Welcome to Doom9's Forum, THE in-place to be for everyone interested in DVD conversion.

Before you start posting please read the forum rules. By posting to this forum you agree to abide by the rules.

 

Go Back   Doom9's Forum > General > Decrypting

Reply
 
Thread Tools Search this Thread Display Modes
Old 30th October 2007, 10:32   #101  |  Link
linx05
Registered User
 
Join Date: Mar 2005
Location: Region 4
Posts: 518
Quote:
Originally Posted by bcrabl View Post
Thet went oracle because they don't want open source community to crack anydvd and find the device/proseccing keys. That is the only reason. The AACS LA will just revoce all the keys for software players next december.
Actually they don't mind freeware tools using them but they would not like it if other shareware companies stole it.
linx05 is offline   Reply With Quote
Old 30th October 2007, 11:54   #102  |  Link
Wombler
Affable Wanderer
 
Wombler's Avatar
 
Join Date: Apr 2007
Location: Northern Ireland
Posts: 451
Quote:
Originally Posted by SamuriHL View Post
That's not exactly what they said. They said they are going to allow AnyDVD HD to communicate with their server for any new titles that it doesn't have keys for and will discover the key from the information sent to the Slysoft server, and send back a key for that title. The MKBv4 cracking code will not be integrated into AnyDVD HD directly. Each new version will come with an upgrade list of titles that it can decrypt. However, as I said, when a new one is encountered it'll be decrypted for you by the server.
That's a clever way of doing it!

It completely avoids the possibility of revealing their cracking technique.


Wombler
Wombler is offline   Reply With Quote
Old 30th October 2007, 13:27   #103  |  Link
SamuriHL
Registered User
 
SamuriHL's Avatar
 
Join Date: May 2004
Posts: 5,351
Quote:
Originally Posted by Wombler View Post
That's a clever way of doing it!

It completely avoids the possibility of revealing their cracking technique.


Wombler
It is clever, but, it does have drawbacks, too. A lot of people are complaining about having "offline HTPC's" but then, how do they get AnyDVD updates to that machine in the first place? If they're that concerned about putting the machine online to allow it to crack discs "instantly", they can always wait until AnyDVD is updated with a new key database and update the AnyDVD version "offline". So, yes, people are complaining already about this new method, however, given that it's the *ONLY* method so far, well, not too much to complain about IMO.
SamuriHL is offline   Reply With Quote
Old 30th October 2007, 13:57   #104  |  Link
FoxDisc
Registered User
 
Join Date: Jan 2007
Posts: 274
Quote:
Originally Posted by Wombler View Post
"they are going to allow AnyDVD HD to communicate with their server for any new titles that it doesn't have keys for and will discover the key from the information sent to the Slysoft server, and send back a key for that title."

That's a clever way of doing it!
It completely avoids the possibility of revealing their cracking technique.
Wombler
I don't think "clever" is quite the right word for it. This type of attack is referred to as an "oracle" and the AACS system was built with the assumption that an oracle would be tried. You could say that AACS is years ahead since a "solution" to the oracle attack was built into the AACS specs long ago.

The "solution" is sequence keys which would (eventually) identify the compromised keys used by the oracle. As others have commented, it's likely that the keys came from a software player and they will all be changed by AACSLA on the next MKB cycle. Sequence keys may never be used.

I suspect that Slysoft sees some advantage in hiding the keys they use from their competitors, and some advantage in keeping secret which software player they have compromised to reduce the incentives to harden it.
FoxDisc is offline   Reply With Quote
Old 30th October 2007, 17:38   #105  |  Link
Peer van Heuen
SlySoft Team Member
 
Join Date: May 2007
Posts: 173
Quote:
Originally Posted by FoxDisc View Post
The "solution" is sequence keys which would (eventually) identify the compromised keys used by the oracle. As others have commented, it's likely that the keys came from a software player and they will all be changed by AACSLA on the next MKB cycle. Sequence keys may never be used.

I suspect that Slysoft sees some advantage in hiding the keys they use from their competitors, and some advantage in keeping secret which software player they have compromised to reduce the incentives to harden it.
Well, surely it's not that we are under any illusion that hiding keys by using a key-server would keep AACS from finding out the source of the keys.
That's not really the point. We simply found that there are several advantages to it.
One is: yes, software players have put tremendous effort into hiding their keys lately.
It took me a full 3 weeks to get them, after all, so my hat off

Anyway - while this may encourage people to start hacking into AnyDVD (which is happening all the time anyway for cracking purposes) - AnyDVD does hide it's keys too, but not as efficient as the latest SW players do, I have to admit.
So it would make me feel a little awkward to put all that work into the unwrapping and then see our friend FengTao just copy them from us (which I would do too in his place, I'm not blaming him for that at all).
So instead of adding that amount of hard work to obfuscate keys as well as current SW players do, we decided to not put the keys into danger at all.

