Open any LCD monitor. The ribbon cable which connects the VGA/DVI/HDMI decoder board to the LCD panel itself (a separate product, of which there are only a few manufacturers) carries an entirely unencrypted and fairly well-documented signal. With an <$100 FPGA, any HDMI monitor can be turned into a decryptor.
You're right that it's unencrypted, but I don't think it's well-documented. Every single panel manufacturer seems to have their own spec for carrying data to the LCD panel proper, and this is all proprietary and not-published. Short of someone reverse-engineering the data it's not quite SO easy to get your data.
The purpose of doing this would be to create a proof-of-concept, a piece of "hacktivism" if you will: showing that the analog hole is forever un-pluggable. In this case, "analog hole" would be a misnomer - a fully decrypted digital signal must exist in order to drive the LCD glass.
I would be sooo pissed if the movie i downloaded wouldn't play on my regular TV or projector I setup or something. I don't understand why they would require encryption for an analog out? Even a digital out. The movie-cracker people do everything in software anyway, so it seems like there's really no point in encrypting the transmission link.
Movie crackers won't necessarily be doing everything in software for long; several major software media components --- like iTunes, Windows Media Player and Windows protected media pathways --- remain effectively unbroken. DRM is steadily improving, to the point where the "analog gap" is becoming more important.
Don't they remain unbroken only because there are currently paths of lesser resistance? And iTunes is already routinely hijacked to strip DRM from the iTunes Store.
iTunes is not "routinely hijacked". The current incarnation of iTunes DRM hasn't had a published break since iTunes 6, several years ago.
The conventional wisdom maintains that all DRM schemes can be broken, and that's true, if you ignore cost. It is far from proven that all DRM schemes can be broken with costs proportional to the rewards.
Does anyone else think that this is incredibly creepy? If this goes on unchecked, it's just a matter of time until you're not allowed to code unless you have a license from the RIAA...
Well you are not allowed to code for the iPhone unless you have a license from Apple.
I wonder when they will do the same to their desktop computers. It is not as if companies haven't tried that scheme (see Microsoft "certified software" and stuff like that).
The irony is if you're geeky enough to connect your computer up to a big display to watch movies etc, you're certainly geeky enough to circumvent a little popup warning.
No need to hack iTunes, just download the movie in a DRM-free format. I've heard that there are places on the Net that has things like that, something with pirates and a bay?
But sure, if the Blu-Ray replacement happens to have a working protection system they might finally pull it off. Too bad for them that the last part of the delivery chain will always be unprotected, unless they find a way to put HDCP in Eye 1.0 wetware.
I think it would actually be a lot harder to apply something like EURion to video or audio, because of user expectations. Video and audio recorders are not expected to duplicate an existing artifact but to make a record, something you usually only get one chance to make. A EURion measure would be prone to abuse, breaking the user expectation that the given event had been correctly recorded.
The obvious example: What if a guy robbed a bank wearing a EURion t-shirt? None of the security cameras would record him, unless you had some exception for security cameras. And once you have an exception for security cameras, do you have an exception for, say, home security cameras? If so, anyone will be able to get a circumventing camera; if not, a lot of people will be upset.
I don't know how varied the possible DRM policies are, but it would seem possible to implement a 'generation counter' for DRM'd media which would restrict the number of copies.
e.g. the output of a video camera could be tagged with "allow 3 copies only". Each DRM-aware copy produced would decrement the # of allowed copies. The copied file would have an allowed-count of 0.
If a EURion-like image triggered this mode on the camera then that would probably be sufficient for manufacturers to avoid liability, but still serve to effectively close the "analog hole" (not really analog, but hey).
Yes, it all does seem unlikely. But so does tagging of printer output with yellow dots and EURion, and DRM in general.
The problems of DRM are the ones facing us right now. Sure, individual implementations are buggy. If there's pressure, that'll improve over time.
The basic technical approach of the current DRM systems is sound, which is why they're a problem. High quality implementations would restrict people.
In terms of pattern recognition, you're not exactly doing facial recognitiion. The hard part would be putting a signal in there which was:
- distributed through the whole picture (so you can't just mask off the logo in the corner)
- sufficiently unobvious to humans threshold so that quality doesn't go down too far. Dunno about this one, apart from the fact that we have a lot of bandwidth here to hide a signal
- could survive basic disruption attempts by 'hackers' (colour filters etc)
It is a fairly tall order, but so is convincing the entire PC parts industry to put crypto in all their components against the interests of their customers.
Aye, but someone's figured it out, hence making the download possible.
It's might seem like a chicken and egg discussion, but it isn't: the crack needs to come first. But once one person cracks it, the content is available for everyone else.
