Anti Piracy? The insider's view

NOTE: This post has been modified (censored) in order to hide everything that may cause an NDA violation or harm my previous employer. Piracy will always be... Primarily, because no one is allowed to talk publicly (for normal legal reasons) and talking to vendors directly brings no result at all... The following is about as much as one can tell about piracy without a risk...

Achtung! This article may contain unpleasant language. Read it at your own risk.

There is a lot of noise about piracy (both software and media) in the past few years. The noise is at all levels, starting with the security community and ending up with governments. In my (very) humble opinion, most of this noise is a bit less then bullshit. File sharing services are a good example. I mean no one being sane would attack car vendors because people are getting killed in accidents. No one would blame hummer vendors for hummers being used as a murder weapon in certain cases. Same applies to file sharing services. Those are tools. Not more than that. All this sounds quite stupid to me. If I have an option to download a fresh release of my favorite Linux distro in a couple of minutes using torrent, instead of spending about an hour downloading it from the official site, then, damned, I will use torrent and I don't give a fuck about torrent being used by pirates. Fighting legitimate tools instead of enforcing right coding policies is a good evidence of lack of intelligence on the side of software vendors combined with ignorance of media vendors and politicians. That pisses me off big time. And I am sure I am not alone.

Enough swearing (for now), let's take a look at how things are in reality on the example of BD+. I am not going to describe BD+ internals here or give any information in addition to what is publicly available. Besides, I do think that it could be a powerful media protection (…… …………… …………… ……………… …………………… …………… …………………… ………………… ……………… …  …… … ……… …… …….. ………………… …………………. …………… …………….. …………..), unless...

Studios

Studios invest huge amounts of money into the fight against piracy. I have to admit, that unlike governments, they are investing in protection like AACS (which has been cracked long time ago and is all about hiding the key these days) and BD+ (which is good, but is fully …….. ………. ……. ……..). Honestly, almost all that money goes in vain mostly thanks to software "developers". For some (unknown) reason, studios do not want to mess with that crap. Which is quite pity due to the fact that BD media is ……… …………….. ……………. ………………… …………………. …………………… ………………… ……. …………………. ………………….. ………………….. ………………… ………………….. ………….. …………. …………….. ……………….. …………………. .

BD+

If you have not heard about BD+ yet, then this article covers it quite well. Basically saying, BD+ is a virtual machine implemented in BD players and an executable code and data supplied on BD media. ………. ………….. …………… ………….. ………………… ……………… ……………… ……………… ………… …………….. ……………… ……………… ……………… ……………. ………… ………….. ……… ……….. ……….. …………….. ………………. …………………… …………….. …………… …………… …….. …………. …………………….. …………. .

Software BD Players

There are four software BD players - PowerDVD by CyberLink, WinDVD by Corel, TotalMedia Theatre by ArcSoft and Blu-Ray Player by Nero. Just four. As vulnerable as a kitten on a busy hwy. Certain people have been praising SlySoft team for reverse engineering software players and their implementation of the BD+ VM. I am not trying to say that it is not a piece of work. Just the amount of code that has to be reversed. But is it that hard to reverse the code that is barely protected? Even a n00b malware researcher can do it, especially given the fact that modern malware, sometimes, has heavier protection t………. ……… ………  ……. . 

Software players vendors may claim that they utilize the most recent versions of protection software like Themida and others... Well, they may keep claiming (in fact, I wrote to all four of them three months ago and got a response from only one of them this far). The facts tell us that they do not even know how to …….. …………… …………… …………….. …………… ………………….. ……………… …………… …….. …………… …………… …………….. …………… ………………….. ……………… …………… …….. …………… …………… …………….. …………… ………………….. ……………… ……………

Right now, about a year since BD players vendors …….. …….. …….. …….. …….. …….. …….. …….. in the way they "protect" their products. Everything one has to do in order to get unpacked code is …….. ……. ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… Protection you say?..

AnyDVD HD

AnyDVD HD is one of the two most popular BD rippers. ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… .

Hardware BD Players

"Our hardware BD player is impossible to hack!" C'mon! Do you really think so? That's the most stupid saying I've ever heard. Or are you trying to make a laugh of yourself? In this case it works perfectly.

It is right to say, that it is not always easy to get into a hardware BD player  ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… ……… your levels shifter to. This was the biggest problem in my case (……………………………………… ...) but not in case of Doom9. They've done that in a good way. Which is about the only extraordinary thing they did while hacking hardware implementations of BD players. In fact, there is no such thing as Hardware BD Player. There are devices that run Linux inside (or, may be another embedded OS) and have a software player that plays the media. Praising Doom9 for reversing hardware BD player is not that smart. Oh, may be just the part of getting the AACS keys. All the rest is …….. ……..…….. …….. …….. …….. …….. …….. …….. …….. …….. …….. …….. ……...

Code Protection? It seems like embedded "software developers" have not heard about it at all. ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… is simply wide opened for hacking. The possibility to login ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… should NEVER be used in production. Quite silly, if you ask me.

The best evidence of H/W BD players vendors' ignorance is the ……. ……… ……………. ……… ……………. ……… ……………. ……… ……………. ……… ……………. ……… ……………. ……… ……………. ……… ……………. ……… ……………. ……… ……….

Conclusion

Some of you may say that the article supposed to be about piracy, not about the protection of BD players. Well, it is about piracy. From my experience, BD player vendors, hardware and software as one, support piracy by constantly refusing to protect their products better. ……. ……… ……………. ……… ……………. ……… ……………. ……… ……………. ……… ……………. ……… ………. I tried to personally contact BD player vendors several months ago offering them assistance in armoring their code. Guess what was their reply? There was none... Well, there was one vendor that did reply, but they are not ready to change a thing. All the rest keep silence as if everything is good. One may say that BD+ is a pain in the ass for vendors. Well, it is. But it's vendors who make it painful instead of writing good secure code.

If I were one of the Studios, I would probably do my best to revoke all four. Especially those  ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… ……. ……… ……… The fact that BD rippers are better protected then BD players simply pisses me off big time.

The bottom line is, it would probably make more sense to require vendors to actually protect sensitive code instead of openly supporting piracy, rather then messing up with those downloading pirated content or using file sharing services. 

Stop being dumb, start acting.