So now that HD-DVD AACS is cracked? - Right before CES. [Text View]

amirm

12-27-06, 10:14 PM

Describe 'situation?'
Once the drive authenticates the media as being real, which is the case in this claimed attack, then from then on, the Rom mark plays no part. Indeed, this is the major weakness of Rom mark. In real world, it provides no protection as hackers can steal the bits even with a valid Rom mark. And once the bits are taken, and distributed electronically, it doesn't matter what the mark did or did not.

Are we talking about burning by the home-hobbyist burning and playing 'back-ups,' or are we talking about massive counterfeiting operations? No in the former situation it does nothing, but in the later it does... whereas HD DVD has no such added security measure.
I highly doubt that the target of anyone hacking BD is to go and distribute the same on BD disc. They are going to distribute them instead in electronic means or for downconversion to other formats. Heck, they can use the bits to make HD DVDs! Now that would be quite ironic, wouldn't it? :)

When and if AACS does get "Jon'd," I believe the ROM-Mark is going to have a material effect on the degrees to which the IPs proliferate on the street, HD DVD vs BD.
Again, once the AACS layer is broken, and bits are in the clear, the format is broken and whether it had a mark or not is of little consequence.

Ironically of course, the current equipment expense and 'difficulty' of BD replication is in a way it's own barrier to mass piracy operations, at least for the time being. HD DVD has no such 'layman' constraints. Layman of course being used liberally in this context...
Please see above.

xbdestroya

12-27-06, 10:18 PM

I highly doubt that the target of anyone hacking BD is to go and distribute the same on BD disc. They are going to distribute them instead in electronic means or for downconversion to other formats. Heck, they can use the bits to make HD DVDs! Now that would be quite ironic, wouldn't it? :)

Amir I still don't agree with your spin on the issue wrt ROM-Mark; but on the side I guess you missed the thread a couple of weeks ago where a forum member successfully backed up an HD DVD to Blu-ray. So... is that irony deserving of a smily face as well? :)

hmurchison

12-27-06, 10:19 PM

I see. So... you don't disagree with me, you just think it's the 'wrong road.'

You may not understand the premise of this thread, but it's not the fact that AACS has been cracked. The premise of this thread is that studios may seek further comfort in BDs added security layers. ROM-Mark is a very real aspect of that, because it effects the viability of breaches like these on the mass piracy market. Which is considered 'mass' for a reason...

We're not talking about P2P download/burns here.

The studios likely know that all encryption methods are eventually defeated. The object is to keep the price/technology of piracy so high it's not worth it to all but the largest outfits. I've never been a fan of technology like ROM Mark. My guess is it'll be easier to defeat than gaining temporary access to HD data through AACS.

Forceflow

12-27-06, 10:23 PM

The bottom line is that all the BD fans celebrating this news are proving how poisonous and foolish they're celebration is towards the format war. If AACS is in fact temporarily hacked, it means just as much bad studio mojo (for a lack of better term) for BD as HD DVD. As noted earlier, keys are still secured and the author does not disclose how (or if he did) obtain the keys.

There is no spin on the audio mark, the "additional layers of BD protection" aren't really strong and rely on a strong foundation of AACS, without AACS they can easily crumble. Lets not jump off of cliffs because Petra induces a clear troll thread. (Trolls don't act like lemmings do they?)

xbdestroya

12-27-06, 10:23 PM

The studios likely know that all encryption methods are eventually defeated. The object is to keep the price/technology of piracy so high it's not worth it to all but the largest outfits. I've never been a fan of technology like ROM Mark. My guess is it'll be easier to defeat than gaining temporary access to HD data through AACS.

You can understand though, that the very reasons you are not a fan of ROM-Mark technology would be the very reasons the studios are. I think we can all take a random stab at guessing which format is more expensive to bootstrap a replication effort for as well.

xbdestroya

12-27-06, 10:28 PM

There is no spin on the audio mark, the "additional layers of BD protection" aren't really strong and rely on a strong foundation of AACS, without AACS they can easily crumble.

Explain that then to me would you Forceflow? This 'crumbling' you refer to.

There are too many posters on this forum that misinterpret Amir's statements and think that they themselves have gained the ability to speak authoritatively on the matters at hand because they think they are correctly parroting his claims.

Petra

12-27-06, 10:28 PM

the guy apparently is sharing his utility at rapidshare.com, I'm gonna check it out. It's Java based, I understand a little about Java :D

http://blogs.pcworld.com/staffblog/archives/003380.html

Mr. Hanky

12-27-06, 10:31 PM

Rio

12-27-06, 10:41 PM

Since HD DVD player is allowed to play HD DVD-Video format on a HD DVD-ROM disc without AACS protection unlike BD player is not allowed to do so (ROM mark is also required), if certain title keys are compromised, there is no way to stop commercial pirated discs of certain titles being replicated. No countermeasure is available for this case.

If hacked one is a device key and the hacker unwisely distributes it, AACS entity will simply revoke that compromised key, plain and simple.

ROM mark does not work for home piracy and does not affect anything about decryption of AACS and converting plain data to another format. It only works for commercial pirated discs on BD players. But even ROM mark is useless against home piracy and video sharing on the internet, studios do really care about commercial piracy, I think.

John Kotches

12-27-06, 10:43 PM

It hasn't even been successfully demonstrated that this has created an "in the clear" hacked copy yet. We're a little ahead of the game.

Here's the relevant portion of the text I'm referring to:

We then ran a binary compare against the two. You'd think an unencrypted movie file would have more than just a few hex offsets changed by the unencryption process, but we haven't yet been able to test playing back the files, namely because WinDVD and PowerDVD both totally blow as demos. More shortly.

As best I can tell, all they've done is compared the binaries and proclaimed them different without the ability to play it back.

It is an unsubstantiated claim, and it is possible that AACS hasn't been cracked at all.

According to a post on our favoritest of forums (Doom9) by DRM hacker du jour muslix64, his new BackupHDDVD tool decrypts and dismantles AACS on a Windows PC. Just feed the small utility a crypto key (it comes bundled with keys for a few popular HD DVD titles, with the promise of more on the way), and it'll dump the video right off the disc onto your hard drive, supposedly playable in any HD DVD compatible player.

This is like having an Enigma device and knowing the code key for the day. You have the crypto key you can get the clean output. There's no way of knowing how the key was retrieved and that is one of the most important points.

Another question of mine is how strong is this key? Not asked or answered.

While I'm by no means a cryppie the key strength is one of the key parms for determining how successful a brute force attack will be. Of course it's also possible that the key generation pattern is easily hacked, ie not sufficiently randomized which would lead to a more easily attacked key generation. I'm assuming it wasn't a criminally stupid key generation scheme.

Me, I think it's in the "too soon to tell" category. But it'll be interesting to see how this unfolds.

Cheers,

Rob Zuber

12-27-06, 10:47 PM

BD+ requires AACS to work. Its usage is disallowed without AACS. In addition, BD+ is pretty defenseless without AACS. So there is no salvation for BD if AACS is broken.Wait, wasn't Amir telling us that BD+ was draconian, dangerous, scary unknown baby-killing code? Now it's harmless? :D

xbdestroya

12-27-06, 10:48 PM

It only works for commercial pirated discs on BD players. But even [though] ROM mark is useless against home piracy and video sharing on the internet, studios do really care about commercial piracy, I think.

Exactly.

Although Amir brushes this idea aside in his response to me in order to highlight the digital distribution era of piracy we live in, this really is the primary concern for these studios. Well, beyond the encryption cracking itself of course. Eventual mass market penetration of these formats by default likewise means mass replication efforts on the part of pirates. We're talking about midnight operations out of China supplying thousands of copies to vendors on the streets of New York, not little Billy buning his uncle a Batman Begins copy for his birthday. BD-Rom offers a defense against this where HD DVD has none. It is as simple as that.

Rob Zuber

12-27-06, 10:54 PM

While I'm by no means a cryppie the key strength is one of the key parms for determining how successful a brute force attack will be. Of course it's also possible that the key generation pattern is easily hacked, ie not sufficiently randomized which would lead to a more easily attacked key generation. I'm assuming it wasn't a criminally stupid key generation scheme.The hacker claims to have read the keys from memory.

amirm

12-27-06, 10:55 PM

Wait, wasn't Amir telling us that BD+ was draconian, dangerous, scary unknown baby-killing code? Now it's harmless? :D
Defenseless and "harmless" are two seperate things. BD+ can not protect the content beneath it without AACS. It is as simple as that.

BD+ reads programs from the disc and executes them for additional functionality above and beyond AACS. That makes it anything but "harmless" in my book. Your mileage may vary.

trgraphics

12-27-06, 10:56 PM

[QUOTE=Petra]the guy apparently is sharing his utility at (deleted), I'm gonna check it out. It's Java based, I understand a little about Java :D

[deleted]

So, you believe that doing something that is illegal is ok? That sounds about right coming from you.

Why on earth is this url being allowed to be posted at this forum. Wake the hell up moderators!!

amirm

12-27-06, 11:01 PM

[QUOTE=xbdestroya]Although Amir brushes this idea aside in his response to me in order to highlight the digital distribution era of piracy we live in, this really is the primary concern for these studios. /quote]
The primary concern of any studio in this situation would be AACS. Three of them are founding members of AACS for a reason. They will not sleep easy until the problem is dealt with. Remember, the exact same thing shown here can be done to BD.

xbdestroya

12-27-06, 11:10 PM

The primary concern of any studio in this situation would be AACS. Three of them are founding members of AACS for a reason. They will not sleep easy until the problem is dealt with. Remember, the exact same thing shown here can be done to BD.

I in fact mention that the encryption itself takes precedence. But again, by the 'same thing shown here' statement you completely try to whitewash and ignore the differences in replication hurdles faced by potential mass replication piracy operations.

The same thing shown here can be done to BD... but it's that 'other' thing not shown here - which I have been refering to - where BD has an advantage; and when security schemes get cracked, IP holders start thinking about security.

John Kotches

12-27-06, 11:10 PM

The hacker claims to have read the keys from memory.

If true then the actual encryption scheme remains secure for the time being. Unlike with CSS (where actual code was left lying around in a manner of speaking) this took deliberate effort by scanning memory to get the particular decryption keys. So (IMO) it is more correct to say that a method for swiping the encryption key for a title might have been found.

If you have the space and a burner sitting around, I suppose you could decrypt each disc and reburn it to HD-DVD. Maybe even Blu-ray if you can come up with an authoring method. Amir alluded to that in an earlier post.

Now, I am not condoning copying discs -- but this is a good intellectual exercise. One has to wonder about the economics of such a path at this time. Blu-ray burners are $500+/each and (in bulk) the media is about $15-35 dollars depending on whether you go with single or dual layer. So you have to burn a lot of discs just to break even, unlike with DVD. I don't even know what the costs are for an HD-DVD burner and dual layer media; but I wouldn't be surprised if prices are comparable.

Let's assume that your rental cost is $5/disc and you're just copying for yourself. Your purchase cost is $25/disc. So you save $20/disc but a minimum of $15 of that is eaten up in media costs presently. If you have to go dual layer you're losing money. Okay, so on single layer discs, you have to copy >100 discs to hit the break even point and we haven't touched the authoring software. Keep in mind, I said this was for yourself and that you aren't commercially pirating. I don't want to get into the arguments about the legality / ethics of this. This is strictly addressing the economic side of things.

Seriously, I'm not sure it's of practical value just yet even if it does become possible. Plus, why isn't it possible to regen the keys so that each disc has one of several keys? I don't see that as impossible or even impractical given the size of today's hard drives.

Perhaps Amir can chime in and tell us if the masters for replication are stored on hard drive and whether it's feasible to generate N number of copies for replication on a rotating basis each with unique encryption keys.

Best,

John Kotches

12-27-06, 11:15 PM

phobus

12-27-06, 11:16 PM

The primary concern of any studio in this situation would be AACS. Three of them are founding members of AACS for a reason. They will not sleep easy until the problem is dealt with. Remember, the exact same thing shown here can be done to BD.

Correct me if I'm wrong, but I think the difference is that once the movie is dumped, pirates cannot mass produce blu-ray copies (yet). If HD-DVD dies and no one cracks the watermarking, then the only way pirates can mass produce copies is to transcode the movie to a lower bitrate/resolution and distribute on DVDs or the new Chinese format.

xbdestroya

12-27-06, 11:22 PM

xbdestroya:

Mass replication piracy runs into similar issues in needing large numbers of drives and lots of expensive media.

At this time (IMO) until blank media costs come down it's too expensive to pirate high definition optical.

The piracy operations I'm refering to don't use burners, they use professional replication equipment (stamps); I think that's an important point to be understood here.

And again John, although I do appreciate the reasoning behind the economic excercise you are conducting, what the key issue here is... is studio perception of which format will more securely guarantee revenues do not get redirected towards illicit operations.

I agree with you that the time for mass piracy on either format is not the present; the ROI simply would not be there. But if and when AACS gets cracked, this replication scenario will be a very real factor in the studios consideration. They plan for the future as well as the present, even if sometimes their behaviour would seem to indicate otherwise.

Mike C

12-27-06, 11:53 PM

I have my own ROM protection for my HD-DVD collection...It's been in stanby mode since the seventies...

http://www.bugeyedmonster.com/toys/rom/romboxstand.jpg

http://www.bugeyedmonster.com/toys/rom/romwithboxbig.jpg

http://www.bugeyedmonster.com/toys/rom/romelectronic.jpg

Forceflow

12-28-06, 12:40 AM

Explain that then to me would you Forceflow? This 'crumbling' you refer to.

"According to the BDA, to successfully attack the BD+ system, pirates would have to overcome the AV content security system (e.g. extract AACS keys) and also overcome title-specific security code (e.g. reverse engineer security code)."

Wow, I'm no expert but I don't think you have a right to act like a jerk Mr. Insider. :p

Do you really feel that someone who finds a way around AACS in a week (he claims) and get AACS keys can't reverse engineer the codes for BD+? Please.

BD+ isn't even implemented and with the time the BDA has been taking to implement BD-J and BD-Live profiles, it likely will take another year (at least).

The ROM mark is a physical layer to prevent stamping, which isn't economically feasible as John said, and I doubt HD DVD and BD combined is such a large market to entice pirates to devote resources to something that requires specialized clientele that likely don't have a penchant for bootleg'd stuff that's being hawked in shady mass transit stops.

This whole thread is a joke because nothing is confirmed, its just BD fanboys spreading FUD about the end of HD DVD.

These two pillars of protection can be made useless without AACS backing them up.

BD ain't safe if AACS is hacked. You can say whatever about me, but it is clear that you have about as many "facts" as I do in terms of any understanding about AACS being hacked. In the future, you should refrain from personally attacking people as it really delegitimizes you if you want to convince people you are an insider. ;)

Hesitant

12-28-06, 12:44 AM

Be interesting to see what will be done.
Kill a generation of hardware with the next wave of rental/sale hddvds?

OT but provides insights into past efforts - a Google engEDU video on the xbox security system.
http://video.google.com/videoplay?docid=-4356347903120410001&sourceid=docidfeed&hl=en

Michael Grant

12-28-06, 12:50 AM

If you go past the Engadget article to the actual Doom9 discussion, I think it's pretty clear how weak this hack is. He has basically implemented the public AACS decoding spec, and used a memory viewer to extract encryption keys from PowerDVD to accomplish the decryption.

I personally suspect that AACS's countermeasures are going to work just fine here---much to the chagrin of the developers of PowerDVD, whose software has been compromised. Existing hardware players will be unaffected.

As I commented in another thread, I think this pretty much validates Microsoft's conservative choice NOT to implement HD-DVD and/or Blu-Ray support on anything but Vista.

Forceflow

12-28-06, 12:53 AM

I personally suspect that AACS's countermeasures are going to work just fine here---much to the chagrin of the developers of PowerDVD, whose software has been compromised. Existing hardware players will be unaffected.

I agree.

xbdestroya

12-28-06, 12:58 AM

"According to the BDA, to successfully attack the BD+ system, pirates would have to overcome the AV content security system (e.g. extract AACS keys) and also overcome title-specific security code (e.g. reverse engineer security code)."

Wow, I'm no expert but I don't think you have a right to act like a jerk Mr. Insider. :p

Do you really feel that someone who finds a way around AACS in a week (he claims) and get AACS keys can't reverse engineer the codes for BD+? Please.

BD+ isn't even implemented and with the time the BDA has been taking to implement BD-J and BD-Live profiles, it likely will take another year (at least).

Well, you posted it yourself... BD+ provides an additional layer of security. Your only 'defense' for your claims that it would crumble are the following:

Do you really feel that someone who finds a way around AACS in a week (he claims) and get AACS keys can't reverse engineer the codes for BD+? Please.

Well... I don't know - I feel several different ways on it. BUT... hey now what was I saying? Oh yeah, it wasn't BD+ I was discussing, it was ROM-Mark, hmmm....

The ROM mark is a physical layer to prevent stamping, which isn't economically feasible as John said, and I doubt HD DVD and BD combined is such a large market to entice pirates to devote resources to something that requires specialized clientele that likely don't have a penchant for bootleg'd stuff that's being hawked in shady mass transit stops.

John wasn't talking about stamping, he was talking about burning. I thought that should have been clear from my post to him where I informed him I was talking about stamping. Plus I'll go further and say that this post of yours shows your level of expertise on the matter; you basically cede the entire point that AACS has little to do with 'cracking' the ROM-Mark, and instead take the tone of... 'so what.'

This whole thread is a joke because nothing is confirmed, its just BD fanboys spreading FUD about the end of HD DVD.

It's not FUD about HD DVD, it's a discussion on the security of the formats relative to one another.

These two pillars of protection can be made useless without AACS backing them up.

Back to this eh? Well I'll need further explanation from you in terms of how that ROM-Mark is 'crumbling' again if you don't mind. Remember, stamp replication is what we're talking about in that regard. You definitely did not explain how they were linked whatsoever in your supposed analysis of the feature in your text above.

BD ain't safe if AACS is hacked. You can say whatever about me, but it is clear that you have about as many "facts" as I do in terms of any understanding about AACS being hacked. In the future, you should refrain from personally attacking people as it really delegitimizes you if you want to convince people you are an insider. ;)

I think my 'legitimacy' comes through quite clearly in this thread Forceflow. Legitimacy is derived from an understanding of the material and the ability to communicate that understanding. Me questioning your own grasp of the material, I assure you, does nothing to delegitimize any of what I've said.

And now the last sentence... insider? I think you're still confused from the insiders thread. But I'm not going to do anything to clarify that for you at this point in time. Suffice to say that I'm not an insider in the A/V industry, but there is more than one kind of insider as it applies to these discussions these days.

Forceflow

12-28-06, 01:10 AM

Back to this eh? Well I'll need further explanation from you in terms of how that ROM-Mark is 'crumbling' again if you don't mind. Remember, stamp replication is what we're talking about in that regard. You definitely did not explain how they were linked whatsoever in your supposed analysis of the feature in your text above.

Discussions on stamp replication are fruitless when the market is so small. Would you invest the time into making HD DVDs x-box destroya if the market is mainly educated, technophiles that don't buy bootlegs? How would you distribute those? No one in their right mind will be replicating discs with media so expensive and the market penetration measured in single digits.

eurotrance

12-28-06, 01:15 AM

This bit of news coming out barely 2 weeks before CES strikes me as being a little suspicious.

