Talk:Advanced Access Content System

From Wikipedia, the free encyclopedia

This is the talk page for discussing improvements to the Advanced Access Content System article.
This is not a forum for general discussion about the article's subject.
Article policies

Contents

[edit] Is it necessary to defeat the copy protection in order to copy the media?

I keep hearing from Linux and OSS folks that CSS is not needed to make a raw duplicate of a DVD disk, and therefore the industry claims that "DeCSS causes piracy" are fallacious. Of course the argument omits the side-effect that being able to decrypt a video allows the video to be posted online in file sharing networks in decrypted form, thus greatly contributing to piracy. My question is: is decryption necessary in AACS in order to make a sector-level copy of a disk? If not, then this article is misleading; in particular, the section "Attempts at defeating AACS copy protection" should be renamed, as it would be trivially easy to copy a disk (given the right hardware), and decrypting is a different game altogether (i.e. AACS would have little to do with copying) - Connelly 23:32, 1 October 2006 (UTC)


Reply: DVD's and HD-DVD are designed to a standard whereby there is an area on pressed discs that cannot be burnt on a writable disc. So a bit copy will be incomplete and will not play. So although you can copy a disk, the copy will not play, because the volume key (which goes in that special section) is missing.

Other reply: Yes, you can copy a HD-DVD or BluRay disc bit-for-bit -- after all, it's a physical thing, so it can be copied physically. (Asian pirate companies did this for years before DeCSS.) However, if you want to distribute it in some other form than a plastic disc (usually including transcoding to DivX or whatnot), decryption will almost always be needed. -80.202.213.115 17:43, 15 January 2007 (UTC)

[edit] DeAACS

should someone put in the article that jon lech johanssen is so prepared to crack AACS, as he originally did with DeCSS, that he bought the deaacs.com domain name? 65.32.180.177 09:38, 12 March 2006 (UTC)

I just did - mskadu

[edit] AACS

Is there any particular reason the industry choose a protection format which it appears everyone who understand about content protection seem to think one of the worst formats chosen? Was it price/royalties? Simplicity? They don't really care about protection?

Or is it not that AACS was one of the worst possible content protection systems but that the content protection idea itself is extremely flawed? I would have thought it was the later but they way the article is written at the moment IMHO it suggests AACS itself is one of the worst choices for a content protection system Nil Einne 02:45, 5 June 2006 (UTC)

Reply: robust (as far as is possible) copy protection on movies would involve the use of separate hardware only capable of playing and displaying special movies, and having no other use. That type of approach is not commercially viable and leads to fiascos like the laser disk. Once you have discs that play in stand-alone players, but also have compatible drives and recorders for pc's, and cater for unprotected movies as well (eg. for home movies or where the producer wants people to be able to copy) you have a foundation on which proper working drm cannot be built.

[edit] DVD jon

The statement that Jon Lech Johansen cracked CSS requires attribution. He was certainly involved in the release of the DeCSS code, but to state he was wholey responsible should not be made without a reference to a source.

[edit] Cracked already?

According to Engadget and Doom9 forums its cracked already and a program has surfaced over the internet. It requires some sort of key or hash and the program gets to work by copying its contents to disk News here: http://www.engadget.com/2006/12/27/aacs-drm-cracked-by-backuphddvd-tool/ TREX6662k5 05:33, 28 December 2006 (UTC)


