December 12, 2024

HDCP: Why So Weak?

Today I want to wrap up (I think) the discussion on security weaknesses in HDCP, the encryption scheme used for sending very high-def video from a device like a next-gen DVD player to a TV monitor. I wrote previously (1, 2, 3) about how HDCP will inevitably fail – catastrophically – when somebody manages to recover the master secrets that are the source of all power in the system, and publishes those secrets on the Internet. I wrote, too, about how this problem could have been avoided by using standard cryptographic primitives rather than custom-designed ones.

It seems very likely that the people in charge of HDCP knew what they were doing, and made a deliberate choice to use the less-secure scheme rather than the more secure, standard one. (I don’t have definite proof that they knew about the security problems, but it’s pretty hard to believe that their engineers failed to notice it.) Why did they choose the weak system?

The academic paper on HDCP, by Crosby et al., says that HDCP’s designers were given a “budget” of 10,000 gates. (Gates are one of the basic building blocks from which digital chips are designed.) Crosby estimates that a more secure design would have required about 30,000 gates, to fix the vulnerability I discussed earlier and some smaller vulnerabilities. How much does it cost to add gates to a design? That depends – the high end of the cost range is around $100 per 10,000 gates, but the low end might be much lower.

There are really two questions here. (1) Why did they think it was worth paying for 10,000 extra gates to have the weak system, rather than no encryption at all? (2) Why did they think it wasn’t worth 20,000 gates to have a stronger system, rather than the weak system? Let’s consider these questions in order.

First: Why is the weak system worth spending 10,000 gates for? The answer doesn’t lie in platitudes about speedbumps or raising the bar – any technical bumps or bars will be obliterated when the master secrets are published. It’s worth noting, too, that the data stream they are protecting – uncompressed super high-def (1080i) video – blasts so much data so fast that there’s no affordable way for a would-be pirate to capture it, at least today. About all that can be done with such data streams today, at reasonable cost, is to display them, or to run them through simple format converter boxes. In future years, capturing the video stream will become a viable piracy strategy, but by then the master secrets will almost certainly have been published. So temporary piracy prevention doesn’t seem like a good explanation.

A much more plausible answer is that HDCP encryption exists only as a hook on which to hang lawsuits. For example, if somebody makes unlicensed displays or format converters, copyright owners could try to sue them under the DMCA for circumventing the encryption. (Also, converter box vendors who accepted HDCP’s license terms might sue vendors who didn’t accept those terms.) The price of enabling these lawsuits is to add the cost of 10,000 gates to every high-def TV or video source, and to add another way in which high-def video devices can be incompatible.

The second question is why they weren’t willing to spend an extra 20,000 gates to use a more secure crypto scheme. Doing so would have reduced, in the long run, some types of P2P infringement. They apparently felt this would not be a good investment, presumably because other infringment scenarios were more troublesome. Why spend money strengthening one link in a chain, when other links are already weaker?

The bottom line is clear. In HDCP, “security” technologies serve not to disable pirates but to enable lawsuits. When you buy an HDCP-enabled TV or player, you are paying for this – your device will cost more and do less.

Comments

  1. These “Anti Piracy” systems are not intended to stop piracy, they realise that they won’t be able to and that serious pirates will always find a way round. They also realise that most pirates wouldn’t (or couldnt afford to) buy the media anyway, so making it uncrackable would merely reduce your potential viewers without increasing profits.
    What systems like this will do, is stop casual and fair use copying. Meaning those people who buy their media, and make copes out of convenience (ie making a copy for a friend/family, or making copies for the kids to scratch up, or format shifting etc) would have to buy multiple copies instead.
    It’s all about wringing every last penny out of those people who are willing to pay.

