HDCP Master Key Leaked

Posted onSeptember 14, 2010September 14, 2010Leave a comment

If you’ve been reading or listening to me for any length of time, you will have some sense of how thrilled I am by this news. HDCP is the DRM scheme embedded into HDMI, the sole choice we have for most consume audio-video gear like Blu-ray players, surround sound receivers, and high definition televisions. I held out against buying an HD capable set because of HDCP and felt very badly when I finally caved.

As Cory at BoingBoing notes, now with this master key, device hackers and mere enthusiasts can cobble together their own media devices for format shifting, capturing and streaming. As always, I have to clarify that I do not condone or endorse commercial piracy but I do object strenuously to overbearing tools, like HDCP, that do not help ensure that artists get rewarded for their works and ultimately only frustrate and punish regular people who would like to make personal use copies within their own homes or households.

This news also continues the validation of the idea that new DRM system will ever be unbreakable. As Cory notes, for DRM to work, keys have to be shared. Each time a cryptographic key, usually a comparably small bit of data, is shared its security is diluted. In all cases so far, breaking of DRM has only been a matter of patience.

If you are curious to know more, Ars Technica has some more details on how HDCP works, came into existence, and may have been cracked.

HDCP master-key leaks, possible to make unrestricted Blu-Ray recorders, BoingBoing

feeds | grep links > Another Zombie Cookie Lawsuit, Airport Scanners Outside the Terminal,

Posted onAugust 25, 2010August 25, 2010Leave a comment

3rd zombie cookie suit filed
Ryan Singel at Wired shares the details of this case as well as the two previous. Hopefully this draws the right kind of scrutiny to curb the practice of using Flash to resuscitate standard browser cookies after users delete them. I hope this stays in the courts rather than being addressed in any future privacy legislation as I don’t think the technology is the problem but the factors in advertisers calculus that would lead them to using a trick that so defies the users’ express wishes.
Digitizing your own books becoming popular in Japan
New optical technique may accelerate development of practical spintronics
Paper on defeating common attempts at obscuring network protocols
Google responds to Android DRM crack explaining developers are using it wrong
Low energy super computing
Airport scanner technology leaves the terminal – There are a couple of key points in Mike Masnick’s post at Techdirt to emphasize. The news is that the technology has been sold outside of where it was first deployed, airports, and may be spreading beyond military use through these sales. He does mention the critical legal theory that would ordinarily curb using these scanners without the blessing of a warrant. We have no idea where and how the scanners are being used, whether we are likely to see a test case arise about them. He’s just hopeful, as am I, that we have solid precedent to help minimize abuse.
Federal circuit rules GPS tracking without a warrant is legal

feeds | grep links > RIAA Says DMCA Not Working (Hard Enough for Them), Jury Invalidates EFF’s Top Patent, Proposed Apple Spyware Goes Too Far, and More

Posted onAugust 24, 2010August 24, 2010Leave a comment

Apple seeking to patent spyware and traitorware
I have to agree with the incredulous tone in EFF’s analysis of Apple’s patent application. This goes well beyond anti-theft measures, none of the included techniques are worth it for a phone no matter how expensive or the risk of a breach of personal info. Simple encryption would be a more suitable solution for the latter and insuring the device if it is that important the former. I am really far more concerned about the potential privacy implications than Apple using this as some sort of spite based DRM to increase the pain of jail breaking a device despite it now being authorized under the DMCA section 2101 rulemaking.
Jury invalidates one of EFF’s “Most Wanted” patents
Google Marketplace DRM cracked
As the Register explains, the break was relatively simple predicated on the ease of de-compiling Java bytecode. To be more specific, as they clarify if you read the article, the DRM itself actually has not be broken but the application code that uses the simple affirmative or negative response from the platform can be re-engineered to essentially ignore the secure check. Each app would then have to be broken in turn but the break would hold for all copies of the cracked version.
The RIAA may have hurt its own arguments against innocent infringement
RIAA pushing to eliminate DMCA safe harbors
Mike Masnick at Techdirt does an excellent job digging out what might otherwise be a confusing claim made in the course of this story, that the RIAA doesn’t think the DMCA is working. Clearly, what they think is a failure is the small and flawed free speech safety valve of safe harbors from liability for ISPs. Their reasoning tends to the absurd, that because the trade association cannot monitor enough traffic to reach whatever its current goals are in curbing infringement through DMCA takedown requests, they think the law should be re-written to directly deputize ISPs to do their enforcement work for them.

feeds | grep links > Linux Foundation’s Compliance Program, Leaked Google Privacy Document, KDE 4.5, and More

Posted onAugust 11, 2010August 11, 2010Leave a comment

Day two of my trip and the main event, the Cassandra Summit, was excellent. Jet lag and tromping around San Francisco on foot this evening have wiped me out. The hotel WiFi has also decided not to cooperate, slowing down and acting generally very flakey.

