[opendtv] Re: Blu-ray & HD DVD Copy Protection Cracked
- From: "Kon Wilms" <kon@xxxxxxxxxxxx>
- To: opendtv@xxxxxxxxxxxxx
- Date: Tue, 2 Jan 2007 21:42:09 -0800
Well on your standard PC one can load winice or other memory resident
debugger and step through code execution. You can crash an application, or
run it, dump the memory to disk, then examine it with hex and other tools.
You can probe the application resources to see if 3rd party DLLs or other
pieces of code were used in development. And that's just the start. Ofcourse
there are ways to protect against this, but the cat is out of the bag the
moment you run anything resident on a PC that does not phone home or have
tight kernel-level OS integration. And even those can be thwarted. The
important fact here is that no hardware expertees are required to hack at
this type of copy protection.
There is also no time-bomb safety for any wannabe hacker to examine the
software. So they get to do it at their leisure.
The only way to solve this is to execute any code inside secure memory where
userland and even root-level applications have no access. The trusted
computing initiative (see wikipedia) is the best example of this. A
processor smartcard is another. Or a Sentinel dongle to a lesser degree.
I find it amusing that all this effort is put into securing the output of
the PC in terms of HDCP and so forth, but the door has been left wide open
per se for people to hack at these HDDVD player applications until they find
a workaround or vulnerability in the code execution. We all know that
companies producing these apps like P****DVD have to ensure that they run on
all platforms with a wide variety of hardware. This just multiplies the
possibility that they will produce a bug in their code. Tight deadlines and
multiple versions for OEM and other licensing with features removed just add
to this.
This was bound to be cracked. If the disc can be read and played back on a
PC under standard OS, the protection scheme is doomed from the get-go and
just a futile exercise in obfuscation and annoyance to paying customers.
And for crying out loud, the app that is the subject of this discussion was
coded in Java.
Sigh. When will they learn.
Cheers
Kon
On 1/2/07, Mark Aitken <maitken@xxxxxxxxxx > wrote:
Not sure if your response was "tongue in cheek"... what exactly is a "PC
without secure memory", or (more directly) what (more or less exactly) is
secure PC memory?
Mark
the Mark that is not secure in his knowledge of secure things....or of
whose definition of secure applies in a given example...
Kon Wilms wrote:
This is what happens when you allow a PC without secure memory to play
back these discs. What a bungle. I looked at the source code and it appears
to be purposely missing some pieces but looks legit.
Other related posts: