Maybe there's a scheme here to prevent good DRM by flooding the market with highly inflated impressive-sounding claims attached to laughable security. The Old Media crowd won't be able to solve the Design Paradox (http://www.paulgraham.com/gh.html) well enough to tell who's lying, good designs won't be able to charge more than laughable competition, and the DRM field will slowly die.
I have this theory that some DRM schemes were intentionally sabotaged by engineers (DVD CSS comes to mind) to be weaker than they could be, for moral reasons.
Though there is no organized conspiracy, this is actually not far from the truth, especially in some areas of content protection. Companies that don't have the in-house technical expertise (music labels), working from an unprotected distribution system (audio CD) are at a particular disadvantage.
At the other end of the spectrum, you have satellite TV. In this area, a lot of money invested and full control of the playback platform have resulted in some strong systems. But still, it took a long time and a lot of cracks of intermediate systems for this industry to become the success story it is today.
Disclaimer: I worked for a company involved in the above.
Has anyone pointed out that "BrainsTrust" (in the UK at least) is mostly used sarcastically to mean a stupid/idiotic person. So I think you are onto something here.
that sounds like all the consulting the big names provide to _yourfavoritegovernmentagencyhere_ in _yourengineeringprojectofchoice_ .
i used to think they did it on purpose, but now i'm starting to think they're just stupid and they actually think they're doing a good job.
A friend of mine sent me a research study on security standards for healthcare and they did suggestions on what to do. it boiled down to this:
in essence all they were saying was use decade old crypto that everyone else already uses, we're just stuck in the past, but i'll make it sound like i just invented something new.
"Video content is protected with our BrainTrust™ DRM, and is unplayable except by a legitimate owner. All aspects of the platform feature a near-ridiculous level of security."
The whole thing is a marketing "worst-of". They consistently advertise their products as "unique, brilliant, revolutionary", "magical, user-friendly, powerful", and "your only option".
You cannot simultaneously crow "hurr, DRM is broken!" and act all smug about this discovery. Perhaps the original developer, like you, understood this, and did the absolute bare minimum necessary to fulfil commercial obligations, all the while making it easier for people like himself (i.e. you) to get what they want, and making a few bucks from the old and dying media industry all at the same time.
Given the evidence (complex integration with a non-standard set of open source libs, complex industry area in general), I'd say it's almost certainly an insult to imagine the developer could not have made your life harder if he'd chosen to.
Please, if anything commend the dear fellow, and shame on whoever considered a momentary glimpse of Google Plus limelight worth making this guy's Tuesday morning and ongoing professional reputation much harder earned than it otherwise might have been.
Please, if anything commend the dear fellow, and shame on whoever considered a momentary glimpse of Google Plus limelight worth making this guy's Tuesday morning and ongoing professional reputation much harder earned than it otherwise might have been.
The developer(s) created a product that didn't do even 10% of what was advertised and now must face the consequences. Why is that bad? Their professional reputation should suffer if the quality of their work is poor.
Applying Occam's Razor, it is far more likely that incompetence is in play here, rather than a well organized conspiracy to weaken the DRM peddled by a virtually unknown company, thus Doing Their Part to bring easily decryptable media to the internet proletariat (and it would've worked, too, if it weren't for those meddling kids!)
You're right, actually. I'm glad it's broken, because it's a lot easier for me to watch the videos I purchased without the DRM. I was just struck by the audacity of their marketing claims.
As a developer, it's your reputation to protect. If you choose to do substandard work, for whatever reason (be it for the money or for glory), you know the risk you take to your reputation.
If you're really doing it for moral reasons, you won't keep quiet and make a buck while doing it. If you're opposed to drugs, you don't become a drug dealer and make loads of money selling lower quality drugs.
i think you can be stronger than that. it's clearly written to show to the "discoverer" that it's only a gesture. i would have thought anyone with an ounce of compassion and empathy would have smiled and kept quiet.
broadcasting this, and likely harming the developer, for internet points, is a pretty poor move.
Looks like they know they cannot offer a video platform without providing DRM, because the media industry demands it, and they also know that trying to implement unbreakable DRM is futile. Therefore, they just need to implement the minimum needed to convince the media suppliers that their content is really DRM'd.
All DRM is a non-solution really. Some are just non-er than others.
Its like the first law of "info-dynamics": 'If you can watch it, you can copy it'.
Anyone actually paying for a DRM scheme feels to me to be of the same caliber as someone investing in a perpetual motion machine. They're determined to get ripped off throwing good money after bad. Why try any harder than you have to to accept their money?
While this is a particularly terrible DRM system for videos and I'm sure there are some really pissed off people at media companies who are learning this the hard way, in practice this is really no worse than any other video DRM system out there when it comes to stopping piracy.
HDCP is cracked, the genie is out of the bottle and there's no practical way to put it back in without causing a consumer uproar. All you can do technically is try to prevent super casual pirating of digital content, because the tech savvy can't be stopped by any practical solution. (Of course, even if HDCP wasn't cracked the analog loophole would still render DRM on any non-interactive content mostly useless).
So ultimately this stupid system (even now that it is 'cracked') is still about as effective as any other when it comes to stopping that super casual pirating.
I would like to propose that DRM is not intended to be uncrackable. It's easy to convince yourself that DRM is flawed, because fundamentally it is a flawed tool. Companies know this, they're not stupid. However, DRM is actually not a technical tool to prevent piracy. Rather, DRM is a legal tool to provide stronger legal arguments that theft has occurred.
I'm not saying this is right, necessarily, but I think companies know full well that their DRM scheme will be broken, so it's not really worth investing in an "uncrackable" and costly solution. Instead, the role that DRM play is purely legal -- when the company does decide to go after someone for piracy, the DRM scheme, no matter how simple, provides them with the ability to say that the accused person "broke a lock," rather than simply walking in through an unlocked door. "Entering" vs. "breaking and entering." It's nothing but legal leverage, and effective at that role even if it's not a very strong lock.
Of course, to have this argument hold, a company would never be able to admit that they purposefully implemented weak security -- this would be akin to admitting that their door was unlocked afterall, and would weaken their legal argument. Therefore, there remains a niche in the market for solutions that look secure even if they fundamentally aren't. It's all about lip service.
In the US, the DMCA more or less makes it illegal to reverse-engineer DRM regardless of how easy it is to crack.
The DRM could be as simple as the code being "A" to bypass the DRM and if you do so, you have broken the law. Even providing that "A" to someone else would be illegal, look at all the silliness over the dvd copy protection fiasco. Therefore, they don't even have to pretend that the DRM is strong, just saying it's there is probably enough.
It's one reason printer cartridges have chips that communicate to the printer. Reverse-engineering that to provide third-party cartridges is illegal. Well, it used to be, I'm not sure over current policy as the DMCA has a back door for exceptions.
For PC games, the DRM is often employed to prevent piracy for the first two or three weeks because typically that's the highest level of sales. After that point it is usually cracked but sales often have dipped anyway. In some cases the DRM is removed in a patch at some point, often because the DRM causes problems for people who paid for the game, which kills long-term sales. Ubisoft recently changed their policies on having a seriously strict DRM to one that is more flexible; many thinking because it hurt their sales and that it was useless anyway.
No one thinks of DRM as a long term solution since it is only a matter of time before someone cracks it.
I did a lot of reverse engineering back in the day - you'd be surprised how many "virtually uncrackable" DRM protections used by companies like Adobe (at the time - Macromedia) that were just stupid XORs of magic strings.
Ahh..the good old days of SoftICE and w32disassm.
Oh man, the worst was the md5 of some salt + whatever you put in.
If you ever want to see some gems of misuse of cryptography for DRM management, let me know - email's in my profile.
Some examples: Using RSA 1024 bit keys, with exponent of 3...
This could very well be a simple bug where it's supopsed to XOR with some really random string generated on the server, but some replacement of a template string isn't happening which is why it XORs with RANDOM_STRING.
