alt.hn

3/18/2026 at 9:29:14 PM

Cryptography in Home Entertainment (2004)

 https://mathweb.ucsd.edu/~crypto/Projects/MarkBarry/

by rvnx

3/21/2026 at 5:15:26 AM

This is a fun rabbit hole to walk down.

You might have noticed that streaming is getting worse (more expensive, less selection, more ads, more fragmentation). For me, they crossed a breaking point, where I decided I'd just find something more convenient.

So, I went down to the local record store, where they have 10,000s of DVDs and Blu Rays in stock; many for $1 (DVD), $2 (BluRay), most under $5-10, and a few gems for $20-30. The prices are for a mix of new and used DVDs; some new DVDs are over-printed, and cost $1.

Problem half-solved. I looked around to figure out how to play these anachronistic shiny disks on my TV, and eventually settled on a USB BluRay RW drive (I guess you can get rewritable BluRays!)

I never figured out how you're supposed to actually use that drive to play movies. Instead, there's DeCSS from the article, then something comparable for BluRay. For the "easy" decryption, you end up downloading per-disk decryption keys for every disk ever printed.

For the more advanced stuff, they have this giant Java Rube Goldberg machine that xors glitches into the video stream. This gets applied at the factory, and then (on some hardware I guess you can purchase?) again via some complicated JVM stack that was originally meant to just render the scene selection menu.

[spoiler alert]

The easiest way to play those BluRays back is to just download the output of the Rube Goldberg machine. At some point the industry realized that scheme was dumb, so there's a finite set of glitch masks. The whole dataset for all BluRays that will ever be produced with this scheme is a few GB.

You might think that when I say "play", I mean "transcode + pirate", but it turns out that's not particularly practical. BluRays are multiple GB, and already compressed with codecs that are competitive with modern ones, so they don't shrink down like DVDs unless you're willing to lose a lot of quality.

So, yes, we have a growing collection of physical media. I target 20-30 movies / $100 when I go to the store. It's grand.

by hedora

3/21/2026 at 6:10:10 AM

I used to not be a physical media person. I have found that it makes it a lot easier for me to start and to finish things though. The fact I have to actually get up to swap the disk out if I want a distraction helps focus the attention span haha.

by recursivecaveat

3/21/2026 at 5:39:15 AM

How many GB? I see "bluray rip" mp4 files on torrent index sites, which I assume have been aggressively recompressed, but there are three size tiers in the "1080p" category: 2-3GB, 7-10GB, and 15+GB.

by MathMonkeyMan

3/21/2026 at 6:04:38 AM

You want to search for BDMV for full disc images, or for remuxes which are uncompressed video and audio streams, if you want to get a sense for the size on disc. Typical Blu-ray images will be from 20-40ish GB.

by dddgghhbbfblk

3/21/2026 at 4:19:03 PM

How are today's scene rippers about keeping extra audio tracks and such in these, E.G. audio description?

It used to be quite hard to get an actually actually unmodified disc image.

by miki123211

3/21/2026 at 10:51:50 PM

Unmodified Blu-ray disc images are the BDMV folders I mentioned. Any BDMV will be unmodified almost all the time though I've very occasionally run into modified ones originating from the Chinese piracy scene that had custom subs added.

A "good" remux is actually the highest quality movie release available, usually, if you don't care about file size. A good remux will combine all the best parts of every possible release into one super-file. For one movie, you could have the best video quality be on a French UHD Blu-ray, the best audio quality from a different source, subtitles aggregated from various international releases and streaming platforms (and filtered/deduped for quality), chapter titles taken from an old DVD, and all available commentary tracks collected. Rarely you might even see a hybrid release where multiple streams are spliced together to fix some problem or another in one of them. You can look for releases by the CINEPHILES p2p group for gold standard examples, they get distributed fairly widely so you can probably find some.

To answer what you asked about extra audio tracks specifically (outside of full disc images)--usually non-English dubs are considered bloat and aren't distributed. Commentary tracks are kept. Audio description is a mixed bag, good groups will keep it.

by dddgghhbbfblk

3/21/2026 at 4:30:33 PM

On private trackers where people care about that stuff it's easier. The NFO usually has a pretty comprehensive description of the contents and all the tracks etc so you can decide which version you want before downloading.

by progbits

3/21/2026 at 8:28:09 AM

It really depends on your hard drive space and your tolerance for compression. Two hours of decently compressed video is a few gigs, but if you want 10-bit HDR with 5.1 audio, then choose the 15 gig torrent.

by ThrowawayTestr

3/21/2026 at 3:43:28 PM

codec? x264 and 1080p is in the ~8GB range for a 120min movie. Depending on audio might be more.

by gsich

3/21/2026 at 8:12:07 AM

> The easiest way to play those BluRays back

buy a bd player? i don't know why you would settle on a usb rw drive when you could just have a box that plugs in via HDMI and works

by 1317

3/21/2026 at 8:19:11 AM

A bd player is a temporary solution.