  2. The HDCP system appears to have a number of purposes. One is to hang the DMCA upon to stop “pirates”, another is that it’s protection system (AACS) has to be able to be activated at a later date so it won’t stifle the adoption of HDCP compliant hardware and thirdly when AACS is fully implemented it must deter average users enough from trying to copy protected media. In the meantime any distribution of HD content by consumers is going to help the adoption of the new system and help drive hardware sales. I’d say HDCP meets the requirements of the movie distribution business for now.
    Still it will be interesting to see if doesn’t just degenerate into another poorly implemented sceme that just makes it difficult for consumers and does nothing really to deter piracy which is what I suspect.

  3. Side note, in my household we do watch library DVDs (and are by far not yet through everything), and otherwise read books (el libro, “the book”!). I even have problems finishing books before I have to return them (not because I watch too many DVDs, but perhaps from too much commenting on blogs).

  4. Dan (not Maas): There are different “domains” here. With regard to hacking live content (session keys), yuor argument holds, or at least I plead no contest (there are various satellite/cable hacks, but I’m not interested in that so I don’t know).

    With “offline” content (DVD etc.) a pirate needs satisfactory access to the material. With current “fidelity” standards access to the hi-res analog content may well be good enough. Having myself converted CDs to MP3 so I can listen to MP3 music when I cannot or would not practically carry a CD player, I cannot make enough of a difference (for my purposes, which do not include e.g. subtle classical music, which I continue to enjoy from CD), and with my background in image processing I contend a similar principle applies to video. When I take DVDs (not HD) from the library, I can only marvel at what crap qualiy video they manage to put on DVD and sell it. Were I to intercept the analog signal and convert it back, it surely couldn’t get appreciably worse. All hypothetically of course, as the hardware I own is 5+ years old and cannot handle any of that stuff.

  5. By the way – a system capable of recording uncompressed 1080i video costs about $15K today. Not for consumers but certainly affordable for a medium-volume piracy operation.

    (most of that cost being the ~150MB/sec RAID array; the host computer and video I/O hardware are only ~$2K each)

  6. At a conference talk a few years ago, Barbara Simons speculated that the original DVD CSS system was intentionally made weak as an entrapment tactic, to provide an opening to push for stricter DMCA-type laws once the CSS crack inevitably surfaced.

  7. Pieter:

    $100 for 10K gates?

    Remember, much of the decision making process dates back to 1999 (or before) when the HDCP specification was first published.

  8. WmD:

    What’s to stop someone from popping open the TV/monitor/etc and getting at the signal after it’s been unencrypted…This of course assumes it’s a separate device and one could just lift the pins or whatever fancy electrical magic is necessary

    You’ve answered your own question. My understanding is that the terms of HDCP licensing require that the decoding and encryption be on the same chip.

  9. I am not saying that it is unavoidably weak – just that the point was being made that that the content has to be uncompressed and unencrypted at some point on its journey.

    The whole doctrine of HDCP is that they are trying to guard against a threat that might crop up in the future – but who can anticipate threats that arise out of as-yet unmade technological advances.

    In any event, if you look at the history of cracked encryption systems, it is often the case that the way the system is defeated is by something that the system designers never anticipated to start with, or by technology that did not exist at the time. It would not surprise me one bit if AACS discs get cracked via a route that no-one has yet speculated about.

  10. John:

    “And so the argument goes that by dismantling a monitor, you can capture the streaming data on that final leg of its journey, and somehow re-assemble that back into the digital form from which it originated.”

    Still I don’t understand why it is “unavoidably weak”. It is possible to make sure that the last “leg of the journey” is analog. For digital display, you could encrypt to the individual “pixel drivers”.

    Neo:

    “you’re handing both the ciphertext and the decryption key to a potential “adversary”, which means it will never hold up against determined pirates.”

    Sure you never heard of the DirecTV P4 smartcard or many other system for which there is still no practical break.

    It’s clear that it is easy to point out the systems that have been broken, to forget the ones that have been holding for years and to say: “see, they are all broken, I told you it is impossible to secure”.

    And someone getting the “decryption key” does not mean that the system is broken. Ever heard of device keys, segment keys, broadcast encryption, traitor tracing, device revocation ? Do you know the difference between a “Hero hack” and a “class break” ?

  11. This is what makes DRM so silly, and why adding the DMCA only turns it from “silly” into “evil” — you’re handing both the ciphertext and the decryption key to a potential “adversary”, which means it will never hold up against determined pirates.

    But then DRM+DMCA isn’t about stopping piracy, is it?

  12. Dan:

    I think the issue that cm refers to has been raised several times, but there does not appear to have been any authoratative comment on it.

    The argument is this. No matter how you compress or encrypt a signal, it has to be decompressed and unencrypted at the end of its journey when it connects the the actual display panel, and loudspeaker cone.

    The argument is that inside a monitor case, there will be final connections between the circuit boards and the actual display panel where someone might be able to eavesdrop on that data, after it has been unencrypted or whatever.

    And so the argument goes that by dismantling a monitor, you can capture the streaming data on that final leg of its journey, and somehow re-assemble that back into the digital form from which it originated.

    Just how practicable that is to do, I know not.

  13. cm:

    Correct me if I make a mistake, but I believe that your “assumptions” are simply totally wrong. I heard that in the AACS standard for example, no plain video/audio data is allowed to transit on wires. And from what I heard, in the Toshiba HD-A1 for example, all the decrypting, decompressing etc. is done inside the Broadcom chip.

    Moreover, I really don’t understand what your explanation has to do with Scott’s argument. So I would prefer to have an explanation by Scott.

  14. Dan: Putting words in Scott’s mouth, at least in academic terms, HDCP is only protecting the most easily accessed part of the data path (let’s say for most intents and purposes the cable into the display unit). I presume there is a good number of internal wires that carry raw content.

    The “trusted client” argument hinges on the assumption that a knowledgeable intruder with professional equipment can intercept the unprotected content “inside” the client. But then one can argue that’s not what HDCP is supposed to protect against, but rather against the casual “hobby” pirates who will not purchase spare HDTVs for the purpose of dissecting then and capturing DVD content from their guts.

  15. Scott,

    Would you care to detail “the fundamental flaw with this kind of architecture” or “how unavoidably weak any system would be” ?

    Thanks

  16. Well, I want to emphasize that in a “trusted client” problem like securing video streams, there probably isn’t a 30,000-gate secure system or a 100,000-gate secure system etc. I am suspicious of the claim that it could be secure in 30,000 gates—rather, the creators could have used a proper cipher in 30,000 gates, but that doesn’t cure the fundamental flaw with this kind of architecture. Tacking on RSA is not going to make it work.

    Indeed, a cheap lousy cipher is arguably better, seeing as how the cipher is not the real weak link in the chain anyway, and the remaining links are incurably weak. To put it another way, if the whole system will be a farce, why not pick a cipher that’s a farce to save money?

    I think the most interesting question is not “why did they choose a weak system,” but “why did they choose a weak system with so much complexity?” What they should have done was determine how unavoidably weak any system would be, and choose the most economical one.

    S

  17. Over the last 4-5 years I’ve started to cringe when the phrase “conspiracy theory.”

    Well, let see what Webster has to say about it…

    Conspiracy, n.: is a secret plan by a group to do something unlawful or harmful.

    Could it be said that what’s harmful to someone is helpful to another? Usually the one benifiting is the party conspiring.

    I reason for my post is to disfuse the loaded phrase, “conspiracy theory” and reducec it to a more grouned phrase, to conspire.

    Motives that are based in profit might not be nefarious on the surface. The parties involved might not even know that it so bad to others. To, them, it’s *just business.* And that’s why people have tried to dissect the goings-on of such. Saying it’s a “conspiracy theory” is really just a distraction to the real issues.

  18. Joe:

    I totally agree with you. I even heard that if CSS is weak was because one company wanted to use a proprietary patented algorithm for royalty purposes and of course, many people fail to mention it, it was weak also because of the entropy reduction of the keys due to cryptography export laws. Nothing to do with willingfully wanting a weak algorithm IMHO.

