Blu-ray BD+ Cracked 521
An anonymous reader writes "In July 2007, Richard Doherty of the Envisioneering Group (BD+ Standards Board) declared: 'BD+, unlike AACS which suffered a partial hack last year, won't likely be breached for 10 years.' Only eight months have passed since that bold statement, and Slysoft has done it again. According to the press release,
the latest version of their flagship product AnyDVD HD can automatically remove BD+ protection and allows you to back-up any Blu-ray title on the market."
Bogus claims (Score:5, Interesting)
Re:pwned (Score:5, Interesting)
Re:unimportant (Score:5, Interesting)
1. It tells that Blu-Ray is already supported enough to buy a player now
2. It allows you to even if Blu-Ray ends up failing, you can rip your Blu-Ray movies to the new format (and don't expect media storage to be made as long as VHS and DVD did anymore...)
3. It will allow various third-party projects to soon take advantage of this (even if right now it only lets you make backups) and add Blu-Ray support to media players on OSes such as Linux.
Re:unimportant (Score:5, Interesting)
ItJust too hard (Score:1, Interesting)
The only way I can see this being defeated is if the content providers forced people to bypass these analogue pickups by connecting directly to one's brain. Fucked if I can think of anyone daring enough to then install cracks to bypass the copy-protection in their brain - what if they comes with a trojan?
Or a root-kit? In a brain... Shit, maybe Sony have ulterior motives darker than anyone predicted.
Re:pwned (Score:4, Interesting)
The only bad thing about BD+ being cracked is that it didn't happen sooner. A naive faith that it would be secure may have been one of the factors in studios throwing their weight behind Blue-ray instead of HD. Now that HD seems to be going down the pipes, it leaves blue ray in a monopoly position, free to keep their prices high. Okay - it's not quite a monopoly position as they still have to compete with traditional DVDs. But it's a worse situation for the public than if HD were still around. Still, every little crack helps.
Re:unimportant (Score:3, Interesting)
Re:why? (Score:2, Interesting)
Re:NO (Score:3, Interesting)
Re:pwned (Score:5, Interesting)
Re:Barrier to Ownership (Score:5, Interesting)
Artificially keep prices high (Score:3, Interesting)
#2 is also important, because it limits the amount of price gouging that media companies can engage in. DVDs are "good-enough", and will keep price pressure on blue-ray. In the distant future, movies will only be released on blue-ray, and we need to keep the price pressure.
Furthermore, a lot of media is simply overpriced. There's a glut of it on the market - so media companies *must* be making money out of it. I wouldn't bother with torrents at all if I could pay $1-$2 for a legit download. Watermark it if you want, but let me take control of the media, so I can use it however I like.
Regardless of torrents, I spend a certain amount of media each year. Trying to control the distribution channel is a vain attempt to artificially keep prices high.
Re:The link is a trap (Score:5, Interesting)
Hello, Dr Skwid., Amazon.co.uk has new recommendations for you based on items you purchased or told us you own.
Reversing: Secrets of Reverse Engineering
Buffer Overflow Attacks: Detect, Exploit, Prevent
Rootkits: Subverting the Windows Kernel
The Database Hackers Handbook: Defending Database Servers
Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals
Professional Rootkits (Programmer to Programmer)
Now that the UK & Germany has outlawed knowledge it's like a trap!
Re:Not fully broken (Score:2, Interesting)
Uncrackable media (Score:2, Interesting)
Re:Uncrackable media (Score:3, Interesting)
I do not claim to be an expert in this area and maybe someone more knowledgeable can enlighten me.
Re: BD+ Cracked (Score:5, Interesting)
Nope. 5 months.
According to the link they sat on this for 3 months for strategic reasons, waiting for the format war to end.
-
Re: BD+ Cracked (Score:3, Interesting)
If you knew your recent history about hacking DRM, you would know that DirecTV is a perfect example. Their older cards had a weak DRM scheme where it would validate PPV requests at a certain time in a sequence. If you dropped the voltage at just the right time, you could make the set-top box think your PPV request was valid. There was also an easier way where you could clone a valid card. DirecTV had as many as *1 million* people stealing their service, so they did a 10+ million card swap. Expensive for them, but their new card had a good challenge-response scheme in the chip. Their new chips might be hacked, but not by many. I don't know a single person who hacks DirecTV anymore (and believe me, my nerdy Slashdot-reading 'friend' had a lot of customers). All the old boards like alt.dss.hack are all but dead because most people have just moved on (or starting hacking Dish :P).
So although DirecTV didn't produce an uncrackable system, it's 'sufficiently hard' for most people. Hence, they succeeded.
Re: BD+ Cracked (Score:5, Interesting)
Virtually every satellite TV encryption system available has been broken, often many times over. These range from simple hardware hacks, such as subscribing to all channels then sticking a resistor in the decoder to prevent the card's EEPROM from being changed then unsubscribing again, through complete reverse-engineering of the cards. Cards were routinely modified to recieve all channels, card details were copied onto deactivated cards, and some were even re-implemented from scratch using a PIC soldered onto a PCB, or even using programmable cards.
These systems relied on security through obscurity - the pirates didn't know how the cards worked, so there was no way they could compromise them. Yeah, right...
