AVS Forum banner
Status
Not open for further replies.
1 - 12 of 12 Posts

·
Premium Member
Joined
·
11,869 Posts
Discussion Starter · #1 ·
I am would like to be able to disable the "downrez" ability of my stb as I am sure almost all of you would like to as well. I'm sure sooner or later someone will come up with a solution to perform this if it already does not exist. I have searched around to find out some info on this but have been unable to locate any information. Does anyone have any information on this? Your thoughts?


------------------

Kipp


IS THAT A REMOTE CONTROL IN YOUR POCKET OR ARE YOU JUST HAPPY TO SEE HDTV?
 

·
Registered
Joined
·
2,289 Posts
I'm no lawyer, but that does sound as though it would be a DMCA violation. Perhaps somebody with a deeper understanding of the law could comment?


------------------

Mike Kobb

(Formerly "ReplayMike", but no longer affiliated with the company; these opinions are mine alone.)
 

·
Registered
Joined
·
9,196 Posts
I believe as well that such information would be illegal to publish under the DCMA. But that never stopped things like this either.


The major issue as I see it is not legal but technical. No doubt the down rez circuit is inside some ASIC where it is not accessable. In other words, the 5C decrypter, MPEG decoder, 1394 interface, and analog DAC is all inside the same chip. The down rezzing filter would be before the DAC section but you can't get to it. In addition to the hacking prevention, it is actually cheaper to build the box this in this fashion anyway.


Any hack will most likely be some form of protocol filter/convertor that takes the enctypted 5C MPEG stream and turns off the image constraint, and put's it back into the decoder chip. That too may be next to impossible. I doubt it's a simple bit field to control this. It could be as comples as a completely different key needed to turn off image constraint.


Time will tell.
 

·
Registered
Joined
·
20,517 Posts
Quote:
Originally posted by Glimmie:
Any hack will most likely be some form of protocol filter/convertor that takes the enctypted 5C MPEG stream and turns off the image constraint, and put's it back into the decoder chip. That too may be next to impossible. I doubt it's a simple bit field to control this. It could be as comples as a completely different key needed to turn off image constraint.


Time will tell.
The main poster's STB (I'm assuming that it's one of the the "booby trapped" DIRECTV and DISH Network DBS boxes) probably won't be fixable. HD is entering it from the DISH in a proprietary encrypted form and the STB is deciding what to do with it, according to the CCI flags in elementary MPEG-2 streams and possibly DTCP_descriptor packets encoded in MPEG-2 TS (an adaptation of an ATSC extension to MPEG-2 TS--if the STBs know how to read these, they can find out the copy-protection status of the elementary streams without decoding them individually).


I don't think that the combined 1394-interface/5C-decrypter/MPEG-decoder on-a-chip thing exists today. The chipsets that I've heard about are split--a 1394-interface/5C-decrypter/encrypter that doesn't know the protocol and a protocol control chip that does the authentication math and handshaking. All of this would feed an MPEG decoder on a display or some other sink with DVI/HDCP and/or analog HD outputs, and they'd all be tied together with some kind of controller CPU. In the future, the whole mess probably can be reduced to a single chip, along with a fair size buffer, which would be much more physically secure.


As for some kind of illegal box, it'd have to be a "filter". It would establish a connection with a source of copy-protected content, decode the decrypted MPEG-2 and output it however it wanted to. However, it would have to have working certificate signature keys, which, once the DTLA found out that they were being used this way, would be put on the Certificate Revocation List, which the DBS or cable STB would pick up from the satellite transmissions or headend and HD prerecorded media players would pick up from new recordings. Once one of your toys picked up a list with the illegal box's signature keys, they'd propogate it to the others and eventually none of them would talk to it. Of course, the box could be designed with programmable keys, but the DTLA is assuming that key compromises will be far and few between.


-- Mike Scott



[This message has been edited by michaeltscott (edited 10-09-2001).]
 

·
Registered
Joined
·
9,196 Posts

Originally posted by michaeltscott:


Quote:
Originally posted by Glimmie:



I don't think that the combined 1394-interface/5C-decrypter/MPEG-decoder on-a-chip thing exists today. The chipsets that I've heard about are split--a 1394-interface/5C-decrypter/encrypter that doesn't know the protocol and a protocol control chip that does the authentication math and handshaking. All of this would feed an MPEG decoder on a display or some other sink with DVI/HDCP and/or analog HD outputs, and they'd all be tied together with some kind of controller CPU. In the future, the whole mess probably can be reduced to a single chip, along with a fair size buffer, which would be much more physically secure.


