AACS DRM Cracked?HD DRM not so rugged, apparently... ( old news - 09:12AM Thursday Dec 28 2006) tags: Video · Fileswapping · softwareTipped by MxxCon  Earlier this week, security analyst Peter Gutmann explored how much of the DRM functionality built into Vista came at a cost: namely an operating system that did less, was less efficient and cost more. According to Gutmann, "The Vista Content Protection specification could very well constitute the longest suicide note in history." His argument is that Microsoft is not only trying to prevent broadband piracy distribution, but also lock down HD content distribution and corner the market (a la iTunes). Of course, these plans only work if the DRM works. Judging from how easily these systems have been cracked in the past, it could mean that Microsoft's Vista DRM efforts end with the content being traded anyway, at the cost of a clunky and inefficient OS. Lending credence to this theory is the fact that Hollywood's new favorite DRM flavor, AACS (Advanced Access Content System -- co-developed by Microsoft) appears to be quite breakable.
Related:- Azureus 3.0, Zudeo Impressions
- 'Venice Project' Becomes 'Joost'
- Cohen: U.S. Broadband 'Two Generations Behind'
- Joost Beta Now Available To All
- Monday Morning Links
- Amazon Pirate Firefox Plugin Was Art Project
- Debate Springs Up Over CNN P2P Use
- Tuesday Evening Links
|
 
captokita
Premium
join:2005-02-22
Calabash, NC | What a suuurrrrprise! NOT!
C'mon, the harder you make it - the more hackers will go at it. All you have to say is "Unbreakable" and someone will break it.  | |
|  | 
kyramilan
join:2006-11-26
Pensacola, FL
| Re: What a suuurrrrprise! ALL DRM is NEVER totally secure. My Mac and PC has a media player on each that will import ANY format and ignores the DRM.
Case in Point:
U2's last album.
Microsoft decided this CD, How to Make an Atomic Bomb, could burn 2 times to a CD. So, I imported it into my media player (not WMP) and it allows UNLIMITED burning.
This ticks me off:
Why do online Video services really think I'm going to pay them $14.99 for a lousy contrived DVD of a movie or $1.99 for a music video?
Movielink is so dumb. You can keep the copy of the movie for 30 days but can only watch it ONCE every 24 hours. That is stupid.
Quicktime has HD.264 format. Why don't these idiots make music videos and movies in THAT format? Or DIVX?
On my cable service, On-Demand is DVD quality and I record the movie right to a DVD as I watch it. NO DRM, No Hassels, and, if there is a problem, I can buy it again, call Cox, and get a credit for the first one no questions asked.
For all the illegal downloaders, if you get sued, tough. You broke the law.
BUT:
If I pay for it, I should be able to use it for personal use on my DVD player, computer, car CD player, my music/movie player with the 60 gig HD (No, it is not an iPod) etc. however I wish.
Things they need to do:
1. Make the music download perfect without stupid requirements. iTunes and the rest provide sucky music that comes no where close to the CD you buy.
2. Videos suck worse. Why not QT HD.264 format or DIVX?
Why people pay $.99 for iTunes that sucks compared to the CD version I have no clue.
Why not all MP3s in 256kbps and all WMA in 192kbps? Anything else is a total ripoff. And, who is to blame? The 100 million idiots that bought music from iTunes!
If they would have said, "No! Make it 256kbps and I'll bite or NO iTunes," we wouldn't have crappy music at ridiculous prices and idiots stealing everything all over the place. | |
| | | 
Jason Levine
Premium
join:2001-07-13
USA
| Re: What a suuurrrrprise! said by kyramilan :Why people pay $.99 for iTunes that sucks compared to the CD version I have no clue. Basically, they're paying for the convenience of getting one song when they might not want all of the songs on the CD. However, I agree with you that it is a ripoff when the song you buy comes with a ton of restrictions. I recently purchased 4 songs from the Barenaked Ladies online shop. The songs were in MP3 format, $0.99 each and didn't have any DRM built into them. I was completely satisfied with my purchase and would buy from them again.