I know corporations don't mind playing dirty when so much money is at stake, and straight-out lies have already been issued quite a few times by major execs to discredit the other camp. I will let you be the judge of which camp I'm alluding to. I wouldn't be surprised if this software had been "leaked" in order to create a panic among studios that support HD-DVD.

If such software is indeed the creation of a 100% independent hacker not linked in any way to any CE company or movie studio, it remains to be proven that the files extracted from a BD or HD-DVD can actually be used to make perfect copies and electronic distribution, something that I will believe when I see it. I still think we are far from a DeCSS kind of tool in the present situation.

However, any encryption/protection can and eventually will be hacked. Having 3 layers or a gazillion layers of protection will change absolutely nothing to that fact. So trumpeting the superiority of BD's security is something that will blow right in your face about 48 hours after it will have been proven HD-DVD can be hacked. If one format is hacked, so will the other one.

One way or another, leaking this kind of news, either legit or not, will have an impact with non-techie movie studio execs. I wish the media would use a bit more restraint in proclaiming such grandiose discovery and verify the accuracy of these "news" before making such bold statements, but then again it has become common place to escalate the "grand-guignol" in order to attract viewers/readers.

xbdestroya

12-28-06, 01:20 AM

Discussions on stamp replication are fruitless when the market is so small. Would you invest the time into making HD DVDs x-box destroya if the market is mainly educated, technophiles that don't buy bootlegs? How would you distribute those? No one in their right mind will be replicating discs with media so expensive and the market penetration measured in single digits.

I'm going to take this as further evidence that you actually do not have an AACS/ROM-Mark connection to substantiate in this discussion. That said, I will explain to you why this matters. It's because one day... the pentration may not be in the single digits. Do you see that day on the horizon? Do you at least hope for it? And when that day comes, a defensive technology like ROM-Mark will be viewed as something you as a studio would want to have access to vs not. Will the HD optical market ever get to be as big as the DVD market was/is? Maybe not. But if it ever gets "big" at all, believe me when I say that professional piracy operations will try and flourish wherever they can.

That you don't view these defensive measures in terms beyond the 2006/2007 timeframe, to me, shows that you don't really understand their purpose to begin with.

raaj

12-28-06, 01:33 AM

Explain that then to me would you Forceflow? This 'crumbling' you refer to.

There are too many posters on this forum that misinterpret Amir's statements and think that they themselves have gained the ability to speak authoritatively on the matters at hand because they think they are correctly parroting his claims.
...

The primary concern of any studio in this situation would be AACS. Three of them are founding members of AACS for a reason. They will not sleep easy until the problem is dealt with. Remember, the exact same thing shown here can be done to BD.
I in fact mention that the encryption itself takes precedence. But again, by the 'same thing shown here' statement you completely try to whitewash and ignore the differences in replication hurdles faced by potential mass replication piracy operations.

The same thing shown here can be done to BD... but it's that 'other' thing not shown here - which I have been refering to - where BD has an advantage; and when security schemes get cracked, IP holders start thinking about security.

Explain that then to me would you Xbdestroya? This 'advantage' you refer to.

There are too many posters on this forum that read certain statements on the internet and think that they themselves have gained the ability to speak authoritatively on the matters at hand because they think they are correctly parroting those claims.

I am just curious to know IF and WHEN AACS for BD gets compromised in a similar way, how exactly would the BD+ and ROM-Mark kick in to provide the required protection? After criticizing the other member for parroting the statements of a certain "expert", I am curious to know your level of knowledge in this area, and learn more about this stuff in the process. I admit that I don't know too much about this stuff, but from your tone, I presume you could help us parrots learn new words.

Since you claim that these extra security features are an advantage over HD-DVD, please let us know what the strengths and weaknesses are of these additional security features Blu-Ray offers over and above HD-DVD.

xbdestroya

12-28-06, 01:40 AM

Explain that then to me would you Xbdestroya? This 'advantage' you refer to.

Sure.

There are too many posters on this forum that read certain statements on the internet and think that they themselves have gained the ability to speak authoritatively on the matters at hand because they think they are correctly parroting those claims.

That's a great line, where'd you get it? ;)

I am just curious to know IF and WHEN AACS for BD gets compromised in a similar way, how exactly would the BD+ and ROM-Mark kick in to provide the required protection? After criticizing the other member for parroting the statements of certain "experts", I am curious to know your level of knowledge in this area, and learn more about this stuff in the process.

Ok, again... and Raaj did you read the rest of my posts before writing this? Because I've already gone over it you know. But again, what ROM-Mark is, is a deterent to commercial-level mass replication efforts. A physical stamp is placed on every Blu-ray disc coming off of a replication line, and it does not matter what hacks have been achieved on the software/encryption side - this defense is seperate. Now... yes you can still share the file, burn a copy, etc etc... provided the other security measures are hacked. But ROM-Mark isn't a matter of piracy: yes or no; it's a matter of the scale of piracy that would be readily achievable. Whether people here are aware or not, when you buy a bootleg movie off the street, very often that movie came from a professional-grade replication facility where the DVD was stamped, not burned. That is the area that ROM-Mark targets. And whether it gets overturned in the future or not, AACS falling has little to do with it, and HD DVD has no comparable featureset to offer.

Since you claim that these extra security features are an advantage over HD-DVD, please let us know what the strengths and weaknesses are of these additional security features Blu-Ray offers over and above HD-DVD.

Always happy to oblige Raaj.

raaj

12-28-06, 01:54 AM

That was quick. Thanks and much appreciated, as always. How about the BD+? What is it? What are its essential components? How does it interact with AACS? When AACS fails, how does BD+ cover up for it to provide additional security?

chad_cincy

12-28-06, 01:55 AM

But again, what ROM-Mark is, is a deterent to commercial-level mass replication efforts.
You know what is ironic... While what you you say is true about pressing BD ROM's, to the best of my knowledge, it would force pirates to transcode their BD bootlegs to HD DVD's! :eek:

Richard Paul

12-28-06, 01:58 AM

If AACS has been temporarily hacked, which is a big if, it happened far faster than I thought it would and does harm both HD formats. Because of the additional security measures on Blu-ray though it doesn't harm them equally, which is why several of the most devoted HD DVD supporters have attacked the very existence of this thread. Personally I don't agree with Petra that this will change the format war greatly, but I think it will give a bit of a nudge to Blu-ray.

Defenseless and "harmless" are two seperate things. BD+ can not protect the content beneath it without AACS. It is as simple as that.It could though perhaps prevent AACS from being hacked which would be rather useful. Also Amir as much as you mock the added security features in Blu-ray last I checked Fox considers them to be important. Just a hunch but a studio that owns content probably cares a lot about protecting that content. Of course you have implied that Fox is foolish/ignorant about copy protection methods but I for one am skeptical of that.

xbdestroya

12-28-06, 01:59 AM

How about the BD+? What is it? How does it interact with AACS? When AACS fails, how does BD+ cover up for it to provide additional security?

Hey, am I here talking up BD+? No, I'm talking ROM-Mark. ;)

BD+ hasn't been implemented yet. So what can I say about it? But I'll give an overview.

It's an additional encryption layer on top of the existing AACS, and it can be dynamically updated on new stampings of official disc releases as hacks come to light on existing releases. Basically it provides another 'wall' for hackers to have to climb in addition to the resident AACS (also dynamically updatable). If I were to break it down for you, I would simply say it provides BD with the advantage of having two moving targets for hackers to keep up with rather than just one, but on that level it would just be a little added 'hassle' for the parties involved to overcome. Who knows until it's put into play.

But I will say this. I think this is just the conservative view on the issue. Sony/Columbia is *the* picture house to have disc releases out right now that defeat DVDDecrypter (granted development on that specific software has ceased), requiring additional decryption software to be used by pirates. If BD+ ends up being as hardcore as what the minds of FOX, Sony, and Disney might have wished for it to be, well then it will be pretty serious yet.

We'll just have to wait and see.

Another aspect of BD+ is that it has the authority/capacity to actually shut down BD players it believes to have been hacked, and likewise to return them to a 'clean' firmware state.

It's all theory for now until put into practice, but in any event, whatever the strengths of BD+ end up being, any logical studio is going to view BD+ & AACS as being a greater defensive line than simply AACS alone. That's just the simplest of logic. Now, that doesn't mean that this and this alone determines a studios actions. Universal has known this for a long time, but they're still HD DVD exclusive for their own reasons. It *is* however a primary motivator for Disney and Fox and their own choices in allegiance.

And as for ROM-Mark... again... 'yes' ROM-Mark blows 'no' ROM-Mark out of the water on the large-scale replication front.

raaj

12-28-06, 02:08 AM

Faceless Rebel

12-28-06, 02:21 AM

The biggest problem with this hack is that when all is said and done, you still have a 30GB (for HD DVD) or 25 or 50 GB (for BD) movie kicking around on your hard drive. Hard drives are a lot cheaper than they used to be, but I think you'll find that you'll be spending MORE for new hard drives than you would be for the movies on a legit disc on a cents per megabyte storage basis.

The hack is an interesting academic exercise. Everyone knew from the beginning that AACS was anything but secure even on paper. But until the advent of terabyte hard drives for $200 per terabyte, it's still economically infeasible for anyone who's actually trying pirate movies to avoid paying for them as opposed to just for the sheer technical challenge of hacking it.

If I were the BD camp, I would be more worried that this muslix64 guy is going to have a go at BD-ROM next rather than celebrating that the HD DVD camp got 1337 h4][0red or something, because BD uses the exact same AACS as HD DVD and right now they are functionally completely identical since BD hasn't implemented BD+ yet and ROM Mark is useless for this kind of thing.

xbdestroya

12-28-06, 02:22 AM

How would BD+ be dynamically updated? Would all BD players be required to be connected to the internet to dynamically update the BD+ profile? What about the players not equipped with internet connectivity? If a new BD+ profile gets released, and a player not connected to the internet, will the user then be faced with a choice of not playing the disc or going through the extra hassle of updating the player through manual downloads?

No the update doesn't require the Internet...

It's sort of like the PSPs firmware updating system, if you're familiar with it. New BD+ 'revisions' would actually ship on all new Blu-ray films legitimately stamped once a crack was made known. Any BD+ capable player running one of these new discs would automatically have it's encryption system updated with the new revision.

darinp2

12-28-06, 02:25 AM

How would BD+ be dynamically updated?I thought BD+ was something that went on the discs (at least a major part of it) and so that is how it is dynamic. New releases can then contain new code. I don't know much about this and just going by what I've read here though. But, if Warner doesn't understand what BD+ can do for them and not do for them already, I bet they contact Fox or Sony soon to ask the deeper questions.

--Darin

Faceless Rebel

12-28-06, 02:36 AM

But I will say this. I think this is just the conservative view on the issue. Sony/Columbia is *the* picture house to have disc releases out right now that defeat DVDDecrypter (granted development on that specific software has ceased), requiring additional decryption software to be used by pirates. If BD+ ends up being as hardcore as what the minds of FOX, Sony, and Disney might have wished for it to be, well then it will be pretty serious yet.

Sony's method for stopping DVD Decrypter was to threaten to sue the creator into oblivion unless he stopped updating his software, and then reverse engineering DVD Decrypter and purposely designing the ARccOS protection system so that it would not work with DVD Decrypter's method of reading TOS by introducing corrupt sectors. This is similar to how a lot of PC game protections work, including SafeDisc and SecuROM. All recent Sony Pictures/Columbia Tri-Star DVDs can be properly decrypted and ripped by other programs, including the actively developed AnyDVD.

The point is, Sony's method was only effective because the author of DVD Decrypter was in the UK and their copyright laws are as strict as the United States. Sony was able to make DVD Decrypter's creator cease and desist in court, otherwise he could have continued to develop DVD Decrypter to defeat all forms of ARccOS. If the author of DVD Decrypter was in Norway like 'DVD Jon' was, then there was nothing Sony could have done since Norway's government and courts determined that the existence of DeCSS was legal and DVD Jon could not be held liable for having developed it and cracking CSS.

So in essence, I hope Disney and Fox aren't so stupid as to use this one example as proof that BD is any more 'hardcore' than HD DVD in terms of DRM. AACS is AACS no matter how you slice it.

Jackinbox

12-28-06, 02:36 AM

Mass replication piracy runs into similar issues in needing large numbers of drives and lots of expensive media.

At this time (IMO) until blank media costs come down it's too expensive to pirate high definition optical.

True, but how much were DVD-R blanks back in 99 when Decss first surfaced? We all now how quickly prices fall on recordable media.

What I want to know is why something similar to Xbox or PS2 protection wasn't used for HD-DVD or BD? There are ways of burning those games but no one can play them without a chip modification. Game systems have done pretty well defeating piracy as most people would never bother getting their hardware "modded".

raaj

12-28-06, 02:45 AM

No the update doesn't require the Internet...

It's sort of like the PSPs firmware updating system, if you're familiar with it. New BD+ 'revisions' would actually ship on all new Blu-ray films legitimately stamped once a crack was made known. Any BD+ capable player running one of these new discs would automatically have it's encryption system updated with the new revision.

I still haven't gotten an answer to the question "How does BD+ interact with AACS?" :confused:

Consider this scenario. So, the user probably has a player with outdated BD+ code that needed to be updated thru these disc-based updates in order to play certain compromised titles. Suppose that the user hasn't played one of those update-ladden BDs yet, and he purchases a legitimate old issue BD of a movie (sort of like NoS tubes) that has since been compromised. Will he be able to play that movie before updating his BD+ profile, but will later be prohibited post-update from playing that legitimately purchased disc after he updates the BD+ profile that invalidates his copy of the movie?

Are the studios going to withdraw copies of compromised BD titles from the market and/or exchange the copies of legitimate discs to avoid these kinds of issues, or will they just tell the legitimate user that he is SOL?

What'sHD

12-28-06, 02:45 AM

You know what is ironic... While what you you say is true about pressing BD ROM's, to the best of my knowledge, it would force pirates to transcode their BD bootlegs to HD DVD's! :eek:
Exactly. So, now guess which format a studio would stop supporting in such a scenario, so that it would die a quick death and its players would thus not be available from the major CE players.

Also, guess which format would make the studios feel safer when releasing their latest "sink-or-save-the-studio" blockbuster.

Rio

12-28-06, 02:47 AM

BD+ does not require the network connection. "Update" is actually a BD+ program (content code) itself on a disc. Every single BD+ disc can have different algorithm and different data structure to decrypt the data. A BD player has special virtual machine so called "security VM" so that it runs content code. Content code could do:

- Check whether the player was hacked or not.
- If the player was hacked, fix the security hole. Maybe it just loads a native code for known hacked player to player's runtime memory instead of loading hacked program from flash so that the player can play the disc safely. This "fix" is not a non-volatile thing, after shutdown the player, it goes back to as it was. It does not "update" the player firmware.
- Do media transform (decryption) to playback the content
- Embed "forensic mark" into the decrypted stream to put some "clue" about playback environment (player type, etc.) in case of leakage of the stream to the internet.

Faceless Rebel

12-28-06, 02:47 AM

What I want to know is why something similar to Xbox or PS2 protection wasn't used for HD-DVD or BD? There are ways of burning those games but no one can play them without a chip modification. Game systems have done pretty well defeating piracy as most people would never bother getting their hardware "modded".

Both Xbox and PS2 were and are easily defeated. PS2 is laughable, you don't even need to mod that console if you have the HD Loader, an IDE hard drive, and a spare memory card to install the Independence Exploit (google or wikipedia for it). Xbox also have a soft-mod available but you need to find a few certain old games which had an exploit in them because of the way they loaded savegames, but if you can find these old games it is easy and again no modding is required.

PSP is easily hacked and happily runs pirated games off a Memory Stick (and loads them faster than off UMD), and there are signs the PS3 will be also as insecure because you can use Linux to hack it. Xbox 360, now that's a tough nut to crack. Hacking work on 360 is ongoing but not as easy because it has some extremely hardcore measures in place, including a 1024-bit encryption keys and other fun things like that.

The point is that holding up game systems as a model for DRM and defeating piracy is hilarious. Game systems are some of the juiciest targets for hackers and pirates and there has never been a game system which could not be hacked.

minor edit: Sony *did* close the loophole that allowed the Independence Exploit to be possible. When Sony replaced the original PS2 "Fat" with the PSTwo "Slim" console, they did two things: they made the PSTwo so small it could not accomodate a hard drive, and they removed the BIOS issue that allowed the loading of unsigned code from memory cards. It is amusing that Sony allowed the exploit to persist for more than 2 years, however.

xbdestroya

12-28-06, 02:48 AM

Sony's method for stopping DVD Decrypter was to threaten to sue the creator into oblivion unless he stopped updating his software, and then reverse engineering DVD Decrypter and purposely designing the ARccOS protection system so that it would not work with DVD Decrypter's method of reading TOS by introducing corrupt sectors. This is similar to how a lot of PC game protections work, including SafeDisc and SecuROM. All recent Sony Pictures/Columbia Tri-Star DVDs can be properly decrypted and ripped by other programs, including the actively developed AnyDVD.

The point is, Sony's method was only effective because the author of DVD Decrypter was in the UK and their copyright laws are as strict as the United States. Sony was able to make DVD Decrypter's creator cease and desist in court, otherwise he could have continued to develop DVD Decrypter to defeat all forms of ARccOS. If the author of DVD Decrypter was in Norway like 'DVD Jon' was, then there was nothing Sony could have done since Norway's government and courts determined that the existence of DeCSS was legal and DVD Jon could not be held liable for having developed it and cracking CSS.

Faceless I don't disagree with any of this, but the point stands nonetheless.

So in essence, I hope Disney and Fox aren't so stupid as to use this one example as proof that BD is any more 'hardcore' than HD DVD in terms of DRM. AACS is AACS no matter how you slice it.

But BD+ is not AACS.

What'sHD

12-28-06, 02:50 AM

What worries me about this thread is that instead of saying that the crack is temporary and can be patched pronto by the AACS-team, some people who should know about the innards of AACS, are claiming that its bad news for BD too.. Big hoot.

Is AACS really known to be that clumsy a solution that even insiders think its plausible that the 'alleged' crack is irreparable?

If so, I really think Universal will go universal in a month.

xbdestroya

12-28-06, 02:52 AM

Both Xbox and PS2 were and are easily defeated. PS2 is laughable, you don't even need to mod that console if you have the HD Loader, an IDE hard drive, and a spare memory card to install the Independence Exploit (google or wikipedia for it). Xbox also have a soft-mod available but you need to find a few certain old games which had an exploit in them because of the way they loaded savegames, but if you can find these old games it is easy and again no modding is required.

PSP is easily hacked and happily runs pirated games off a Memory Stick (and loads them faster than off UMD), and there are signs the PS3 will be also as insecure because you can use Linux to hack it. Xbox 360, now that's a tough nut to crack. Hacking work on 360 is ongoing but not as easy because it has some extremely hardcore measures in place, including a 1024-bit encryption keys and other fun things like that.

The point is that holding up game systems as a model for DRM and defeating piracy is hilarious. Game systems are some of the juiciest targets for hackers and pirates and there has never been a game system which could not be hacked.

I would argue that PS3 is in fact a good deal more hack-proof than the 360 in terms of running pirated game software, or in running exploits. We'll see in the end, but I'm not sure what Liux has to do with anything. Linux is on a seperate partition, and those partitions do not speak to one another; on top of this, Linux is run as a layer on top of the GameOS.

Different topic for a different forum though.

What'sHD

12-28-06, 02:54 AM

A viewpoint on BD+ in the absence of AACS:

http://www.avsforum.com/avs-vb/showthread.php?p=9290379&&#post9290379

Faceless Rebel

12-28-06, 02:59 AM

Faceless I think you're a little too hardcore just in general here. Whatever 'scene' forums you belong to, no need to bring that level of 'energy' here, y'know?

xbdestroya I don't disagree with any of this, but the point stands nonetheless. ;)

Different topic for a different forum though.

Well, you brought it up you know. :)

raaj

12-28-06, 03:02 AM

A viewpoint on BD+ in the absence of AACS:

http://www.avsforum.com/avs-vb/showthread.php?p=9290379&&#post9290379

That post does not tell me anymore than Amir's post that AACS - once cracked - will compromise both BD+ and ROM-Mark security mechanisms. Without specifics, an accusation and its denial are equally vague for us simpletons.

xbdestroya

12-28-06, 03:03 AM

Consider this scenario. So, the user probably has a player with outdated BD+ code that needed to be updated thru these disc-based updates in order to play certain compromised titles. Suppose that the user hasn't played one of those update-ladden BDs yet, and he purchases a legitimate old issue BD of a movie (sort of like NoS tubes) that has since been compromised. Will he be able to play that movie before updating his BD+ profile, but will later be prohibited post-update from playing that legitimately purchased disc after he updates the BD+ profile that invalidates his copy of the movie?

Right. Well, in this scenario, that older movie will play both on his BD player before it gets updated, and on his BD player after it gets updated.

Are the studios going to withdraw copies of compromised BD titles from the market and/or exchange the copies of legitimate discs to avoid these kinds of issues, or will they just tell the legitimate user that he is SOL?

No, it's more of a cascading safeguard. The old discs will always play in a BD player; in a way, they're sort of casualties of the DRM wars in that sense, in the favor of the hackers.

RobertR1

12-28-06, 03:04 AM

I would argue that PS3 is in fact a good deal more hack-proof than the 360 in terms of running pirated game software, or in running exploits. We'll see in the end, but I'm not sure what Liux has to do with anything. Linux is on a seperate partition, and those partitions do not speak to one another; on top of this, Linux is run as a layer on top of the GameOS.

Woudln't bet on it......
http://www.maxconsole.net/?mode=news&newsid=13068

xbdestroya

12-28-06, 03:07 AM

Well, you brought it up you know. :)

Well, I was talking about the console hacking discussion as being the 'wrong forum,' not the format hacking discussion. ;)

Jackinbox

12-28-06, 03:10 AM

The point is that holding up game systems as a model for DRM and defeating piracy is hilarious. Game systems are some of the juiciest targets for hackers and pirates and there has never been a game system which could not be hacked.

OK, but again....you are talking about people that will go to the trouble to mod their hardware even if its just a soft mod. I think the studios know there is always going to be the small percentage of hackers that can get around nearly anything. But even people with no technical savy can play DVDs that someone else burns for them. That can't be done with videogames.

I'm not holding up the PS2 as an example of sophisicated DRM. I'm just saying that it stops a lot of people because you have to mod your hardware.

These HD-DVD cracks could theoretically play in any HD-DVD player, if what they're saying really does turn out to be true. That's a lot scarier to the studios than someone being able to change their BIOS.

xbdestroya

12-28-06, 03:15 AM

Woudln't bet on it......
http://www.maxconsole.net/?mode=news&newsid=13068

Robert you just haunt me whatever the forum is, don't you? ;) (j/k)

That's crazy though... well if it's Paradox, I'm inclined to trust it. But I'm not sure I *understand* yet what's actually happened. That article isn't very descriptive, and that .NFO file copy isn't even to the right game. Is there any 'harder' info on this out there at the moment?

K.L.

12-28-06, 03:16 AM

How many HD-DVD 360 drives will M$ sell because of this? A dozen. Then HD DVD discs are ripped and put on P2P to be consumed by others without HD DVD hardwares.

Dahlsim

12-28-06, 03:17 AM

Stepping back for minute it might not be so bad if this hack did expose a vulnerability in AACS and it also doesn't seem either format has much more than promises of future DRM security to offer to any studio as comfort against a hack of current AACS.

1) AACS is not finalized but in interim license

Might this not be a favor to the DRM since it's still in progress and can now consider any possible breaches here?

2) BD+ is not even implemented (with no date in sight yet?)

So if I understand it correctly a potential hack of AACS would compromise all current and foreseeable BD and HD movies alike with the only difference being that future movies, at some as of yet undetermined date could one day be protected by measures like BD+ or a finalized AACS that defeats the hack.

As of today it appears a hack to AACS would leave all xxx hundreds BD or HD movies pressed or to be pressed in the near future, equally open to piracy.

K.L.

12-28-06, 03:18 AM

Woudln't bet on it......
http://www.maxconsole.net/?mode=news&newsid=13068That's ripped via Linux and still encrypted. Ever heard of .vob?

What'sHD

12-28-06, 03:25 AM

That post does not tell me anymore than Amir's post that AACS - once cracked - will compromise both BD+ and ROM-Mark security mechanisms. Without specifics, an accusation and its denial are equally vague for us simpletons.
Yup, thats why I called it a viewpoint.

Personally speaking though, I think someone from Sony Studios would know the most, of anyone on AVS, about the ins and outs of BD+.

RobertR1

12-28-06, 03:38 AM

Robert you just haunt me whatever the forum is, don't you? ;) (j/k)

That's crazy though... well if it's Paradox, I'm inclined to trust it. But I'm not sure I *understand* yet what's actually happened. That article isn't very descriptive, and that .NFO file copy isn't even to the right game. Is there any 'harder' info on this out there at the moment?

I came here first! :p

http://www.ps3news.com/forums/site-news/motorstorm-jap-ps3-released-ps3-exploited-45144.html

This is all I have. Hopefully we'll get more info sooner or later.

xbdestroya

12-28-06, 03:52 AM

I came here first! :p

I know, very true. :)

http://www.ps3news.com/forums/site-news/motorstorm-jap-ps3-released-ps3-exploited-45144.html

This is all I have. Hopefully we'll get more info sooner or later.

Hopefully this does get clarified one way or another.

Faceless Rebel

12-28-06, 04:00 AM

OK, but again....you are talking about people that will go to the trouble to mod their hardware even if its just a soft mod. I think the studios know there is always going to be the small percentage of hackers that can get around nearly anything. But even people with no technical savy can play DVDs that someone else burns for them. That can't be done with videogames.

I'm not holding up the PS2 as an example of sophisicated DRM. I'm just saying that it stops a lot of people because you have to mod your hardware.

Ummmm, by definition a 'soft mod' is one where there is no modification of hardware whatsoever. None. You can't play burned PS2 games without a hardware mod, but the point is rendered moot when you can install your real PS2 game disc to the hard drive, which is what is possible with the exploit I mentioned. And anybody can do it with no technical savvy.

necrolop

12-28-06, 04:13 AM

xbdestroya:

Mass replication piracy runs into similar issues in needing large numbers of drives and lots of expensive media.

At this time (IMO) until blank media costs come down it's too expensive to pirate high definition optical.

A few things you overlook. First off, saying itstoo expensive is null. DVD replication was expensive for quite some time, but one couldhardly say that costs stop dvd piracy today.

You also forgot Hard Drives. Who said I need to spend $20 on a blank disc, when I can fit a 30GB movie on about $8 of hard drive space. With hard drive prices dropping every day. How much money of hard drive space would a DVD have taken up when it was released? A lot more than that.

I know this being true would be bad for both formats at the moment, although Im sure a counter measure will be able to push back the full hack a few months. Being hacked is obviously inevitable. For my personal reasons Id like to have it hacked, as I want to have all my movies on hard drive. Easier, faster, no FBI warnings.

Hesitant

12-28-06, 04:40 AM

http://hardware.slashdot.org/article.pl?sid=06/12/28/0259244

More fun reading

John Kotches

12-28-06, 06:30 AM

The hack is an interesting academic exercise. Everyone knew from the beginning that AACS was anything but secure even on paper. But until the advent of terabyte hard drives for $200 per terabyte, it's still economically infeasible for anyone who's actually trying pirate movies to avoid paying for them as opposed to just for the sheer technical challenge of hacking it.

If I were the BD camp, I would be more worried that this muslix64 guy is going to have a go at BD-ROM next rather than celebrating that the HD DVD camp got 1337 h4][0red or something, because BD uses the exact same AACS as HD DVD and right now they are functionally completely identical since BD hasn't implemented BD+ yet and ROM Mark is useless for this kind of thing.

Assuming the report is genuine (this is not validated yet) the algorithm itself hasn't been compromised as deCSS was. The encryption key was read from memory. This was used to decrypt the content with the algorithm.

When CSS was hacked; the algorithm itself was exposed; not the keys.

Cheers,

John Kotches

12-28-06, 06:46 AM

A few things you overlook. First off, saying itstoo expensive is null. DVD replication was expensive for quite some time, but one couldhardly say that costs stop dvd piracy today.

You also forgot Hard Drives. Who said I need to spend $20 on a blank disc, when I can fit a 30GB movie on about $8 of hard drive space. With hard drive prices dropping every day. How much money of hard drive space would a DVD have taken up when it was released? A lot more than that.

Let's assume 25GB for each movie. That's 40 discs per terabyte. So, you can either buy lots of the cheap spindles for $80/each (the going rate for 250GB discs). Or you can buy 1/2 as many 500GB spindles or 1/3 as many 750GB spindles. Unfortunately the 750GB spindles are more per GB at present.

This would give you 10/20/30 HD titles per spindle assuming zero loss for file system overhead (there's some). If you value the content; you'd want to back it up somehow. That's another spindle or a RAID 5 array. Again not cheap.

Regardless, to build a sizable library of content is impractical even with 750 GB spindles where you would be out $1400 to store > 100 titles assuming 25GB per title.

Then there's the issues of how you're going to get access to all this raw drive space; data management etc etc etc.

Your low cost/GB doesn't work very well once you run into limitations in storage that the real world presents. It's one thing to manage 10TB of storage in a datacenter (it's "only" 15 spindles of 750GB after all) and another to do so in your house. If you wanted to go RAID 5 and add some hot spares that's cool. Not a bad choice. Go with 4 drive arrays at 2.25 GB usable each. Technically you need 5 arrays to get there. It ain't cheap.

Yeah, I think about "stupid" stuff like this. Why? Because it's the real world; and it's a giant PITA to manage all this.

The only practical solution at this time for a sizable library of stolen content is to archive to optical media, either HD-DVD or Blu-ray. I've already demonstrated that for the forseeable future (uptake on the media is slow) it isn't cost effective for consumers.

I know this being true would be bad for both formats at the moment, although Im sure a counter measure will be able to push back the full hack a few months. Being hacked is obviously inevitable. For my personal reasons Id like to have it hacked, as I want to have all my movies on hard drive. Easier, faster, no FBI warnings.

At this point, it's a reported hack. It hasn't been validated.

See above, I hope you have a lot of hard drive space; and the DC management software; and the spare spindles floating around for when a hard drive fails.

Did I mention that the room will probably get quite hot and that you're going to have to address the cooling?

John Kotches

12-28-06, 06:53 AM

People used to say the same thing about making copies of a 8GB DVD early on. That type of thinking obviously didn't last for very long.

See my response to necrolop.

When movies were > 100/TB instead of (at best) 40/TB this wasn't that big of a deal.

But the big spindles (think 750GB and the 1TBs when they come out) are still expensive per GB/storage. The 750 comes in at just under $0.50/GB of storage. That's only 30 Movies.

Not that it isn't a good idea; it's a matter of how quickly it really adds up.

I have a collection of > 450 movies on DVD. A bunch of this is TV shows on DVD-9s and 18s that makes it (realistically) > 500 single disc equivalents. That's 4.5 TB. I need 7 of the 750GB spindles to store this SD library. I allowed for overhead. At ~350 per spindle (assuming no RAID whatsoever) that's just under $2500 in drives to store the SD movie collection.

Yeah, it's going to get cheaper over time; but we still have to address disk space management. Disks fail. When, not if.

WiFi-Spy

12-28-06, 06:54 AM

John Kotches

12-28-06, 06:57 AM

necrolop:

If I understand the hack correctly what has to be done to fix the hack is for Interlink to encrypt the portion of memory that stores the encryption key for the disc being played. Of course Interlink isn't MS and they can't force the update to existing copies in the field ;)

This (again) assumes that the report is valid and it has not yet been substantiated.

Cheers,

John Kotches

12-28-06, 07:00 AM

The piracy operations I'm refering to don't use burners, they use professional replication equipment (stamps); I think that's an important point to be understood here.

And again John, although I do appreciate the reasoning behind the economic excercise you are conducting, what the key issue here is... is studio perception of which format will more securely guarantee revenues do not get redirected towards illicit operations.

I agree with you that the time for mass piracy on either format is not the present; the ROI simply would not be there. But if and when AACS gets cracked, this replication scenario will be a very real factor in the studios consideration. They plan for the future as well as the present, even if sometimes their behaviour would seem to indicate otherwise.

I don't see commercial pirates as having access to the commercial stamping lines at this point in time.

Maybe I'm wrong...

Cheers,

Petra

12-28-06, 07:05 AM

At this point this hack has yet to be proven (he has not released any title Keys) so all he has done is created a nonAACS decryption engine without releasing the title keys. The real hack is finding the title key in memory (which he has yet to prove)

Until he proves he has the title keys, this is just alot of hot air.....

the guy already has a version that is using the volume key, which he claimed more powerful than the title key. He will be releasing the new version on Jan 2

Ironically he's using a MS product to break it, X360 HD-DVD drive..*sighs* why should we be surprised :rolleyes:

John Kotches

12-28-06, 07:08 AM

the guy already has a version that is using the volume key, which he claimed more powerful than the title key. He will be releasing the new version on Jan 2

Ironically he's using a MS product to break it, X360 HD-DVD drive..*sighs* why should we be surprised :rolleyes:

The brand of drive is irrelevant. It's the software that is flawed. And it isn't MS's software.

Cheers,

Petra

12-28-06, 07:08 AM

It's all over the internet already, in many techies, gaming forums, etc.....

the news should be in Microsoft/Toshiba/Universal offices by now

John Kotches

12-28-06, 07:15 AM

Oh believe me they certainly have access to them for CDs and DVDs. But probably not HDDVD or BD yet.

Theres a rumor that the same plants that make real DVDs during the day turn around and make the pirate ones at night. Its all gang controlled in some parts of Asia. I don't know if there are any HDDVD or BD plants in Asia yet but the same thing will probably happen with them at some point.

Depending on your perspective the "good" (bad) news is that there probably isn't sufficient volume to warrant the effort at this point.

Cheers,

mikemorel

12-28-06, 07:17 AM

Another opinion...

No, AACS Was Not Cracked (http://msmvps.com/blogs/chrisl/archive/2006/12/27/454492.aspx)

All that happened was the method Cyberlink to decrypt AACS used was semi-compromised. Their implemention kept the key in memory, a key which is needed to legally decrypt the content protection. What is likely going to happen is that specific key will be revoked, and Cyberlink will have to issue an update in order to play newer titles. CSS didn't have a good way to revoke the keys, AACS does.

Waiting to see what Cyberlink and AACS said happened, but I don't see that AACS was cracked.

John Kotches

12-28-06, 07:20 AM

mike:

Several of us have said that the actual algorithm appears to still be secure ;)

But good post nonetheless!

Cheers,

mikemorel

12-28-06, 07:45 AM

Several of us have said that the actual algorithm appears to still be secure

But good post nonetheless!
Ironically, according to some news outlets, this makes HD DVD even more desirable to consumers... :D

HD DVD's AACS Protection Bypassed. In Only 8 Days?! (http://www.playfuls.com/news_05648_HD_DVDs_AACS_Protection_Bypassed_In_Only_8_Days.h tml)

The implications of this already-tested bypass-method are numerous, but perhaps the most important are linked to the HD DVD vs. Blu Ray battle. This could mean that Sony’s investment in PS3 (with the famous Blu Ray optical drive attached) will become the company’s biggest blunder, since consumers will likely prefer HD DVD instead of the Blu Ray.

Jeff Lampert

12-28-06, 08:22 AM

If AACS is in fact temporarily hacked, it means just as much bad studio mojo (for a lack of better term) for BD as HD DVD

The format war gets everyone carried away, and I understand the Blu-ray supporters getting excited over the possibility that Blu-ray might get a leg up on HD DVD because of this. However, the reality is that first and foremost everyone is a fan of HighDef optical disc and this hacking, if it in fact is viable, does NO ONE any favors. Even the biggest fans of either format should not be oblivious to the fact that ANY hacking is bad for the future success of HighDef optical disc. If in fact AACS has been hacked after only 5-6 months, just how does this make any Blu-ray supporter feel secure. A "torched earth" view (I want everything reduced to rubble as long as I win) is not good for anyone. There are many ways for either format to become the winner of the format war, but hoping for the collpase of the anti-piracy capabilities of either format should not be on anyone's list, no matter how strong they support either format.

amirm

12-28-06, 08:37 AM

Also Amir as much as you mock the added security features in Blu-ray last I checked Fox considers them to be important.
They absolutely do. But it sure would be funny if it turned out that neither the players nor their own discs use BD+. Where do you think that leaves them wrt to promises made by BDA to get their support?

Just a hunch but a studio that owns content probably cares a lot about protecting that content.
They absolutely do. That is why I say that a break of AACS will be taken most seriously by the three AACS founders in that group. Remember that other than Fox, other studios have not been so keen to use BD+ due to cost and expense of managing that system, once it is available.

Of course you have implied that Fox is foolish/ignorant about copy protection methods but I for one am skeptical of that.
Why are you putting words in my mouth? I didn't say “foolish and ignorant.” We simply don’t share their technical view of BD+ adding meaningful level of security to AACS, despite the much added complexity and consumer angst about a copy protection program that lives on their media, after what happened with Sony/BMG.

At this same time, this potential break, if it comes to pass, should be a wake up call for everyone regarding effectiveness of other measures. Think about it for a moment. If a hacker got access to AACS logic in a software player, what makes you think he can't do the same for BD+ code running in the same player?

And what do you know about renewability measures in BD+ wrt to its cryptographic keys? And if both BD+ and AACS are hacked, what complexity is there for end users to "fix" their machines for both subsystems? Maybe such complexity is what is still being worked on in BDA.

Petra

12-28-06, 08:45 AM

We simply don’t share their technical view of BD+ adding meaningful level of security to AACS.

Do you have enough BD+ technical knowledge to make such judgement?

amirm

12-28-06, 09:13 AM

Do you have enough BD+ technical knowledge to make such judgement?
We certainly do. Let me talk about public things.

The BD+ technology was proposed to DVD Forum first, where a working group was created to study it. That group was chaired by Microsoft (someone on my team). The group then by large majority consensus, deemed the technology as not being suitable for inclusion in HD DVD spec for reasons I gave (and then some). The proposal was then moved on to AACS, where Microsoft is a founder, and one of the most active companies. Again, AACS refused to accept the technology as not being suitable. Note that majority vote is in the hands of BDA companies in AACS (ditto for DVD Forum).

Beyond this, I can not comment on anything else. But suffice it to say, as someone who manages the content protection group at Microsoft (for many years), and whose team represents Microsoft in the above groups, we live and breath this stuff. So you are not hearing the views of a random insider here :).

Richard Paul

12-28-06, 09:17 AM

They absolutely do. But it sure would be funny if it turned out that neither the players nor their own discs use BD+. Where do you think that leaves them wrt to promises made by BDA to get their support?BD+ is something though that Fox can use if they want with Blu-ray while it is not an option with HD DVD. As such the fact that Fox is not using BD+ today does not change the fact that it is one of the reasons that they support Blu-ray.

