Slyck.com
 
Slyck Chatbox - And More

Interview with muslix64, Developer of BackupHDDVD

Discuss Slyck's latest news
Forum rules
PLEASE READ BEFORE POSTING: Slyck Forum Rules

Interview with muslix64, Developer of BackupHDDVD

Postby SlyckTom » Wed Jan 24, 2007 2:21 pm

The next generation of optical disc technology holds the promise to change the way we interact with and store digital media. Perhaps the most exciting change is the arrival of High Definition (HD) video, with its glorious 1920x1080 pixel resolution. It’s a quantum leap forward in terms of watching digital content, as its vast resolution reveals a quality never seen before in such fine detail.

Because of the rapid escalation of digital file-sharing – especially of video files – Hollywood has been working around the clock to protect HD content. This is especially relevant for one of its primary delivery mechanisms – HD DVD and Blu-ray discs. These next generation discs, with capacities of 30 gigabytes and 50 gigabytes respectively, have their content protected with an array of DRM (Digital Rights Management.) Both are protected with a scheme called AACS, or Advanced Access Content System. This DRM is a great leap forward compared to the weak CSS, or Content Scrambling System, that currently “protects” DVDs. Thanks to Fox, Blu-ray has an additional layer of protection, called <a href=http://en.wikipedia.org/wiki/BD%2B target=_blank>BD+</a>, however most discs have yet to support this protection.

Although Hollywood has constructed enough DRM architecture to rival the Pyramid of Giza, it has long been suspected that it would be only a matter of time before HD DVD and Blu-ray content protection were compromised. Convinced the golden DRM egg had been laid, it seemed that nothing could penetrate the great AACS wall. And to this day, that great wall still stands.

But why crash through the main gates of Constantinople when you can just pick the lock of a long forgotten rear entrance?

On December 26, 2006, a member of the Doom9.net forums named muslix64 introduced himself as circumventing the content protection – not the copy protection – of HD DVD. Additionally, he made available an open source program named BackupHDDDVD. At the time, this program was a command line program that bypassed the content protection – providing the individual successfully obtained the title and volume keys associated with the HD DVD. Once the individual has the keys, the AACS protection can be sidestepped, and the HD movie content can be extracted. According to muslix64, it took all of eight days to successfully circumvent HD DVD content protection.

Much of the more difficult work, such as extracting the keys, has been alleviated as the once encrypted information has proliferated online. To understand where this stunning turn of events is heading, Slyck.com spoke with muslix64, who agreed to a PM (private message) interview.

<b>The mainstream media tends to have many labels for you, i.e. hacker, cracker, pirate, etc., in response to your efforts. What would you call yourself and what would you label your efforts?</b>

I'm just an upset customer. My efforts can be called "fair use enforcement"!

<b>What motivated you to help circumvent the content protection scheme associated with HD DVD and Blu-ray?</b>

With the HD-DVD, I wasn't able to play my movie on my non-HDCP HD monitor. Not being able to play a movie that I have paid for, because some executive in Hollywood decided I cannot, made me mad...

After the HD-DVD crack, I realized that things where "unbalanced" by having just one format cracked, so I did Blu-ray too.

<b>Explain how decrypting the device and volume keys are critical to your success. Could you explain the difference between the two?</b>

The device keys, are the keys associated to the player.

The volume key, is the key associated to the movie.

I don't care about device keys. I do care about volume keys, because by using volume keys instead of devices keys, I totally bypass the revocation system. There is no "volume key revocation". There is content revocation, but I really doubt they will ever use it. If you use device keys, they can revoke them. Having the volume key means that you can decrypt title's keys (or CPS Unit key in the case of Blu-ray) and then you can decrypt the media file without problem.

I was shocked to realize the volume key was not protected in memory!

<b>Explain how a movie studio could prevent the general public from taking advantage of pirated HD movies, such as ones currently available via Usenet and BitTorrent. For example, if an individual were to download "Serenity", and play it successfully on his or her Power DVD player - and never updated the software - would it be immune from any Hollywood counterattack?</b>

Yes, immune. If the movie is decrypted there is nothing you can do! Or you can use open-source player, like VideoLan, if a player like PowerDVD become more restrictive about playing decrypted movies.