said by kyramilan :Why not all MP3s in 256kbps and all WMA in 192kbps? Anything else is a total ripoff. And, who is to blame? The 100 million idiots that bought music from iTunes! Actually, I'd like to see something along the lines of AllOfMP3.com. You can pay $0.99 for a 192kbps, non-DRM-ed MP3, or you can opt to pay a bit more and get a higher bitrate. Of course, it won't happen because the RIAA is completely convinced that no-DRM equals instant piracy. What they don't see is that the pirates are already breaking the DRM (or simply ripping the CDs to MP3) releasing songs unencumbered by DRM will give legitimate consumers more power (and thus more incentive to buy) while not really helping pirates that much. | |
| | |
captokita
Premium
join:2005-02-22
Calabash, NC
| said by kyramilan :If I pay for it, I should be able to use it for personal use on my DVD player, computer, car CD player, my music/movie player with the 60 gig HD (No, it is not an iPod) etc. however I wish. Why people pay $.99 for iTunes that sucks compared to the CD version I have no clue. Why not all MP3s in 256kbps and all WMA in 192kbps? Anything else is a total ripoff. And, who is to blame? The 100 million idiots that bought music from iTunes! If they would have said, "No! Make it 256kbps and I'll bite or NO iTunes," we wouldn't have crappy music at ridiculous prices and idiots stealing everything all over the place. I'll agree with you there, I think you should be able to listen to/ watch something you PAID for anywhere, anytime.
As for the .99 iTunes - I've never used them, but I don't have an iPod - What's even worse than this, is that people will pay $4 - $5 (or more!) on a stupid ringtone of a song. That's a 20 second CLIP for cryin out loud!!!!! Talk about stupid.
But I'll agree with you, if the downloads were CD-quality, and priced right, .99 per song IS reasonable, they could do better business... not that business is hurting on iTunes - However, even if the song was .01, someone would download it for free via torrent/p2p.
Sorry this post strayed a bit OT. | |
| | | 
guitarzan
Premium
join:2004-05-04
Skytop, PA
 ·epix
| said by kyramilan :ALL DRM is NEVER totally secure. My Mac and PC has a media player on each that will import ANY format and ignores the DRM. Case in Point: U2's last album. Microsoft decided this CD, How to Make an Atomic Bomb, could burn 2 times to a CD. So, I imported it into my media player (not WMP) and it allows UNLIMITED burning. This ticks me off: What Microsoft OS decided to limit your CD or was it Zune?
--
Its the Democrats fault. In fact it is the Speaker of House Polosi fault. Everything is the Democrats fault. Everything. Just like Everything was the Republicans Fault when they were in power. | |
| | | |
kyramilan
join:2006-11-26
Pensacola, FL
| Re: What a suuurrrrprise! said by guitarzan :said by kyramilan :ALL DRM is NEVER totally secure. My Mac and PC has a media player on each that will import ANY format and ignores the DRM. Case in Point: U2's last album. Microsoft decided this CD, How to Make an Atomic Bomb, could burn 2 times to a CD. So, I imported it into my media player (not WMP) and it allows UNLIMITED burning. This ticks me off: What Microsoft OS decided to limit your CD or was it Zune? Windows Media Player 9! Yes, it did on U2's CD.
The Zune is the worst, ugliest piece of crap I've ever seen.
I have the Creative Zen M: 60 gig player. Creative's software, for some reason, just eliminates DRM when it imports songs.
The sofware on my Mac shall remain anonymous. | |
| | | | |
guitarzan
Premium
join:2004-05-04
Skytop, PA
·epix
| Re: What a suuurrrrprise! said by kyramilan :Windows Media Player 9! Yes, it did on U2's CD. The Zune is the worst, ugliest piece of crap I've ever seen. I have the Creative Zen M: 60 gig player. Creative's software, for some reason, just eliminates DRM when it imports songs. Have you turned off the options>privacy> import song information turned off, when using Windows Media Player 9?
Agreed the Zune looks as if its a brown turd. The logo should read: "chit for sure"
I recall a co-worker who made his own mp3 player, using an old Pentium 233 mhz. A power inverter for use in his car. Dos 3.11 ? An AT keyboard, did some soldiering for speaker jacks and used a 20 gig HDD. Plugged the old computer into the cigarette lighter. It worked & was portable !!
Some details are omitted because of faulty memory
It was the coolest thing I ever saw, at that time.
He got the plans off the net, for the life of me. I can't remember the kits name or where to find it.
--
Its the Democrats fault. In fact it is the Speaker of House Polosi fault. Everything is the Democrats fault. Everything. Just like Everything was the Republicans Fault when they were in power. | |
| | | | | | 
operagost
join:1999-08-02
Spring City, PA
| Re: What a suuurrrrprise! Maybe you mean Windows 3.11? No DOS 3.11 ever existed. And I doubt that, because DOS 6.x only supported FAT16 with 2 GB partitions. He would have had to split that into 10 partitions and I'm not sure the hassle of setting up a player to shuffle with that is worth it. | |
| | | | | | |
guitarzan
Premium
join:2004-05-04
Skytop, PA
·epix
| Re: What a suuurrrrprise! That's it, Operagost, it was either DOS 6.1 or 6.2. I don't remember if that kit came with a software cd or not, it probably was not a 20 gig HDD, maybe an old 5-10 gig instead?