Of course this is only marginally better and should really have been caught, but there's a huge difference between saying that XORing 12 bytes with RANDOM_STRING is kick-ass DRM and actually having a kick-ass DRM infrastructure that then doesn't work right because of a bug.
If this was any really random looking string, I would be more inclined to assume that this was intentional. By the string being this token, I would guess it's a bug somewhere.
Remember. If RANDOM_STRING was truly random, unique per file and account and only transmitted from the server before playing, then this would be as good an encryption as any.
That wouldn't be better. Intercepting the decoded movie is trivial either way. Finding the encryption scheme was just a fun exercise and discovering the random string (even if it isn't "RANDOM_STRING") once you have the decrypted copy is trivial as well.
My understanding is that when using the xor cipher, even if the key is truely random, the file could still be trivially completely decrypted for a repeating key. It seems like a rather unwieldy cipher if you need to download a key which is nearly the same size as the video file.
This is apparently why the DMCA anti-circumvention provisions only apply to bypassing "effective copy protection" systems.
Of course, if a copy protection system was "effective" it wouldn't need a law prohibiting its circumvention. Conversely, if a copy protection system is circumventable, it's not effective.
This is roughly the level of programming I expect from DRM software. After all, the content needs to be in unencrypted format at some point to view it.[1] Therefore there are two kinds of programmers working on DRM, idiots and liars. One kind does not understand the futility of their efforts, the other kind wagers that there superiors do not understand the futility of their efforts.
[1] Assuming a general computation device, not a dedicated hardware player.
Precisely. They've gone to an effort which should invoke the DMCA (as ridiculous as that is) and they have a bullet point somewhere on a power point they can show to content creators that says DRM.
Those are the practical uses of any DRM technology one might ever devise.
Sure, you could throw in more than 5 seconds of security-through-obscurity, but why bother?
You might try asking Slysoft, which has to continually release new betas of AnyDVD HD as Macrovision randomly decides to break their software with updates of BD+.
Or, you could ask all the people who used to make 6 figures dealing H-cards for DirecTV, but can't anymore.
We use simplifications when we teach things (eg crypto) to people.
When people learn about cryptography they learn that one time pads (OTP) are the only mathematically provable secure cryptography. Everything else is thought to be secure, but we don't know.
Then they learn why OTPs are not used more often. (You need a pad as large as the text you want to encrypt; the pad must be really random; you must never reuse the pads; you have to get the pads to the person doing the encrypting and decrypting.)
And then they learn a bit more and one of the simplifications they learn is to XOR a bit of text with a string; they encrypt plaintext with a key. This is not a real crypto system, it's just a silly little demonstration.
But a disturbing number of people seem to stop there and say something like "Let's use XOR and a secret key and it's a bit like a OTP so super secure!!" but they forget that you must have a pad as large as the plain text.
So their crypto system is really very very weak.
Other DRM systems have been broken, but usually by smart people working hard with advanced techniques.
I could have broken this system.
The other thing that's bad about it is that it is ridiculously easy to intercept the decrypted files and copy those.
So they've sold a system to small un-clueful content distributors and they've used hyperbole to do so.
And the law prevents us from telling those content distributors because we're not allowed to circumvent a technical copyright protection method.
The business goal behind most of these "protection" methods is to make unauthorized (unpaid) copying/sharing inconvenient. That's it. There are no commercially feasible methods to protect video or audio content against "a determined hacker", but that's not what these barriers are for. You can make fun of these laughable encryption methods all you want, but they serve their purpose by providing the desired purchase to piracy ratio.
The problem is marketing folks getting carried away when describing these "technology solutions" to the content owner, because that's what they (as well as VCs) want to hear.
Disclaimer: cofounded a video CDN+DRM provider more than a decade ago, developed many content protection methods over the years.
What the hell? That implies someone who can't implement security themselves was tasked with the design of said security. Actually, that sounds about right ..
Ha, so the key really was "RANDOM_STRING", in the literal sense...was that just the programmer giving up, or was that pseudocode that was missed during shipping?
