P2P

And the saga continues. The content protection system used on next generation HD capable DVD’s (AACS) was recently compromised through an exploit in the popular WinDVD software made by Intervideo. In a departure from the standard definition DVD encryption spec (CSS), AACS allows for the publishers to revoke keys handed out to specific licensees, if those licensees somehow misbehave or compromise the system.

Due to the revocation, WinDVD users must upgrade to a new version — containing a new key — if they want to watch the HD-DVD’s they own.

DeCSS rendered useless the entire CSS system on first gen DVD’s, making copying, ripping and backups a trivial procedure. So far, the AACS equivalent remains elusive. However, you can bet that someone somewhere is hard at work on a way to compromise AACS again, either in a short term single key crack — like the one we’ve seen here — or a longer term, system wide crack. There isn’t a single known DRM system worth cracking that hasn’t been cracked, multiple times; AACS will likely be no different.

[via Slashdot]

Students beware, Cary Sherman is out to take you down. The RIAA chairman was on Capitol Hill this week to testify in front of a House Judiciary Subcommittee on courts, the Internet and intellectual property. Sherman told Congress that music has never been more popular, adding that college students are the RIAA’s current pet peeve.

The RIAA warns it will go after college students with a renewed vigor, and indeed the organization has sent letters to hundreds of students at 13 U.S. universities in recent weeks demanding a steep financial settlement and warning students of coming federal lawsuits if settlements aren’t addressed quickly and paid in full. The average cost of defending against an RIAA lawsuit ranges into the tens of thousands of dollars, even though evidence of any wrong-doing presented may be flimsy at best.

The ongoing saga of HD-DVD’s failing Digital Rights Management scheme continues to be of great interest. First the in-memory keys were found with a little bit of prying. Useful for making a backup copy of one movie, but if you wanted to copy another, you needed the accompanying key. This week we found out that a member of the notorious Doom9 forums found the other key details making a non-industry approved decoding library only a few academic steps away. It’s not the holy grail of HD-DVD decryption (as DeCSS was to DVDs) but, through a quirk it’s actually a very serious rights management hack, for now.

Alex Halderman of Freedom To Tinker explains, “due to a strange quirk in the way the processing keys used on existing discs were selected, the key Arnezami published apparently can be used to decrypt every HD-DVD or Blu-Ray disc on the market. For the time being, knowing Arnezami’s processing key is as powerful as knowing a device key. For instance, someone could use the processing key to build a player or ripper that is able to treat all current discs as if they were unencrypted.” Halderman’s write-up of the events over the last few weeks isn’t riveting, but for any DRM-geek, or DRM-geek wannabe, it’s a must read.

Tsk. Tsk. Tsk. We keep reminding the content producers that DRM is a failed experiment, and reminding you that DRM isn’t a content protection scheme, but rather a customer lock-in strategy. At least you’re listening, the content distributors are still missing the boat. We’re only weeks (if not days) away from the first in a long line of HD-DVD decryption apps, libraries and utilities.

RIAA defendant Robert Santangelo has taken up an unusual tactic against the recording industry’s lawsuit, he’s sued back. Santangelo has filed counter-suit against the RIAA claiming defamation, violation of anti-trust laws, conspiricy to defraud the courts and making extortionate threats.

According to The Inquirer, “Robert Santangelo and his lawyer, Jordan Glass, have raised 32 defenses against the music industry’s charges. Amongst Robert’s defense is the information that all the music that it was claimed he downloaded he already owned on shop bought CDs.”

Robert Santangelo was 11 years old when the RIAA sued his mother in a civil action claiming copyright infringement. Mrs. Santangelo fought back, she hired a lawyer named Ray Beckerman (who has since become a well known piracy defense lawyer and maintains a popular law blog known as Recording Industry vs. The People) and eventually the case against her was dropped, at which point the RIAA sued her two children separately.

Take the jump to watch Robert’s mother Patti Santangelo on several popular morning shows during the media blitz which followed the original lawsuit against her.

If profit isn’t your motive, then swapping pirated music, movies and software via P2P isn’t illegal. That’s what a high court in Italy ruled last month, marking yet another blow for enforcement efforts by the recording, software and motion picture industry trade groups.

