Thursday, February 22. 2007
HD DVD Content Protection Cracked - What took them so long?
There's an interesting story about the crack on the HD DVD DRM at Bobbie Johnson's Blog. DRM is hard, because as Bruce Schneier (and probably many others) have said digital content "wants" to be copied. In the latest twist to the content protection tale, a hacker has discovered that he can find the keys by looking in the memory of his DVD player. There's a surprise 
The significant thing about this hack is that Hollywood really did seem to believe that that they had good a "secure" DRM system. I can't find the reference, but I remember Andy Setos of News Corp saying that this was their last chance to get DRM right.
There is so much snake oil in the world of DRM, that I prefer to go back to cryptographic basics. If you want legitimate owners to view content, you have to send decryption keys. If you send keys, then the bad guys will get them unless you can hide them in software or some physical device. Pay TV smart cards try to do the latter and are fairly successful as you need industrial size equipment to hack them. This attack seems to be a standard bit of reverse engineering and the only surprise is that anyone is surprised!
I don’t really buy the “update” idea that the AACS people put forwards, as there must be a root key somewhere!
The significant thing about this hack is that Hollywood really did seem to believe that that they had good a "secure" DRM system. I can't find the reference, but I remember Andy Setos of News Corp saying that this was their last chance to get DRM right.There is so much snake oil in the world of DRM, that I prefer to go back to cryptographic basics. If you want legitimate owners to view content, you have to send decryption keys. If you send keys, then the bad guys will get them unless you can hide them in software or some physical device. Pay TV smart cards try to do the latter and are fairly successful as you need industrial size equipment to hack them. This attack seems to be a standard bit of reverse engineering and the only surprise is that anyone is surprised!
I don’t really buy the “update” idea that the AACS people put forwards, as there must be a root key somewhere!
Quicksearch
For More Information about Broadsight:
Contact us
Broadsight website
Articles
To sign up for Broadstuff on other services:
Broadstuff - the Twitter edition
Broadstuff - the Jaiku edition
Broadstuff - the FriendFeed edition
Subscribe to Broadstuff via email
Books we are reading:
Contact us
Broadsight website
Articles
To sign up for Broadstuff on other services:
Broadstuff - the Twitter edition
Broadstuff - the Jaiku edition
Broadstuff - the FriendFeed edition
Subscribe to Broadstuff via email
Books we are reading:
Syndicate This Blog
Archives
Blog Administration
Creative Commons Licence
Categories
- About Us
- Advertising
- B2B Media 2.0
- Blogstuff
- Business Models
- Dis - Aggregation
- DRM / IP
- Enterprise 2.0
- Gaming / Virtual Worlds
- Hacks and Startups
- Identity / Profiles / Trust
- Media Web 2.0
- Mobile Multimedia
- Mobile TV
- MyPCTV
- New Search
- Odds and Sods
- Open Source
- Quad Play
- Social Networks
- User Devices
- Web Services
- Web TV / IPTV / DTV
We have argued before that any attempt to hard code encryption on consumer devices is doomed to failure - there are just far more people out there motivated to crack it, and if it is a static system, once cracked it is open for a long time. What has be
Tracked: May 02, 15:50