Can someone explain how he got a hold of the decrypted .mov files that he compared the encrypted ones with? It's not very clear to me from the post, and I'm not familiar with Leaping Brain.
Either way.. wow... XOR encryption with just such a short repeating string! I bet it wouldn't be too hard to decrypt it even without the original file, since the file signature alone would probably be longer than the string. DISCLAIMER: I'm just speculating, I don't know the .mov specs.
To be fair, when I read the title I thought that if the string is truly random then it's actually a very good technique. This is the core operating principle behind the one-time pad which is provably secure.
Now that I read the article twice, I literally got a panic attack when I realized that it wasn't a random string that they were xor'ing their data with, but a string called "RANDOM_STRING". Although it sounds bad, one must realize that this is not security by obscurity since the key has been leaked, and nobody guarantees encryption against a leaked key.
Anyone who has taken Computer Security 101 would know that security through obscurity is not the smartest thing to do. Calling it "near-ridiculous level of security." is downright blasphemy.
You know what's absolutely terrifying? This guy could conceivably go to jail for this. Looks like he has kids, presumably a wife... hoping it goes well for him.
[+] [-] Eliezer|13 years ago|reply
[+] [-] jwr|13 years ago|reply
[+] [-] KateLawson|13 years ago|reply
At the other end of the spectrum, you have satellite TV. In this area, a lot of money invested and full control of the playback platform have resulted in some strong systems. But still, it took a long time and a lot of cracks of intermediate systems for this industry to become the success story it is today.
Disclaimer: I worked for a company involved in the above.
[+] [-] damian2000|13 years ago|reply
[+] [-] corwinstephen|13 years ago|reply
[+] [-] rjzzleep|13 years ago|reply
i used to think they did it on purpose, but now i'm starting to think they're just stupid and they actually think they're doing a good job.
A friend of mine sent me a research study on security standards for healthcare and they did suggestions on what to do. it boiled down to this: in essence all they were saying was use decade old crypto that everyone else already uses, we're just stuck in the past, but i'll make it sound like i just invented something new.
i wish i could find the link.
[+] [-] jacquesm|13 years ago|reply
What's impressive is how long silly schemes (this one in particular) stay afloat!
[+] [-] jes5199|13 years ago|reply
[+] [-] mturmon|13 years ago|reply
"Video content is protected with our BrainTrust™ DRM, and is unplayable except by a legitimate owner. All aspects of the platform feature a near-ridiculous level of security."
Near-ridiculous security seems about right.
[+] [-] STRML|13 years ago|reply
The real laugh-out-loud moment is this tagline (http://leapingbrain.com/mod-machine/overview/):
"Forget crappy streaming systems and primitive, unprotected loose movie file downloads that make your products seem like a joke."
[+] [-] theorique|13 years ago|reply
Not just near ridiculous, it is truly ridiculous!
[+] [-] hosay123|13 years ago|reply
Given the evidence (complex integration with a non-standard set of open source libs, complex industry area in general), I'd say it's almost certainly an insult to imagine the developer could not have made your life harder if he'd chosen to.
Please, if anything commend the dear fellow, and shame on whoever considered a momentary glimpse of Google Plus limelight worth making this guy's Tuesday morning and ongoing professional reputation much harder earned than it otherwise might have been.
"No good deed goes unpunished"
[+] [-] charonn0|13 years ago|reply
The developer(s) created a product that didn't do even 10% of what was advertised and now must face the consequences. Why is that bad? Their professional reputation should suffer if the quality of their work is poor.
[+] [-] kstenerud|13 years ago|reply
[+] [-] asherlangton|13 years ago|reply
[+] [-] RobAley|13 years ago|reply
If you're really doing it for moral reasons, you won't keep quiet and make a buck while doing it. If you're opposed to drugs, you don't become a drug dealer and make loads of money selling lower quality drugs.
[+] [-] andrewcooke|13 years ago|reply
broadcasting this, and likely harming the developer, for internet points, is a pretty poor move.