    Ed:

    The problem is not that the decision makers don’t care, in my experience it is that they don’t understand the technical issues (but they usually think they do better than the engineers) and they also think that you can make compromise on security. These guys are used to make political compromises on time to market, price, features, marketing, royalties, warranties, quality assurance …

    They think that cutting corners on security has the same consequences as removing a minor feature or leaving a few cosmetic bugs to meet price or TTM requirements. They think that the overall security of a product is the sum of the strength of its security features, when in truth its the strength of its weakest link.

    You can argue that HDMI was made weak on purpose or that the people in charge didn’t care. However, the same theories surface each time the security of a game console, paytv smartcard, encryption algo, DRM scheme, software protection… is broken. And people always find good theories to explain why it was made on purpose.

    ButI can tell you that most of the time nothing is further from the truth and that TSHTF (internally or from customers) when a company’s product is hacked.

  19. Anonymous says

    So are we saying that the only purpose of HDCP is to generate revenue for those from HDCP has to be licenced?

  20. Dan:

    I’m not suggesting any kind of conspiracy theory. What I am suggesting is that the decision was made rationally, based on the business interests of the decisionmakers. If the actual security of the handshake didn’t matter much to them (i.e., wasn’t worth paying 20,000 gates for), then no conspiracy is necessary.

    Your suggestion, that it was just a mistake based on failing to listen to the engineers, is of course possible too. It would not be the first time that sort of thing had happened. But my sense is that the decision to elevate cost or time to market over security usually just reflects the fact that the decisionmakers don’t care much about security — if they really cared deeply about it, rather than just giving it lip service, then they would listen when the engineers pounded the table.

  21. Dan: Hilarious, but very plausible (though perhaps only in a metaphorical way). In domains that I’m more familiar with it’s usually about time (to market/shipping — what can you do in two months), but the general principle of failing to comprehend nonlinear complexity, or that an end-to-end nine-months effort cannot be subdivided into three three-months efforts is universal.

  22. Isn’t anyone worried about the fact that the Chinese president had dinner with Bill Gates on his way to see Bush? Do you think the talked about the manufacture of high def devices?

  23. Dan, exactly right except replace the one-way edict with endless political maneuvering, both in and out of standards groups meetings. In the end, one CE company’s codec gets voted in via a traded vote for another’s copy protection scheme.

    Fred, the case you’re referring to is more likely a fight over HDCP. According to this article[1], the chip was available for a while and had a simple flag that enabled or disabled HDCP protection, which is against the license agreement. Early on with region control and Macrovision, there were similar suits but you don’t see those any more as it turned out to be hopeless. All major manufacturers make players that can disable both functions[2]. Any bets on whether the same thing will happen with HDCP?

    [1] http://www.dvd-recordable.org/Article2467.phtml
    [2] http://www.videohelp.com/dvdhacks

  24. Using “IP” and especially the DMCA nefariously as a “hook” on which to hang anticompetitive behavior, and indeed with which to sanctify it and give it effectively the force of law, takes its most insidious twist in recent products from Adobe and Microsoft. HDMI isn’t the biggest threat — it means the same cantankerousness making our DVD players do what we want them to in 2010 as we experienced in 2000. The big danger is so-called “IRM”, or DRM on office documents. Of course, DRM’d office documents will make any actual functioning office grind to a halt literally overnight, so MS can’t even use it internally to prevent the next “Halloween Documents” type leak. Besides the numerous analog holes (photograph the screen, etc.) there’s the fact that if they used it widely and strictly, they would get no work done; the overhead spent asking for permission to print/copy/CC memos would dominate the time spent actually doing useful work.

    The real purpose of IRM is to kill open source, of course, just like the real purpose of just about everything else MS does. OpenOffice and other open source apps won’t be able to interoperate with MS Office documents and PDFs in newer format versions without running afoul of the DMCA. MS has finally found out how to stop competitors being nuisances by reverse engineering their .doc format…

  25. Conspiracy theories are always fun to read. And right now I am reading a book, which explains that for each unexplained event, someone will manage to find a conspiracy behind it. Isn’t it Ed ?