<b>There appears to be some confusion to the extent and specifics of your success. Explain what content protection has been compromised, and what content protection is still intact?</b>

There is no easy answer but, IMHO, AACS is totally busted. The only thing I can see for now to prevent the attack I have described is to put different keys on every disc! It will cost a fortune for the manufacturing, so I'm not sure they will go that way...

People say I have not broken AACS, but players. But players are part of this system! And a system is only as strong as his weakest link. Even if players become more secure, key extraction will always be possible.

I know many people of the industry try to cover up this breach, by saying I have only poked a tiny hole in AACS, but it is more serious than that. Only the future will tell.

The AACS security layer is almost the same for both HD-DVD and Blu-ray, so they are both busted for good.

The only extra security layer is for the Blu-ray format, and it's called BD+. BD+ is not there yet, and I don't know when it will be. May be my "exploits" will speed up the adoption of BD+, we will see...

<b>You've recently helped defeat Blu-ray's content protection as well. What were the similarities/differences in defeating this copy protection scheme?</b>

Almost the same. I use the same known-plaintext attack for both formats. But media format and encryption are slightly different. Because I already had experience with the HD-DVD, it was really easy for Blu-ray.

<b>What are your ultimate goals? Do you feel that most - if not all - of the content protect will be ultimately defeated?</b>

If you can play it, you can decrypt it! There is nothing you can do about it. The only thing they can try is to slow people down.

<b>To what extent do you feel you can bring your efforts to the mainstream? Do you believe Hollywood's content protect will rendered so impotent that HDDVD Backup (or a similar device) will be utilized to the same extent as DVD Decrypter or DVD Shrink?</b>

Probably. There are multiple scenarios here. You can write a fully automated decrypter with stolen player keys, but they will revoke the keys.

Anyways, even if they do key revocation, the revocation process will be very slow. It would take at least one month (or more) between revoking the player and new version of movies with the revocation in stores.

The reaction time of the community will be way faster than the reaction time of the industry.

<b>Explain the differences between DeCSS and your efforts.</b>

I really respect the work of DVD Jon and his friends (he was not alone!) They do more than me. They had to reverse a cipher! I didn't have to reverse anything. So technically speaking, it was easier to bypass AACS than CSS.

<b>To what extent is your work a community effort? Do you feel that without the community's input, we would be having this conversation today?</b>

I was pretty much alone to do the HD-DVD exploit. But I receive a lot of help with the Blu-ray, thanks Janvitos!

My 2 programs are only "proof of concept" software. Right now, the community's contribution is vital. They will bring this software to higher level. I just tell people it was possible and I made the demonstration.

<b>What PC based DVD players are currently compatible with defeated HD movies?</b>

I don't want to give specific names but I can tell you they are all vulnerable [to a] different extent.

<b>Let's look into the crystal ball. When would you say people will be able to decrypt, burn, and play HD movies (whether HD DVD or Blu-ray) on their stand alone player?</b>

I think they are already doing it right now! I have seen post of people claiming they did that on both format...But I cannot confirm it.

<b>Do you see Microsoft Vista's implementation of HDCP being an obstacle to playing compromised HD movies in high definition?</b>

No. To my understanding, this limitation is enforced in the player! So if you use an open-source player, like VideoLan, there is no problem. Also, a decrypted movie [doesn’t] have this limitation if you have disabled the security flags.

The limitation with Vista seems more on the process and memory protection. But I cannot comment on that, I don't know Vista.

<b>Do you see AACS encryption being defeated in the near future?</b>

If you’re talking about AES itself (the crypto algorithm), I don't think it will be cracked anytime soon, but we never know. May be someone will find another hole, or another way to attack AACS. You cannot attack the crypto itself, you have to attack the protocol or the procedure. When will we find another way around AACS? No idea...