The tower didn't have a mouse, nor did it have a cd-ROM. The HDD would get pulled and then slaved to his work computer to load up mp3's. This was way back when Napster first started. The PC repair shop did have a cable connection  It was faster than dial up, yet slow compared to today's BB speed.
IF, I recall correctly win 98, was becoming the main OS. The shops server might have been NT.
I have been wanting to use an old PC, I have stuffed into my storage shed to build a mp3 player like that. Google should turn up something.
--
Its the Democrats fault. In fact it is the Speaker of House Polosi fault. Everything is the Democrats fault. Everything. Just like Everything was the Republicans Fault when they were in power. | |
| | | | | | | 
jeisenberg
New Year's Eve
join:2001-07-06
Windsor, ON | Actually, there was a DOS 3.11, but that's irrelevant to this thread. | |
| | | jarthur31
join:2006-04-14
Carlsbad, NM | Are you American? 
Or Human for that matter?
You make too much sense buddy.
The RIAA and MPAA must be socialists/nazis. | |
| | | 
Count Zero
MD2Be
Premium
join:2007-01-18
Warner Robins, GA | iTunes does sell it's videos in H.264. The music quality isn't that bad for most "modern" music IMHO, but certainly isn't optimal for some of the instrumental masterpieces. | |
| brianiscool
join:2000-08-16
Miami, FL |  hmm
| |
| Foxbat121
join:2001-04-25
Herndon, VA
| AACS is designed to be crackable But only on individual devices. New film discs can contain revocation list to revoke the license of those cracked devices. The strength of AACS is not that it is not crackable but individual devices can be revoked and each manufacturers use different keys. | |
| | 
inteller
Sociopaths always win.
join:2003-12-08
Tulsa, OK
| Re: AACS is designed to be crackable said by Foxbat121 :But only on individual devices. New film discs can contain revocation list to revoke the license of those cracked devices. The strength of AACS is not that it is not crackable but individual devices can be revoked and each manufacturers use different keys. I see, so they are going to disable my device. I believe that is called sabotage and vandalism. If they do that I think you will start seeing a large number of device returns to the manufacturer.
A revocation list on new discs is essentially a trojan horse on each new DVD.
Oh, and what are they going to do when the device revocation list takes up half the disc? That is complete stupidity. | |
| | |
kyramilan
join:2006-11-26
Pensacola, FL
1 edit | Re: AACS is designed to be crackable If they did that, I would sue. It is my computer NOT theirs. As long as I'm using it for personal use, why care?
Fair Use doctrine. I didn't give them "Fair Use" of my DVD device, did I? Can't claim a "EULA" or "TOS" since there are NONE in the DVD I bought. | |
| | chemaupr
join:2005-06-06
Alexandria, VA | correct.by design any DRM must be crackable, otherwise they wont be playable, is a matter of keys. previous MS DRM used fixed keys, this new design will allow them to change as needed. | |
| | Kearnstd
Elf Wizard
Premium
join:2002-01-22
Mullica Hill, NJ
| if i made home electronics and someone in my company leaked codes causing 100s of devices to not work right due to the blacklist. not only would that worker be fired but id sue the movie companies for the cost of every returned TV, DVD Player and Tuner that was returned because of this. could probally win too in a non California court that is less media friendly.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports | |
| | | Foxbat121
join:2001-04-25
Herndon, VA
1 edit | Re: AACS is designed to be crackable said by Kearnstd :if i made home electronics and someone in my company leaked codes causing 100s of devices to not work right due to the blacklist. not only would that worker be fired but id sue the movie companies for the cost of every returned TV, DVD Player and Tuner that was returned because of this. could probally win too in a non California court that is less media friendly. In order to make such electronics, you have to sign license agreement with them to get your private key. Guess what will be in the license agreement you signed away? | |
| 
jgkolt
Premium
join:2004-02-21
Lakewood, OH
clubs: | so back to the thesis Has AACS DRM been cracked? | |
| | RadioDoc
58ef2c0
Premium,ExMod 2000-03
join:2000-05-11
·AT&T Midwest
| Re: so back to the thesis No. The cited article describes an application written to use stolen or keygen-obtained individual title keys. The DRM is unaffected. The only way it works is if you get the key to play the file, which is hardly a "crack" of the DRM. In fact, that's pretty much the way it's designed to work.
