[from ntk]
Just when you thought you'd wait forever for a free DVD
player, along come two cracks at once. The first was the
leaking onto the Linux LIVID player mailing list of the DVD
Content Scrambling System code used by the Jon Johansen's
cracker for Windows, DeCSS. Bits of the code was already
written and GPL'd by Derek Fawcus - which means that the
rest of the code could end up under GPL - hence the leak.
More importantly, though, it also meant that the CSS
decryption algorithm was now open to public scrutiny. It
only took a few hours to confirm what everyone's been
suspecting for a while. The CSS decryption system sucks. It
works by storing a whole bunch of keys on each DVD. Industry
overseers, the DVD Forum, hand out one matching decryption
key to each manufacturer: if any of these company's
equipment got cracked, future DVD disc's were to be pressed
without this key, making the crack (and that company's
hardware) unusable with new movies. Quite whether the Forum
would ever dare to carry out this threat against its own
licensees is unclear. It's a bit moot now, though, since
open cryptanalysis of the CSS algorithm showed that it was
possible to brute force *all* of the current keys in a few
days. In order to preserve the system, the DVD Forum would
have to disable all keys, turning every hardware player sold
so far into a pile of scrap iron. Boy, these Hollywood guys
are *smart*, aren't they?
http://livid.on.openprojects.net/pipermail/livid-dev/1999-October/000548.html
- the story in a nutshell
http://livid.on.openprojects.net/pipermail/livid-dev/1999-October/000430.html
- next round: let me see you wobble those tracks
