Profile
Blog
Photos
Videos
Media
Categories
Blu-Ray Cracked? |
posted by NeroDude at 2 years ago
So, by now you may have heard the news: hackers claim to have broken the copy-protection code of Sony's supposedly "uncrackable " Blu-Ray Encoder. What does this mean? Probably nothing, except that Sony has to eat a lot of crow, since they claimed it would take "ten years " to crack the Blu-Ray code... For the rest of us, it probably has little to do with our lives: even with the code cracked, cheap, pirated BDs won't be available for a long time, and won't be playable for even longer...
Still, it teaches you one thing: never underestimate the power of the hax0rz...
- Tags:
- sony ray hacks blu
- Category:
- Uncategorized
- Rate:
-
Share
Bookmark
Report
Comment
treskaan wrote at 2 years ago
wasn't it...
...just a matter of time?? I still remember that the uncrackable DVD code has been cracked by a 14 years old guy.
So that is not really impressing me, it's there own fault to call it uncrackable and mobilize in the same moment every cracker on the planet XD
but the protection was pretty good, as far as I remember the DVD code has been cracked BEFORE the release of the first discs in retail :)
IanFarquhar wrote at 2 years ago
More details...
Here's some more info:
http://arstechnica.com/news.ars/post/20071030-bd-may-be-on-the-ropes-as-progress-made-on-crack.html
Some technical info on BD+:
http://arstechnica.com/news.ars/post/20070620-blu-ray-content-protection-agency-certifies-bd.html
Interestingly, reading the forums at Slysoft, it seems that MKBv4 cracking in AnyDVD is a "remote" process, in that Slysoft has a way to do it, but doesn't want it reverse-engineered by compeditors. They seem to have some sort of cracking server, and if an unknown disk is inserted, you need to connect to their cracking server. Details here:
http://forum.slysoft.com/showthread.php?p=61741
That does open all sorts of privacy and security concerns, IMO.
IanFarquhar wrote at 2 years ago
Interesting...
The folks at Cryptography Research, who designed BD+, are pretty smart engineers. But this is a fundamentally intractable security problem: protecting a secret in a device which is in "ememy" hands. The spooks - who claim to be 10 years ahead of the state of the art in designing high-assurance hardware - always assume that someone possessing the device will eventually get the key, no matter what technical measures they've implemented. This is why type-1 encryptor boxes inherit the classification level of the keys loaded into them. Blu-Ray players also can't really have thermite scuttling charges installed in them either (although I'm sure Sony would love that).
More challengingly, this is a specification which is being implemented by CE manufacturers. At best, most programmers suck at writing secure code. And that's being kind. In this case, they're also under pressure to get the product out the door ASAP. That's a perfect storm for a device which has to protect keys.
Back to the "crack": It will be the details here which are interesting. Have they simply cracked the existing titles, because if so, BD+ will simply include a new encryption scheme? That would make Slysoft's results a lot less useful.
But if Slysoft has successfully managed to replicate the VM in a way that can't be detected by the title - a MUCH harder problem, as BD+ reportedly has lots of mechanisms to prevent this class of attack - then it could be game-over for BD+.
As I understand the politics, it was Fox which pushed for BD+. Let's see what they do at news of this crack.
Good points
@Ian: Yeah, the whole "connecting to a server" thing seems incredibly insecure, and a major piracy/spyware red flag goes up. I'm not much of a pirate myself (the occasional MP3 is about it), but even if I were, I can't imagine I would feel secure using this "crack." Thanks for the extra tech info, btw -- good stuff in there.
@treskaan: Yeah, Sony did the Titanic thing: "This ship is unsinkable!" and then, of course, it sinks. Ah well. The continuing saga of security experts vs. hackers continues...