This is the equivalent to someone figuring out how to get the key pattern from one padlock and then unlock it. It doesn't affect any other padlock, and really is not relevant until someone figures out if there is a master key pattern that unlocks every padlock ever made. Whether that is possible is unknown, and would truly be a cracked DRM scenario. This isn't it.
The uproar here is typical, "didn't read the article" nonsense.
--
Toolmaster of La Grange. | |
|
inteller
Sociopaths always win.
join:2003-12-08
Tulsa, OK
| Best news I've heard all day. Of course, there will be some 11th hour patch to the home versions of Vista to circumvent this.
I'm sure there are some angry hollywood execs making calls to MS today.
I think this also explains the staggered release. Get the business edition out there so they can see what the hackers do to it. It also allows them to spot stolen corporate keys and ban them easier. | |
| 
getrealNOW
@comcast.net | What did you really expect from MICROSUCKS ? Did anyone really expect Vista to be secure in any way, shape or form?
Please get real NOW if you did ! | |
| | 
Doctor Four
My other vehicle is a TARDIS
Premium
join:2000-09-05
Dallas, TX
 ·AT&T U-Verse
| Re: What did you really expect from MICROSUCKS ? You got that right, Taylor01.
And it isn't just the DRM: Vista already has a number
of security flaws, some of which exploits have already
been written for. One of these allows privilege
escalation. And another one was being hawked at an
underground hacker marketplace for $50,000.
As for the DRM itself, Peter Gutmann's article ought
to be required reading for anyone considering Vista
as their next OS.
--
"The trouble with computers, of course, is that they are very sophisticated idiots." - Doctor Who (from Robot) | |
| | | 
clank
join:2005-07-04
spain
| Re: What did you really expect from MICROSUCKS ? "The homeland security implications of this seem quite
serious, since a tiny, easily-hidden piece of malware would be enough to
render a machine unusable, while the very nature of Vista's content protection
would make it almost impossible to determine why the denial-of-service is
occurring. Furthermore, the malware authors, who are taking advantage of
"content-protection" features, would be protected by the DMCA against any
attempts to reverse-engineer or disable the content-protection "features" that
they're abusing."
from peter gutmann's article. | |
| 
LeftOfSanity
join:2005-11-06
Felton, DE
| Just them? I kind of think it wasn't just MS. I'm sure there were people talking in their ear, so to speak, to make this content protection. I think other companies strongarmed them into doing it, like "If you don't scratch our backs, we won't scratch yours." "Look Bill, we need our content protected from the internets. We don't want anyone to be able to copy our content and do what they want with it, or put it up on The Google."  | |
| 
envoid
join:2002-12-21
Duluth, GA
| I'm just glad glad glad! AACS needed to be cracked anyway. The DRM encumbers everyone and their Fair Rights usage. If I buy a HD-DVD and want to plant a copy on my HTPC so I don't screw up the disc, I should be able to. DRM does nothing but make money for the crackers who discover the crack. | |
| 
Titus Pullo
I came, I saw, I slept
join:2004-06-26
·Embarq
| "[...] the longest suicide note in history" (for MS) began years ago, not with this latest attempt to leverage their position atop one market for gain in another. MS appears more and more a day late and an innovative idea short when entering new markets or releasing new versions of old products. You'd think with all the extra time to market they'd hit one out of the park once in awhile. Nope; they're too busy f'd up with a twisted forest/trees thing as only an entrenched market leader could be. Must be a bitch to be that powerful yet so slow & inept, relying increasingly on market share to stumble onward from year to year.
It may come to pass that they one day rule the set-top box of total home entertainment as they do desktop computers. And I truly believe that would be a sad day in retrospect.
--
"I am not young enough to know everything."
Oscar Wilde | |
| 
cableties
Premium
join:2005-01-27 | I blame Clinton for signing the DCMA et al.
| |
| 
TScheisskopf
World News Trust
join:2005-02-13
Belvidere, NJ | Were I a guy named Linus... I would be cackling with glee right now.
People WILL be investigating alternatives. And seriously. | |
|
Doctor Four
My other vehicle is a TARDIS
Premium
join:2000-09-05
Dallas, TX
·AT&T U-Verse
| DRM is high tech snakeoil If it can be heard or seen, it can be copied.
Yet Microsoft, Apple, and the content cartels continue
to spend millions on it, and claim that it is needed to
reduce piracy.
They need to wake up and see that the so-called
professional 'pirates' are laughing in their collective
faces, and that DRM is doing nothing whatsoever to
reduce it.