It's not cracked by any sense of the word. A crack would mean that you can decrypt the movie without keys, all this tool lets you do is decode a movie *if you have the key*. The key part of that is, *you need a the key*, and nobody has released a guide on retrieving the keys. OverlordQ 07:10, 28 December 2006 (UTC)
Maybe not a definate crack, but certainly something to start with. If you read over his personal notes, the keys are actually loaded into memory on the PC when the disc is inserted. I don't know if that block of memory is encrypted or not, but it would seem they aren't given how fast this crack came up. Therefore, rather then having certain software or players effected by the dreaded "key revoke" feature, the recording company would actually have to revoke the movie, which isn't possible once its released. Nobody should be surprised by this event, we all knew as soon as it [AACS] entered the PC world that it was only a matter of time until it was cracked. I'd be running for one of those non-extradition countries right about now if I were muslix64 though. Ghostalker 08:44, 28 December 2006 (UTC)
It doesn't really matter whether the AACS keys are encrypted in memory or not. If they are encrypted, they are encrypted with another key that's also kept in memory; and at one point, to actually use the key, it has to be temporarily decrypted. This is the inherent limitation of DRM systems; they can be ridden with obfuscations, but with enough time, they will be reverse engineered and broken — you can't expect something to remain secret if you provide the [potential] attacker with the cryptographic system, the encrypted data and the key to decrypt it. :) However, as OverlordQ pointed out, this is not a "crack", but just a known limitation of the system. -- intgr 12:40, 28 December 2006 (UTC)
That's why they're working on that TPM/TCPA/Palladium/etc. stuff. To lock the memory storing the keys so that only the program which "owns" that memory can read it. Of course, that does nothing to protect the copy of the key stored in the program on disk. Even if the disk were locked, there's always packet sniffing of a download or putting the install CD into a TPM-free machine. --Ssokolow 00:12, 7 January 2007 (UTC)
Is that illegal what he did.. if i cracked (or whatever he did) something i wouldn't publisize it to slashdot,digg,and others like he did.. i would wait until HD And blue-ray and whatever else have matured and most videos are already out, then i would release the crack and tear a new hole in these industry crooks, seems like releasing it when these formats are not heavly used yet was sort of a mistake.. but i'm glad someone did it ATLEAST! ~ 75.15.252.19
Thats the problem with the law (directed at this post above me, since they didn't sing their comment). The DMCA prohibits circumvention of copyright methods (like CSS, Macrovision, DRM, etc) but according to Fair Use laws (the same kind that allow Wikipedia to run), it is perfectly legal for you to make a copy for backup purposes. So really, it depends on the use of this program. VCRs faced this problem when they came out years ago (see Sony Corp. of America v. Universal City Studios, Inc. ). Of course, the same applies for DVD's and yet LightningUK got sued into collapse by the RIAA also. It's really up to the recording industry whats legal and whats not anymore. I suspect that depsite its fair use abilites, the RIAA and MPAA will use the DMCA card and have this kid sent to a prison on some god forsaken island. I'm all for them protecting their assets, but when it infringes on my rights as a consumer, theres a problem. - Ghostalker
Contrary to popular belief, people also happen to live live outside the U.S., and despite what your government might want you to believe, the U.S. laws don't have any effect outside the country. Many countries don't have DMCA-equivalent laws and some even explicitly permit reverse engineering for compatibility purposes. So it really depends on where the person lives. -- intgr 03:24, 29 December 2006 (UTC)
Talking like that is going to generate a flame war in here intgr. The international factor was not taken into consideration because in America the recording industries are notorious for arresting little 9-yr old girls, grandmothers... and a few weeks back issued a subpoena to some WW2 veteran who has been dead for 6 months (and the recording company stands by their claim he was a pirate, and it wasn't a case of mistaken identity). So the reason we're using American laws is because your laws are better written and easier to understand. We're not ignorant to the rest of the world, but our country has been purchased by certain industries, so we're concerned with our home front first, rather then others. - Ghostalker
Actually the DMCA is pretty far reaching via the WTO and such. So to say US laws have little effect outside the US (when referring to the DMCA) is pretty misleading and in some cases flat-out false. - 81.178.71.235 00:51, 8 January 2007 (UTC)
Ok sure it isnt completely cracked since it does require decryption but a HD-DVD title is AFAIK going to have the same volume key. Distributing this and say the contents of a HD-DVD does almost break the purpose of AACS (They could blacklist those volume keys and at the same time blacklist thousands of HD-DVD titles but thats not pratical) TREX6662k5 01:06, 5 January 2007 (UTC)


As at 14th January 2007, title keys for nearly 40 movies have been released onto the net, and at least one movie is available for download from a bit torrent. The keys have probably been published in a place where the DMCA does not apply. Now the keys are out, the genie is out of the bottle on those movies - and indeed any others that have already been manufactured. Revoking title keys means that new masters will have to be made for all other titles - at tens of thousands of dollars per title. The fun has only just begun.

[edit] Moved Stuff

Masakazu Honda @ ITMedia reports about the final review version of the AACS contents management system BluRay Region Coding Announced - Japan & US Same Region Code

Question asked by 207.148.211.18 (talk contribs) that i moved from the main article:

Is there a WikiPedia page for "BD+" dynamic encryption scheme? I couldn't find one other than Blu-ray_Disc#Digital_Rights_Management

You may like to read about this http://gear.ign.com/articles/691/691408p1.html Restrictions on older HDTV for BluRay and HD-DVD by AACS

Yes, there's an article titled "BD+". :) -- intgr 15:29, 28 December 2006 (UTC)

[edit] Hollywood's take on this

I may not be looking at the right sources, but I haven't heard a responce from hollywood, aka microsoft, disney, yadda yadda.. My guess is that they will take legal action, change liscence agreements or try to form some aliances with outsiders, I have doubt they will just drop the ball and let Fair use and freedom reign for the people. —The preceding unsigned comment was added by 71.131.129.96 (talk) 02:40, 1 January 2007 (UTC).


