Wednesday, December 12, 2007

DRM explained and hacked


Windows Media DRM is used in the BBC's iPlayer
Windows Media DRM is a Microsoft-produced copyright protection system intended to "securely deliver content for playback on computers, portable devices and network devices".
The system has been updated several times since it was first released in 1999. The most up-to-date release is version 11.
Various tools have been created to strip files of the DRM, such as FairUse4WM, a program released in August 2006 by a hacker named Viodentia.
Nine days after the crack first appeared, Microsoft released a new version to prevent FairUse4WM from working. Within three days hackers released a new version of the tool.
The tool can be used to strip DRM from programmes with the BBC iPlayer.
On 13 July, a new version of the tool called 1.3fix-2 was released. It can be used with Windows Vista and can also strip DRM from songs downloaded from Microsoft's online music store, Zune Marketplace.


Several tools have been released to circumvent FairPlay
FairPlay is the DRM of choice for Apple products.
It is built into the Quick Time media player and is used by the iPhone and iPod. Protected music from the iTunes store also uses the system.
Users can copy downloaded songs to a CD and then copy the disc back on to the computer to remove the DRM - but the quality of the music is affected.
The first tool to circumvent FairPlay was a program called QTFairUse, released by infamous hacker Jon Lech Johansen, in November 2003.
Since then several versions of the program have been distributed to keep up to date with new versions of iTunes and FairPlay.
Other programs such as Playfair, Hymn and JHymn have also been developed to get around FairPlay. Following updates to the DRM and legal action by Apple, these systems no longer work.


AACS is used by both next generation DVD formats
The Advanced Access Content System (AACS) is the DRM of choice for next generation HD DVD and Blu-ray discs.
It was first introduced on high definition discs in June 2006 and uses a system of keys to decrypt content in a player.
These keys can be revoked by the AACS licensing authority if compromised.
Six months after the first discs hit shelves, a hacker known as muslix64 released a tool called BackupHDDVD which circumvented AACS on a Windows PC. Several other similar tools followed.
Many keys were made available on the internet.
In April this year, hackers discovered a method to retrieve the crucial keys using a tweaked HD DVD drive for an Xbox 360. The hack still works even when keys are revoked.


Many of the tools allow DVDs to run on open source software
Content Scramble System (CSS) is used on almost all commercially produced DVD-Video discs.
It was first introduced in 1996 by the DVD consortium.
In 1999, hacker Jon Lech Johnasen, along with two anonymous hackers, cracked the system and distributed the DeCSS tool on the internet.
Following its release, the system was also found to be susceptible to a so-called brute force attack, where thousands of different codes are tried in order to break the encryption.
On average, the DRM could be stripped off a movie in 24 hours using this method.
Since 1999, hundreds of different variants have appeared on the net, many developed to add DVD support to open source movie players.

No comments: