Spore copy protection officially explained and de-bunked

via DVICE by Tom Chick on 9/17/08


It’s easier to curse the darkness than light a candle.

Actually, I might have butchered the saying, but that’s the appropriate way to put it when it comes to the copy protection issues with Spore, Electronic Arts’ amoeba-to-universe sim that supposedly limits you to three installs before shutting down for good. But while everyone else is cursing up a blue streak (witness the 2000 one-star ratings on Amazon.com), MTV’s gaming blog and Ars Technica decided to light a candle.

MTV published some reassuring comments from an EA spokesperson who avoided some of their questions, but said the copy protection restrictions were going to be eased up in the “near future”. She also said that if EA were to ever shut down the Spore servers, they’d patch out the DRM first so people could still play. How thoughtful, especially considering EA’s poor track record for keeping servers around for old games.

Ars Technica’s practical look at the issue was much more illuminating than the corporate platitudes MTV passed along. They poked around at how the actual copy protection works, trying multiple installs, contacting customer support, and even pretending to rent the game to get a new authentication code. They had no problem getting the game up and running, at least not related to copy protection. Ars Technica had the following conclusion:

…we left wondering if the DRM controversy might be more philosophical in nature than rooted in any real-world inconveniences.

Well, yeah, duh. But just because I haven’t stubbed my toe yet doesn’t mean I don’t have a problem with sitting in the dark. *&!@#&*!

This post is from our sister site, Fidgit, which is all about gaming. Head on over for more game news and reviews.

BioWare drops 10-day validation from Mass Effect PC

via Joystiq by Jason Dobson on 5/10/08

After stirring up a hornets’ nest of gamer contempt last week by announcing that the forthcoming PC flavor of Mass Effect would require re-validation every 10 days, BioWare community manager Jay Watamaniuk has come forward as the voice of reason on the game’s official forums, stating that the developer has now removed the “feature” from the game.

Instead of employing the previously revealed DRM madness, Watamaniuk explained that Mass Effect will include just a one time online authentication, allowing players to play the game once validated without the disc in the drive at all. That said, if any new content is downloaded, the game will again have to bite the disc to make sure it’s real. The caveat to all of this, however, is that each Mass Effect purchase will only be able to be installed a maximum of three times, news that has again incited us to pick up our torches and pitchforks and join the mob outside.

The New HD-DVD/Blu-Ray Hack: What It Might Mean For Us

Picture_7_8 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

That’s the so-called “Processing Key” that unlocks the heart of every HD-DVD disk to date. Happy Valentine’s day, AACS.

AACS, a DRM scheme used to encrypt data on HD-DVD and Blu-Ray disks, would appear to be cracked wide open by that short string of hexadecimal codes, as previously, only disk-specific Volume Keys were compromised. The new hack is the work of Arnezami, a hacker posting at the doom9 forums, fast becoming the front line in the war on DRM.

“The AACS is investigating the claims right regarding of the hack,” said AACS spokesporson Jacqueline Price. “It is going to take a appropriate action if it can be verified.”

Price said she could not disclose what their investigation might entail, or what “appropriate action” might be.

“We’ve just learned of this claim today and are checking into it,” said Andy Parsons, chair of the Blu-ray Disc Association and senior V.P. of product development at Pioneer Electronics, in an email.

The new crack follows that from earlier this year, when a hacker by the name of muslix64 broke the AACS system as it applied to each movie. While the earlier hack led to 100 HD-DVD titles and a small number of Blu-Ray movies being decrypted one-by-one, the so-called “processing keys” covers everything so far made.:

“Most of the time I spend studying the AACS papers,” Arnezami said in his forum post revealing the successful assault on the next-gen DRM system. “… what I wanted to do is “record” all changes in this part of memory during startup of the movie. Hopefully I would catch something insteresting. … I now had the feeling I had something. And I did. … Nothing was hacked, cracked or even reverse engineered btw: I only had to watch the “show” in my own memory. No debugger was used, no binaries changed.”

It’s not yet clear what it means for the consumer’s ability to copy movies, or, for that matter, that of mass-market piracy operations. The short form is that the user still needs a disk’s volume ID to deploy the processing key and break the AACS encryption — but getting the ID is surprisingly easy.

Arnezami found that they are not even random, but often obvious to the point of foolishness: one movie’s Volume ID turns out to be it’s own name and the date it was released. There isn’t yet an automatic system, however, that will copy any disk, in the manner of DeCSS-based DVD copying systems.

Even so, the new method completely compromises HD-DVD in principle, as it relies on AACS alone to encrypt data, even if there are other parts of the puzzle that are yet to fit together. Blu-Ray has two more levels of protection: ROM-MARK (a per factory watermark, which might revoke mass production rights from a factory but not, it seems individuals) and BD+, another encyption system, which hasn’t actually been used yet on sold disks (but which soon will be), meaning that its own status seems less obviously compromised.