-- Mike Scott



[This message has been edited by michaeltscott (edited 10-09-2001).]
There is a risk (to them) if the MPEG decoder is a seperate chip under control of an external CPU. (external means via an internal buss). Image constraint must be done on the decrypted data. Therefore the filter section would be inside the MPEG decoder before the DACs. The problem is that registers must be set in the decoder chip to control image constriant. These could be set externally by accessing the CPU buss, either parallel or serial. If the image constraint is a seperate chip, even with the DAC built in, that means un-enctryped data is open on the PC board. I beleive that is not allowed in the spec.


 

·
Registered
Joined
·
20,517 Posts
Quote:
Originally posted by Glimmie:
If the image constraint is a seperate chip, even with the DAC built in, that means un-enctryped data is open on the PC board. I beleive that is not allowed in the spec.
The spec that talks about this, the Adopter's Agreement, allows for possible implementations in PC Software--that would require that decrypted data exist in the memory a general purpose computer, in which any number of arbitrary other prograrms are loaded--to my mind a much scarier prospect, security-wise.


In any case, the section of the Adopter's Agreement that describes what measures should be taken for hardware states the following (excuse the lengthy quote, but I had a hard time picking out a relevant subsection):
Quote:
3.3 Hardware. Any portion of the Licensed Product that implements any of the content protection requirements of the Specification or Section 2.2.1.2 of Part 1 of Exhibit B in Hardware shall include all of the characteristics set forth in Sections 1 and 2 of this Exhibit C. For the purposes of these Robustness Rules, "Hardware" shall mean a physical device, including a component, that implements any of the content protection requirements as to which this Agreement requires that a Licensed Product be compliant and that (i) does not include instructions or data other than such instructions or data that are permanently embedded in such device or component; or (ii) includes instructions or data that are not permanently embedded in such device or component where such instructions or data have been customized for such Licensed Product or Licensed Component and such instructions or data are not accessible to the end user through the Licensed Product or Licensed Component. Such implementations shall:

3.3.1 Comply with Section 1.3 of this Exhibit C by any reasonable method including but not limited to embedding Device Keys and Highly Confidential cryptographic algorithms in silicon circuitry or firmware that cannot reasonably be read, or employing the techniques described above for Software.

3.3.2 Be designed such that attempts to remove, replace, or reprogram Hardware elements in a way that would compromise the content protection requirements of DTCP (including compliance with the Compliance Rules and Specification) in Licensed Products would pose a serious risk of rendering the Licensed Product unable to receive, decrypt, or decode DT Data. By way of example, a component that is soldered rather than socketed may be appropriate for this means.

3.4 Hybrid. The interfaces between Hardware and Software portions of a Licensed Product shall be designed so that the Hardware portions comply with the level of protection that would be provided by a pure Hardware implementation, and the Software portions comply with the level of protection which would be provided by a pure Software implementation.

3.5 Level of Protection. "Core Functions" of DTCP include encryption, decryption, authentication, the functions described in Sections 2 (excluding Sections 2.2.1.1 and 2.2.1.3), 3 and 4.4.1 of Part 1 of this Exhibit B and Sections 2.3 and 3 of Part 2 of Exhibit B, maintaining the confidentiality of Highly Confidential cryptographic algorithms and Device Keys and preventing exposure of compressed, Decrypted DT Data. The Core Functions of DTCP shall be implemented in a reasonable method so that they:

3.5.1 Cannot be defeated or circumvented merely by using general-purpose tools or equipment that are widely available at a reasonable price, such as screwdrivers, jumpers, clips and soldering irons ("Widely Available Tools"), or using specialized electronic tools or specialized software tools that are widely available at a reasonable price, such as EEPROM readers and writers, debuggers or decompilers ("Specialized Tools"), other than devices or technologies whether Hardware or Software that are designed and made available for the specific purpose of bypassing or circumventing the protection technologies required by DTCP ("Circumvention Devices"); and

3.5.2 Can only with difficulty be defeated or circumvented using professional tools or equipment, such as logic analyzers, chip disassembly systems, or in-circuit emulators or any other tools, equipment, methods, or techniques not described in Section 3.5.1 such as would be used primarily by persons of professional skill and training, but not including professional tools or equipment that are made available only on the basis of a non-disclosure agreement or Circumvention Devices.

3.6 Delivery of Decrypted DT Data to the functions described in Part 1 of Exhibit B, Sections 4.2, 4.3, 4.4.2 and 4.6 shall be implemented in a reasonable method that is intended to make such functions difficult to defeat or circumvent by the use of Widely Available Tools, not including Circumvention Devices or Specialized Tools as defined in Section 3.5.1.
As I read this, transmission of decrypted data over internal busses would be perfectly acceptable, since interception of it would be very difficult and would require "professional tools or equipment". Picking signals off a wave soldered, surface mounted wafer-thin chip with hundreds of pins is no mean trick without a custom probe and a logic-analyzer, and could be made more difficult by covering the thing in epoxy and making sure that all decrypted data travels over busses implemented on traces on the inner layers of your board.