Tomorrow I’ll be in training all day and then catching the red eye home. Not sure if or when I’ll be able to blog, so if you don’t even seen a list of links, you’ll know why and I’ll be back Thursday.

feeds | grep links > Internet Kill Switch, Fair Use before DRM in Brazil, and More

Posted onJuly 12, 2010July 12, 2010Leave a comment

Deconstructing the Internet kill switch
Bruce Schneier takes a detailed look at a legislative instituted internet kill switch, despite his skepticism over the law making, past and present, required to create one. The reasoning here is not very surprising if you pause to thinking about it for a moment, mostly that the very distributed and robust nature of the Internet by design makes it hard to even partially shut down or seal off. Worth reading the whole post if for nothing else than to help in communicating to the congress critters contemplating some variation of this idea.
Brazilian implementation of WCT puts fair use, public domain before DRM
As Michael Geist and other critics of the Canadian DMCA, C-32, have noted, all of its concessions to public interest are foiled by the fact that the use of DRM takes precedence over any fair dealing. Geist points explains how Brazil has taken the opposite approach with its local implementation of the WIPO Copyright Treaty, doing what the DMCA and C-32 both fail to, preserving critical limitations and exceptions into the application of copyright to digital technology. In other words, in Brazil, it will be legal to crack digital locks to access public domain works and to exercise fair use.
New version of bitcoin is released
Improved, optical ion trap may have applications in quantum computing
UK law firm gets into the business of mass pursuit of infringement purely for profit
The problem with the copyright permission culture
Via Techdirt
Army’s self driving trucks let humans watch for bombs

Following Up for the Week Ending 6/20/2010

Posted onJune 20, 2010June 20, 2010Leave a comment

Nintendo Drawing Scrutiny for Its DRM

Posted onMay 13, 2010Leave a comment

I saw this story yesterday and initially wasn’t going to comment. However, the more I considered it, the more I think this is worth calling out. At play here are not technical decisions and limitations, but rather business policies.

As John Mix Meyer at Wired explains, new models of Nintendo’s console are drawing to light limits surrounding the downloadable content of which many users have partaken. The inability to transfer downloaded games is an issue that owners of failed consoles had already encountered. It arises from tying of the downloads to a specific machine rather to a user account that would be de-coupled from any particular machine.

I seem to remember having to set up an account to buy credits which are necessary to expend on most downloads. As the article points out, the other two consoles do not suffer from this problem, allowing re-downloads to different consoles from the same account. The article does go on to explain that some owners have gotten titles transferred but with varying degrees of difficulty.

Regardless of the overall rate of success, there does appear to be an override and the issues described sound like they arise from policy, procedure or both.

While Nintendo says it is “looking into” allowing users to transfer games, Electronic Entertainment Design and Research analyst Jesse Divnich told Wired.com the company is working out the kinks in its digital distribution system. He expects the problem to be solved once Nintendo’s next-gen home console comes out.

As the owner of both a Wii and a DSi, I’ll add that lately Nintendo has been pushing hard in its newsletters on downloadable content. It seems a bit late in the game to work out these issues but hopefully they will avoid a disaster of Sony proportions when more folks opt to buy one of the newer model consoles or when the game maker eventually debuts their next generation console. I would go further and say a more proactive and consumer friendly response here would be a huge opportunity to earn a lot of customer goodwill when other consoles are repeatedly in the news, inspiring owner ire.

feeds | grep links > Flash DRM Version 2.0 and Mozilla Chief Departs

Posted onMay 12, 2010Leave a comment

Slow news day for me. Partly I think it is because Diaspora is just now making the rounds and I already wrote about it a few days ago. Much of the rest of the items I found made their way into my bucket for follow up stories.

Adobe adds selective output control to Flash DRM
I have no idea how widely used the previous version Flash Access was to try to gauge how likely typical users are to see this new version in action. In essence, as Chris Foreman at Ars Technica explains, it picks up all the worst ideas from HDTV and cable, allowing content providers to disable output through untrusted devices and selectively disable classes of output devicesaltogether.
Mozilla CEO is leaving
The Register has a link to John Lilly’s own words on his departure. It really doesn’t look like there is anything to worry about here (though I wouldn’t mind hearing the same, confidentially if necessary) from a Mozilla insider. Sounds like his first love is startups and Mozilla no longer fits the bill. Good luck to John in his future endeavors and to Mozilla in finding a new chief lizard wrangler.

Following Up for the Week Ending 5/2/2010

Posted onMay 2, 2010Leave a comment

feeds | grep links > Massive Gopher Torrent, Streaming DRM’s Ills, More Fennec on Android, and Suit Over Linux on PS3

Posted onApril 29, 2010Leave a comment

All of gopher space as a single download
Cory at Boing Boing has this bit of digital archiving. I was a bit surprised at the size of the data, given that gopher, a predecessor of the web, is only text. Still, making it available as a torrent makes a great deal of sense to help ensure this snapshot is preserved.
What’s wrong with streaming DRM
Nina Paley follows up on her decision not to pursue Netflix streaming of “Sita” because of the non-optional DRM. Mostly she takes apart the received wisdom that streaming content cannot be saved on a receiving system, anyway, so DRM doesn’t change the analysis. She explains how this is dangerous and leads to a sort of technical illiteracy that allows DRM to burrow deeper into the systems we use.
More details on Fennec pre-alpha for Android
Ryan Paul at Ars Technica has some more detail on the new build of Fennec now available for Android. In addition to his first hand observations in terms of its speed and usability, he digs a bit into the under the cover details. The build is a thin Java wrapper that uses JNI to thunk to native code. The Gecko rendering engine is used for much of the chrome as well as the web pages themselves. That may mean that the Android specific code is fairly small, easing my initial concerns about cost of maintaining the port.
Class action suit file against Sony for removing Linux from PS3
According to the Thinq article to which Slashdot links, the claim is deceptive and unfair trade practices. There may also be another lawsuit coming on this same issue. Sony is trying to use its EULA as a defense so the suit could test the validity of clickwrap licenses, at least in the California district where it is being pursued.

The Command Line

Exploring digital citizenry as a creator and a consumer.

Tag: DRM