<b>If studios begin revoking encryption keys, do you believe this will pose a significant threat to your progress or overall goals?</b>

Players will become more and more secure. It will slow me down, but it won't prevent key extraction in the long term.

<b>Does the defeat of HD DVD automatically mean a victory for Blu-ray in the marketplace, or will Blu-ray be just as vulnerable to the community's efforts?</b>

The less secure the format, the more people will buy. I know a lot of people will disagree with that, but that's my opinion. Right now, both format are equally vulnerable. We have to wait the introduction of BD+ to see if it is really that secure...

In the long run, Blu-ray seems more secure (because of BD+) and now is more expensive. So HD-DVD wins!

<b>Describe a potential Hollywood counterattack, and how the community would repulse such an offensive?</b>

Making the keys unique per disc will be the perfect counterattack. So we have to start another attack by stealing player’s key and doing the whole AACS decryption. Then the community will win because they have a faster response time to the revocation than the industry.

<b>Who do you feel most benefits from your work, and who stands to lose the most?</b>

The consumers will benefit. I hope it will enforce fair use, not piracy. Of course pirates will use this technique, and they already did...

Studios will lose more money with mass counterfeiting than file or key exchange on the net.

<b>Considering the legal problems Jon Lech Johansen endured, are you at all concerned about the repercussions of your work?</b>

I'm really concern about that. So I will stay put for a while, and watch the show. When the first BD+ movie [comes] out, I will wake up!

<b>Is there anything you would like to add?</b>

I don't think I'm the first who did it. They are probably a lot of people who did that before me, but they keep it secret.

I was disappointed to realize, that BD+ (the other security layer of Blu-ray) was not there yet. It would have been a great challenge! AACS was not a challenge at all...

I'm not the smart guy around; they are just careless about security.

<b>Editor's note:</b> One of the more important lessons muslix64 probably best exemplifies is the enormous delayed reaction of the entertainment industry. Napster was released in 1999, and to this day the music industry continues to struggle against free file-sharing. There are indications now that DRM is being considered for obsolescence. With muslix64's work, the amount of work required to keep up with the community oriented efforts may simply be impossible to maintain.
Follow us on Twitter @SlyckDotCom
Join our Facebook Fan page
SlyckTom
 
Posts: 5713
Joined: Fri Jul 26, 2002 7:22 pm
Location: New York City

Postby Fartingbob » Wed Jan 24, 2007 2:42 pm

Good interview! It get s alittle technical in the middle, but i got the jist of it. Its not totally blown open as DVD protection is now, and he admits the producers could fight back (short term only though). I hope soon we'll be getting fully featured nice GUIed HD DVD rippers and encoders. Then i might actually think about getting into HD in a few years. Before this crack, there was no incentive at all for me.

PS: the wiki link on the forum page doesnt work. works in the actual article page though.
User avatar
Fartingbob
P2P Trafficker
 
Posts: 13248
Joined: Sun Nov 20, 2005 4:18 pm
Location: Serenity

Postby multivariable » Wed Jan 24, 2007 2:46 pm

Excellent article Tom! And a very interesting interview, although I must admit a lot of the technical details were over my head.

muslix64 will become a legend (and a hunted man/woman, i fear). A definite win for the consumer.

I found this interesting:
muslix64 wrote:I don't think I'm the first who did it. They are probably a lot of people who did that before me, but they keep it secret.

If this is true (and it may be just an attempt to cover his ass) then we're laughing.

One minor quibble: I wish people would stop referring to major breakthroughs and massive changes as 'a quantum leap'
User avatar
multivariable
 
Posts: 27959
Joined: Sat Jan 21, 2006 11:28 am

Postby Fartingbob » Wed Jan 24, 2007 2:49 pm

multivariable wrote:One minor quibble: I wish people would stop referring to major breakthroughs and massive changes as 'a quantum leap'

They hope the next leap, will be the leap home. :lol:
User avatar
Fartingbob
P2P Trafficker
 
Posts: 13248
Joined: Sun Nov 20, 2005 4:18 pm
Location: Serenity

Postby stoops » Wed Jan 24, 2007 3:03 pm

Brilliant article, and brilliant news! (old'ish news but the first interview I've seen - nicely done Tom!)