[+] [-] AmirS2|13 years ago|reply
Looks like they know they cannot offer a video platform without providing DRM, because the media industry demands it, and they also know that trying to implement unbreakable DRM is futile. Therefore, they just need to implement the minimum needed to convince the media suppliers that their content is really DRM'd.
[+] [-] toyg|13 years ago|reply
This is why I'll never be rich: I am utterly unable to sell crappy non-solutions to people with more money than knowledge.
[+] [-] noonespecial|13 years ago|reply
Its like the first law of "info-dynamics": 'If you can watch it, you can copy it'.
Anyone actually paying for a DRM scheme feels to me to be of the same caliber as someone investing in a perpetual motion machine. They're determined to get ripped off throwing good money after bad. Why try any harder than you have to to accept their money?
[+] [-] lutze|13 years ago|reply
[+] [-] dmix|13 years ago|reply
This is why us engineers quietly keep the world running.
[+] [-] blinkingled|13 years ago|reply
http://leapingbrain.com/about/ - all of them seem to be proudly listed there. Gotta watch the page for disappearances :)
[+] [-] georgemcbay|13 years ago|reply
HDCP is cracked, the genie is out of the bottle and there's no practical way to put it back in without causing a consumer uproar. All you can do technically is try to prevent super casual pirating of digital content, because the tech savvy can't be stopped by any practical solution. (Of course, even if HDCP wasn't cracked the analog loophole would still render DRM on any non-interactive content mostly useless).
So ultimately this stupid system (even now that it is 'cracked') is still about as effective as any other when it comes to stopping that super casual pirating.
[+] [-] Karunamon|13 years ago|reply
[+] [-] radarsat1|13 years ago|reply
I'm not saying this is right, necessarily, but I think companies know full well that their DRM scheme will be broken, so it's not really worth investing in an "uncrackable" and costly solution. Instead, the role that DRM play is purely legal -- when the company does decide to go after someone for piracy, the DRM scheme, no matter how simple, provides them with the ability to say that the accused person "broke a lock," rather than simply walking in through an unlocked door. "Entering" vs. "breaking and entering." It's nothing but legal leverage, and effective at that role even if it's not a very strong lock.
Of course, to have this argument hold, a company would never be able to admit that they purposefully implemented weak security -- this would be akin to admitting that their door was unlocked afterall, and would weaken their legal argument. Therefore, there remains a niche in the market for solutions that look secure even if they fundamentally aren't. It's all about lip service.
[+] [-] talmand|13 years ago|reply
The DRM could be as simple as the code being "A" to bypass the DRM and if you do so, you have broken the law. Even providing that "A" to someone else would be illegal, look at all the silliness over the dvd copy protection fiasco. Therefore, they don't even have to pretend that the DRM is strong, just saying it's there is probably enough.
It's one reason printer cartridges have chips that communicate to the printer. Reverse-engineering that to provide third-party cartridges is illegal. Well, it used to be, I'm not sure over current policy as the DMCA has a back door for exceptions.
For PC games, the DRM is often employed to prevent piracy for the first two or three weeks because typically that's the highest level of sales. After that point it is usually cracked but sales often have dipped anyway. In some cases the DRM is removed in a patch at some point, often because the DRM causes problems for people who paid for the game, which kills long-term sales. Ubisoft recently changed their policies on having a seriously strict DRM to one that is more flexible; many thinking because it hurt their sales and that it was useless anyway.
No one thinks of DRM as a long term solution since it is only a matter of time before someone cracks it.
[+] [-] mahmoudimus|13 years ago|reply
Ahh..the good old days of SoftICE and w32disassm.
Oh man, the worst was the md5 of some salt + whatever you put in.
If you ever want to see some gems of misuse of cryptography for DRM management, let me know - email's in my profile.
Some examples: Using RSA 1024 bit keys, with exponent of 3...
[+] [-] pbsd|13 years ago|reply
[+] [-] pilif|13 years ago|reply
Of course this is only marginally better and should really have been caught, but there's a huge difference between saying that XORing 12 bytes with RANDOM_STRING is kick-ass DRM and actually having a kick-ass DRM infrastructure that then doesn't work right because of a bug.
