Well on your standard PC one can load winice or other memory resident debugger and step through code execution. You can crash an application, or run it, dump the memory to disk, then examine it with hex and other tools. You can probe the application resources to see if 3rd party DLLs or other pieces of code were used in development. And that's just the start. Ofcourse there are ways to protect against this, but the cat is out of the bag the moment you run anything resident on a PC that does not phone home or have tight kernel-level OS integration. And even those can be thwarted. The important fact here is that no hardware expertees are required to hack at this type of copy protection. There is also no time-bomb safety for any wannabe hacker to examine the software. So they get to do it at their leisure. The only way to solve this is to execute any code inside secure memory where userland and even root-level applications have no access. The trusted computing initiative (see wikipedia) is the best example of this. A processor smartcard is another. Or a Sentinel dongle to a lesser degree. I find it amusing that all this effort is put into securing the output of the PC in terms of HDCP and so forth, but the door has been left wide open per se for people to hack at these HDDVD player applications until they find a workaround or vulnerability in the code execution. We all know that companies producing these apps like P****DVD have to ensure that they run on all platforms with a wide variety of hardware. This just multiplies the possibility that they will produce a bug in their code. Tight deadlines and multiple versions for OEM and other licensing with features removed just add to this. This was bound to be cracked. If the disc can be read and played back on a PC under standard OS, the protection scheme is doomed from the get-go and just a futile exercise in obfuscation and annoyance to paying customers. And for crying out loud, the app that is the subject of this discussion was coded in Java. Sigh. When will they learn. Cheers Kon On 1/2/07, Mark Aitken <maitken@xxxxxxxxxx > wrote:
Not sure if your response was "tongue in cheek"... what exactly is a "PC without secure memory", or (more directly) what (more or less exactly) is secure PC memory? Mark the Mark that is not secure in his knowledge of secure things....or of whose definition of secure applies in a given example... Kon Wilms wrote: This is what happens when you allow a PC without secure memory to play back these discs. What a bungle. I looked at the source code and it appears to be purposely missing some pieces but looks legit.