Check out this datasheet for a TI product. Under the heading "2.2 Key Features" on page 13 of the PDF, we have the (sub)bullet: "– Connects seamlessly to common MPEG2 decoder chipsets". (The diagram on page 15 is also interesting, since it describes an A/V network where MPEG2 is only decoded in the television, which seems to be Mitsubishi and Sony's vision).


You could also put a sensor on the cabinet of the device that you can't help but trip when removing the cover and which the software on your device detects and refuses to operate on the A/V network until it receives a service code somehow (perhaps through a USB dongle or the Memory Stick interface in Sony's TVs). The Dell PC in my office at work can tell when its case has been opened.


-- Mike Scott


[This message has been edited by michaeltscott (edited 10-10-2001).]
 

·
Registered
Joined
·
9,196 Posts
You make very good points. I think the real hackers will attempt these things just for the sport of it! I sounds like a lot of fun for some people, espicially the case issue. I can see it already, the first paragraph in the hack instructions will be where to drill holes in your case to bypass the "case-open" sensor.
 

·
Registered
Joined
·
20,517 Posts
Quote:
Originally posted by Glimmie:
You make very good points. I think the real hackers will attempt these things just for the sport of it! I sounds like a lot of fun for some people, espicially the case issue. I can see it already, the first paragraph in the hack instructions will be where to drill holes in your case to bypass the "case-open" sensor.
Yes, hacking is a sport. The DTLA recognizes that and realizes that there will be successful hacks. However, they think that due diligence and legal prosecution will take care of these--they have the DMCA, and I feel that, while it goes too far and may be thrown out, it will be rewritten and some effective form of it will survive--it should be illegal to distribute, sell and use software and hardware whose sole purpose is to circumvent technological attempts by copyright holders to protect their IP. Talking about or describing such, on the other hand, is protected by constitutional free speech guarantees.


I heartily support the recent crack-down on folks openly selling hacked POD cards to steal DIRECTV on the Web. The way that had gone on for years was just plainly disgusting. If anything justifies the existence of the DMCA, its use in that operation does.


All the copyright holders hope to accomplish with DTCP is to prevent the sale and distribution of permanently effective devices for circumventing copy-protection. Isolated leaks and concomittent lose are going to happen from time to time and they realize that. But in the NTSC/VHS world it happens many, many thousands of times each day.


-- Mike Scott
 

·
Registered
Joined
·
9,884 Posts
I'm assuming the needed cracks will be posted on the Internet soon after (if ever) this becomes common. I'm also assuming the movie industry knows this too, though maybe I'm giving them too much credit.


But this time it may be somewhat different from, say, getting a hacked DirectTV or cable box. Many of us, myself included, would consider it stealing to illegally receive cable or satellite this way.


But how many of us would really consider ourselves criminals if we hooked our current TV's & projectors up to an STB in a way that just made the picture better?


So I don't think the laws restricting converter boxes will have any popular support. Just openly selling these boxes will be a problem but instructions for making them and buying them from your local high school students may become common.


And of course please don't bother to explain again why it won't be technically possible to make these converter devices. http://www.avsforum.com/ubb/wink.gif


But the major net loss here is probably that content providers will know that most people can receive only down-rezzed material. So that's all they will usually be providing, even if you do have a legal digital connection. They can save the bits, and possibly also get a price break from the movie distributors.


- Tom


------------------
Getting started with HTPC:
HTPC FAQ , DScaler , Xcel's Links , and
The Anti-DMCA Website .
s>
And Free Dmitri Sklyarov!s>
 

·
Premium Member
Joined
·
11,869 Posts
Discussion Starter · #10 ·
TRBARRY,

I agree that it is not stealing if you are legally receiving a signal and simply make the picture quality better. You already have paid for the product, why only get half of what you paid for.


------------------

Kipp


IS THAT A REMOTE CONTROL IN YOUR POCKET OR ARE YOU JUST HAPPY TO SEE HDTV?
 

·
Registered
Joined
·
3,733 Posts
If the copy protecting crowd gets there way,which i think they will as they are making progress.


In the future most people will be able to recieve the high res signals thur their firewire equipment as this standard takes over.


so I don't see the networks stopping high res content, as the future sets with have the connections to show the content in high res; and someday more people will have these instead of the anolog setsout there now.
 

·
Registered
Joined
·
20,517 Posts
Quote:
Originally posted by trbarry:
I'm assuming the needed cracks will be posted on the Internet soon after (if ever) this becomes common. I'm also assuming the movie industry knows this too, though maybe I'm giving them too much credit.
I think that this is a poor assumption. I'm not a cryptographer (but I play one ... http://www.avsforum.com/ubb/smile.gif )--however, I have worked with cryptographic techniques in my work with large-scale internetworking devices in the past. The equipment that I was helping to produce is used to build the phone networks and the Internet backbone. This is just as much in danger of hacking as anything else.