How might the companies respond? The processing key can now be changed for future disks. However, the flaws inherent in the system make it appear easy to discover the replacement: the method of attack itself will be hard to offset without causing knock-on effects. For example, revoking player keys (in advance of obfuscating the keys in memory in future revisions of the system) would render current players unable to view future movies. Revoking the volume and processing keys that have been hacked would mean that all movies to date would not run on new players.

Publishers could randomly generate Volume IDs in future releases (as they are still needed for the current hack to work), which would make them harder to brute-force. That said, it’s claimed that the “specific structure” of the Volume ID in memory makes it feasible to brute-force randomized ones anyway.

Following are links to the current discussion at the doom9 forums, in which Arnezami and other provide regular updates on their progress. We don’t offer any warantee that the software implementations so far produced won’t blow up your computer or get you thrown in jail and whipped with wet towels by MPAA lawyers:

Proof of concept code for the process key hack is here: http://forum.doom9.org/showthread.php?p=953484#post953484

Implementation for Windows: http://forum.doom9.org/showthread.php?p=953496#post953496

Implementation for OSX: http://forum.doom9.org/showthread.php?p=953516#post953516a

Nokia XpressMusic 5700 cell phone ready for European tour


You can’t throw a Bluetooth earpiece without hitting a music phone these days, but Nokia’s latest multimedia phone adds something new to the field. What’s the word I’m looking for…? A turn? A spin? In any case, if you want to fire up music, video, or the 2-megapixel camera onboard the XpressMusic 5700, you just rotate the keypad. That’s quite a… um, bend? Loop-de-loop? I don’t know.

The 3G phone uses a an microSD card for storage, with a 2-GB card getting you about 1,500 songs. Possibly notable is its ability to play music protected with Windows Media Digital Rights Management (WM DRM) as well as MP3, AAC and MP4 files. “Stereo” speakers are built right in, and you get some no doubt really crappy earphones in the package, so you’ll probably be more inclined to use a pair of Bluetooth headphones (which probably aren’t included, despite some photographic clues) since, hey, you can with this baby.

The XpressMusic comes to Europe this spring and will cost 350 euros. No plans for any U.S. gigs at this time. Check out another pic of the XpressMusic after the jump.

Nokia, via Engadget


Apple’s Steve Jobs Calls for End of DRM

Apple CEO Steve Jobs has made a surprise call for the end of digital rights management technology, which is designed to stop copyrighted music from being shared illicitly. Jobs says Apple would sell only DRM-free music on iTunes if it could.

The revelation came in an open letter published on Apple’s Web site, which largely responds to concerns over DRM that have come from European countries such as Norway and France. Jobs offers three possible outcomes for the future, but highlights the abandonment of DRM by record companies as the best possible solution for consumers.

Because Apple leads the digital music market by a huge margin in both song downloads and hardware players with the iPod, legislators have told the company it needs to make iTunes compatible with competitors. Norway went so far as to declare the iPod illegal last month, as it locks users into buying music only from iTunes.

Jobs explains in the letter that Apple has determined it cannot open up its FairPlay DRM technology to others, because doing so would open the door for hackers. When negotiating terms with record labels, Jobs says, Apple was forced to stipulate that FairPlay would remain secure or the labels could pull their music from iTunes immediately.

The FairPlay DRM has been cracked in the past, but Apple has been quick to issue updates that close any loophole. “There is no theory of protecting content other than keeping secrets. In other words, even if one uses the most sophisticated cryptographic locks to protect the actual music, one must still “hide” the keys which unlock the music on the user’s computer or portable music player. No one has ever implemented a DRM system that does not depend on such secrets for its operation,” Jobs writes.

If Apple were to open FairPlay to third party manufacturers and music stores, controlling those secrets would be impossible, he adds. Referring to the Zune, Jobs adds, “Perhaps this same conclusion contributed to Microsoft’s recent decision to switch their emphasis from an “open” model of licensing their DRM to others to a “closed” model of offering a proprietary music store, proprietary jukebox software and proprietary players.”

Another solution moving forward is to continue on the same path, where companies sell music designed for specific players and protected by closed DRM systems. Microsoft, Sony and Apple all do this Jobs notes. He downplays “lock-in” concerns by explaining that only 22 songs are purchased from iTunes for every iPod sold, which indicates that the vast majority of iPods are filled with non-DRM music.

But the most controversial idea for the future is one Jobs says would create the best environment for both the marketplace and consumers alike: “abolish DRMs entirely.”

“Imagine a world where every online store sells DRM-free music encoded in open licensable formats. In such a world, any player can play music purchased from any store, and any store can sell music which is playable on all players. This is clearly the best alternative for consumers, and Apple would embrace it in a heartbeat,” Jobs writes. “If the big four music companies would license Apple their music without the requirement that it be protected with a DRM, we would switch to selling only DRM-free music on our iTunes store.”

He explains that most music is still sold on CDs, which have no built-in DRM technologies and can be freely copied and shared over the Internet. “So if the music companies are selling over 90 percent of their music DRM-free, what benefits do they get from selling the remaining small percentage of their music encumbered with a DRM system? There appear to be none.”