Muslix64, you are the man! (oh, and Janvitos and everyone else who has, or will, help protect consumer RIGHTS over corporate ones!)

While I am at it, a big well done for doom9! It's sites like Slyck and Doom9 that make it worthwhile having an internet connection at all! (Oh yeah, and porn and warez et al :D )
"Honey bring me a beer. I've got a war to win!" - Bill Hicks
User avatar
stoops
 
Posts: 257
Joined: Fri Dec 30, 2005 6:30 am

Postby krawkie » Wed Jan 24, 2007 3:17 pm

Regarding what the industry's reactions will be, Ed Felten has a series of interesting articles in his blog - the first one's here. There's 7 in total so far; not sure myself if there's gonna be more, but Ed's blog is worth keeping up with either way. :)
krawkie
 
Posts: 21
Joined: Tue Jun 20, 2006 2:54 pm

Postby hybrid-god » Wed Jan 24, 2007 3:37 pm

Was a good read!!! The first response just sums it all up!!!
I'm just an upset customer. My efforts can be called "fair use enforcement"!
:lol:
"Corrupting all of humanity"
hybrid-god
 
Posts: 266
Joined: Wed May 31, 2006 6:23 pm

Postby videocheez » Wed Jan 24, 2007 3:38 pm

muslix64 made it sound so easy and the "cocksureness" of his attitude make me laugh. I hope Hollywood doesn't wack him.
This is so much fun! :-)
videocheez
 
Posts: 102
Joined: Mon Feb 14, 2005 4:33 pm

Postby tArqueLL » Wed Jan 24, 2007 4:22 pm

great work all around....
tArqueLL
 
Posts: 11
Joined: Sun May 22, 2005 10:32 am

Postby O_Coala » Wed Jan 24, 2007 4:43 pm

One of the best articles on Slyck.com
Thank you! :D
O_Coala
 
Posts: 18
Joined: Thu Feb 10, 2005 8:21 pm

Postby troc » Wed Jan 24, 2007 5:20 pm

Great read, thank you very much for this article.


"I'm not the smart guy around; they are just careless about security."

muslix64 on HD DVD drm
troc
 
Posts: 35
Joined: Wed Jun 30, 2004 4:24 am

Postby IceCube » Wed Jan 24, 2007 5:50 pm

Nice stuff Tom! :)
User avatar
IceCube
 
Posts: 17079
Joined: Tue Jun 14, 2005 5:31 pm
Location: Igloo Country?

Postby liquidmonkey » Wed Jan 24, 2007 5:57 pm

excellent article man!
totally a quote of the month

I'm just an upset customer. My efforts can be called "fair use enforcement"!


very well said and he's totally right, fair use is something that major companies have been ignoring for decades now and its about time that the consumer can actually 'fight' back AND make a difference.
simply put, their laws, ideology and attitudes need to change if they are to hold onto their consumer base.
.
Want to buy a HOUSE ? Parents are getting divorced and they need to sell to get on with their lives.

HOUSE is now SOLD, wooohoooo!!!
User avatar
liquidmonkey
 
Posts: 162
Joined: Tue Aug 03, 2004 2:32 pm
Location: sweden

Postby DeadlyTrev » Wed Jan 24, 2007 6:00 pm

Great reading ...

[url=http://forum.doom9.org/showthread.php?t=119871&page=1]The evolution of BackupHDDVD (and 'de-evolution' of AACS)
[/url]
DeadlyTrev
 
Posts: 112
Joined: Thu Apr 21, 2005 9:02 pm

Postby TorrentMama » Wed Jan 24, 2007 7:17 pm

I'm glad Slyck did this interview. Thanks!
Lionel Hutz, court-appointed attorney. I'll be defending you on the charge of... Murder One! Wow! Even if I lose, I'll be famous!
User avatar
TorrentMama
 
Posts: 2827
Joined: Wed Aug 16, 2006 3:42 pm

Postby Trev0r269 » Wed Jan 24, 2007 7:18 pm

Very fresh interview with a cool guest.
Trev0r269
 
Posts: 584
Joined: Mon Feb 23, 2004 7:53 pm
Location: Slow - hio

Postby Myrak » Wed Jan 24, 2007 8:44 pm

Good interview and a good read! *thumbs up* :)
Myrak
 
Posts: 896
Joined: Mon Aug 15, 2005 10:44 am

Postby curzlgt » Wed Jan 24, 2007 11:13 pm

Bravo Slyck! Great catch, article and interview.

