What uses Divx DRM? I.e., Is there evidence of anyone actually trying and failing to break Divx?
Edit: I'd guessed we were talking about Divx (of the DivX codec fame) http://en.wikipedia.org/wiki/Divx , which apparently has some DRM products now and is owned by Rovio-formerly-known-as-Macrovision.
I don't think there's actual evidence of many people actually trying to play DIVX rental discs. I only ever bought a player and discs to try to defeat the DRM (and was way overmatched; I think I could break it today with what I know and maybe with a lab I could put on a platinum amex, but not sure)
Kocher's team also did BD+, which people definitely try to break, and BD+ has been successful in its "academic" goal (if not in its business goal). They're also behind some other notable DRM/Content Protection success stories.
How so? Every single BD+ update gets cracked pretty quickly by Slysoft (and several other apps now) and most Blu-rays are cracked, reencoded and pirated before or just after their release. It's not anywhere closed to the "uncrackable masterpiece" its creators marketed it like. It was even supposed to be "patchable" if flaws were found, but the patches are only stop-gap measures which are circumvented by Slysoft and others in just days.
BD+ is mostly just an annoyance for legit customers, but is hasn't been a major obstactle for pirates and backupers for years. The goal of BD+ was to stop software-based piracy of Blu-Rays and it failed miserably on that front.
Heh, if only you knew the stories behind all this.
What if I told you that the attackers had a 2-month head start on some discs due to insiders leaking them -- would that make a difference? What about if you found out that there weren't as many "rippers" as it seems because for a while, one of them was a "thin client with remote access to a competitor's ripper"?
Also, the "uncrackable" thing came from an external analyst who had no communication with anyone at the company and was obviously wrong.
BD+ _is_ renewable, meaning no single hack breaks the system for all time (unlike DVD-CSS). There's always something you can do, and with enough resources, it can still give attackers a challenge.
I'm not saying that BD+ is the most successful DRM scheme ever, but I do think it's done well given the particular environment. If you want an out-and-out success story from the same company (8 years, no hacks ever), see the CryptoFirewall. This is an apples and oranges comparison though.
Wow, it seems like you actually co-designed BD+, HN never ceases to amaze me.
It would be really cool if you could go into more detail, this is extremely interesting! Especially the second paragraph.
I'm far from an expert on BD+, so this is pure speculation, but it seems to me though as the patches doesn't work properly because they can't patch the fundumental part of BD+ which Slysoft has figured out. It would be really weird if Slysoft actually have managed to find a completely new flaw in BD+ for every BD+ patch that is released. It seems much more likely to me that the patches can't actually fix the flaw itself, they can just hide it or change some parameters/keys (which Slysoft know how to find), requiring Slysoft to constantly release new updates to "patch the patches". It may give Slysoft's developers a constant challenge, but it also seems gives them a constant unique selling point that they profit greatly from.
Is this correct or have Slysoft actually managed to find dozens of different exploits in BD+, one for every BD+ patch?
It wouldn't be the blu-ray bitstream but it would be the decoded digital video bitstream. It would need recompressing although from such a high quality source then generational loss should be fairly minimal.
It also would not get you any interactive elements which for some may be an issue although for others it may be preferable in this way.
Edit: I'd guessed we were talking about Divx (of the DivX codec fame) http://en.wikipedia.org/wiki/Divx , which apparently has some DRM products now and is owned by Rovio-formerly-known-as-Macrovision.