If this was any really random looking string, I would be more inclined to assume that this was intentional. By the string being this token, I would guess it's a bug somewhere.
Remember. If RANDOM_STRING was truly random, unique per file and account and only transmitted from the server before playing, then this would be as good an encryption as any.
[+] [-] jhuckestein|13 years ago|reply
[+] [-] harshpotatoes|13 years ago|reply
[+] [-] marshray|13 years ago|reply
Of course, if a copy protection system was "effective" it wouldn't need a law prohibiting its circumvention. Conversely, if a copy protection system is circumventable, it's not effective.
[+] [-] yk|13 years ago|reply
[1] Assuming a general computation device, not a dedicated hardware player.
[+] [-] asdfaoeu|13 years ago|reply
[+] [-] lotyrin|13 years ago|reply
Those are the practical uses of any DRM technology one might ever devise.
Sure, you could throw in more than 5 seconds of security-through-obscurity, but why bother?
[+] [-] tptacek|13 years ago|reply
Or, you could ask all the people who used to make 6 figures dealing H-cards for DirecTV, but can't anymore.
[+] [-] DanBC|13 years ago|reply
When people learn about cryptography they learn that one time pads (OTP) are the only mathematically provable secure cryptography. Everything else is thought to be secure, but we don't know.
Then they learn why OTPs are not used more often. (You need a pad as large as the text you want to encrypt; the pad must be really random; you must never reuse the pads; you have to get the pads to the person doing the encrypting and decrypting.)
And then they learn a bit more and one of the simplifications they learn is to XOR a bit of text with a string; they encrypt plaintext with a key. This is not a real crypto system, it's just a silly little demonstration.
But a disturbing number of people seem to stop there and say something like "Let's use XOR and a secret key and it's a bit like a OTP so super secure!!" but they forget that you must have a pad as large as the plain text.
So their crypto system is really very very weak.
Other DRM systems have been broken, but usually by smart people working hard with advanced techniques.
I could have broken this system.
The other thing that's bad about it is that it is ridiculously easy to intercept the decrypted files and copy those.
So they've sold a system to small un-clueful content distributors and they've used hyperbole to do so.
And the law prevents us from telling those content distributors because we're not allowed to circumvent a technical copyright protection method.
[+] [-] photorized|13 years ago|reply
The problem is marketing folks getting carried away when describing these "technology solutions" to the content owner, because that's what they (as well as VCs) want to hear.
Disclaimer: cofounded a video CDN+DRM provider more than a decade ago, developed many content protection methods over the years.
[+] [-] joezydeco|13 years ago|reply
[+] [-] mahmud|13 years ago|reply
[+] [-] ataggart|13 years ago|reply
[+] [-] danso|13 years ago|reply
[+] [-] pav3l|13 years ago|reply
Either way.. wow... XOR encryption with just such a short repeating string! I bet it wouldn't be too hard to decrypt it even without the original file, since the file signature alone would probably be longer than the string. DISCLAIMER: I'm just speculating, I don't know the .mov specs.
[+] [-] anonymous|13 years ago|reply
First rule of weak DRM, you do not talk when you find weak DRM.
Second rule of weak DRM, you DO NOT talk when you find weak DRM.
Third rule of weak DRM, upload to pastebin, then walk away.
[+] [-] billpg|13 years ago|reply
How am I supposed to take weak DRM seriously when it has a third rule but no second rule?
:)
[+] [-] shocks|13 years ago|reply
Well... They weren't lying...
[+] [-] sigkill|13 years ago|reply
Now that I read the article twice, I literally got a panic attack when I realized that it wasn't a random string that they were xor'ing their data with, but a string called "RANDOM_STRING". Although it sounds bad, one must realize that this is not security by obscurity since the key has been leaked, and nobody guarantees encryption against a leaked key.
[+] [-] i0exception|13 years ago|reply
[+] [-] jcromartie|13 years ago|reply