To muslix64, simply thank you :D You are a brave sir knight in the war to restore fair use. Keep it up, and good luck!

It would be great to see a interview with an industry exec about their thoughts on this interview and muslix64's comments, especially if it were as objective as this one was :!:

prolly just end up with a no comment anyway, as this interview and information clearly shows their spin to be a joke. :(
“The music business is a cruel and shallow money trench, a long, plastic hallway where thieves and pimps run free, and good men die like dogs. There's also a negative side,” - Hunter S Thompson
User avatar
curzlgt
 
Posts: 3923
Joined: Fri Jul 29, 2005 1:17 am
Location: Land of the tall corn

Postby anonymity22 » Thu Jan 25, 2007 12:22 am

Muslix64 wrote:I really respect the work of DVD Jon and his friends (he was not alone!) They do more than me. They had to reverse a cipher! I didn't have to reverse anything. So technically speaking, it was easier to bypass AACS than CSS.




HAHAHA you have to be kidding me. I don't know a huge amount about encryption and ciphering but holy hell. If this is true, that is going to be the saddest thing I have ever read in the history of "security". When I read him say that the keys are in plain text in memory, wow. Good job hollywood! At least he isn't 12 years old. :X
anonymity22
 
Posts: 221
Joined: Wed Sep 13, 2006 9:10 am

Postby Praxis » Thu Jan 25, 2007 12:48 am

All I have to say is:

Let the good times roll... 8)
Praxis
 
Posts: 607
Joined: Tue Nov 28, 2006 2:20 am
Location: Canada

Postby blargh » Thu Jan 25, 2007 12:49 am

Great interview, stellar find there tom! :D

One thing got me laughing so hard I almost got tea allover my keyboard:

"After the HD-DVD crack, I realized that things where "unbalanced" by having just one format cracked, so I did Blu-ray too. "

Muslix64, even though as you say, your effort was really plain, it's still a massive effort to everyone else in the world. So, bask in your glory, you and your friends have together shown hollywood that no matter what crap they try to get consumers to buy... some just won't buy it!
This text makes my post look better.
blargh
 
Posts: 425
Joined: Sat Apr 08, 2006 9:44 pm

Postby lordfoul » Thu Jan 25, 2007 3:41 am

What can I say. Best interview in recent memory I've read on any P2P news site. Classic Slyck and it's what sets this forum apart from others. :)
E-Thug - Cause talking shit in person is dangerous.
User avatar
lordfoul
 
Posts: 2593
Joined: Tue Feb 17, 2004 11:44 pm

Postby Aussie_Bear » Thu Jan 25, 2007 4:19 am

Quote of the day:
"AACS was not a challenge at all"
-Muslix64


:D
Aussie_Bear
 
Posts: 117
Joined: Wed Feb 22, 2006 2:00 am
Location: Sydney, Australia

Postby TheBear » Thu Jan 25, 2007 6:24 am

Thanks for the article.
User avatar
TheBear
 
Posts: 198
Joined: Sun Dec 18, 2005 3:24 pm

Postby Krasch » Thu Jan 25, 2007 10:10 am

Kudos to Muslix64 is all I can say.

It's time DRM went the way of the dodo, and fair use prevailed again.
Krasch
 
Posts: 61
Joined: Sun Nov 26, 2006 7:24 am

Next

Return to Slyck News

Who is online

Users browsing this forum: No registered users and 1 guest

cron
© 2001-2008 Slyck.com