You will note that while someone has already announced that they believe that (given access to half a million dollars worth of equipment for two weeks, the space to set it up and the power to run it, an investment that I'd suggest is beyond the reach of the casual hacker or anyone who would just post his results on the Internet for free) he can crack HDCP. I assure you that the weakest part of DTCP (partial authentication for receipt of "Copy One Generation" and "Copy No More" content") is stronger than HDCP and will require more effort to crack. The Full Authentication required to receive "Copy Never" content is much, much stronger still. I suggest that it will be much easier to steal keys from the manufacturers who've bought them for installation into their products than to break these protocols. And being in possession of a device that incorporates this stolen information is being in possession of stolen property, which is a crime, whether you're using it to convert content that you've properly paid for or not.
Quote:
But this time it may be somewhat different from, say, getting a hacked DirectTV or cable box. Many of us, myself included, would consider it stealing to illegally receive cable or satellite this way.


But how many of us would really consider ourselves criminals if we hooked our current TV's & projectors up to an STB in a way that just made the picture better?
I wouldn't consider you to be criminals for using these devices in that fashion. However, any such device could be used to create a freely reproducible digital copy of copy-protected content; having created such a thing it is inevitable that it would be used for that purpose, which you have already admitted is illegal. Why would you buy something with a primary illegal use? (Actually, your use of it would be illegal under the DMCA, but we'll just wink at that for the moment).
Quote:
So I don't think the laws restricting converter boxes will have any popular support. Just openly selling these boxes will be a problem but instructions for making them and buying them from your local high school students may become common.
I've read the specs and I have some light background in the area and I doubt it. Like I said, it will be easier to steal keys than to "crack" these protocols. And this security is self-healing--when they discover that keys have been stolen (and they will if these hypothetical boxes are widely distributed), they will put them on the CRL, and your legitimate devices will slowly absorb that knowledge through cable or DBS transmissions or new prerecorded media and will stop talking to your illegal device. The "adapters" could be reprogrammable, but one would hope that security leaks in the companies holding the keys would be few and far between--if not, this whole scheme falls apart. Security in the companies holding CSS keys was pretty damn good for many years.
Quote:
And of course please don't bother to explain again why it won't be technically possible to make these converter devices. http://www.avsforum.com/ubb/wink.gif
Why? Because you lack the ability to argue on those grounds?


These "adapters" would not be inexpense to mass-produce--they'll require at least one 1394 connector, an interface chip for same, an HD capable MPEG-2 decoder, the connectors and circuitry for HD component video output, some memory and a fast processor or two, for encryption, decryption and authentication math and a power-supply. You could potentially do it by adding a few interface cards to a fast PC, but I'd want to run the application under DOS--WinDoze has way too much overhead for this, which will be a CPU hog. Legitimate equipment gets to offload the encryption and authentication onto custom chipsets which I assume won't be offered for sale to hackers. This isn't some DIRECTV POD--this thing has to actively, constantly work. Something cobbled together by a hacker using retail parts would be quite expensive--is it worth it?
Quote:
But the major net loss here is probably that content providers will know that most people can receive only down-rezzed material. So that's all they will usually be providing, even if you do have a legal digital connection. They can save the bits, and possibly also get a price break from the movie distributors.
Come again? Are you speculating that they'll down-rez the source form of the content, so that even people with copy-protected equipment will see a down-rez'd image? Somehow, I doubt that that will fly--if they claimed that it was full resolution, many videophiles would know better and complain. Hell, I wonder if some televisions won't incorporate bit-rate meters like in many DVD players? It'd be a popular feature with the technically minded.


The bottom line is that many, many, many more people have to buy into HDTV for it to be considered a success. Less than 1% of homes have purchased sets capable of interpreting HD analog signals (counting "enhanced definition" 4:3 format sets with less than the 1280 horizontal pixels required for the lowest true HD resolution); only 10% of those sets are equiped with HD receivers. The sale of HDTVs, though its been going on for 3 years, has only barely begun--dealers in this country sell nearly as many analog sets in a month as the number of digital sets sold in that entire time. If the studios insist that the premium subscription service and PPV providers transmit only using copy-protected equipment and that prerecorded media players incorporate copy-protected outputs for HD (which the three which have been produced so far do), most of the people in this country who will ever own an HD set will own a copy-protected one and the fact that the current non-copy-protected equipment ever existed will quickly fade from memory.


-- Mike Scott


[This message has been edited by michaeltscott (edited 10-11-2001).]
 
1 - 12 of 12 Posts
Status
Not open for further replies.
Top