Why are you putting words in my mouth? I didn't say “foolish and ignorant.”To be accurate I said that you implied that. After all you have said that BD+ is useless and that Fox only believes that BD+ is useful because they do not know as much as Microsoft.

If a hacker got access to AACS logic in a software player, what makes you think he can't do the same for BD+ code running in the same player?If AACS is eventually hacked that does not mean the same method of attack would work on BD+. Or to use an analogy of a door that has two locks just because somebody can pick one lock with a certain method doesn't mean they can pick both with that same method.

And what do you know about renewability measures in BD+ wrt to its cryptographic keys? And if both BD+ and AACS are hacked, what complexity is there for end users to "fix" their machines for both subsystems? Maybe such complexity is what is still being worked on in BDA.Well if you are implying that complexity is the reason that BD+ is not being used yet that would make sense.

Do you have enough BD+ technical knowledge to make such judgement?Amir has implied in several past posts that Microsoft has access to the BD+ specs, but just because Microsoft has the technical knowledge on BD+ doesn't mean they are going to give it a fair look. After all Microsoft has every reason in the world to find fault in BD+ considering that it is only used by Blu-ray.

amirm

12-28-06, 09:32 AM

Do you really believe this? How can the HD DVD spec possibly have any bearing on what you do to a signal after it's output from the HD DVD player?
No product differentiation would exist if the standards orgs spec'ed everything. No CE company would go for such tight restrictions. Same reason why we spec decoders for codecs and not encoders as to leave room for differentiation.

The HD DVD spec requires HDCP for 1080 HDMI output, right?
Most definitely NOT. The HD DVD spec has no mention of HDCP for 1080i HDMI or otherwise.

AACS is the group that cares about copy protection measures for both formats. But even that group does not "spec" HDCP per-se. Instead, it stipulates that for digital outputs, some form of copy protection measure must be in place. In then goes on to approve HDCP as one measure. It could approve other measures in the future from other orgs. One could imagine DisplayPort being deployed for example and still be compliant with AACS. So you see, even here differentiation is allowed and top of mind.

There are aftermarket products which can strip the HDCP from the output. Does that mean I can build a compliant HD DVD player with no HDCP output on HDMI?
You could build an HD DVD player with such hacks or no HDCP support at all and still be fully compliant. But you would not be able to get a license to AACS to decrypt commercial content using it. Your player however can play unprotected HD DVDs just fine.

Of course not. Your argument that you can post-process the HD DVD output to get 24p has absolutely no bearing on whether a compliant HD DVD player can be built which supports 24p output.
As Ben mentioned, there are already software players that can do 24p. If they can do it, and still be logo compliant, then you have no case here.

No, I don't think it's more expensive to output the original 24p, assuming there's nothing in the HD DVD spec (such as what PiP framerates are allowed) which prevents you from simply outputting 24p.
Good that we agree now on 24p not being expensive.

No, a myth suggests there is no credible basis for the claims.
BDA used to claim that only BD could do 1080p. That was a myth and was blown away a few months later with announcement of 1080p HD DVD players. Do you really want to do that now with 24p?

amirm

12-28-06, 09:42 AM

If AACS is eventually hacked that does not mean the same method of attack would work on BD+.
Well, I suggested a method. If a program can fetch in-memory data from a player for AACS, what logic can you present that would avoid doing the same for BD+? Why would this same method of attack not work? I am sure you know where I am going with this. And if you don’t, then your assertion that it doesn’t work, doesn’t change the argument.

Or to use an analogy of a door that has two locks just because somebody can pick one lock with a certain method doesn't mean they can pick both with that same method.
No, the right analogy is if someone drives through your front door with a car, why you think the second lock does anything for you. :). Think about this and then read my above answer once more.

Amir has implied in several past posts that Microsoft has access to the BD+ specs, but just because Microsoft has the technical knowledge on BD+ doesn't mean they are going to give it a fair look. After all Microsoft has every reason in the world to find fault in BD+ considering that it is only used by Blu-ray.
I accept the accusation of bias although as I post in the parallel thread, both DVD Forum and AACS examined core technology in BD+ and refused to include it in their respective standards. So our view is shared by majority companies in both of those organizations, representing both BD and HD DVD formats.

Since we have BD insiders here now who are involved with this part of the standard, why not ask them why they keep BD+ spec secret? The full specification for AACS is open so that people could learn about things like ICT. Why hasn't BDA done the same for BD+? Do they fear that people would dislike something that is in there? Some other reason? Wouldn’t this discussion be a lot more meaningful if BD+ spec was public? And that peer review of BD+ would have only helped make it stronger….

vurbano

12-28-06, 09:44 AM

eventually it will be as easy as buying a copy of AnyDVD from slysoft.com inorder to copy BD and HD DVD. I do not see what all of the debate is about. Anyone who thinks otherwise is kidding themselves.

mommyman

12-28-06, 09:45 AM

"Cracking" AACS in this way is a piece of cake for many hackers because decrypting (decoding, to be more precise) of something is almost trivial thing on PC. As I understand there is the only one obstacle for piracy: watermarks in audio/video signal (like are used on some DVD-Audio discs). In this case audio/video content has to be unpacked, watermaks removed, then packed to an original stream with the loss of an original sound/picture quality. Otherwise watermarks-aware device (player) just will not play...

tranzparentl

12-28-06, 09:50 AM

I think if anything this is good for HD DVD. Yes, the studios won't like it and studio support is important but in the end it is the consumers who will decide the winner and most consumers would think of this as a plus. (If they think about it at all)

Schlotkins

12-28-06, 10:00 AM

zeroprobe

12-28-06, 10:03 AM

mikey p

12-28-06, 10:21 AM

What I find truly hilarious about this thread, is how Amir keeps pushing this off an a non-issue. Microsoft is one of the, if not the most, anal about copyright protection. Yet, with dealing with the distribution of copyrighted material they don't own, they become very disinterested. You can bet, if Microsoft were to own some of these movies that are being sold on HD DVD, they would have come up with some DRM that would check the movie and player legality every time it booted up.

:) Sad and so funny at the same time, but not worth searching the history. :eek:

xbdestroya

12-28-06, 10:29 AM

I don't see commercial pirates as having access to the commercial stamping lines at this point in time.

Maybe I'm wrong...

Cheers,

No, I doubt they do also. But it's not 'this point in time' that ROM-Mark helps with. It's the situation three years from now when these formats have reached, hopefully, some appreciable level of market penetration.

pabster

12-28-06, 10:32 AM

Another opinion...

No, AACS Was Not Cracked (http://msmvps.com/blogs/chrisl/archive/2006/12/27/454492.aspx)

That's inaccurate.

A valid player (device) key was found to be able to decrypt title (media) keys for the various discs.

Once a valid title (media) key is found, there is NO WAY to revoke it.

They can revoke player (device) keys, but not the title keys.

amirm

12-28-06, 10:33 AM

What I find truly hilarious about this thread, is how Amir keeps pushing this off an a non-issue.
Pushing what off as non-issue? I have not even come close to saying the attack is non-issue. The discussion has drifted into BD+ which is unrelated to original topic and hence my comments on its effectiveness. Any verified attacks on AACS will be taken very seriously by us. As will by other AACS founders and studios.

Microsoft is one of the, if not the most, anal about copyright protection. Yet, with dealing with the distribution of copyrighted material they don't own, they become very disinterested.
Microsoft is a founding member of AACS. We were one of the key companies that developed the core technology in there and provide our patents for basically zero financial return in that organization. This is on top of one of the groups that I manage which does nothing but develop content protection technologies. If we didn’t care, I could save a ton of money this way :).

You can bet, if Microsoft were to own some of these movies that are being sold on HD DVD, they would have come up with some DRM that would check the movie and player legality every time it booted up.
I think you may be confused about our lack of interest in BD+ as lack of interest in protecting content in general. That is quite wrong. It is a bit like saying because Sony doesn’t like HD DVD, they must hate optical formats in general. We don’t love everything just because it claims to protect content in some manner.

We care greatly about any potential breaks of AACS. We simply don't believe these other technologies outside of AACS are effective measures considering the complexity they bring. AACS however, is something we are 100% behind and we will work vigorously to help thwart any attacks to it, should it occur in our products. And as a group in AACS, should it impact the system in general.

Let me ask you this. Do you feel bad enough for content owners as to want to have programs that run from your BD discs to determine if you should be allowed to watch that movie or not?

pabster

12-28-06, 10:34 AM

It seems at the end of the thread we're really getting to the point. AACS was **NOT** cracked. The software program was cracked. As someone mentioned, MS/Toshiba/Studios are verifying this right now I bet. If the software program was compromised, the license keys will be revoked and that's the end of that.

I really wish some of you would learn before speaking :confused:

They can only revoke a device key(s) from the chain. However, so long as the current key(s) being used to find the title keys works, those title keys can NOT be revoked and decryption of those titles will be absolute.

amirm

12-28-06, 10:39 AM

I really wish some of you would learn before speaking :confused:
I think they are using the term differently than you are. When people think "crack" , they think DeCSS as in a program can decrypt content for all times. As you noted, decrypting one title does not mean said program can do so with other titles, and into the future.

So it is proper to say that AACS is not "cracked" as the public preception would be that it is permanent. One could say a title is cracked assuming that is what has happened (which we still don't know).

Schlotkins

12-28-06, 10:41 AM

pabster

12-28-06, 10:50 AM

I think they are using the term differently than you are. When people think "crack" , they think DeCSS as in a program can decrypt content for all times. As you noted, decrypting one title does not mean said program can do so with other titles, and into the future.

So it is proper to say that AACS is not "cracked" as the public preception would be that it is permanent. One could say a title is cracked assuming that is what has happened (which we still don't know).

Fair enough.

To be honest here, this is nothing but a cat and mouse game the studios will lose.

They can revoke keys but new ones will most certainly be found.

I'm not advocating piracy; I do believe in fair use, however, and this is a home run for the good guys.

And to be technically accurate, AACS was "cracked" before it began. The specs are wide open and freely available, which is why this "crack" was so easy to begin with.

Any protection scheme that can be rendered useless with the discovery of a single key (regardless of ability to revoke said key) is worthless. AACS is hardly an improvement to CSS.

dvdmonster

12-28-06, 10:52 AM

This will only help the popularity of HDDVD.

What about all the talk of managed copies to harddrives (MediaCenter)?
If we could just copy our bought and payed for material to our HDD's who would care about a hack? I remember lots of HD-DVD presentation slides that promised us exactly what that guy is doing.

ValhallaPC

12-28-06, 10:53 AM

How many HD-DVD 360 drives will M$ sell because of this? (assuming this true and can be easily repeated)

Heck, I have/had no intentions of buying a player for either format, but even I might be temped to buy one for $200 if it has this type of functionality.
Me too, I wasn't planning to buy either format but if I can do what I want with the discs I buy I'm getting a HD DVD drive for my computer. Freedom is what wins this format war!

pabster

12-28-06, 10:59 AM

You are going to have to find someone more gullible to believe that. Microsoft does everything for profit, this case being that you can gain royalties by forcing content owners to encode their films using your VC-1 codec. Without AACS, no one would have released content on HD DVD - a format which (nearly) requires use of VC-1. AACS was headed by Microsoft as a way to ensure royalties for VC-1.

QFT.

The idea that Microsoft generously assisted with AACS, with no ulterior motives, is simply not credible.

Petra

12-28-06, 11:04 AM

I think they are using the term differently than you are. When people think "crack" , they think DeCSS as in a program can decrypt content for all times. As you noted, decrypting one title does not mean said program can do so with other titles, and into the future.

So it is proper to say that AACS is not "cracked" as the public preception would be that it is permanent. One could say a title is cracked assuming that is what has happened (which we still don't know).

however you wanna spin it, it's cracked

it's like trying to steal a diamond from a safe-lock with a sophisticated combination. In this case, the thieve didn't figure out the combination, he just drilled the hole and walked away with the diamond. The end result is achieved, he got the diamond. Did the lock successfully keep the door closed, sure it did, but did it successfully guard the diamond, no it didn't. So what good is the sophisticated lock is for, if you can't guard your other weaker links?

no matter how you look at it, the content is compromised, no way of denying it

chad_cincy

12-28-06, 11:05 AM

Umm, unless the Red Cross starts making A/V equipment, rest assured Sony, MS, Pioneer, Denon, Yamaha, Runco, etc., are in it to make $$. Actually, pretty much the entire corporate world, despite what they want you to believe, live, die, and make decisions based on the all mighty $.

QFT that. ;)

MidnightWatcher

12-28-06, 11:10 AM

I can't believe some of the things I'm reading here. Anyone who believes that AACS has been broken is living in a fantasy world, and they love to try and paint their world blue. At worst, it was only partially compromised with a work-around since the key (which will now be revoked) remained in memory and allowed the protected content to be decrypted. AACS was designed with specific key revocation in mind. Are some of you naive enough to honestly believe that the AACS founders (which include Disney and Warner Brothers) did not have their bases covered regarding something like this?

Moreover, to quote directly from the AACS homepage, AACS "is flexible enough to interoperate with content protection technologies to enable consumers, to the extent authorized, to save licensed, protected copies of prerecorded movie titles onto home media server hard drives or authorized media while preventing unauthorized reproduction and distribution of next-generation optical media." AACS does not prevent the copying of media, but allows it through proper management.

Though AACS has not been broken (and the studios know full well that it has not been), the rumors that it has been cracked will likely only generate even greater sales of the XBox 360 HD DVD add-on for the PC. This is proving to be a goldmine of attention for the HD DVD add-on with numerous online articles and blogs, and many who have not considered buying one will now definitely consider picking one up. And this, in turn, will only spur even more HD DVD sales.

Richard Paul

12-28-06, 11:10 AM

Well, I suggested a method.I know, and I am just saying that a method that might work against AACS might not work against BD+.

No, the right analogy is if someone drives through your front door with a car, why you think the second lock does anything for you. :).Funny, but just because there might be a method found for breaking down the door doesn't mean you don't bother with locks.

I accept the accusation of bias although as I post in the parallel thread, both DVD Forum and AACS examined core technology in BD+ and refused to include it in their respective standards. So our view is shared by majority companies in both of those organizations, representing both BD and HD DVD formats.Sure, and there certainly are companies that don't see the need for additional security methods because they believe that AACS will never be completely broken.

Since we have BD insiders here now who are involved with this part of the standard, why not ask them why they keep BD+ spec secret? The full specification for AACS is open so that people could learn about things like ICT. Why hasn't BDA done the same for BD+?
....Well Amir if you feel that way about BD+ isn't it logical that we have the security systems used in Windows Vista publicly available as well?

What about all the talk of managed copies to harddrives (MediaCenter)? If we could just copy our bought and payed for material to our HDD's who would care about a hack? I remember lots of HD-DVD presentation slides that promised us exactly what that guy is doing.Somewhat, but I assume the studios wanted to get money for those managed copies that would be made. Also I doubt the studios want a repeat of DVD were people use Blockbuster/Netflix as a way to build up a movie library.

scaesare

12-28-06, 11:11 AM

What we have here is not an AACS crack, it would seem.

What we have is the first real-world test of how well key revocation will work.

That's all.

MidnightWatcher

12-28-06, 11:14 AM

What we have here is not an AACS crack, it would seem.

What we have is the first real-world test of how well key revocation will work.

That's all.

Pretty much, yes, and AACS was designed with this in mind.

Ilka

12-28-06, 11:34 AM

the bottom line is 150+ hddvd movies can be ripped with the current software.

And likely a few more in the production pipe line ... Repeat and rinse ... ROFL

budiman

12-28-06, 12:08 PM

From what I know about the AACS, each 'reader' was given a reader specific key so it can query the disc with said key to get the title key. That title key is then used to decrypt the movie.

If a 'reader' is deemed cracked (its key is found), then subsequent discs can be made to reject that key (or not include it at all), so that particular reader cannot read the new discs anymore.

The biggest problem with this is that the counter measure can only be made IF the reader that is cracked is known. The hacker has NOT made any mention as to which software he uses to get the title key. At this point, it's pretty easy to pinpoint, since there are only 2 software players that plays HD-DVD (PowerDVD and WinDVD) - it would be easier to just assign 2 new keys to both players. However, if more software were available, AND the (future) hacker also doesn't tell which software he uses, it can get problematic.

John Kotches:
I bought 250 GB drives for $50 each during the day after Thanksgiving - so enough space to store 10 HD-DVD movies for $53.50 (plus tax) is quite cheap in my mind (which is $5.35 per movie), compared to the alternative of paying $20-$25 per movie.

Unless you want an always on storage, people can also use those IDE-to-USB drive enclosures. So you just put your HD in those enclosures, and plug them in only when you want to access the movie; so no worries on having to do RAID system or backup in the meantime.

xboxdestroya:
This ROM-Marking thing, I'm not quite familiar with. But if it's mandatory, does this mean that I won't be able to play my own movie content (let's say taken from the Sony HDCAM) that I've burnt onto a Blu-Ray disc?

Rob Zuber

12-28-06, 12:12 PM

no matter how you look at it, the content is compromised, no way of denying itThis is not correct. Once the DVD encryption layer was cracked, all DVD’s could be decrypted. With AACS, the studios can protect all future releases. That’s a very important difference.

Schlotkins

12-28-06, 12:38 PM

I think there's one thing we can all agree apon: It's not a happy day at either the WinDVD or PowerDVD companies today.

Also, it would be possible for any future prints of these 150 titles to have the key removed right? Obviously some clean discs would be out there, but still....

lymzy

12-28-06, 12:45 PM

QFT.

The idea that Microsoft generously assisted with AACS, with no ulterior motives, is simply not credible.

Of course they have motives and they are selfish. I am counting on that. :) As a consumer, we definitely need some big company to push the idea of media server. That is every type of content (cable/sat/optical/...) could exist in a centralized server. CE manufactures could get the license of the media server DRM and legally build streamer/front-end into TV/STB. Look at the mess today. No cable content on computer, nor streaming. Crappy PC DVD front-end and almost non-existent CE DVD streamer (I know MG-35). The only company could push that idea into realization is Microsoft because of their dominance in the personal PC OS market.

BTW, why is the title HD DVD AACS cracked? Just because the guy only has an add-on drive? In fact, all current blu-ray release is compromised too.

Petra

12-28-06, 12:50 PM

This is not correct. Once the DVD encryption layer was cracked, all DVD’s could be decrypted. With AACS, the studios can protect all future releases. That’s a very important difference.

it is still correct, just depends how you define content. Specifically, current content is compromised, future ones may not

lymzy

12-28-06, 12:50 PM

I think there's one thing we can all agree apon: It's not a happy day at either the WinDVD or PowerDVD companies today.