--
"The trouble with computers, of course, is that they are very sophisticated idiots." - Doctor Who (from Robot) | |
| | 
trparky
Bite My Shiny Metal Ass
Premium,MVM
join:2000-05-24
Cleveland, OH
clubs:
·AT&T U-Verse
| What is it with people?!?! What is it with people?!?! Content creators have the right to protect their Intellectual Property. What is it that you don't understand about that concept? They have the right! They created it! If they don't want you to play their content on your PC than it is their damn right to do so!
If you made a movie and it took millions of dollars to make and suddenly you are looking at only half of that money coming back because of some little shit that is pirating your movie, wouldn't you be pissed off? Yes, that's right, you would be. So, they DRM the movie and lock you out of doing stuff with that movie.
It's called ****ing economics!
You would be singing a different tune if you had made a movie and you poured your blood, sweat, and tears into making it and you all of a sudden saw your movie being traded online as if its nothing more than a piece of paper.
I don't condone DRM, but at least I'm not so blind that I can't see the need for it.
Think that this is a victory for the masses? The cracking of this DRM? LMAO This will just make way for even more draconian DRM methods.
--
WedgeAntilles250
Tom's Rant | |
| |
See 22 replies to this post | |
antiserious
The Future ain't what it used to be
Premium
join:2001-12-12
Scranton, PA
| I wonder
How many people that replied to this story actually took the time to READ all of Mr Gutmann's write-up, because if he's even CLOSE to accurate (which I believe he may be), this is a potentially horrifying scenario. And not just the misguided DRM hogwash, but the ripple effects on hardware owned by innocent, unaware victims could be epic - even for people that have absolutely no connection with Microsoft !
A staggering display of arrogance run amok - you could be adversely affected whether you run so-called 'premium content' or not. Almost unbelievable.
--
" How can we miss you if you won't GO AWAY ! "
"R.I.P. Ellipse" | |
| 
ARGONAUT
got ping?
join:2006-01-24
New Albany, IN
1 edit | Things Change. In this world child labor is considered a good thing because of cost..."bottom line" Wallmart and FTO can testify to that.
The bottom line on DRM is it's an opportunity for RIAA/MPAA to use when new laws are being made. | |
| 
thender2
Glamour Profession
Premium
join:2004-05-16
Staten Island, NY
| Thank god. I was so afraid that I'd never be able to watch HD content outside of what I can grab with FIOSTV/an antenna.
That was a close one.. imagine a world where I can pay $20 for a movie and still have to pay again for a copy for my portable player. Imagine a world where I have to buy a preamp for my hifi because I can't use my soundcard to feed sound to the amp because I can't use a computer to play the HD content.
I don't want to.
--
The Problem With Music.
Our Rationale
Time to rewrite the DMCA. | |
|
Doctor Four
My other vehicle is a TARDIS
Premium
join:2000-09-05
Dallas, TX
·AT&T U-Verse
1 edit | It took only 8 days to bypass AACS Looks like it was no match against a determined hacker:
»p2pnet.net/story/10859
I wonder what DVD Jon would think (he was the one that
broke the CSS encryption found on most standard def. DVDs)?
--
"The trouble with computers, of course, is that they are very sophisticated idiots." - Doctor Who (from Robot) | |
| Selenia
join:2006-09-22
Pittsfield, MA
·Verizon Online DSL
 ·RoadRunner Cable
1 edit | ...and you wonder why so many pirates? These crappy bitrates besides the DRM is a good case in point.It leaves people who like good audio no choice but to shell out for a whole physical CD(about $19.99 in this area which is monopolized by a few companies) to be legit. You can fire up your favourite BT or Usenet client and find FLAC downloads for free. Another issue, which is one of my pet peeves, is I will not install extra crapware known as DRM to potentially spy on me, lock me out of my own content, or slow down my pc. Sorry guys, if you're going to treat people who buy from you like criminals off the bat because they bought from you, then I won't buy from you. Simple as that! DRM assumes everyone is a criminal, although the only way to get DRM infected is to BUY something, not pirate it. Here the pirate PCs go malware free while these online stores infect the legit consumer. Something just don't smell right here. I'll continue to download then if I like the majority of tracks, I will buy the legit CD and rip it with something that doesn't transfer DRM for when I just don't want to listen to it on a clunky portable CD player(yes, my mp3 player supports FLAC ). The only reason I do this is I know it's not the artist's fault and they need to eat and should have food on the table for producing good material. It's the RIAA and all the companies they have bought's fault. They see pirates demanding uncrippled content on a daily basis with promises they would buy if they provided it. Yet, the RIAA follows their publicity stunts and fails to provide what people want. I can hope someday they'll see the light, but I won't wager on it. Think about it, does uncrippled content really help piracy? Do a P2P search for all your crippled content in uncrippled form and you will find it. | |
| | | |
|
|