    Anyways, straight to the point. I am not an academic, but I am a senior engineer that has been involved in the development of a few security systems for several years, and several failed badly for the reason I will explain below .

    So I think that the real reasons behind HDCP weaknesses are more close to this little discussion:

    Project manager: How many gates you guys need for your part of the design?

    IO guy: xxx gates.

    Video guy: yyy gates.
    […]

    Crypto guy: 30’000 gates.

    Project manager: How long would it take to a hacker to break your crypto?

    Crypto guy: Ho, the crypto is a standard that is believed to be pretty secure and would take approx. 3 millions years to break.

    A few days later…

    Project manager: Hey guys, I talked with marketing and the Consumer Electronics manufacturers and we are 3 times over the acceptable price. Therefore all you guys’ gate budget is divided by three.

    Crypto guy: But there is no way I can make a secure system with only 10’000 gates!

    Project manager: Well you told me that your system will take 3 million years to break. Now with 1/3 the gates it will take 1 million years to break that’s still far enough.

    Crypto guy: But ……… (completely stunned by what he just heard).

    Project manager: And please don’t argue, you engineers have to learn that you have to take into account the business requirements and you cannot just spend money like it’s infinite. You too have to make compromises like everyone.

  26. A quick glance at the number of players available in the US with a remote-activated “debug mode” that disables Macrovision and region coding would show who has the real power.

    Samsung was recently sued by DVD-CCA over a player that was too easy to “debug” (and the player is no longer even available). So the studios are sending a message to vendors. And once the big vendors are on-board, they will have an incentive to join a crackdown against the off-brand vendors.

    why not contract a custom format, or simply a custom encryption to apply to an existing format, and leverage a software patent on it in the same way the DMCA is used now?

    Right you are — patents can be used as “hook IP,” as well. That’s being done, as I understand it. But the DMCA is easier, as it avoids the messiness of having to prosecute a patent, worry about “design around” solutions, and the like. But both strategies are being used, often at the same time, in a “belt and suspenders” approach.

    If the goal was to hang lawsuits on a security technology, why not embed a simple flag a la CGMS/A? That’s still an access control measure, and does not require as many gates as encrypting the content itself.

    The DMCA will not protect a simple “flag” technology (like CGMS/A), thanks to the “no mandate” provision that was included in the law at the behest of the technology sector. Vendors didn’t want to get stuck supporting any unilaterally deployed “flag” scheme riding on a common format. So, if you want DMCA protection, you need to encrypt or impose a handshake of some kind (hence, bickering about gates). If Hollywood wants to force people to respond to a flag, they’ll need another law (see, e.g., the broadcast flag legislation pending now).

  27. Pieter said:
    >$100 for 10K gates? I can’t think of a single technology that would be that expensive; we’ve built chips of over 1M gates that in themselves cost less than half of that.

    Agreed. However, back-date that to when HDCP was originally proposed (mid ’90s?) and gates were closer to that cost. Of course any engineer who was designing for the future and _didn’t_ factor in Moore’s law (especially for a high-volume consumer application like this) was criminally negligent.

    It’s pretty clear that cost of gates wasn’t a factor in the decision to weaken the encryption.

  28. The way I see it, the main reason for weak copy protection (versus none) is that content providers won’t move forward without at least some security effort in place.

    If the goal was to hang lawsuits on a security technology, why not embed a simple flag a la CGMS/A? That’s still an access control measure, and does not require as many gates as encrypting the content itself.

    In SDMI we saw a very complex security system which, once broken, was claimed to be merely a speedbump technology. As Prof F once said, nobody builds a gold-plated speedbump with lasers and attack dogs. If the goal was a speedbump technology or a hook for the DMCA, it simply would not have been designed that way.

    The only explanation I can think of is that content providers really wanted strong security, tech companies paid their researchers to come up with something, and breakable security is the best anyone can do within the constraints of the problem. Given the unavoidably weak security, one might as well give in to demands for fewer gates.

  29. For example, if somebody makes unlicensed displays or format converters, copyright owners could try to sue them under the DMCA for circumventing the encryption.

    Is this true? It’s my understanding that the SMCA protects encryption applied with the authority of the copyright holder. HDCP encryption is applied by the hardware manufacturers and applies to all content passing that channel whether or not the copyright holder has authorized it or not.

  30. There’s an implication in the blog that somehow it would be better if the system were more secure. I don’t get it. Why would I, the consumer who bears the costs, want to pay more for a more secure system?

    Personally, it seems to me that they could have used an even weaker system. The system doesn’t really have to have encryption at all. All they would have to do is encode the bits using some proprietary protocol (think the binary equivalent of rot13) which they can patent. Then they can block people from making interoperable devices using patent law, rather than the DMCA.

    I’d like that better because the hardware I buy would be that much cheaper.

  31. $100 for 10K gates? I can’t think of a single technology that would be that expensive; we’ve built chips of over 1M gates that in themselves cost less than half of that.

  32. Jay Carlson says

    Yeah, but when am I going to see the MythTV drivers?

    From my point of view, that’s the endgame. Right now I’m paying ~$100/mon for cable television; my MAssIvEly PaRa11e1 backend digests multiple streams from that. I watch John Stewart, I watch Penn&Teller, I watch lots of really bad movies.

    Sometimes I don’t watch them in front of my TV. Hell, my TV is now a Mac mini hooked to a Dell 20″ LCD.

    I feel like I’ve made my separate peace with the cable networks. They don’t mess with me, I give them lots of money. They charge me a fixed rate for a *very* variable feed of programming; in return, I only watch a tiny fraction of what’s available, but it’s the fraction I care about. Sometimes I watch in on planes.

    High Definition is cool, but so is full-rate broadcast NTSC. But the Wife Acceptance Factor for low-bitrate MPEG2 re-encodes of NTSC “Everyone Loves Raymond” is high. They’re going to have to totally close the analog hole before they can assert total control.

  33. Fred re: “… and limit the feature-set of all devices capable of playing those movies.”

    Even though there have been lawsuits, the movie industry has been extremely unsuccessful in limiting the feature set of players. A quick glance at the number of players available in the US with a remote-activated “debug mode” that disables Macrovision and region coding would show who has the real power.

    It’s extremely hard to prove intent, and the lawsuits will merely force the manufacturers to go more underground in how they implement region/Macrovision hacks. If there’s a buffer overflow in the player, who’s to say that it was more than a programming mistake?

  34. HDCP encryption exists only as a hook on which to hang lawsuits.

    Don’t forget that this was the exact strategy used by Lexmark in their ink cartridge lawsuit, where the real intent was to force their customers to continue paying money to them for a product they’ve already purchased.

    …Sound familiar?

  35. Alexander Wehr says

    To Fred von Lohmann:

    why do they cling so much to the DMCA then?

    why not contract a custom format, or simply a custom encryption to apply to an existing format, and leverage a software patent on it in the same way the DMCA is used now?
    then every time the patent will lapse.. change the format and/or encryption?

  36. I see. The real revenue comes from litigation.

    Not quite. The litigation is not intended to make money, it’s intended to give Hollywood leverage over the technology sector. In the old world where content was unencrypted, content owners had limited legal ability to control new technologies and features (see, e.g., the Betamax VCR, the iPod). Those new technologies can disrupt settled and profitable business models.

    The DMCA gives Hollywood veto power over new technologies. For example, to build a DVD player, you need to take a CSS license, and that license imposes restrictions on the features you can offer.

    In other words, thanks to the DMCA, Hollywood no longer is limited to “only publish or not publish movies.” Hollywood now has the power to publish movies and limit the feature-set of all devices capable of playing those movies. So the lawsuits give Hollywood the power to reign in disruptive innovation.