Reply: the original revelation was of a decrypting program which can decrypt a hd movie - provided it is fed with the decrypted title key for that movie. In fact, there is nothing amazing about that. The whole basis of the aacs system is that the methods etc are public information, and that the security itself relies on the secrecy of the keys. Otherwise, no-one would be able to develop software to work with the system. So at that stage there wasn't anything to comment about. The revelation that keys had been decrypted and published occurred on Saturday 13th January. There will be no comment until people are back at work on Monday, and the proverbial starts flying around. But even then, it has to be verified etc. It looks like all movies released to date on HD-DVD can be cracked like this. Also, where there are movies as yet unreleased, but where masters or the actual disks have been made, difficult and potentially expensive decisions will have to be made about revoking player keys. Revocation of player keys is by way on information carried on new disks. If title keys keep leaking out from an ongoing succession of different wheezes, revoking the keys could develop into an expensive saga that causes havoc with the manufacturing and distribution of disks.

The other problem with this is that because the software itself supposedly does not infringe the DCMA, that can be hosted anywhere, and if keys are discovered, they can be posted all over the net on forums, and it is almost impossible to get them removed.

The other point is controversial. What if someone uses drm to remove rights that someone has. That is an issue that needs debating - and legislating about. For example, the EEC has prohibited the use of drm to prevent people from refilling laser printer toner cartridges.(82.29.215.250 13:29, 15 January 2007 (UTC))

[edit] Article outdated?

"However, Muslix64 claims to have found title keys in main memory while playing HD-DVD disks using a software player, and that finding them is not difficult. [1]Details of how to do this have not been revealed.

On January 2, 2007 "muslix64" published a new version of his/her program, with volume key support.[5]"

I've read on several news sites now (including digg) that people other than Muslix64 have found title keys in memory

  • Arnezami seems to have done the same thing, but better. Read the Outside liks. Crakkpot 20:52, 13 February 2007 (UTC)

[edit] Additional References

Here are some news articles that can be added to the article concerning the defeat of AACS:

Hopefully those references will make this a better article. Xuanwu 06:37, 27 January 2007 (UTC)

[edit] Backwards Compatibility

I think it should be mentioned in the article, how players can decode older films. To make what I mean clearer. Take film A and film B. Then take Player X and Player Y. Film A is older than B, and player X is older than Y. Then suppose, player Y is made after film A is published. It can decrypt film B, because film B has a key included for Player Y, but how does it decrypt film A? Does it use Player X's key? I think this might be in the article, but its not very clear. Could someone clarify? - Рэдхот(tce) 18:21, 30 January 2007 (UTC)


Reply: It isn't as simple as that. Keys are not just selected at random. Also, the key to decrypt a disk is itself encrypted and placed on the disk. The player decrypts the key from the disk, and then uses the result to decrypt the disk with. The security of the system is in keeping the keys secret - not in keeping the system secret. Once someone has a decrypted disk key, they can decrypt that disk (or any other produced from the same master) and convert the movie into something that will play without any drm.

There is a mathematical relationship involved with the keys. Initially, any device key will decrypt any disk key. So the question of backwards compatibility does not arise. If a device is compromised and its key revoked, then new keys generated for disks made from then on will be created in such a way as they can be decrypted by any player key - except those which have been revoked. The device then needs to be updated and granted a new key.

There are mechanisms (eg sequence keys) whereby a copy of a movie can be scrutinised, and the identity of the player that decrypted it be determined. From that, the idea is that the devivce key can be revoked. However, that assumes that the hack is in the player itself. Recent developments (separate from the Muslix exploit) suggest that people are copying movies by cracking the data after it has left the player and is on its way to the graphics card - even though that is supposedly not possible. (82.29.215.250 16:58, 3 February 2007 (UTC))

[edit] Merge from Arnezami

Please merge any relevant content from Arnezami per Wikipedia:Articles for deletion/Arnezami. (If there is nothing to merge, just leave it as a redirect.) Thanks. Quarl (talk) 2007-02-18 09:07Z


The Arnezami section effectively repeats the fact that he used a USB method, perhaps this can be re-written? 143.52.5.182 11:26, 20 March 2007 (UTC)

I have now merged these paragraphs Gryphon5 14:55, 20 March 2007 (UTC)

Retrieved from "http://en.wikipedia.org../../../a/d/v/Talk%7EAdvanced_Access_Content_System_f7ca.html"