Maybe they should give up on XP. Seriously, today we only see a memory leak. That might be easy to deal with. How about fake drivers? XP could do nothing about it.

g55555sim

12-28-06, 01:30 PM

This bit of news coming out barely 2 weeks before CES strikes me as being a little suspicious.

me too .. and with HD DVD spefically associated to this hacking when we all know that the core DRM of BD and HD DVD is ACCS, make me more suspicious. This could just be another "news" released to the internet to take the CES attention away from HD DVD ... ;)

lymzy

12-28-06, 01:30 PM

Specifically, current content is compromised, future ones may not

That is right. Current releases on both format are compromised. Future ones will not. I expect the current powerdvd master key to be blacklisted on all future release.

wreckshop

12-28-06, 02:21 PM

They absolutely do. But it sure would be funny if it turned out that neither the players nor their own discs use BD+. Where do you think that leaves them wrt to promises made by BDA to get their support?

didn't the SPE insider tell you the reason in the other thread that the reason BD+ hasn't been deployed is because it is basically being saved for when mass copying has been demonstrated?

he also said that BD+ can protect content even though AACS is compromised, although he couldnt explain why due to NDA.

but seriously, if BD+ is as useless as you say without AACS, why even bother developing it? FOX said specifically that it chose to align exclusively with BD because of BD+. that must mean something, right? or is FOX so stupid not to know that BD+ is useless without AACS?

g55555sim

12-28-06, 02:26 PM

didn't the SPE insider tell you the reason in the other thread that the reason BD+ hasn't been deployed is because it is basically being saved for when mass copying has been demonstrated?

he also said that BD+ can protect content even though AACS is compromised, although he couldnt explain why due to NDA.

but seriously, if BD+ is as useless as you say without AACS, why even bother developing it? FOX said specifically that it chose to align exclusively with BD because of BD+. that must mean something, right? or is FOX so stupid not to know that BD+ is useless without AACS?

huh !! :confused: i thought fox joined BD because, BD accepted BD+ (which is FOX's) .. No ? ;)

amirm

12-28-06, 02:40 PM

didn't the SPE insider tell you the reason in the other thread that the reason BD+ hasn't been deployed is because it is basically being saved for when mass copying has been demonstrated?
No. Paidgeek was talking about Sony's position. I was talking about Fox. He doesn't work for Fox and is not claiming to be answering on their behalf. I am sure Fox would have been anxious to use BD+ from day one. But seems like they were not given that opportunity.

he also said that BD+ can protect content even though AACS is compromised, although he couldnt explain why due to NDA.
He used vague language. I have asked him for clarification, he has not yet replied. When he does, we can continue the discussion. See my response here: http://www.avsforum.com/avs-vb/showthread.php?p=9293922&&#post9293922.

I am also confused about which area of Sony paidgeek works at to not know AACS specs are public. It is hard to imagine he is close to this stuff and not know this.

but seriously, if BD+ is as useless as you say without AACS, why even bother developing it? FOX said specifically that it chose to align exclusively with BD because of BD+. that must mean something, right? or is FOX so stupid not to know that BD+ is useless without AACS?
Well, let me again say that I don't think Fox is "stupid." They genuinely believe BD+ helps them out here and I respect their opinion. We don't share their belief of course but doesn't make them stupid. People differ on their evaluation of various content protection technologies. Some like watermarks, others do not. Some like wire protection, others do not care (think ICT), etc. Some want very strict copy protection, others do not. Some want to disable your CD-ROM at any cost so that you can’t rip music, others do not.

Does it mean something if a studio thinks BD+ is good? Sure. Does it mean they are right? Not necessarily or DVD Forum/AACS would have adopted that technology. But they did not.

BD+ was only adopted by BDA to get Fox’s support. As such, it did not go through any strict level of due diligence on its merits there. Indeed, if all the BD studios/CE companies wanted BD+, it would have been deployed from day one. Yet it has not. So at best, it is considered a low priority feature.

yoyoniner

12-28-06, 03:18 PM

Looks like it is over for HD-DVD. If this happened two years from now when the format is more mainstream I'd actually say this would be a GOOD thing as it would increase popularity of an already popular format, but you are talking about a niche product that will be easy to kill off if studios decide to become wary of releasing content on it. There won't be much to copy if studios decide they better stick with the much more advanced copy protection system with Blu-ray.

At the very least this new development means you can kiss any hopes of Fox/Disney/MGM going neutral anytime soon. The reason this development means the death of HD-DVD is because it comes at a time when HD-DVD **needs** more studio support, and there is no better way to scare off studios than a program being distributed on the Internet called "BackupHDDVD" that rips movies to your hard drive!

The bottom line is simple: To quote another poster on here, 150+ HD-DVD movies can be ripped with the current software. That is VERY BAD NEWS to come at a time when the format NEEDS to lure NEW studios and SOON or else it will simply be lights out. You can't win a format with 3 majors and you can't lure new majors with a program called "BackupHDDVD" being distributed online. Very simple.

Bye bye HD-DVD. Glad the lesser technology will lose out though.

Schlotkins

12-28-06, 03:24 PM

lymzy

12-28-06, 03:24 PM

The bottom line is simple: To quote another poster on here, 150+ HD-DVD movies can be ripped with the current software.

The current bluray movies can be ripped with the current software also. Byebye bluray? :)

Schlotkins

12-28-06, 03:28 PM

That is right. Current releases on both format are compromised. Future ones will not. I expect the current powerdvd master key to be blacklisted on all future release.

I agree this is the case... if it's proven to work. I haven't seem any confirmation of the sort.

If it is confirmed, my guess is titles will be delayed as some of them would need to be recalled and reprinted.

yoyoniner

12-28-06, 03:36 PM

The current bluray movies can be ripped with the current software also. Byebye bluray? :)

No, only HD-DVD movies can be ripped at this time with this software.

Either way in the future keys can be changed on future titles but they will just be hacked and posted in the future and be able to ripped just like current ones. All it takes is one person to find the new key and post it within the hacking community. But with BD you have two extra layers of protection that can be implemented on top of AACS so while HD-DVD will be using gum sticks to plug the holes in the wall BD can build a couple more walls.

Either way it was nice knowing you HD-DVD. The sound of your death is called "BackupHDDVD" which couldn't come at a worse time... a time the format desperately needs new studio partners! I can't think of worse news to scare them off considering their competition has significantly better copy protection.

Butler5

12-28-06, 03:45 PM

yoyoniner

12-28-06, 03:46 PM

You do understand that every blu-ray movie released and announced most likely has the same hole right? And that BD+ isn't on any of the current disks and that it also isn't ready to be implemented yet?

Of course. But BD has two other security measures yet to be fully implemented so BD as a format hasn't been hacked yet, yet HD-DVD only has AACS which has already been hacked. So it's over. HD-DVD has been hacked and the best they can do is change keys and plug some holes for future releases, which will just be opened up again, while BD can put up some new walls. So which one sounds better to you if you are a studio considering format neutrality? And which format is in the most desperate need of more studios right now?

1+1=2. Bye bye HD-DVD. LOL. Let the damage control commence though. Countdown to MidnightWatcher's "AACS has not been hacked yet" diatribe. 3...2....1....

yoyoniner

12-28-06, 03:48 PM

Some people on this thread needs some serious help. AACS is a BD and HD DVD thing....It kills me that people don't believe the same could be done to BD..........It kind of shows just how desperate the BD camp in these forums have gotten to be able to seriously come on here and try and spin this in there favor. There are very few people on this forum who have actual knowledge and understanding and a bunch of want to be computer engineers. Does there have to be a youtube video of BD being copied to bring some back to reality.

AACS is not the only security measure BD uses, so you have no point. It's like saying 40-bit SSL has been hacked so your web site is open when you haven't even implemented 128-bit SSL yet.

BD uses AACS but it is not all it has. Everyone knows BD has more walls of security it has yet to even put up. Bottom line is one of these walls, AACS, has been hacked. It is toast in the future as new keys will arrived and new keys will be hacked. But the bottom line implementation is out there. All HD-DVD has is AACS. 1+1=2. HD-DVD is toast, considering this comes up a time that they desperately need to lure new studios as desperately as BD has to lower their player prices.

Not saying BD will never be hacked, but the format that needs NEW studios the most has a program being distributed online now called "BackupHDDVD" whereas the competitor has not yet implemented their full security specification. Very bad for HD-DVD! No way to spin this otherwise.

b.greenway

12-28-06, 03:50 PM

1+1=2. Bye bye HD-DVD. LOL. Let the damage control commence though. Countdown to MidnightWatcher's "AACS has not been hacked yet" diatribe. 3...2....1....
As opposed to your "bye bye HD-DVD" diatribe?

jabbertrack

12-28-06, 03:50 PM

Schlotkins

12-28-06, 03:50 PM

Of course. But BD has two other security measures yet to be fully implemented so BD as a format hasn't been hacked yet, yet HD-DVD only has AACS which has already been hacked. So it's over. HD-DVD has been hacked and the best they can do is change keys and plug some holes for future releases, which will just be opened up again. So which one sounds better to you if you are a studio considering format neutrality? And which format is in the most desperate need of more studios right now?

1+1=2. Bye bye HD-DVD. LOL. Let the damage control commence though. Countdown to MidnightWatcher's "AACS has not been hacked yet" diatribe. 3...2....1....

1) Show me someone else, besides the original guy, that has circumvented AACS. At this point, it's cold fusion until other people actually do it. (assuming someone actually does point #1 then.....)

2) The guy basically found that someone was stupid enough to leave the keys in memory visibly. This isn't hacking AACS. This is someone being stupid. This will be corrected - I wouldn't be surprised if all software players are banned. At that point, how would HD-DVD be any worse than blu-ray at this point? You've got titles in the open on both formats. Think Blu-ray studios are going to lauch 60 titles in Q1 without BD+ or reprinting discs?

3) Frankly, both are dead in the water right now. I can't see any studio being overly confident in ANY copy protection right now can you? I can see it now... to studios: "Oh yea, don't mind this AACS hack - that was crap anyway. Sure it's our first line of security but this BD+ stuff is much better... not that anyone can use it. yet."

I think I'm done here until someone verifies the guy isn't blowing smoke.

GmanAVS

12-28-06, 04:01 PM

UxiSXRD

12-28-06, 04:12 PM

The current bluray movies can be ripped with the current software also.

Even if that's true (so far there is no BackupBD program, though there IS apparently a BackupHDDVD), BD has two other responses that they can say "but we have available and/or can implement these additional layers that must ALSO be overcome." HD-DVD has no such answer other than the answer also available to Blu-ray with key revocation.

Right now this is entirely an AACS response, though the BDA definitely gets to trumpet their other protection layers, be they effective or no. Does HD-DVD have any provision to add extra security other than AACS?

I don't think this of HD-DVD, by any means, though, unless it does indeed sway some studios that might have been teetering towards neutrality to stay BD exclusive. This should be very interesting to watch unfold.

hmurchison

12-28-06, 04:18 PM

The real question is does HD DVD "need' additional layers of security? Many people are jumping to conclusions or at least assuming that the natural facilities of AACS cannot protect the format. I've seen nothing that suggests that the built in protections of AACS will be powerfless against this sort of hack.

I doubt it has much studio impact at all. Consider that EVERY studio is losing Millions to DVD copying without recourse to stop the spigot. AACS on its worst day is better than CSS on its best.

This is pretty much "Much ado about nothing" a simply talking point for late december on the boards.

Butler5

12-28-06, 04:30 PM

AACS is not the only security measure BD uses, so you have no point. It's like saying 40-bit SSL has been hacked so your web site is open when you haven't even implemented 128-bit SSL yet.

BD uses AACS but it is not all it has. Everyone knows BD has more walls of security it has yet to even put up. Bottom line is one of these walls, AACS, has been hacked. It is toast in the future as new keys will arrived and new keys will be hacked. But the bottom line implementation is out there. All HD-DVD has is AACS. 1+1=2. HD-DVD is toast, considering this comes up a time that they desperately need to lure new studios as desperately as BD has to lower their player prices.

Not saying BD will never be hacked, but the format that needs NEW studios the most has a program being distributed online now called "BackupHDDVD" whereas the competitor has not yet implemented their full security specification. Very bad for HD-DVD! No way to spin this otherwise.

What do you do for a Living...What is you rbackground in Software engineering..Marketing and Corporate Negotiations...HMMM ..Because you would need to have one in order to speak the way you do . Fact is is that you probably still live at home and work at EB Games or something. I mean I will surely take the keen insight you provide over industry sources whos living it is to deal with theze issues.

amirm

12-28-06, 04:34 PM

Let's break down this logic. So if the DVD Forum/AACS adopts some technology, it is automatically correct?
No, there are no absolutes here. It just makes it more "correct" that 20+ companies thought it made sense, as opposed to one, from a single industry. It certainly would smell better, if the same BD companies who voted it down in both AACS and DVD Forum, didn't all of a sudden think it is a good idea behind the closed doors of BDA.

That is what you are saying here. No wonder you are such a supporter of HD DVD. If BD was correct, the DVD Forum would have adopted it.

:rolleyes:
The BD analogy is a good one. In my opinion, BD is much more correct, than BD+. At least a few companies thought it made sense to them from business and technology point of view. BD+ however, is in a huge hole from this prespective, given the refusal of two other major standards groups to adopt it.

Think about it. Do you really want copy protection technology that is only liked by a single content company, or one that has the blessing of all three industries (IT, CE and Content)? That is how AACS works. We have all three viewpoints to hash out issues of interest. Not perfect, but a hell of a lot better than saying yes to a technology to get a single company on board.

Rob Zuber

12-28-06, 05:03 PM

...HD-DVD only has AACS which has already been hacked.AACS has not been hacked.

HD-DVD has been hacked...No, it hasn't been hacked.

...the best they can do is change keys and plug some holes for future releases, which will just be opened up again...There's no guarantee of that.

pabster

12-28-06, 05:16 PM

AACS is not the only security measure BD uses, so you have no point. It's like saying 40-bit SSL has been hacked so your web site is open when you haven't even implemented 128-bit SSL yet.

BD uses AACS but it is not all it has. Everyone knows BD has more walls of security it has yet to even put up. Bottom line is one of these walls, AACS, has been hacked. It is toast in the future as new keys will arrived and new keys will be hacked. But the bottom line implementation is out there. All HD-DVD has is AACS. 1+1=2. HD-DVD is toast, considering this comes up a time that they desperately need to lure new studios as desperately as BD has to lower their player prices.

Not saying BD will never be hacked, but the format that needs NEW studios the most has a program being distributed online now called "BackupHDDVD" whereas the competitor has not yet implemented their full security specification. Very bad for HD-DVD! No way to spin this otherwise.

Hi there Mr Sony Fanboy :D

The sad fact is that Blu Ray disc can and will be cracked similarly. All that has to be done is get the data. Blu Ray employs AACS the same as HD DVD; Your mumblings about 'future security walls' are null and void as not a single BD release employs them. Sony was forced to cut back on copy protection. Remember when they were originally going to make a network connection MANDATORY on all Blu Ray devices?

As for your BS about low studio support vis-a-vi HD DVD; I think you better rethink that. Sony has Disney ... BFD ... Mom and Dad aren't rushing out to spend $1000 to play The Little Mermaid.

If anything this recent news could spell the death of Blu Ray disc. Not the other way around.

pabster

12-28-06, 05:36 PM

AACS has not been hacked.

Nope, it has been compromised.

Spin it any way you wish. :D

Drbuzzo

12-28-06, 05:52 PM

Nice. Here's to HDDVD's on mythtv boxes. Here's to transcoding HDDVD's down to DVD resolution so I can watch them on other tv's without buying the same title twice. Here's to putting the content on iPods and here's to streaming it without having to limit yourself to very strictly limited "approved" products.

And all that horrible other stuff that will make movie studios go bankruped and all the stars die of hunger. Remember: Without you paying thrice for the same movie there wouldn't be the funds to make new movies. We'd all be stuck watching "Gone with The Wind" "Dr Strangelove" and "Goldfinger" yes...it would be a world without "Gili" "Dude where's my car" and "Biodome"

Richard Paul

12-28-06, 06:00 PM

Remember when they were originally going to make a network connection MANDATORY on all Blu Ray devices?Care to post any evidence for this ridiculous claim?

If anything this recent news could spell the death of Blu Ray disc.pabster, you are very optimistic about HD DVD if you actually believe that.

nataraj

12-28-06, 06:00 PM

he also said that BD+ can protect content even though AACS is compromised, although he couldnt explain why due to NDA.

Oh yes ... brought to you by the same guys who think rootkit is fine since most people have not heard of it ... :p :mad:

Michael Mullis

12-28-06, 06:08 PM

Jeff Lampert

12-28-06, 06:33 PM

Spin it any way you wish.

No spin. IMO, if AACS is hacked, that is bad for EVERYONE. No studio is saying, "Oh, the fundamental anti-piracy measure of all HighDef discs has been hacked in less than six months, so now let's release all our best titles on Blu-ray now". Not likely. If this turns out bad for HD DVD, it'll be bad for Blu-ray too. All fans of HighDef optical disc no matter what their preferred format should be on the same side of the fence with regards to this issue.

hongcho

12-28-06, 06:34 PM

Geez... If the claim is verified, the following things are the only sure thing for now.

1) An HD DVD player (PowerDVD) has be hacked.

2) Title keys for several HD DVD movies were extracted (tools are not available for this).

3) A separate implementation of AACS decoder, together with some HD DVD parser, was released.

Other than that, everything else is mostly mental exercises...

Hong.

nataraj

12-28-06, 06:39 PM

WiFi-Spy

12-28-06, 06:40 PM

Ok, so is there yet a video of someone taking a movie, ripping it, burning it to an HD DVD, taking it to their Toshiba A2, and playing it??

Until then, this is just another 6 page pissing match that no one but AVS is paying much attention to.

Dude, this is the top story on digg for the last 24hrs (3200+ diggs)

Kosty

12-28-06, 06:40 PM

Jeff Lampert

12-28-06, 06:56 PM

Hey, how about this!? Since certain Blu-ray supporters seem so over the top about this latest event, (an event in which we should incidentally all be on the same side), and are starting to guess at the ramifications (studios jumping ship, going neutral, staying exclusive, HD DVD is done, etc.), I offer my prediction, an equally pompous wild guess at what will happen. Since Universal is fully aware that they signed on for what is perceived as more limited security protection, they will accept the keys being reassigned and will continue to publish on HD DVD. On the other hand, studios such as Fox and Disney, being so paranoid about this that they supposedly chose Blu-ray for this reason, and being late to the show as is, now will hold up all releases for the forseeable future until they are satisfied that Blu-ray can't be hacked. There, see, I can play that game too.

John Kotches

12-28-06, 06:57 PM

Care to post any evidence for this ridiculous claim?

At CEDIA 2003 Sony was talking about Blu-ray it was indicated that an internet connection would be mandatory. At that point in time, the specs weren't locked.

If someone can get their scripts that they use for their press conferences it'll be there in black and white text.

This was for "phone home" authentication and revocation of privelege. Sorry, this was over 3 years ago and I don't recall the text verbatim.

John Kotches

12-28-06, 06:58 PM

Ok, so is there yet a video of someone taking a movie, ripping it, burning it to an HD DVD, taking it to their Toshiba A2, and playing it??

Until then, this is just another 6 page pissing match that no one but AVS is paying much attention to.

Even if there is, all that has shown is that the disk might have been copied. We don't know that as an absolute.

How would the video demonstrate that the resulting content was in the clear?

Cheers,

nataraj

12-28-06, 07:04 PM

The funny thing is ... dvd has indeed been cracked - for sometime now with multiple one click utilities available to "backup" DVDs. Yet, studios make Billions of $ on DVD sales ....

johnu

12-28-06, 07:16 PM

BD uses AACS but it is not all it has. Everyone knows BD has more walls of security it has yet to even put up.

Funny on many levels :D I guess you mean they have a blu-print for additional security.

trgraphics

12-28-06, 07:30 PM

This reminds me of how for months the Amazon sales rankings meant less than nothing to BR zealots. Atleast until the sales spiked a few points for BR. Then all of a sudden it was a totally different story and now it comes up in a lot of threads as proof that BR is overtaking HD DVD.

