythTV, homebrew playback hardware/software, etc.). It's about marginalizing everyone who does not fork over licensing cash - LOTS of it - to those holding the core IP rights. Don't pay? can't play.
From AACS to HDMI via DCMA, they want to own every bit - figurative and literal - of the entertainment center in every living room.
Re:ZKP (Score:5, Insightful)
Most users wouldn't be satisfied with being able to prove mathematically that the movie they wanted to watch really was on the disk, but still have zero knowledge of what it actually looked and sounded like.
Re:Got it! (Score:1, Insightful)
Re:Got it! (Score:3, Insightful)
Re:At what point... (Score:1, Insightful)
$5?
more like $19.99.
On a more serious note, Google "Doctrine of First Sale".
If you _buy_ something copyrighted, you're supposed to be able to do _anything_ you want to with it short of copying, and even some copying is allowed under fair use. DRM _circumvents_ your rights. Circumventing DRM restores the rights you should have anyway. And I've never signed a contract giving up those rights when I bought a DVD.
Re:Get 'em while you can (Score:3, Insightful)
More deeply, it depends on the fundamental mistake of trying to use encryption for content protection. As the article says:
The real problem with trying to create an "uncrackable" copy protection is that the media must come with the keys used to decrypt it somewhere on the device and the media itself. Hiding these keys in different places--security by obscurity--merely delays the inevitable. Of course, for the content providers, any delay is still better than no delay at all, so expect the battles between copy protection and hackers to continue.
From a crypto point of view you are handing an attacker the ciphertext, the plaintext, and the private key. All these fancy tricks to is to try to make it hard to get at the private key and maybe the ciphertext. But those three things must always be present for any crypto-based content-protection scheme to work, and that means that all such schemes will always be vulnerable. The only way around it is to change the private key on a regular basis, which works for broadcast signals like satellite TV that can be re-encrypted on the fly, but which cannot work for static media that can only be encrypted once.
And that last comment in the paragraph above from the article is wrong: a delay really doesn't do you much good, when the cost of designing and implementing a new crypto scheme is years and millions, while the cost of breaking it is weeks and thousands. And once a scheme is cracked, as the article suggests, software extraction of the keys from the raw media will inevitably follow, meaning that even if it takes weeks or months to crack the first disk, cracking the second will take seconds.
This is a race that content providers cannot possibly win. Draconian legal moves always fail in the face of widespread civil disobedience, which is what we are seeing here.
So the technological problem of crypto-based content protection is unsolvable, and the social/legal problem of crytpo-based content protection is now known to be unsolvable: when content packagers try to impose the law, the wired masses make fun of them. Ergo, content packagers may try to wiggle their way out of this for a while, but their situation is unsustainable.
This is a good day for freedom. As G30RG3 0RW3LL might have said, "Freedom is the freedom to say that 0x09F911029D74E35BD84156C5635688BE plus two makes 0x09F911029D74E35BD84156C5635688C0. If that is granted, all else follows."
Re:dear music/ movie industry: (Score:4, Insightful)
120 years after death isn't quite the temporary they were thinking though, what do you think?
Re:Got it! (Score:4, Insightful)
1201 trumps 107 through 109 (Score:4, Insightful)
Re:At what point... (Score:4, Insightful)
We should concentrate on the garage bands and videos. Let the studios wither and die. Power to the People!!! and all that crap.
Re:Undefeatable? (Score:2, Insightful)
Especially considering a goodly portion of them probably don't even live in a country where the DMCA applies (yet). America is not the world (yet).
Re:Maybe it's just me... (Score:5, Insightful)
The difference is that for HD-DVD you have both the source and the player, where for Satellites you have only the player and they can change the source to disable whatever smartcard was emulated.
Changing the source for already-shipped HD-DVDs is troublesome, at best.
why satellite is different... (Score:3, Insightful)
Satellite is providing a service. In other words, when you try to crack it, you are mucking with a transmission and the delivery of that (unpaid for) service can be detected.
HD-DVD and Blu-Ray are, ostensibly, providing a product. Sure the discs are encrypted, but they are still a physical medium that you possess and they are, so far, usable without being connected to a network. Therefore the means to decrypt must exist within the disc and the drive, and without a network, there's no way to notify Big Brother if you retrieve the keys in an unauthorized manner.
Granted, some players are network connected, but I don't think the studios are eager to require an internet and/or cable tv connection just to play a movie.
Free markets only work.... (Score:3, Insightful)
At some point, producers will do any number of things to capture a market like coordinate pricing or capture all suppliers or capture all distribution channels. It takes legislation to minimize these effects. Then the legislation has unintended effects on markets too.
The "free markets" you describe are academic standards that are impossible to meet.
Re:Undefeatable? (Score:5, Insightful)
Nowhere in it did they admit wrong doing or say "I'm sorry". He only said "we get it." What is that shit??
Not to mention that the digg community would probably not have been mad if they removed posts with the numbers by court order, and were open about the process (like Slashdot did). Instead, they removed references to the numbers which the MPAA had not yet even complained about, and also banned the users! (none of which is required by the DMCA)
And, to add icing to the cake, rather than being open about this and saying "look, we're removing these posts because we have to, we're sorry! write your comgressman about the DMCA." Instead, they deleted stories and posts in secret, and hoped that the truth would not come out.
Why are people so willing to forgive Digg's admins for this offense without even an apology??
Re:Undefeatable? (Score:3, Insightful)
In addition, a "cereal" composed chocolate bars and marshmallows is "part of" a complete breakfast.
Re:Undefeatable? (Score:3, Insightful)
Re:Get 'em while you can (Score:3, Insightful)
No one has ever or will ever die from an overdose of marijuana. The "War on Integers" may be stupid, but it isn't currently subjecting tens of thousands of innocent Americans to unjust imprisonment, disenfranchisement, and the risk of violent rape and death. I don't want to sound too harsh, here, but the "War on Integers" is an avoidable nuisance. The "War on Drugs" is horrifically ruining the lives of many of your fellow citizens, radtea.
Re:Got it! (Score:5, Insightful)
Re:Undefeatable? (Score:3, Insightful)
Not my point. Businesses don't have them because (in many places anyway) local laws forbid them. Laws are written to affect business, not just people. Better example, do you see people smoking on domestic flights?
Motor cycle helmets: small percentage of the population, smallish inconvenience
Talk to a few anti-helmet types and see if they think it's a 'smallish inconvenience.' Regardless, the point is very clear, helmet laws work. Look at adjacent states with disparate laws, look at same states before and after helmet law passage and repeal. They are extremely effective at changing behavior, a direct repudiation of your simplistic thesis. Small population? We're talking about DMCA cracking, you think that isn't a small population?
The nasty truth is that people obey laws because they want to obey them, and not for any other reason. There is nothing magical about them.
I would submit people follow laws because or some combination of the following: 1.They agree with the law (ie don't murder), 2. They worry about getting caught (do you speed past a state trooper on the highway?). People break the law because of some combination of the related: 1. They don't agree with the law (civil disobedience), 2. They don't think they will get caught, 3. They are willing to pay the price if they do. What balance each plays is debatable, but arguing that laws cannot change behavior is just asinine. Go to singapore and tell me laws don't affect behavior.
-Ted
Re:Got it! (Score:3, Insightful)
Re:Got it! (Score:4, Insightful)
So what? It's the content that sells the format, not the other way around. The studios can pick whatever standard they see fit, Sony's the one who has to sell the BlueRay dream to them to make their R&D profitable. I'd say the studios are in an excellent position to ask for a little financial assurance that they aren't releasing their content in an armored car made of aluminum foil.