Yes it does. You could play HD-DVD media on Linux - I have personally done it. I'm relatively sure you may play Blu-Ray too. It's just like playing WMV or WMA - all you need is a codec - plus a tool to handle the DRM, which, as we're all aware, is inevitably created the day after the DRM is released.
There's still no permanent break for Blu Ray BD+; there are still titles that Slysoft can't play, and no evidence that the next Macrovision refresh won't stall Slysoft for months. You are drastically oversimplifying.
Bochs can emulate X86 quite well. Does Bochs itself bypass X86 copy protection code?
There's two obstacles:
(1) The VM emulation has to be perfect, and the Slysoft and open source emulation is reverse engineered. Reactos is Win32 reversed from one of the easiest platforms in the industry to reverse, and it's not perfect; BD+ was designed to be hard to reverse.
(2) Once the VM is perfect, so that the next 20 revs of Macrovision's protection code can't just go peek at some dark corner of the VM that Slysoft didn't know about, you still have to use that emulator to beat every successive program that Macrovision chooses to run on it.
A major challenge for SPDC, the underlying technology behind BD+, was that it had to be implemented autonomously by numerous consumer electronics companies, most of whom have no expertise in the areas of CS (compilers, virtual machine runtimes, content protection) that BD+ plays in. I expect it to get better over time, not worse.
I think the VM is emulated only well enough to run existing bytecode samples. If a studio can discover a bytecode sequence that executes differently on the licensed and unlicensed VMs, they can use that code in future movies.
My thoughts exactly. I only purchase media that is DRM-free. Amazon's MP3 store for instance. If they want to make more money they can start by offering more content as DRM-free because otherwise I'm not buying…
Amazon doesn't include the name of the buyer in the music file - either in the file's mp3 encoding itself or in the ID3 tag. Tagging the ID3 as you download the file is technically possible, but changing the MP3 encoding on-the-fly as you buy/download the file isn't particularly feasible for several reasons. The most notable is that there would be a 'privacy' outcry from the dark corners of the web, the way they reacted when Apple seemed to do something like that with iTunes.
If you have any suspicion about it, get a friend to buy a random MP3 from Amazon using her account and buy the same file yourself using your account. Compare the two MP3s using whatever tool you want; I did, and they seemed to be absolutely identical.
FWIW, there is a field in the Amazon MP3 ID3 - under 'Comments' - which says Amazon.com Song ID: 20XXXXXXX (I Xed the last seven digits). That's a unique song identifier, not a user identifier.
Bullshit. Or would you mind if I tagged you and your other possessions so I could track you and remove your privacy? It's latent DRM, only awaiting the lawsuit against you to activate it. Whether or not it's wrong to do or even effective is another discussion, but it is most definitely a handle by which they can control, or "manage", your rights.
It restricts your ability to sell the MP3. I can sell a CD, which to me factors into the price (assuming I could sell the CD for half of the new price eventually).
Maybe it doesn't enforce them, but suppose the police scans my computer and finds lots of MP3s signed to Matt Maroon, would it really not matter? (Honestly I don't know - but if it doesn't matter, why encode the name to begin with?).
Honestly my argument was more semantics. It's not DRM. It's something else, and certainly less odious. All they're doing is creating a way to track illegal activity.
I wonder what the laws are on selling the track and then deleting it though. Is that as legal as selling a cd, or do you get sign some sort of legal agreement when you purchase the track? I've never purchased a single track online so I don't know much about that.
Just saying that I can sell a CD. So if a CD costs 10€ in the shop and I know I could sell it for 5€ on ebay, it only costs me 5€ to listen to the songs (admittedly, plus the work for selling it). Not suggesting to rip the CD and then sell it, but if you tire of the music, you can sell it.
Right, but originally you were talking about how the information in an MP3 file restricts your ability to sell it.
You can probably imagine how silly it would feel to make sure you lose your MP3 after selling it, and what would you even ask for the MP3? Fiddy cent ?
The problem, of course, is that every time somebody runs into a restraint due to DRM, there's a chance of them turning to piracy - which is pretty addictive once it starts.
Exactly. How can the market possibly compete, when the illegal product simply works better than the legal product?
Pirated films are available anywhere on the planet, without wasting time waiting for international shipping, with a broad variety of subtitles, good enough image quality (often even HD) and play on commodity computer hardware, without buying any special devices. They also don't take up any shelf space.
I am amazed that films are not globally released simultaneously, both paid download and theatrical release, yet another competitive disadvantage for legal content. Almost all the english-speaking people I know would much rather download a film today than wait a year or two for it to hit the local cinemas.