Also, this method let's us be right on top of the news, whenever a new encryption comes up, which is the point that has the most sex-appeal to me myself

EDIT: there are some additional advantages to the users as well, like SAK/PS3-users using 1:1 images created from their PS3 will typically not have to wait for an AnyDVD update that can crack their known disc - the online query is much more up to date.
__________________
SlySoft Inc.

Last edited by Peer van Heuen; 30th October 2007 at 17:42.
Peer van Heuen is offline   Reply With Quote
Old 30th October 2007, 18:10   #106  |  Link
lightshadow
Registered User
 
Join Date: Feb 2007
Posts: 123
Quote:
Originally Posted by Peer van Heuen View Post
One is: yes, software players have put tremendous effort into hiding their keys lately.
I have no problem with the oracle/blackbox approach, but I am thinking when you have spend the time to reverse engineer the software players key scrambling, couldn't you just reuse that scrambling routine in AnyDVD?

Keep up the good work! =)
lightshadow is offline   Reply With Quote
Old 30th October 2007, 18:28   #107  |  Link
Peer van Heuen
SlySoft Team Member
 
Join Date: May 2007
Posts: 173
Quote:
Originally Posted by lightshadow View Post
I have no problem with the oracle/blackbox approach, but I am thinking when you have spend the time to reverse engineer the software players key scrambling, couldn't you just reuse that scrambling routine in AnyDVD?
Nice thought for sure, but those are several layers and even knowing how they work (some are really beautiful, I'd like to add), it takes longer to implement than to break. That is a basic rule of obfuscation - constantly underestimated.
Also, I prefer to not "steal" more than necessary.
__________________
SlySoft Inc.
Peer van Heuen is offline   Reply With Quote
Old 30th October 2007, 18:49   #108  |  Link
lightshadow
Registered User
 
Join Date: Feb 2007
Posts: 123
Quote:
Originally Posted by Peer van Heuen View Post
Nice thought for sure, but those are several layers and even knowing how they work (some are really beautiful, I'd like to add), it takes longer to implement than to break. That is a basic rule of obfuscation - constantly underestimated.
Also, I prefer to not "steal" more than necessary.
I don't think you can talk about stealing a number, but that's another discussion =)

But I see you point, and when I think about it, it would mean that AACSLA would know exactly how to unscramble the keys. =(
lightshadow is offline   Reply With Quote
Old 30th October 2007, 20:58   #109  |  Link
FoxDisc
Registered User
 
Join Date: Jan 2007
Posts: 274
Quote:
Originally Posted by Peer van Heuen View Post
software players have put tremendous effort into hiding their keys lately.
It took me a full 3 weeks to get them, after all, so my hat off
And my hat is off to you too as you appear to be the only one who has achieved this feat.

It would have been nice to know what you learned about the obfuscation/hiding and how you learned it - purely as an intellectual interest - but I understand that you probably don't want to tell your competitors, those who wrote the obfuscation/hiding routines and the AACS about your techniques and failures/successes. Perhaps one day, though ...
FoxDisc is offline   Reply With Quote
Old 30th October 2007, 23:47   #110  |  Link
zeroprobe
Registered User
 
Join Date: Jan 2002
Posts: 155
Getting ripping them hardware players apart slysoft. Get some more ammo for the future battles.
zeroprobe is offline   Reply With Quote
Old 31st October 2007, 03:51   #111  |  Link
Galileo2000
Registered User
 
Join Date: Jan 2007
Posts: 224
Well, hats off to Peer!

Now to BD+.

SlySoft forum users (at least 2 of them) report successful ripping of the BD+ title.

http://forum.slysoft.com/showthread.php?t=9120

SlySoft itself did not say new AnyDVD breaks BD+, they said they are working on this.

But..can it be that BD+ has no clothes?

Just complying with the file structure does it?

Wishful thinking I guess.
Galileo2000 is offline   Reply With Quote
Old 31st October 2007, 04:37   #112  |  Link
blutach
Country Member
 
blutach's Avatar
 
Join Date: Sep 2004
Location: is everything!
Posts: 6,499
Quote:
Originally Posted by Peer van Heuen View Post
So it would make me feel a little awkward to put all that work into the unwrapping and then see our friend FengTao just copy them from us (which I would do too in his place, I'm not blaming him for that at all).
Peer,

Please keep such comments regarding other members here to yourself or on your own forum. Apart from possibly being libelous (which Doom9 might also be liable for), it is clearly a breach of rule 4.

We do appreciate your participation here, but please be aware of our rules.

TIA.

Regards
__________________
Les

Only use genuine Verbatim or Taiyo Yuden media.

Last edited by blutach; 31st October 2007 at 04:43.
blutach is offline   Reply With Quote
Old 31st October 2007, 09:17   #113  |  Link
Wombler
Affable Wanderer
 
Wombler's Avatar
 
Join Date: Apr 2007
Location: Northern Ireland
Posts: 451
Quote:
Originally Posted by Peer van Heuen View Post
Also, this method let's us be right on top of the news, whenever a new encryption comes up, which is the point that has the most sex-appeal to me myself
That's one of the reasons I thought it was particularly clever.