Jobs concludes his letter with a swipe at European regulators, noting that two and a half of the big four music labels are located in Europe, and says, “those unhappy with the current situation should redirect their energies towards persuading the music companies to sell their music DRM-free…Convincing them to license their music to Apple and others DRM-free will create a truly interoperable music marketplace. Apple will embrace this wholeheartedly.”

[originating url]

Sony And Universal To Restrict Zune Sharing

We all know by now that the Zune is certainly not the hottest DAP on the market. But after dealing with Microsoft and their “points” system and the crappy music store for Zune, we’re finding out that some of the songs you may have bought can’t be shared with other Zunes—not that you’d find another one near you anyways.

The culprits? Sony and Universal. They’ve made a select choosing of certain artists they don’t want shared between Zunes. Who’s affected? Check it:

Universal Music Group
• Prohibited Zune Sharing: Gwen Stefani, Snow Patrol, Eminem, Blue October, JoJo, Jay-Z;
• Accepted Zune Sharing: Nickelback, Nelly Furtado and Maria Careh;
Sony Music
• Prohibited Zune Sharing: Beyonce, Weird Al Yankovic (not sure if song is from Sony) and Ciara;
• Accepted Zune Sharing: Shakira, Wyclef Jean, The Fray, Christina Aguilera, John Mayer and Brad Paisley;

Keep in mind, this is just the tip of the iceberg. Many more artists are included and DRM restrictions are getting tighter. If you like a CD a lot, just go buy the hard copy so you can do what you want with it. Otherwise, you risk getting shafted.

Universal and Sony Don’t Like Zune to Zune Sharing [ClicZune]

[originating url]

Vista crippled by content protection

Collateral damage from Vista suicide note.

PC users around the globe may find driver software is stopped from working by Vista if it detects unauthorised content access. Peter Guttman, a security engineering researcher at New Zealand’s university of Auckland, has written A Cost Analysis of Windows Vista Content Protection. He reckons Vista is trying to achieve the impossible by protecting access to premium content. Users will find their PCs’ compromised by the persistent and continuous content access checks carried out by Vista.

Gutman thinks these checks and the associated increased in multimedia card hardware costs make Vista’s content protection specification ‘the longest suicide note in history.’

The core elements in Vista have been designed to protect access to premium content. The design requires changes in multimedia cards before Microsoft will support them for Vista use.

Content that is protected by digital rights management (DRM) must be sent across protected interfaces. This means cards using non-protected interfaces can’t be used by Vista PCs.

Disabling and degrading

Vista is disadvantaging high-end audio and video systems by openly disabling devices. The most common high-end audio output interface is S/PDIF (Sony/Philips Digital Interface Format) which doesn’t have any content protection. It must be disabled in a Vista system when DRM-protected content is being played. Equally a high-end component video interface (YPbPr) also has no content protection and must be disabled when protected video is being played.

– Vista covertly degrades playback quality. PC voice communications rely on automatic echo cancellation (AEC) in order to provide acceptable voice quality. This requires feeding back a sample of the audio mix into the echo cancellation subsystem, which isn’t permitted by Vista’s content protection scheme. This lowers PC voice communication quality because echo affects will still be present.

– This overt and covert degrading of quality is dynamic, not consistent. Whenever any audio derived from premium content is played on a Vista PC, the disabling of output devices and downgrading of signal quality takes place. If the premium content then fades away the outputs are re-enabled and signal quality climbs back up. Such system behaviour today indicates a driver error. With Vista it will be normal behaviour.

– Vista has another playback quality reduction measure. It requires that ‘any interface that provides high-quality output degrade the signal quality that passes through it if premium content is present. This is done through a “constrictor” that downgrades the signal to a much lower-quality one, then up-scales it again back to the original spec, but with a significant loss in quality.’ If this happens with a medical imaging application then artifacts introduced by the constrictor can ’cause mis-diagnoses and in extreme cases even become life-threatening.’

CPU cycle guzzling

The O/S will use much more of a PC’s CPU resource because ‘Vista’s content protection requires that devices (hardware and software drivers) set so-called “tilt bits” if they detect anything unusual … Vista polls video devices on each video frame displayed in order to check that all of the grenade pins (tilt bits) are still as they should be.’

Also ‘In order to prevent tampering with in-system communications, all communication flows have to be encrypted and/or authenticated. For example content sent to video devices has to be encrypted with AES-128.’ Encryption/decryption is known to be CPU-intensive

Device drivers in Vista are required to poll their underlying hardware every 30ms – thirty times a second – to ensure that everything appears correct.

It is apparent that Vista is going to use very much more of a PC’s resources than previous versions of Windows and degrade multi-media playback quality unless the user has purchased premium content from a Microsoft-approved resource.

Such over-reaching by Microsoft could prove to be the catalyst needed to spur increased takeup of Linux desktop operating software, or of Apple’s Mac OS.