  37. So, the industry is now moving toward a business model of “If you realise that infringement will be rife given technological facility, and that the law can’t possibly recognise its abuse, lobby for as much eminently infringible legislation as you can, precisely in order to exploit the infringement opportunities you can create to harvest litigation revenue until… well, forever”

    So, asinine movies are merely bait.

    I see. The real revenue comes from litigation.

    This is the old Morlocks and Eloi scam. Keep the Eloi sated and docile with a plentiful supply of fruit, and from time to time, cull a small percentage and enjoy a great feast.

    The great thing about it is that you can wangle it such that the state (the people) bears the cost (of culling)

    You know, copyright was only ever intended to apply to published works. This was on the understanding that the works would belong to the public – albeit suffering the author’s brief monopoly on the manufacture of copies.

    If DRM is effectively witholding publication, retaining ownership to the author, then there is no publication. The work cannot therefore enjoy copyright. One is effectively performing private distribution to a large audience. There are hence no copyright laws that can be broken, only private contracts – if any.

    You can’t have it both ways. Either it’s published, or its privately circulated. What’s it to be?

  38. You are partially right and partially wrong. You’re right in that the movie industry always includes legal approaches as part of their overall strategy. Even if they used more secure crypto and 30,000 gates, they would still also make sure they have legal measures to take down pirates or manufacturers who didn’t stick by the rules.

    You’re wrong in that they didn’t care it was insecure. One thing the EFF, technologists, and the rest underestimate is the lobbying power of the electronics makers. While the movie industry may rule Washington, the manufacturers decide how much cost they’re going to incur in each device to get movies published. Look at CSS — the weak cipher was pushed by the manufacturers, not the studios. (AOL TW is actually a technology company at heart, not studio). Despite intense debates that slowed the release of DVD, CSS was still approved. The reason? Because the cipher was really cheap to make in hardware, cheaper than DES.

    The studios only have a binary switch: release movies in a format or not. The manufacturers play a game where they put in just enough “security” to get movies launched, but only enough to survive for a year or so to keep down costs of security technology. Once the security is broken, hopefully the format is popular enough that the studios can’t flip their switch. And as a bonus, the sooner a format’s security is broken, the more cheap (or free) movies become available, selling more players.

    In summary:
    – Studios can only publish or not publish movies
    – They can always sue no matter how strong or weak the security measures
    – Player manufacturers make more money if piracy is rampant
    – Security measures in the player only cost manufacturers money, to the extent they exceed the minimum to get studios to publish movies

  39. Forgive me if someone else has asked this in one of the other posts on this topic, but…

    What’s to stop someone from popping open the TV/monitor/etc and getting at the signal after it’s been unencrypted (or smarter: from the source before it’s been encrypted)? Even if HDCP were flawless and perfect, this would still work. (This of course assumes it’s a separate device and one could just lift the pins or whatever fancy electrical magic is necessary)

    Maybe piracy is just like tax evasion and the wars on terror and drugs, if there’s a desire, then attempts to prevent it only change the game.

  40. The larger question I wonder about is this. Will HDTV disks succeed in being less vulnerable to piracy than DVDs have turned out to be?

  41. Frozen Buffalio says

    Seth, it’s simply bad for the consumer. They will lose functionality solely because of greed. It’s not because of “piracy” that these “security” measures have been added.
    Their purpose is to wring money by hook or by crook.
    The only nice thing is that since it’s easier to break, people will break it. Or maybe certain companies will not implement certain features, like downscaling hd content when not going through a trusted HDCP connection. Considering early adopters of things like HDTV may not even have HDCP compliant sets…

  42. You say that like it’s a bad thing 🙂 🙂 🙂

    They’re very clear in testimony, they intend to use a combination of technical measures and legal measures.

    I think there’s a psychological aspect to the tech mindset that such a way of thinking is somehow unfair, that legal measures are somehow cheating, like going to the teacher.

    But the industry never signed onto that mindset. And the courts don’t sign onto that mindset.

    Will such an issue resonate outside of the geek choir? I tend to think not, though I should note I’m extremely bad at politics.