According to the Associated Press, “The court’s decision [...] overturns earlier convictions against two former Turin Polytechnic Institute students who set up in 1994 a peer-to-peer, file-sharing network that was shut down within months.” The students were each sentenced to one year in jail, which had already been reduced to 3 months upon appeal, a point which this ruling makes moot.

The ruling does not have any effect on the legality of violating the terms of copyright within the country, but does appear to decriminalize the act of file-sharing in and of itself.

Well, the controversy over whether BackupHDDVD actually does anything like, you know, ripping HD-DVD movies appears to be over. Several movie rips, including Serenity have already made their way to BitTorrent trackers.

The breakthrough came when members of the Doom9 Forum tracked down several unique memory keys that BackupHDDVD needs in order to decrypt HD-DVDs. Apparently the keys for King Kong and 12 Monkeys are also available, although Serenity appears to be the only movie to have made it online so far.

The video file is in EVO format and takes up 19.6GB, meaning it will take a very, very long time for most users to download. At that rate, you might as well just spend the $20 to get a copy from Amazon.

While it was inevitable that hi-def video rips would show up online, I’m much more impressed that we now have evidence that the HD-DVD encryption scheme actually has been cracked, and users who want to make backups of videos they’ve purchased for home use may be able to use software to do so.

Yahoo! fixed a little flaw this week in Yahoo! Messenger for Windows that could have been used by hackers. The flaw was in the ActiveX control and allowed hackers to crash a chat session and Internet Explorer. Worse, it could have executed malicious code on the victim’s machine. The initiation could have taken place if hackers prompted users to view HTML code that linked to a web site with malicious code.

Not to worry, though–Yahoo! has this “highly critical” bug all fixed, and is recommending that users who downloaded Yahoo! Messenger before November 2nd to install the new 8.1 update.

According to BusinessWeek, Skype co-founders Janus Friis and Niklas Zennstrom are preparing to launch The Venice Project, a new start-up that “combines the best things about television with the social power of the internet.” Venice–which is just a codename–has been in very limited testing since the summer, but the beta program will expand significantly in November, and Friis says it will be available to everyone by the end of the year. They’re currently courting small and large media and TV companies to put their full-length content on the network, which will be accessed through a stand-alone app and work on P2P technology just like KaZaA and Skype. It will have built-in intellectual property controls and will stream media rather than download it, which BusinessWeek naively assumes “makes it much more difficult for users to make, distribute, or sell illegal copies of the content that they watch.” At the uber-austere Venice Project web site you can sign up for their mailing list which, presumably, will notify you when that expanded beta program starts.

Part one of a documentary on the Swedish piracy movement has been released and it sheds interesting light on the attitude of the Swedish people and the pressure brought to bear by the US government upon them.

For anyone who hasn’t been following the raid on The Pirate Bay, or the formation of The Pirate Party (a political party whose platform includes Piracy as its main point), part one of “Steal This Film” provides a worthy primer on the Swedish mindset surrounding copyright in the digital age.

The film’s producers write, “Hopefully you’ll enjoy the first part of Steal this Film (’Stockholm, summer 2006′). It achieves some, but by no means all, of our goals. To continue we need your help. this film is free for you to share, watch on your dvd player or on your ipod, or show in cinemas. But if you like the work we’ve done and want us to carry on, use our donate link to send us a couple of dollars or euros.”

For the fashion conscious downloader, there are also T-shirts available to help fund the second installment.

[Via Boing Boing]

Lime Group LLC, the company behind peer to peer application LimeWire, sued today in federal court by the RIAA for damages including $150,000 per occurance of copyright infringing files. The complaint seeks damages on the grounds that LimeWire, and thus Lime Group LLC, facillitated the trade of copywritten music between users and profited as a result of LimeWire’s failure to “block” copyright protected material.

Lime Group LLC has so far refused comment.

Lime Group was threatened last September, along with a host of other P2P application developers, with legal action if the company failed to comply with RIAA demands to either shut down, successfully filter all copyright protected material or drop the open peer to peer topology for a licensed content model approved by the RIAA.

KaZaa recently settled a similar case for $115 million, others such as WinMX and Bearshare have shut down. Qtrax, another less known but veteran name in peer to peer is preparing to offer a licensed peer to peer model that would comply with the RIAA’s demands.

[Via Digg]