The whole point of AACS was that this was bound to happen sooner or later and the protection can be changed to account for it. End of story.

gooki

12-28-06, 07:35 PM

Exactly, since when was opening up a format a bad thing ;)

xbdestroya

12-28-06, 07:36 PM

I think what has to be understood is that the strength of BD+ lies solely in the efforts the coders responsible are willing to put into it. The fact is, it could be very effective. It is... is complex the word to use? Well, it is less simple than no BD+, obviously. But frankly I think a lot of context is missing from this discussion. Ironically, Amir is going to know more than most as to why the DVD Forum was against this method of defense. I have heard that a lot of the concern honestly revolved around the issues of managed copy, and Java Virtual Machines running on Vista. A lot of that noise has died down lately, but these were real concerns back in the day.

Anyway... BD+ represents a non-zero factor in piracy defense, and that's ultimately what matters. Non-zero + AACS = greater than AACS alone. There's a *lot* of politics that go on behind the scenes to get these things ratified into industry standards, and Amir pointing to Fox as being the sole proponent of BD+ in the industry is in all liklihood simply not the case. Rather, they are the primary champions. But these companies compromise all the time in order to hammer a standard out, and for their part at the time Microsoft was dead-set against anything having to do with Java Virtual Machines.

So, BD+.

And of course, ROM-Mark people.

By the way AACS hasn't been 'cracked' in the traditional sense as yet (although a clear exploit has been developed for case by case use); this thread isn't even about that IMO. It's simply about the hypothetical, and what the perceptions among these studios are of the defense schemes of these formats relative to one another. I don't think this thread has to be a BD vs HD DVD thread; we could instead have an analytical conversation on the various merits and drawbacks of the aforementioned DRM schemes themselves.

trgraphics

12-28-06, 07:37 PM

TrevorS

12-28-06, 07:54 PM

Do you expect any major movement from studios? this news happened just before CES 2007. Will Universal shift their position becoming neutral? Will Warner or Paramount become blu-ray exclusive? What do you think? discuss! civilizedly!

http://www.engadget.com/2006/12/27/aacs-drm-cracked-by-backuphddvd-tool/

From reading the actual thread, the "crack" appears pretty theoretical. The coded algorithm/specification appears to be already in the public domain, however the necessary decryption keys are not. Without the keys, the algorithm is impotent.

It would appear the AACS purpose is not hiding the algorithm, but rather protecting and, as necessary, invalidating the keys. The described "crack" is not in-and-of-itself anything to get too excited about.

PS. Isn't it about time to let this collection of threads in each HD forum to die? The event doesn't carry HALF the significance being ascribed to it.

gooki

12-28-06, 07:54 PM

BD+ is just as ineffective as AACS at this point in time, because no player support means in the future if BD+ discs are releeased, all one has to do it crack the AACS (ignore the BD+ protection) and the "backup" will still play perfectly fine on non BD+ supported players (all current machines, ie 1 million + PS3s etc)

Also we can all agree, ROM-Mark will only protect from mass commercial piracy (pressed discs) if it actually works as it should? but it won't protect against transcoding BD to HDDVD, correct? So either way BD is still just as much "compromised" as HDDVD is.

xbdestroya

12-28-06, 08:02 PM

BD+ is just as ineffective as AACS at this point in time, because no player support means in the future if BD+ discs are releeased, all one has to do it crack the AACS (ignore the BD+ protection) and the "backup" will still play perfectly fine on non BD+ supported players (all current machines, ie 1 million + PS3s etc)

All BD playback devices (in theory) currently support BD+; it's the discs themselves that haven't begun to put the protection into play yet.

Also we can all agree, ROM-Mark will only protect from mass commercial piracy (pressed discs) if it actually works as it should? but it won't protect against transcoding BD to HDDVD, correct? So either way BD is still just as much "compromised" as HDDVD is.

Agreed. But let's also agree that that (pressing defense) is no minor thing.

What'sHD

12-28-06, 08:22 PM

Well Amir if you feel that way about BD+ isn't it logical that we have the security systems used in Windows Vista publicly available as well?
Good point, but to be OT & facetious, the hackers dont seem to need the blueprints. they are doing quite well without them so far.

What'sHD

12-28-06, 08:28 PM

Does it mean something if a studio thinks BD+ is good? Sure. Does it mean they are right? Not necessarily or DVD Forum/AACS would have adopted that technology. But they did not.
That is true, assuming the DVD forum is the benchmark when it comes to evaluating future technology needs.

Also, if the DVD forum knew that BD+ would get Fox on board, why did they not adopt it? It does not make sense to launch a format and leave out Fox when you can get them with a token technology addition. Or was it about royalties?

From a business strategy PoV, BD+ is good cos it gets Fox on board, if nothing else. As for the other benefits, I am sure Fox saw something in BD+ tech-wise.

What'sHD

12-28-06, 08:30 PM

There won't be much to copy if studios decide they better stick with the much more advanced copy protection system with Blu-ray.

At the very least this new development means you can kiss any hopes of Fox/Disney/MGM going neutral anytime soon.
I agree with this part.

If I was CEO of Disney (I can dream), I would feel a lot safer with Rom MARK and BD+ than not (for future releases of course).

What'sHD

12-28-06, 08:34 PM

wreckshop

12-28-06, 08:52 PM

Does it mean something if a studio thinks BD+ is good? Sure. Does it mean they are right? Not necessarily or DVD Forum/AACS would have adopted that technology. But they did not.

maybe FOX knows something you don't?

amirm

12-28-06, 09:00 PM

maybe FOX knows something you don't?
Who is "you"? If you mean Microsoft, we are all but one company in DVD Forum/AACS. I fyou mean DVD Forum, the org membership is 250 companies in the business of format making. 19 of them are board members, majority of them BD companies. So the "you" didn't know something, must mean BDA members didn't know it. I guess it is possible that there was additional wisdom above and beyond those members of BDA who are not in DVD Forum. But do you really think the likes of TDK were wiser than the rest of the other shared companies in both standards group?

Hope you see where I am going with this :).

trgraphics

12-28-06, 09:03 PM

maybe FOX knows something you don't?

And what is it that you do for a living? Are you privy to inside information directly from the sources like amir and others are here?

Somehow, I doubt it. But, please enlighten us all why you feel it neccassary to be so blunt and constantly question the word of an expert.

diogen

12-28-06, 09:09 PM

...I don't think this thread has to be a BD vs HD DVD thread...It took only 6 pages and around 180 posts to realize this could be the case.
Definite progress over the "News..." Series.

Diogen.

darinp2

12-28-06, 09:10 PM

As for your BS about low studio support vis-a-vi HD DVD; I think you better rethink that. Sony has Disney ... BFD ... Mom and Dad aren't rushing out to spend $1000 to play The Little Mermaid.It never ceases to amaze me how many people try to make out that the group (the Disney group) that controls the rights to, "Sin City", "Pulp Fiction", "Kill Bill #1 and #2", "Pearl Harbor", "Pirates of the Caribbean", etc. is just about kids movies.

--Darin

amirm

12-28-06, 09:13 PM

That is true, assuming the DVD forum is the benchmark when it comes to evaluating future technology needs.
They did OK with DVD format, did they not? :)

But yes, there is no approved god of technology here. We have existing orgs evaluating such offers. Three of them were involved here. First was DVD Forum. Second was AACS (whose business is to know content protection). And last was BDA which did not study the matter. Rather, it accepted the technology in one meeting and went about to create a spec around it. Anyway you skin this, BD+ had failed ton convince anyone of its merits.

Also, if the DVD forum knew that BD+ would get Fox on board, [U]why did they not adopt it? It does not make sense to launch a format and leave out Fox when you can get them with a token technology addition. Or was it about royalties?
That is how things for in HD DVD land. DVD Forum is a standards setting org. It does not do backroom deals to get support of companies. Issues get proposed, studied and approved by the board. If someone likes the standard, they get to build products around it. If they don’t, they can ignore it.

From a business strategy PoV, BD+ is good cos it gets Fox on board, if nothing else. As for the other benefits, I am sure Fox saw something in BD+ tech-wise.
Call it stupid if you like but for those of us involved on those discussions, we knew that not adopting BD+ would make Fox unhappy. But one needs to have a certain set of principal going into these meetings. If you find issues with a proposal, and see little to no upside in implementing it, you vote appropriately. That is what happened with BD+. People saw issues with it. Other studios with strong voice did not push to override those objections, and BD+ didn’t make it in DVD Forum.

Now if the BD proponents are saying that anything Fox asked, they should have gotten, then I say I am not sure if you are consumer, or a political advocate :). There are a lot of things asked for from various camps that one needs to say No to if we are going to have a good standard.

You all have not seen BD+ in action. As such, it is very premature to be chanting that it is a good thing for your favorite format. Really, this is the first time I have seen so many pro-copy-protection people in one place. I usually get beat up for taking the side of the content owners. But here, we have BD fans talking about BD+ as if it is lossless audio or something. It is not. Running code in your player to figure things out well after a standard is established, doesn't leave consumers in a good spot.

And I am pretty confident that BD+ will get broken. Just as we have been confident that AACS would get broken. But here, we designed everything around that from day one. It will be fun and interesting to see how BD+ hacks are dealt with.

Twehttam

12-28-06, 09:15 PM

It never ceases to amaze me how many people try to make out that the group (the Disney group) that controls the rights to, "Sin City", "Pulp Fiction", "Kill Bill #1 and #2", "Pearl Harbor", etc. is just about kids movies.

--Darin

Exactly. I just picked up the XBOX360 add-on for HD-DVD titles, but if the studio support stays status quo after CES, I'll be picking up a PS3. There are just a lot of movies I want to see in Hi-Def that I cannot get from HD-DVD right now. I'm really, really anxious about what is going to happen in the next two weeks (as I'm sure everyone else is).

Michael Mullis

12-28-06, 09:23 PM

Dude, this is the top story on digg for the last 24hrs (3200+ diggs)

DUDE!!!!!

All that video showed is a guy that ran a program and got the DVD to run on a piece of PC software.

Let me say this again.........Until that same guy burns Full Metal Jacket to an HD DVD, and walks his ass over to his Toshiba or to his Xbox 360, puts the disc in the drive, and plays it on a standalone player, this means very little other than for the BD fanboys to dance in a circle and spin the bottle.

What'sHD

12-28-06, 09:37 PM

They did OK with DVD format, did they not? :)

But yes, there is no approved god of technology here. We have existing orgs evaluating such offers. Three of them were involved here. First was DVD Forum. Second was AACS (whose business is to know content protection). And last was BDA which did not study the matter. Rather, it accepted the technology in one meeting and went about to create a spec around it. Anyway you skin this, BD+ had failed ton convince anyone of its merits.
Fair enough. But if (like you said) its a toothless defense, why not include it then? I ask seriously cos then HD-DVD would have Fox on board. And it did convince Fox of its merits. Did anyone from the Forum try to concince Fox that their understanding of BD+ was wrong? For the sake of HD-DVD buyers and the HD-DVD bottom line, if nothing else.

Call it stupid if you like but for those of us involved on those discussions, we knew that not adopting BD+ would make Fox unhappy. But one needs to have a certain set of principal going into these meetings. If you find issues with a proposal, and see little to no upside in implementing it, you vote appropriately. That is what happened with BD+. People saw issues with it. Other studios with strong voice did not push to override those objections, and BD+ didn’t make it in DVD Forum.
I am not calling it or anyone stupid. I just dont get how Fox can be allowed to slip out from the content chain when a technology addition would have brought them on board. I recall a certain Thomson technology being added to the spec. That one certainly didnt convince anyone here of its merits either even though the Forum seemed to like it, for some inscrutable reason. That reason could not have been tech-based, Imo.

Now if the BD proponents are saying that anything Fox asked, they should have gotten, then I say I am not sure if you are consumer, or a political advocate :). There are a lot of things asked for from various camps that one needs to say No to if we are going to have a good standard.
So, your stand here is that BD+ and ROM Mark make BD a technically worse standard. Would you go on the record for that, personally as an AVS member, not an MS employee?

And I am pretty confident that BD+ will get broken. Just as we have been confident that AACS would get broken. But here, we designed everything around that from day one. It will be fun and interesting to see how BD+ hacks are dealt with.
How about ROM Mark? Do you see it broken soon also?

cheers

amirm

12-28-06, 10:01 PM

Fair enough. But if (like you said) its a toothless defense, why not include it then?
Because it is expensive to build and deploy and as such, it represents significant cost to us. BDA has not made the licensing agreement for BD+ public. But you can bet a ton of money that it will have very strict rules for compliance. Should it break, I am sure there are onerous requirements but financially and technically to make it right. We didn’t want to take on this burden on top of AACS.

Second reason is public perception. BD fans here celebrate extra copy protection it seems. But general public is very much opposed to it. As you may have seen from the noise around Vista, the technology providers often get beat up here, instead of content owners for “too much DRM.”

Did anyone from the Forum try to concince Fox that their understanding of BD+ was wrong? For the sake of HD-DVD buyers and the HD-DVD bottom line, if nothing else.
Very much so. But they remain unconvinced.

I am not calling it or anyone stupid. I just dont get how Fox can be allowed to slip out from the content chain when a technology addition would have brought them on board.
I think the members here are missing a ton of context here regarding Fox which I am not at liberty to discuss. But suffice it to say, Fox is not a board member of DVD Forum or founding member of AACS. You can decide what this means :).

I recall a certain Thomson technology being added to the spec. That one certainly didnt convince anyone here of its merits either even though the Forum seemed to like it, for some inscrutable reason. That reason could not have been tech-based, Imo.
Thomson is a board member of DVD Forum and managed to get majority vote for their technology there. Enough companies had to be convinced of FGT merits or it would not have been included in the spec. Fox could have done the same, by campaigning other members. Of course, not being on the board means they would have to get one more vote than Thomson did.

So, your stand here is that BD+ and ROM Mark make BD a technically worse standard. Would you go on the record for that, personally as an AVS member, not an MS employee?
I am not sure what distinction you are making here. But yes, I personally believe that Virtual Machines in whatever form, add huge amount of complexity to any system. And in areas of copy protection, additional complexity/attack surfaces is never a good thing.

As a consumer, I certainly don’t want to see variability in the copy protection of the discs I play. I buy into a format knowing what I know now. Hate to be surprised with new “functionality” years down the road. If there is one thing Steve Jobs did right with iTunes was to set a simple and predictable set of rules: one song, 99 cents. The concept that your rights to your content vary on a disc by disc basis, pushes things pretty far from this concept which is one of the few which has worked with consumers.

How about ROM Mark? Do you see it broken soon also?

cheers
That is the hallway chatter to be sure. In reality, Rom Mark does not need to be broken anyway because all you have to do is break the higher level of measures (AACS, BD+) and capture the bits, regardless of whether the mark is there or not. So its effectiveness in these circles is non-existent.

PacoFromDelTaco

12-28-06, 10:15 PM

Really, this is the first time I have seen so many pro-copy-protection people in one place. I usually get beat up for taking the side of the content owners. But here, we have BD fans talking about BD+ as if it is lossless audio or something. It is not.

That had me literally LOLing.

And I am pretty confident that BD+ will get broken.

Im sure sony who is reading this will be very interested in your confidence in their content being pirated.

Dauod

12-28-06, 10:22 PM

maybe FOX knows something you don't?

ROFLMAO, Yeah ask FOX what they know, remember DIVX? I'll bet FOX does, although they sure as hell didn't learn anything from it! :eek:

xbdestroya

12-28-06, 10:35 PM

What's HD you just play into Amir's hands when you ask questions conerning his personal opinions on matters - that's carte blanche for the spin machine to go back into gear. ;)

I can't believe again this ROM-Mark thing is being downplayed by you Amir - even though you do not even dispute in the least that it's role to play is in a completely different sphere, and even though I'm sure you yourself would admit to large-scale commercial piracy being a serious concern in the industry (certainly I am aware that Microsoft as a whole takes said position when it comes to it's own wares), you keep trying to rub ROM-Mark out as 'irrelevent' because it does not secure against decrypting. Well, you're right. But you and I both know that is not the ROM-Mark's role in the fight.

Again, the reasons against using BD+ within the DVD Forum have as much to do with Microsoft themselves as they do with any sort of 'industry consensus' on the matter. As I said the situation seems to have settled down recently, but potential managed copy restrictions, virtual machines running 'rampant'... and frankly Java in general were/are anathema to no one more than they are to Microsoft and their prefered vision of the Vista paradigm. Even the CE hardware vendors, who are really the ones who should be in arms against BD+... are still on board. The studios? Pshhh... the more DRM the better.

BD+ truly does have the ability to be a powerful anti-piracy tool on a number of levels if utilized properly. Virtual machines offer a powerful level of functionality; that is both their benefit here and the 'risk' involved with BD+. Until we see what actually gets put into play though on that front, it's all speculation.

pabster

12-28-06, 10:38 PM

Care to post any evidence for this ridiculous claim?

Yeah, it is ridiculous that Sony ever thought forcing each BD device to have an internet connection was going to pass muster.

Google around. As another poster mentioned, circa 2003 and even early 2004 Sony was still planning this.

The official BD FAQ says a network connection is only needed to 'download extras' and to 'manage licensed content on a network' ...

Pabster, you are very optimistic about HD DVD if you actually believe that.

What is so far out with my line of thinking?

If I were a consumer looking to invest in a next gen format, would I be more likely to choose the one which allowed me to protect my investment (presumably HD DVD) or one which did not?

amirm

12-28-06, 11:02 PM

I can't believe again this ROM-Mark thing is being downplayed by you Amir
Hmmm. I am downplaying it because it is not relevant to the topic of this thread. The topic here is not replication of content, but AACS hacks and ways to stop it. So I keep mentioning that Rom Mark has does not stop any AACS hacks. Nothing more. If you want to discuss mass piracy and such, feel free to create a new thread on that topic.

Again, the reasons against using BD+ within the DVD Forum have as much to do with Microsoft themselves as they do with any sort of 'industry consensus' on the matter.
Sounds like you are saying we are powerful enough to have the DVD Forum rules thrown out the window. One wonders then why there are three video codecs in HD DVD, rather than just VC-1 if we have such a stronghold over the forum. Or why it does not use any of our audio codecs. Let me break the news then. BD companies have amazing power in DVD Forum. They hold majority vote. They can override us in a heartbeat.

As I said the situation seems to have settled down recently, but potential managed copy restrictions, virtual machines running 'rampant'... and frankly Java in general were/are anathema to no one more than they are to Microsoft and their prefered vision of the Vista paradigm.
Only two companies -- and one of them was Sun -- voted for Java VM in DVD Forum. This is why it got defeated, not because Microsoft vetoed it. Please don't put extra burden on us in this manner where the reality doesn’t back what you claim in the slightest.

As to managed copy, we championed it. We did so because we knew that if we didn’t provide that capability, hackers would have a great excuse to bypass the system. Are you saying that was a bad thing?

Even the CE hardware vendors, who are really the ones who should be in arms against BD+... are still on board. The studios? Pshhh... the more DRM the better.
Are you forgetting the consumer? Is “more DRM” better for them too? And why did those studios and CE companies refuse to adopt BD+ in DVD Forum and AACS if they were “on board?” Are they on the side lines in one forum, but not the other? If so, who is playing games? Us or them?

BD+ truly does have the ability to be a powerful anti-piracy tool on a number of levels if utilized properly.
It is not that simple. Really isn’t. The VM system itself could be attacked. The VM exposes additional attack surfaces which did not exist before. Without access to any specifications, and I mean any, I don’t know how you can claim generically that BD+ is a “powerful” tool.