This continued until very recently. Most newer encryption systems follow the pattern that BSkyB used with their analog and digital encryption systems. BSkyB's analog system relied on replacing the cards. Each time a revision of the cards was breached, they would issue a new one that fixed the holes in the last, and often fundamentally changed the way the card worked. Sky retired the system before it was fully compromised, but other providers kept using it. They had to face the fact that computing power had advanced so much that it was possible to brute-force decode the signal in real-time with no card.
Most modern cards are programmable, as are the CAMs (the modules that talk to the card, and pass the final decryption keys to the STB). So the current encryption systems change the firmware in both card and CAM periodically. Any breach will only work for a limited time. Even after all these years, the arms race continues - pirates have found all kinds of creative ways around these things, such as sharing a single card across the internet.
It's also possible to buy a PCI satellite card that allows a PC to recieve satellite TV. Combine that with an official card and CAM, which work as normal. You can't change the card, but you can do whatever you like with the decryption keys it generates, or the decrypted TV signals. That includes recording it, and uploading it to the internet. You could even do that in real-time if you wanted to.
The continual update thing is what Sony are trying with BD+. The idea is that the BD+ portion contains code, unique to each disc, which verifies that the player is authentic and hasn't been compromised. Once it's done that, it provides decryption keys to the player.
The general idea is that, while it may be possible to compromise AACS in the same was as CSS, each BluRay disc will contain unique encrpytion code for that disc. The idea is that each disc will need to be cracked individually, just like PC games. And we all know how well that approach works in practice.
This assumes that each BluRay disc will have completely unique BD+ code, and that's just not going to happen - they have to maintain compatibility with existing players, which means the BD+ code has to be extensively tested. Hackers can move much more quickly - even if they did have to crack each batch of BluRay discs individually, they'll be able to update their decryption tools much quicker than Sony can update their BD+ code.
It also assumes that nobody knows how BD+ works (security through obscurity), and that nobody will be able to independently implement a BD+ VM that pretends to be a real player. That's exactly what SlySoft have done. Their VM isn't complete yet - it only implements the portions of BD+ that current discs are actually using. It is known not to work on one disc (Hitman, I believe), simply because it uses parts of the BD+ VM that they've not implemented. Yet.
The point is that the pirates are far more agile than Sony, and have unlimited time in which to devise a solution. There is no such thing as making it too much effort. At least with the satellite TV analogy, you can't keep using a hack once the hole it exploited has been patched, so there is a time factor. There is no time factor with BluR
Re:pwned (Score:3, Interesting)
If they are abridging your rights, why don't you, or one of the many other people who hate DRM, or the EFF, sue them for abridging your rights?
The bill of rights doesn't say "The government shall make no law abridging the rights of the people to transfer video content from their TV set to their computer or portable media player." Perhaps it would have if they could have conceived of such problems.
If you're referring to fair use, that's for purposes of criticism, not for purposes of changing devices. I'm not aware of any right of yours that DRM abridges.
I hate DRM and find it both annoying and yet still ineffectual, but I don't think it's abridging my rights.
Now, laws that institutionalize DRM and make circumvention illegal, like the DMCA, I believe those ARE abridging my rights. They abridge my right to private property by telling me what I can and can't do with something I purchased and own. It's abridging my freedoms without my consent.
Unfortunately, private property rights are, as far as I can tell, more of a common law tradition in the US that an explicit legal guarantee. The existence of private property is implied, but not spelled out at all, in the 14th amendment.
I think DRM is a stupid and annoying waste, but I don't think I have some sort of right to prevent them from trying it; quite the opposite, they have the right to develop and sell whatever products they wish, I can't tell them what sort of programs or encryption or compatibility they should put into their products, and short of copyright violations (distributing their copyrighted works), I'm free to do whatever I want with the stuff I bought from them. It's freedom that I don't want to see abridged; their freedom to make and sell products as they see fit, and our freedom to do as we like with the things we own.
Re: BD+ Cracked (Score:5, Interesting)
Re: BD+ Cracked (Score:3, Interesting)
Generally speaking I do see myself as a videophile, as someone who cares very much about a small difference in image quality. But until hard drives become vastly larger I simply will not have enough space to store hi-def movies at the original quality. So, as much as it disturbs me, I am going to have to compromise. The re-compressed hi-def files are still an order of magnitude improvement over DVD. To me, the difference between regular DVD and hi-def is a much larger jump than between laser disc and DVD. I suppose it might more approximate the jump between VHS and laser disc. So as a videophile without infinite hard drive space (and without much money or an HDTV) I am quite happy with our new format and with the people responsible for cracking BD+.
Although I don't really claim to understand how it is possible to re-compress so much without completely degrading the quality to an unwatchable level, I am wondering if studios have really outdone themselves. Maybe they just have so much more space and the newer compression algorithms are so good that they are able to encode their film transfers at a bitrate that is nearly without artifacts, a format truly made for videophiles. Of course the irony is that they are doing this to try to tempt us all (not just videophiles) away from the fully cracked and easily copyable DVD format into their spider web of uber advanced DRM that is BD+ (and AACS). Call it what you will but it *is* much more advanced than DeCSS. Especially Blu-Ray.
But it probably takes a lot of extra storage space to get rid of that last 20% of compression artifacts (or whatever). So a non-perfectionist can still have relatively breathtaking video quality at a much smaller size if he is willing to make some visible but acceptable compromises. I am guessing that each video has its own sweet spot in this regard, a point where video quality starts to degrade sharply. That's the point that the re-encoder has to find.