Any new discs that the software can't cope with you learn about immediately!

Congratulations on some brilliant work.


Wombler
Wombler is offline   Reply With Quote
Old 31st October 2007, 10:32   #114  |  Link
Johhn
Registered User
 
Join Date: May 2007
Posts: 16
Quote:
Originally Posted by Galileo2000 View Post
Well, hats off to Peer!

Now to BD+.

SlySoft forum users (at least 2 of them) report successful ripping of the BD+ title.

http://forum.slysoft.com/showthread.php?t=9120

SlySoft itself did not say new AnyDVD breaks BD+, they said they are working on this.

But..can it be that BD+ has no clothes?

Just complying with the file structure does it?

Wishful thinking I guess.


It is starting to look as if there might be a bug in a software player (as if) that is facilitating by-passing of bd+ somehow. I imagine that exploits of that are a separate matter to progress being made elsewhere.
Johhn is offline   Reply With Quote
Old 31st October 2007, 12:09   #115  |  Link
Peer van Heuen
SlySoft Team Member
 
Join Date: May 2007
Posts: 173
Quote:
Originally Posted by blutach View Post

Please keep such comments regarding other members here to yourself or on your own forum. Apart from possibly being libelous (which Doom9 might also be liable for), it is clearly a breach of rule 4.

We do appreciate your participation here, but please be aware of our rules.
Done

FengTao is a polite and friendly person. No harm meant.
__________________
SlySoft Inc.
Peer van Heuen is offline   Reply With Quote
Old 31st October 2007, 12:10   #116  |  Link
Peer van Heuen
SlySoft Team Member
 
Join Date: May 2007
Posts: 173
Quote:
Originally Posted by Johhn View Post
It is starting to look as if there might be a bug in a software player (as if) that is facilitating by-passing of bd+ somehow. I imagine that exploits of that are a separate matter to progress being made elsewhere.
I'll have to look into this further - rest assured, AnyDVD HD is not bypassing BD+ yet.
__________________
SlySoft Inc.
Peer van Heuen is offline   Reply With Quote
Old 1st November 2007, 00:53   #117  |  Link
lightshadow
Registered User
 
Join Date: Feb 2007
Posts: 123
Quote:
Originally Posted by Galileo2000 View Post
SlySoft forum users (at least 2 of them) report successful ripping of the BD+ title.

http://forum.slysoft.com/showthread.php?t=9120
That sure is an interesting thread!!

For those who haven't read it, it says that if you rip a BD+ title with AnyDVD and then normal file copy the missing folders, BD+ can't tell the difference from the BD and the harddrive, so it plays back the movie perfectly.

Who would have thought that BD+ is independent of the AACS DRM?
lightshadow is offline   Reply With Quote
Old 1st November 2007, 01:04   #118  |  Link
SamuriHL
Registered User
 
SamuriHL's Avatar
 
Join Date: May 2004
Posts: 5,351
Quote:
Originally Posted by lightshadow View Post
Who would have thought that BD+ is independent of the AACS DRM?
Somehow I get the feeling it's not supposed to be. Most likely it's a bug in PowerDVD that will eventually get patched. However, it's quite interesting for now, for sure. Now if I could only get my darn PS3 to play nice and allow me to image my Blu-ray discs to my external drive I'd be golden. Almost there on that one. My new HTPC components arrive sometime next week, so, I'm definitely ready.
SamuriHL is offline   Reply With Quote
Old 1st November 2007, 11:31   #119  |  Link
lightshadow
Registered User
 
Join Date: Feb 2007
Posts: 123
Quote:
Originally Posted by SamuriHL View Post
Somehow I get the feeling it's not supposed to be. Most likely it's a bug in PowerDVD that will eventually get patched.
Wouldn't it be more like a design bug in BD+? It seams to me that they have forgot to implement a media check in BD+...
lightshadow is offline   Reply With Quote
Old 1st November 2007, 12:44   #120  |  Link
lightshadow
Registered User
 
Join Date: Feb 2007
Posts: 123
Quote:
Originally Posted by FoxDisc View Post
And my hat is off to you too as you appear to be the only one who has achieved this feat.

It would have been nice to know what you learned about the obfuscation/hiding and how you learned it - purely as an intellectual interest - but I understand that you probably don't want to tell your competitors, those who wrote the obfuscation/hiding routines and the AACS about your techniques and failures/successes. Perhaps one day, though ...
It could be a book like Andew Bunnies "Hacking the XBox" book, sold for $9.99 at Slysoft =)

"Hacking AACS and BD+ for beginners"

=)

Last edited by lightshadow; 1st November 2007 at 13:26.
lightshadow is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 22:50.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.