Virtual machines offer a powerful level of functionality; that is both their benefit here and the 'risk' involved with BD+. Until we see what actually gets put into play though on that front, it's all speculation.
For you all it is speculation because you lack access to specifications for BD+ and its core technologies. For us, it is not given our position in the industry. You are choosing to ignore my points on this front. That is fine. But please don’t say we are speculating and that we are similarly situated...

wreckshop

12-28-06, 11:05 PM

Who is "you"? If you mean Microsoft, we are all but one company in DVD Forum/AACS. I fyou mean DVD Forum, the org membership is 250 companies in the business of format making. 19 of them are board members, majority of them BD companies. So the "you" didn't know something, must mean BDA members didn't know it. I guess it is possible that there was additional wisdom above and beyond those members of BDA who are not in DVD Forum. But do you really think the likes of TDK were wiser than the rest of the other shared companies in both standards group?

Hope you see where I am going with this :).

not really. I thought I asked a simple yes or no question, instead I get an entire post about the DVD forum. so let me ask you straight up:

Do you (Amir) know everything there is to know about BD+?
Do you (Amir) know for a fact that BD+ cannot provide any security measures in the event AACS is compromised?
Is it possible that FOX knows more about BD+ than you (Amir)?

a simple yes or no will do, thanks! :)

kdragon

12-28-06, 11:15 PM

Amir,

No consumer wants copy protection on anything. The trouble is, it is inevitable. The day MS allows non-copy protected movie downloads or Zune downloads, you can climb up on the moral high grounds! Until then stay with us mere mortals and don't insult Blu-ray supporters. You haven't earned that right.

Given the choice, Blu-ray's extra copy protection is better because in the end we want movies -> If studios decide not to publish on a certain format because they are not confident about that format (they do have a choice between HD-DVD and Blu-ray whereas with DVD they didn't have a choice), I want to be with the format which is more likely to keep studios publishing. When Blu-ray supporters 'celebrate' stronger copy protection of Blu-ray, it is with this in mind. At least I do. Not that I am celebrating -- Blu-ray also uses AACS.

I want all the movies to be released without even using AACS. Is it going to happen? If I am getting AACS, why not BD+? Or is it your attempt to prove a magical line that somehow HD-DVD managed to draw?

You can bash BD+ as much as you want. You can brush aside ROM mark as many times as you want. That won't change the facts. Fact is Blu-ray has better copy protection mechanism.

Win the battle of the arguments. Lose the war of the formats.

Just IMHO.

gooki

12-28-06, 11:22 PM

Addressing a few comments:

All BD playback devices (in theory) currently support BD+; it's the discs themselves that haven't begun to put the protection into play yet.

Are you sure of that - i have a sneaking suspicion they don't.

Quote:
Also we can all agree, ROM-Mark will only protect from mass commercial piracy (pressed discs) if it actually works as it should? but it won't protect against transcoding BD to HDDVD, correct? So either way BD is still just as much "compromised" as HDDVD is.

Agreed. But let's also agree that that (pressing defense) is no minor thing.

Agreed.

I can't believe again this ROM-Mark thing is being downplayed by you Amir - even though you do not even dispute in the least that it's role to play is in a completely different sphere, and even though I'm sure you yourself would admit to large-scale commercial piracy being a serious concern in the industry (certainly I am aware that Microsoft as a whole takes said position when it comes to it's own wares), you keep trying to rub ROM-Mark out as 'irrelevent' because it does not secure against decrypting. Well, you're right. But you and I both know that is not the ROM-Mark's role in the fight.

My 2 cents why ROM Marking isn't the savour in content protection for BD. If BD gets significant market penetration to make commercial pirating of the conent a viabable option, and ROM Marking is the only obstacle stopping them from pressing BD discs, they will simply move to mass produced burned discs. Sure the cost may double from $1 a copy to $2 a copy, but it will be significantly low enough to entice commercial pirates.

Also, if the DVD forum knew that BD+ would get Fox on board, why did they not adopt it? It does not make sense to launch a format and leave out Fox when you can get them with a token technology addition. Or was it about royalties?

As mentioned above, they've (Disney/Fox) been left out before with great success, so i see no reason why it can't happen again this time round.

Quote:
And I am pretty confident that BD+ will get broken.

Im sure sony who is reading this will be very interested in your confidence in their content being pirated.

Not speaking for Amir or anything, but i believe that comment is more aroung the fact that every form of copy protection gets broken at one stage or another.

amirm

12-28-06, 11:29 PM

not really. but in the insider thread the SPE insider posted info about BD+ which contradicts what you have said previously. so...
Said insider has never told us his area of expertise. I don't for example know if he is involved in AACS/matters of copy protection *technology*, or simply in content production. I was especially surprised to hear he/she did not know AACS specs are public for example.

Of course, you know who I am and that my group is directly involved in these matters. I personally negotiated the original pillars of AACS. So take all this into consideration as you check out the veracity of people’s claims. :)

Do you (Amir) know everything there is to know about BD+?
I can’t tell you what we do or do not know. Read my previous posts as that is as far as I can answer this question, which btw, is a lot more than paidgeek has said so far on BD+.

Do you (Amir) know for a fact that BD+ cannot provide any security measures in the event AACS is compromised?
Assuming that BD+ is somehow immune to attacks then yes, it can provide additional measures. Problem is, BD+ itself can be attacked just as easily or even more so than AACS.

What if BD+ is hacked and not AACS? The system would be compromised then without any fault of AACS, wouldn’t it? In that manner, BD+ weakens AACS, not strengthen it.

And think about it. Anytime you run code, malicious data could be fed to the engine to get it to execute bad things. This is the basic method of creating viruses in PC software today. You overflow a buffer and get the code to do new things with privilege access.

I could go on based on public info alone but you get the picture hopefully. Just because you add functionality, it does not compute automatically that you get more. Many times you get less.

Is it possible that FOX knows more about BD+ plus than you (Amir)?

About BD+ specifications? Sure, it is possible. About real world implementation of content protection in a software world, no. We have years of experience defending our DRM system against attacks, and providing fixes when hackers are successful. Nothing like living and breathing this stuff to know the difference between theory and practice. Fox has a few capable cryptographers so I am not here to put down their knowledge and expertise. But just the fact that I won’t tell them how to make movies, even though I watch many of them, I hope you accept that our knowledge base and perspective here is quite important too, especially when other studios did not share their views either.

xbdestroya

12-28-06, 11:29 PM

Hmmm. I am downplaying it because it is not relevant to the topic of this thread. The topic here is not replication of content, but AACS hacks and ways to stop it. So I keep mentioning that Rom Mark has does not stop any AACS hacks. Nothing more. If you want to discuss mass piracy and such, feel free to create a new thread on that topic.

It is relevent, in that the topic of the thread is how do studios perceive the relative security of the formats when compared to one another. Mass replication is a definite aspect in their concerns and thinking.

Sounds like you are saying we are powerful enough to have the DVD Forum rules thrown out the window. One wonders then why there are three video codecs in HD DVD, rather than just VC-1 if we have such a stronghold over the forum. Or why it does not use any of our audio codecs. Let me break the news then. BD companies have amazing power in DVD Forum. They hold majority vote. They can override us in a heartbeat.

I'm not saying that Microsoft was or was not 'powerful' enough to override a BD-like implementation in the DVD Forum. I am simply saying, to no other company that is part of the forum would it be perceived as a material negative to their business objectives so much as to Microsoft themselves at that point in time. I don't doubt that other companies would have opted for it, they just let it rest.

Only two companies -- and one of them was Sun -- voted for Java VM in DVD Forum. This is why it got defeated, not because Microsoft vetoed it. Please don't put extra burden on us in this manner where the reality doesn’t back what you claim in the slightest.

Again, votes alone don't reflect desires; they more reflect decisions for action. I will take what you say in *this* regard though to be true at face value if you also follow up by telling me that Microsoft did not lobby/petition companies for their vote against Java. Since the BDA membership did opt for Java... and a lot of those companies have votes on the DVD Forum as well... certainly something seems out of sync here.

As to managed copy, we championed it. We did so because we knew that if we didn’t provide that capability, hackers would have a great excuse to bypass the system. Are you saying that was a bad thing?

Nope, that was a good thing. Thank you. But I'm waiting to see what MS' own DRM schemes are in the digital realm before jumping up and down for joy in this regard.

Are you forgetting the consumer? Is “more DRM” better for them too? And why did those studios and CE companies refuse to adopt BD+ in DVD Forum and AACS if they were “on board?” Are they on the side lines in one forum, but not the other? If so, who is playing games? Us or them?

I'm not forgeting the consumer, it's simply that this thread is in the context of what benefits the studios. Maybe you can start a thread about what DRM schemes (or lack thereof) would most benefit the consumer.

It is not that simple. Really isn’t. The VM system itself could be attacked. The VM exposes additional attack surfaces which did not exist before. Without access to any specifications, and I mean any, I don’t know how you can claim generically that BD+ is a “powerful” tool.

I make that claim because I make the claim the virtual machines are themselves powerful, to which you say...

For you all it is speculation because you lack access to specifications for BD+ and its core technologies. For us, it is not given our position in the industry. You are choosing to ignore my points on this front. That is fine. But please don’t say we are speculating and that we are similarly situated...

No we are not similarly situated. But that doesn't turn me ignorant to what a virtual machine could/should be capable of. A lot of your arguments against it's value have simply hinged upon: if AACS can be cracked, so can BD+.

Well, I agree. But that said, it's a different, additional nut to crack. And since it can be replaced and updated wholesale 'revision' to 'revision,' IMO I think it provides a material defense in terms of holding actions alone.

Anyway, whatever the case, a non-zero benefit to studios.

lostsoldier

12-28-06, 11:37 PM

Why bother hacking AACS, HDCP was already taken care of well before it was even approved. HDMI outputs video and audio, I strip HDCP from it, and I am left with video and audio to do with what I please. Actually, you can buy HDCP strippers commercially, making it even easier for those without a soldering iron and pocket protector.

amirm

12-28-06, 11:40 PM

Amir,

No consumer wants copy protection on anything. The trouble is, it is inevitable. The day MS allows non-copy protected movie downloads or Zune downloads, you can climb up on the moral high grounds! Until then stay with us mere mortals and don't insult Blu-ray supporters. You haven't earned that right.
Well, you think I took a position which I did not. I didn't say HD content should be distributed without copy protection. I said that we don't need too much copy protection. As long as we provide good enough safeguards so that large majority of people purchase content rather than steal it, our job is done. Putting more copy protection in there just antagonizes consumers, retarding the market growth.

Given the choice, Blu-ray's extra copy protection is better because in the end we want movies -> If studios decide not to publish on a certain format because they are not confident about that format (they do have a choice between HD-DVD and Blu-ray whereas with DVD they didn't have a choice), I want to be with the format which is more likely to keep studios publishing.
Yet they have all published using identical forms of copy protection in each format.

You can bash BD+ as much as you want. You can brush aside ROM mark as many times as you want. That won't change the facts. Fact is Blu-ray has better copy protection mechanism.
There is no such fact. BD+ has not been deployed. You have to wonder why. And once it is deployed, what do you do if it is hacked the first day? Would you still say it is better? Oh, you are saying on paper it is better. I think we have heard that before :).

Michael Grant

12-28-06, 11:57 PM

Why bother hacking AACS, HDCP was already taken care of well before it was even approved.Two reasons.

First of all, HDMI outputs an uncompressed video stream and usually uncompressed audio. Taking that 1.2Gbps data stream (assuming 1080p24 video) and storing it back onto a disk isn't child's play---you'll have to store it in real time, which will require a fast interface to terabytes of storage, and then recompress it. Yes, it can be done, and it probably will be.

But it's not going to be fun---even if all you try to do is extract the main feature and its primary audio track. And that brings us to the second point: HDMI doesn't give you the structure of the disc: the menus, chapters, the multiple language and commentary tracks, etc. etc. Hacking AACS gives you all that.

Mad Chemist

12-28-06, 11:59 PM

hokiefan

12-29-06, 12:09 AM

Man am I suprised BD and HD-DVD allow playback on PCs. Wasn't it WinDVD that leaked the key for DVD? And now this. If I was a stockholder for a studio, I would demand that none of our movies be playable on a PC.

LOL. Whats next, you gonna demand a MPAA rep to sit next to me while I watch my movie to make sure I am watching it properly?

DVDs have been cracked for a long time, and I dont really see any problems with DVD sales, do you?

Michael Grant

12-29-06, 12:19 AM

Past performance is not a reliable predictor of future results :) Seriously, DVD piracy is hampered by other technical issues such as the lack of ubuquitous broadband access. Those issues are going away; and when they do, watch out.

Besides, the question is not whether DVD sales are doing fine, but how much better they would do if CSS had not been cracked. Again, I suspect the answer is "not much" on a percentage basis, at this point. But since when has a business turned down any boost in profits?

And frankly, if CSS had never been cracked, then I doubt that the protest boycotts of a few Linux geeks who expect their DVD playback software to cost $0 would have had any measurable impact on their sales.

Mad Chemist

12-29-06, 12:22 AM

LOL. Whats next, you gonna demand a MPAA rep to sit next to me while I watch my movie to make sure I am watching it properly?

DVDs have been cracked for a long time, and I dont really see any problems with DVD sales, do you?

You got me all wrong. I'm all for fair use. I just can't believe how sloppy these software companies are.

Rob Zuber

12-29-06, 12:47 AM

Man am I suprised BD and HD-DVD allow playback on PCs. DVD encryption is completely cracked, so why are studios still releasing on DVD? Because there is more money to be made relative to not selling DVDs at all. It's the same with PCs, which greatly increase the market for high def optical media.

What'sHD

12-29-06, 12:57 AM

I am not sure what distinction you are making here. But yes, I personally believe that Virtual Machines in whatever form, add huge amount of complexity to any system. And in areas of copy protection, additional complexity/attack surfaces is never a good thing.
The reason I asked for your personal opinion, as opposed to corporate decision, is twofold:

1. I am not interested in the party line from MS. If what you have offered above is the MS line, I wont know the difference but it was worth asking the Q about BD+ clearly and openly.

2. You may not have wanted to comment as an MS employee/rep on these matters.

What'sHD

12-29-06, 01:02 AM

What'sHD

12-29-06, 01:10 AM

Well, you think I took a position which I did not. I didn't say HD content should be distributed without copy protection. I said that we don't need too much copy protection. As long as we provide good enough safeguards so that large majority of people purchase content rather than steal it, our job is done. Putting more copy protection in there just antagonizes consumers, retarding the market growth.
Amir, the point here is that not putting in more CP (besides AACS) has led to content being lost. If you (as in HD-DVD) want to NOT lose (antagonize) consumers of High def movies, the content is more important than CP that will be invisible to the honest people.

Frankly, with my add-on working rather well with my HDTV, HD-DVD only needs the remaining studios and I would be quite happy to buy HD-DVDs as often as I buy BDs (not counting Universal and Sony, of course). Of course, if studios use BD50 to full bitrate, I am going all BD.

onanie

12-29-06, 01:24 AM

lymzy

12-29-06, 01:24 AM

Amir, the point here is that not putting in more CP (besides AACS) has led to content being lost.

If HD DVD is established as a format, content will come. FOX embraced divx. When DVD was established, what had fox done? Also, the assumption about no BD+ in HD DVD led to content being lost is wrong. Even if HD DVD adopts BD+, FOX will still go to bluray.

To be honest, I care more about managed copy/centralize management than 8bit HD content. The VM for BD+ create uncertainty for Vista to achieve a balanced DRM. Also according to one insider from Intel, if the BD+ fix-up table occurs during or after decoding, it will cause a lot of trouble for managed copy.

lymzy

12-29-06, 01:35 AM

I want all the movies to be released without even using AACS. Is it going to happen? If I am getting AACS, why not BD+? .

By the time BD+ is adopted, I think the Vista PVP part is finished. The argument is that when BD+ might close one door, the VM could open a lot of windows in the same time. What if VM is used to steal keys? What if VM is used to veto ICT flag?

You can bash BD+ as much as you want. You can brush aside ROM mark as many times as you want. That won't change the facts. Fact is Blu-ray has better copy protection mechanism.

What fact? Also your assumption that better copy protection mechanism will bring more content is false. Without BD+, studio will still publish on bluray. How about copy protection for DIVX? Was it better than DVD?

What'sHD

12-29-06, 01:50 AM

If HD DVD is established as a format, content will come.
When HD-DVD wins, content will come. But until content comes, HD-DVD can't win. Its a catch-22.

BD cant lose with 90% content support; It may co-exist but it wont lose for sure. HD-DVD will die if lack of content is not addressed Imo, but supporters prefer to think otherwise. Their perogative.

I disagree about your statement that Fox would still have gone to BD only. So far, Fox statements show that BD+ was a major factor. Unless you have inside scoop from within Fox, I find myself puzzled by the DVD forum's disinclination to placate Fox and add BD+.

Hell, they added FGT from Thomson which fiddles around with the grain in the picture.. Talk about short-term planning, not to mention that the technology itself so far seems to be unproven and unused, much like BD+, I might add.

hd90210

12-29-06, 02:08 AM

Bottom line is BD is more secure than HDDVD and this crack further emphasizes the importance of robust security.

MidnightWatcher

12-29-06, 02:14 AM

When HD-DVD wins, content will come. But until content comes, HD-DVD can't win. Its a catch-22.
It is not a Catch-22 per se. Your circular logic is flawed. HD DVD is winning right now and Blu-Ray is trailing, proving that the content is already sufficient by comparison, and more will come. It is not, however, entirely about content. It is also about perception, price and availability as well and HD DVD has the upper hand overall.

RobertR1

12-29-06, 02:26 AM

I like how people are championing BD+ without
A. NEVER seeing it action
B. Absolutely 0 knowledge of it's specs and layout

But really, BD+ could potentially open 2 holes vs. 1. So not only would you worry about AACS but now you have to worry about BD+. As you add more, more is exposed. According to Alex's post (awilliams) BD+ spec is still not final so again, you're rooting for a work in progress. Even rooting for BD-J over HDi is more respectable at this point and that's not saying much :)

Until we see BD+ in action at a mass level and see it go as many months without an exploit, we can't really comment on it's security integrity.

wreckshop

12-29-06, 03:09 AM

Assuming that BD+ is somehow immune to attacks then yes, it can provide additional measures. Problem is, BD+ itself can be attacked just as easily or even more so than AACS.

I'm not interested in the possible vulnerabilities of BD+. only wether or not that it could provide security measures in the event that AACS is compromised. earlier you said that BD+ is useless when AACS is compromised, but it appears you have changed your position?

What if BD+ is hacked and not AACS? The system would be compromised then without any fault of AACS, wouldn’t it? In that manner, BD+ weakens AACS, not strengthen it.

BD+ hasn't even been deployed so it can't be hacked. my understanding is that BD+ will be deployed in the event of widespread copying - which means that AACS has already been cracked. in this case BD+ will provide an additional layer of security for BD, whereas hd dvd has none left. how is this a bad thing for studios?

Kosty

12-29-06, 03:10 AM

DVD encryption is completely cracked, so why are studios still releasing on DVD? Because there is more money to be made relative to not selling DVDs at all. It's the same with PCs, which greatly increase the market for high def optical media.

Well DVD sell now and studios make a profit on them because its easier to buy a disk for a reasonable cost or rent it and watch it once, than it is to go through the trouble or borrowing a disk and then burning it. As long as a DVD is $4.99 to $19.99, its not not worth the effort to most people.

Same goes with the downloading and burning, its just not worth the time on current connections and effort compared to the low cost of just buying the disc.

The whole point of encryption is to prevent pure copies from getting into the wild (this is now bad for the current HD DVD releases that now can be exploited) and to place enough barriers up to not make casual copying worthwhile.

Although if true, this is not good new for HD DVD, it only effects the "pure copy" aspect in a small way and has no effect on the "casual copy" use.

The revocation of the player key will make future released title playbacks impossible, which will limit the use of the player until the vulnerability is corrected. So this won't become a casual use issue.

Brute force copying will become practicable in the future, but with titles costing $19.99 of less for most HD DVD releases, it just won't affect sales that much.

The perception of a hack to the digital security is the more difficult issue for HD DVD to overcome, but higher profits over Blu-ray will matter far more for the studios.

ckong

12-29-06, 03:49 AM

Bottom line is BD is more secure than HDDVD and this crack further emphasizes the importance of robust security.

PS3 + linux = Hacker's heaven :) Bottom line:BD is as vulnerable as HD DVD rite now without the deployment of BD+.......

Dahlsim

12-29-06, 04:10 AM

PS3 + linux = Hacker's heaven :) Bottom line:BD is as vulnerable as HD DVD rite now without the deployment of BD+.......

Video Game consoles are always big hacking targets, just check out the 'scene' sites to see how much energy is already going into cracking the consoles. This generation the PS3 will be the most enticing target with it's ability load a new operating system, esp. Linux, and with the easy access to swap in larger harddrives.

How-To Dump Blu-ray Movies On Your PS3 (http://www.gizmodo.com/gadgets/home-entertainment/howto-dump-bluray-movies-on-your-ps3-218320.php)

PS3 Linux: Blu-ray movies pirates heaven? (http://ps3.qj.net/PS3-Linux-Blu-ray-movies-pirates-heaven-/pg/49/aid/74968)

While no details have been mentioned as to how, who, and when these occurred, it doesn't really take a genius to figure out that in as much as the PS3 promises to make things gaming and a whole lot of other activities much easier, it also inadvertently opened up a whole new gateway for easier pirating. By simply putting the file on the hard drive, it is not entirely far-fetched that someone would soon figure out a way how to burn them Blu-ray movies.

Kosty

12-29-06, 05:37 AM

About AACS and HD DVD from Mark Knox

http://tvs.consumerelectronicsnet.com/articles/viewarticle.jsp?id=37654

In the case of AACS, there’s a lot more than one set of keys, and each entity in the chain has its own key. The content has a key. Your unique player has a key. A playback software package for the PC has the key. And all the keys have to fit into the lock, or it doesn't work. If someone does somehow manage to hack the key, what happens is all our engineers need to see is one example of the hack, one pirated desk, one download from the Internet of video that he put on the Internet by using the key, and the engineers can back calculate the exact identity of the key that was used to do that naughty thing.

...In addition, after they've identified which key was used illegally, every time a new disk is made, it contains the equivalent of wanted posters in the post office. It says, these keys are no longer valid, so let's say some Finnish teenager hacks the keys on a player, and he puts out an illegal video of Batman Begins. What will happen is, we'll see that illegal video over the Internet, or will pick up a pirate disk of the streets of Manhattan, we will calculate what the key is, and we'll add that wanted poster to the next desk, and when he goes to write Harry Potter And the Goblet of Fire, it won't play on his machine...

No, what will happen is, his player will still play Batman Begins, because his key is not on the Batman Begins disk as being a bad key. But there's a set of data called the media key block, and every time a new disk is made, the replicator gets the latest listing from the ACS Group. And that new listing goes onto each new piece of software that goes out to the market. So what it means, unlike CSS—which we learned means Can't Stop Stealing—this system is renewable. So if that key does get hacked, then any future releases of the studio are protected. Beyond that, we can give the studio a forensic trail so they can make a very good case in court if they catch that person, if that indeed is the person who's responsible for that specific illegal copy.
So if I understand this correctly. So far no harm has been done because no illegal copies of these movies have been distributed. The few people that have the two software media players will soon have to have an update to play any newly released HD DVDs as their current player keys will be on a black list for new titles.

If any decrypted copies of the HD DVD movies are released, they will have some sort of unique watermark associated with the specific installed hardware/software combination that did the unencryption that can be forensically traced to the user?

I went to the site and read the hackers FAQ. Also there were no keys anywhere and others have not been able to duplicate his results. The keys shown on the video are hex values not actual keys.

No one has actually executed this and posted any HD DVD content.

Anyone who has the software program will only be able to play the currently released HD DVD discs on their PC or burn them. as soon as the keys get updated , they won't be able to play any newer disks.

No information is given on how he got the keys out of memory.

It seems that if this is true and a sloppy implementation of the software player is allowing the media key to be seen, then the system in AACS is designed for this and will revoke the player key, vulnerability is limited, and a watermark will allow for tracking of any uploaded content.

Isn't this the way it is supposed to work?

BTW, has their been any actual verification that this is real and not just a hoax?

Kosty

12-29-06, 05:55 AM

Couple other comments from the Doom9 site

Well, the players aren't adhering to AACS spec if the decrypted title key can be snooped from RAM, although that does call into question the ability to have a PC-based player. The spec basically says that the decrypted title key should be discarded if the disc is ejected, power is lost, an AACS boot sequence initiates or the player stops. I would think a memory dump or a freeze of a process to inspect its memory contents would constitute stopping the player!

Anyway, getting the volume id is easy enough but I'm still searching for the right title key from a ram dump of windvd hd. For all I know, WinDVD has gotten it right and the decrypted key just ain't there.

It's not a crack, not a hack, nor was a weakness of the encryption (AES 128) found. It's just a weakness of the player which delivers the keys esier than it should. This was somewhat expected by the industry and that's what the revocation list is for.

The encryption scheme doesn't need to be changed since it was not compromised. If we have really bad luck, PowerDVD will be blacklisted by entering a newly released HD-DVD in the drive in the next 1-3 months. If then nobody is able to read the keys from another player, we're were we started at.

HD-DVD doesn't allow changing the encryption algorithm. BlueRay however does. But then again, it's unlikely that AES 128 gets hacked in the next years.

namechamps

12-29-06, 09:03 AM

How many of the people posting here actually read the original forum post by the author.

No device keys were compromised. He hasn't found a method to crack AACS. The software he released will decode an HD DVD file IF YOU HAVE the AACS Title key.

He has released the titles keys for a few movies the current software foolishly keeps the title key in memory.

All that is needed to fix this issue is to release a new version of powerdvd and/or windvd that doesn't leave cryptographic information in plaintext where it can easily be found by a memory dump. Then the device key for the flawed version can be revoked to make the current flawed version incompatible with future releases. All current owners can simply download the upgraded version to play future releases.

Will this work on BD? There is no technical reason why this exploit will not work on BD titles also. What is unknown is if the poor programming is limited to HD DVD version or if it occurs on BD version also. If both versions share a lot of code it is entirely possible the flawed AACS decode logic is included in both versions. If the BD version of the software keeps the title key in memory than a "backupBD" software could be created with ease. The "hacker" who found the title key in memory simply doesn't have a BD drive so he never looked.

Just to clarify a lot of FUD on this foum no software has been released to extract a title key from an encrypted movie. Current titles keys are simply "found" in memory by doing a memory dump while the software player is running. Without the title keys the software the author released is useless. It would be like me selling you a device to unlock you front door except it requires the key to your front door to work.

While future releases can be protected quickly all current HD DVD title keys can be extracted even after the device key is revoked for future movies. If the BD version keeps the key in memory the same thing can/will happen for BD releases to date.

mikemorel

12-29-06, 09:06 AM

Which of these scenarios do you think is better for studios? You are foolish if you think that this scenario hasn't been hypothesized.

Amir: Again, I have to laugh at anything Microsoft (you) say regarding DRM. Obviously you ignored my previous post on this issue, so I won't repeat myself again.You should really listen to yourself from someone else's point of view...

d3code

12-29-06, 09:54 AM

amirm.

if i understand your post correct. "Well, you think I took a position which I did not. I didn't say HD content should be distributed without copy protection. I said that we don't need too much copy protection. As long as we provide good enough safeguards so that large majority of people purchase content rather than steal it, our job is done. Putting more copy protection in there just antagonizes consumers, retarding the market growth."

in other words. xbox360 games can easily be copied. but since microsoft cares about market growth more then about security for their games. it is alright to copy the games. because other people will buy more xbox360 systems? so more systems sold means bigger market growth?

i always expected this from microsoft, but i never thought microsoft would really do this. but at least it makes sence now. because microsoft takes no action at all to stop piracy for xbox360 games. so why would microsoft also would stop action against piracy for the hd-dvd addon? because as you say it. it is all about marketgrowth.

and if hd-dvd can really be copied, then more hd-dvd players will be sold. so more marketshare as long as majorty buy orginal movies. then in your words. that is alright.

does everyone still wonders why other movie companies are not supporting HD-DVD yet??? there is your answer!

Capeta

12-29-06, 10:43 AM

If I were the BD camp, I would be more worried that this muslix64 guy is going to have a go at BD-ROM next rather than celebrating that the HD DVD camp got 1337 h4][0red or something, because BD uses the exact same AACS as HD DVD and right now they are functionally completely identical since BD hasn't implemented BD+ yet and ROM Mark is useless for this kind of thing.

Haha :D

No, the right analogy is if someone drives through your front door with a car, why you think the second lock does anything for you. :).

Hehe :D

Michael Grant

12-29-06, 11:06 AM

Kosty, you're right on the mark in your comments above. AACS hasn't been hacked in the least. It's very design anticipates the exact action that has been taken here, and can compensate for it through key revocation and signature tracking.

Yes, it does mean that existing titles can be cracked and released in the wild; but again, that consequence was anticipated and accepted as reasonable by the AACS folks in exchange for the flexibility of usage. Or would we all rather have had them forbid all PC playback, all managed copy, etc. etc.?

It's kind of like criticizing a bulletproof vest for allowing the impact of a bullet to leave a bruise. Uh, well, yeah... you got SHOT, man! Or would you rather walk around in a tank?

wormraper

12-29-06, 11:10 AM

scaesare

12-29-06, 11:29 AM

I say again, this is not an AACS hack. It will be the catalyst for the first true test of teh AACS Key Revocation process.

(And inidentally, I highly doubt this will spur any BD+ action... why would it if AACS is already capable of dealing with the issue?)

John Kotches

12-29-06, 11:35 AM

Butler5

12-29-06, 12:04 PM

BuGsArEtAsTy

12-29-06, 12:14 PM

Much of this would be of much less interest to many consumers if managed copy were actually implemented.

Now, I am not condoning copying discs -- but this is a good intellectual exercise. One has to wonder about the economics of such a path at this time. Blu-ray burners are $500+/each and (in bulk) the media is about $15-35 dollars depending on whether you go with single or dual layer. So you have to burn a lot of discs just to break even, unlike with DVD. I don't even know what the costs are for an HD-DVD burner and dual layer media; but I wouldn't be surprised if prices are comparable.

Let's assume that your rental cost is $5/disc and you're just copying for yourself. Your purchase cost is $25/disc. So you save $20/disc but a minimum of $15 of that is eaten up in media costs presently. If you have to go dual layer you're losing money. Okay, so on single layer discs, you have to copy >100 discs to hit the break even point and we haven't touched the authoring software. Keep in mind, I said this was for yourself and that you aren't commercially pirating. I don't want to get into the arguments about the legality / ethics of this. This is strictly addressing the economic side of things.
This economic argument is irrelevant. The same arguments were used for CD and DVD copying.

For the record though, I don't think this AACS hack really is as significant in the greater scheme of things... as a hack. It's certainly not anywhere near as significant as DeCSS was for DVD. It's more significant to get the internet forums excited. :p

P.S. One thing I learned researching this... The player key is unique to the individual player, NOT just the version/model of the player. So, it seems it's gonna be somewhat hard to track down which individual copy of PowerDVD 6.5 with HD it was and revoke that key. I suppose they could decide to revoke ALL 6.5 keys though when Cyberlink releases 6.6. This would be a pain, but would be feasible with PC software, especially if there were a message that pops up telling the user to do the upgrade. It would be much harder with standalone players, but it's unlikely many of the future hacks will be with standalone players.

amirm

12-29-06, 12:20 PM

amirm.

if i understand your post correct.
I am afraid you didn't :).

"Well, you think I took a position which I did not. I didn't say HD content should be distributed without copy protection. I said that we don't need too much copy protection. As long as we provide good enough safeguards so that large majority of people purchase content rather than steal it, our job is done. Putting more copy protection in there just antagonizes consumers, retarding the market growth."

in other words. xbox360 games can easily be copied.
How did you go from what I said to 360 games being easy to copy? If they are easy to copy, our sales may go down to zero or near it. And we would have stop the production of the system. That is not what I said. What I said is the standard operating practice for anyone distributing content (whether it is movies or software) that the business can stand certain amount of "leakage" (lost sales). At some point, the leakage becomes so bad that the business does not make sense. At the other end of the spectrum, there is another point after which, the cost of reducing leakage becomes higher than the gain in revenues. This is the point I was making. That you don't want to go crazy and attempt to produce a zero leakage/piracy business as that a) may not be technically possible or b) users may not go for it. Both of these factors cause you to fail.

We are very proud of the modern architecture of AACS and its countermeasures against attacks. But we could have easily gone to higher levels. Let me give you an example. Let’s say the copy protection of the system required that you only order discs online which we could make on demand, by embedding your name, social security number, and credit card number. We would then ship the disc to you but prior to playing it, you would have go online and authenticate yourself. Said system then would embed multiple watermarks in the audio/video streams (which could be audible/visible) with all of the above info as to allow any piracy from your machine to be tracked to you personally (this is close to how the Emmy award leakage was discovered btw and includes some of the measures from the failed Divx format). Furthermore, I could make sure that you can not play the movie back to back as that would indicate maybe that others are playing the same movie. So I would force you to wait a week or two to play the movie between viewings.

Now, the above system is clearly, clearly more secure than what AACS can handle. But it also crosses the line that I mentioned in stifling market growth. The consumer backlash would be huge and the system while more secure, would fail in the marketplace. Yes, I know, the example is rather ridiculous but given how many times we have gone around this with you all accusing us of hypocrisy, I thought it is important to see that there is a place where you do have “too much DRM.”

Now as you weaken these measures, the “bright line” goes away and you wind up with a judgment call of whether you have gone too far. This is why I said it was important to have a consensus view of multiple companies in the form of DVD Forum/AACS evaluating the gain, versus consumer inconvenience/fear for any proposal. BD+ went through this due diligence and didn’t make it. Maybe it was a bad call, maybe it wasn’t. But it was not Microsoft taking a stance, but the industry doing so, based on what is the best compromise for all the people involved. Your continued instance to say we are the sole judge here grossly distorts the history.

but since microsoft cares about market growth more then about security for their games. it is alright to copy the games. because other people will buy more xbox360 systems? so more systems sold means bigger market growth?
No it doesn’t because we don’t make money from the console, but the games. So if everyone steals a copy of the game, we lose money and have to stop production.

Each business model has its set of characterizations here. Apple makes all their profit from iPod so they essentially give away the songs at 99 which only covers their cost. So in their case, free songs (i.e. downloaded MP3s) are just fine to them. Not so in case of Xbox, PS3, etc.

i always expected this from microsoft, but i never thought microsoft would really do this. but at least it makes sence now. because microsoft takes no action at all to stop piracy for xbox360 games. so why would microsoft also would stop action against piracy for the hd-dvd addon? because as you say it. it is all about marketgrowth.
Market growth without profit is useless. I am sure you know that but it seems that in the haste to make such points, logic is thrown out of these arguments.

and if hd-dvd can really be copied, then more hd-dvd players will be sold. so more marketshare as long as majorty buy orginal movies. then in your words. that is alright.
If movies can be copied readily, HD DVD will die. Same thing will happen to BD. The leakage has to be small enough to be tolerated. Today, we have an example of this with ICT where full resolution analog output is allowed. There is already equipment to capture that signal but by the time you recompress it and use it, the hassle factor becomes high enough that you do not lose significant amount of sales. Hence the reason the flag is not set today. The cost benefit ratio is not right to do so, given the angry reaction of early adopters and now, making Xbox 360 less functional.

does everyone still wonders why other movie companies are not supporting HD-DVD yet??? there is your answer!
We don’t have our place in this industry by having so little understanding of it as you so claim. We would have never been invited to be a founding member of AACS if your assertions are right that we have an attitude of allowing flagrant copyright infringement.

The bottom line is that Microsoft has a balanced view here. We 100% defend the need to have sufficient copy protection on these formats as to create a thriving market for both content owners and movie consumers. That balance must be met. In the process, there will be compromises for each side. We are not forcing you to login to the internet to play every movie. But at the same time, would not have designed AACS to break once and stay broken forever, even though that would have been simpler and easier to design and maintain. There are companies and people who are more extreme than us in this situation. And that is fine and healthy as it forces good dialog. But at the end of the day, you are going to see us shy away from extremes on either side.

Rob Zuber

12-29-06, 12:23 PM

No, the right analogy is if someone drives through your front door with a car, why you think the second lock does anything for you.The problem is that you (a Microsoft insider) say one thing, and paidgeek (a Sony insider) says exactly the opposite. But neither of you are willing or able to discuss the technical details, so I'm not sure that continued discussion of this is useful. I have no rational or logical basis on which to judge analogies from either side.

amirm

12-29-06, 12:27 PM

The problem is that you (a Microsoft insider) say one thing, and paidgeek (a Sony insider) says exactly the opposite. But neither of you are willing or able to discuss the technical details, so I'm not sure that continued discussion of this is useful. I have no rational or logical basis on which to judge analogies from either side.
Actually, I am willing to discuss fair amount. And I will do so with a more extensive posting here later. It would be great if paidgeek engages but something tells me it is difficult for him/her to do so....

Capeta

12-29-06, 12:39 PM

Sounds like you are saying we are powerful enough to have the DVD Forum rules thrown out the window. One wonders then why there are three video codecs in HD DVD, rather than just VC-1 if we have such a stronghold over the forum. Or why it does not use any of our audio codecs. Let me break the news then. BD companies have amazing power in DVD Forum. They hold majority vote. They can override us in a heartbeat...

Exactly!! One wonders why each DVD Forum meeting is preceeded by a speech from lawyers. I think we need to thank the BD companies for that. :D

We are very proud of the modern architecture of AACS and its countermeasures against attacks. But we could have easily gone to higher levels. Let me give you an example. Let’s say the copy protection of the system required that you only order discs online which we could make on demand, by embedding your name, social security number, and credit card number. We would then ship the disc to you but prior to playing it, you would have go online and authenticate yourself. Said system then would embed multiple watermarks in the audio/video streams (which could be audible/visible) with all of the above info as to allow any piracy from your machine to be tracked to you personally (this is close to how the Emmy award leakage was discovered btw and includes some of the measures from the failed Divx format). Furthermore, I could make sure that you can not play the movie back to back as that would indicate maybe that others are playing the same movie. So I would force you to wait a week or two to play the movie between viewings..

Hey I'm all for HD movie players which require fingerprint scans prior to watching HD movies. Then again maybe hardcore hackers will resort to hacking off poeples' fingers, clone and grow them in cultures like they currently do with organs, then sell them on the black market as key fobs? :D