At some point nobody will make bd players any more. Several big companies have already stopped production.

Then you would have a useless BluRay collection after your own player stops working.

The solution is of course to rip off the BluRay discs as soon as you buy them. Then you can have a higher-quality playback on a PC (due to much faster random access and sequential access on an SSD) and you can recopy them forever when the available storage media will change in the future, so you will not lose what you have paid for.

by adrian_b

3/21/2026 at 2:13:23 PM

I think the more pressing issue is the medium degrading before the playback hardware. Disks have an average lifespan of 25 years. I surmise basic bluray hardware will last much longer.

by orsorna

3/21/2026 at 4:28:22 PM

The laser diode would probably be the first thing to fail in the player, and it likely wouldn't take 25 years if it was being used regularly.

by bob1029

3/21/2026 at 8:50:01 AM

and all existing players will disappear off the face of the earth never to grace the listings of ebay again

come on man

people can complain about the dvd/bd scrambling restricting your freedoms and stopping you from making backups etc, and sure that's true

but if you just want to sit in front of the tv and watch a film you bought, idk what more you could ask for

by 1317

3/21/2026 at 6:41:22 AM

Same story here, I can be used films on DVD for €1 at many charity shops. Boxed sets of TV shows are €2-5 depending on size/popularity.

The only downside is that I've noticed that the used DVD sections are definitely getting smaller. I guess fewer people are donating their collections these days.

I've bought a couple of DVD sets from Amazon, used, but the prices there aren't so competitive. Still it's nice to have physical media, with real/original soundtracks.

by stevekemp

3/21/2026 at 8:23:05 AM

I just torrent everything. It's equally as illegal.

by ThrowawayTestr

3/21/2026 at 7:32:10 AM

Worth noting the industry knew that CSS was a lousy scheme. Originally, Disney and others were boycotting DVD because of it. That lead to DIVX (the disk not the codec).

https://en.wikipedia.org/wiki/DIVX

Some people were opposed to DIVX's 'phone home' PPV option, but the bigger issue was it seemed like a nasty format war was brewing. Then DIVX flopped quickly. Instead, the MPAA got the US Congress to "patch" CSS by passing a law.

Apple had an advertising campaign that you could "Rip. Mix. Burn." your CDs with a Mac. Obviously nerds could rip DVDs, but nobody ever could productize it like that.

by flomo

3/21/2026 at 7:54:16 AM

It was good that CSS was a lousy scheme, for everybody, including for the DVD producers.

As long as CSS was not broken, I bought neither discs nor drives, because I believe that only naive customers (to not say losers) are willing to buy any kind of information that cannot be protected from the certain eventual destruction due to the decay of its storage medium, by making copies of it on any other kind of storage medium.

After CSS was broken and the tools to read DVDs became available publicly, I have bought several DVD drives during the following years and many hundreds of DVDs.

So the breaking of the CSS was how the DVD industry got my money, and presumably the money of many others. They should have been grateful to the one who did this.

When you "buy" copy-protected information you are not really buying it. You are just renting it until the time when its storage medium will become corrupt, which is certain to happen, sooner or later. (Or until your reader becomes defective and you can no longer buy a replacement, due to obsolescence.)

The copyright laws are stupidly named and frequently stupidly formulated. Making copies not only is not a crime, but it is a fundamental right of the owner of any kind of information, being the only way in which information can be preserved.

Only the distribution of copies to third parties may be criminalized. While most stupid copyright laws claim that even making copies by the owner is a crime, that is not only unjust but it also not enforceable against any careful owner, so the laws are doubly stupid.

by adrian_b

3/21/2026 at 9:30:08 AM

You're not the average consumer. The average consumer is less likely to buy a DVD if they can pirate it, not more.

by pocksuppet

3/21/2026 at 11:19:27 AM

The average consumer won’t pirate it unless it’s easier to obtain the pirated copy than a legit version. They’ll suffer through ads, poor quality, high prices. A good example is music - I’d bet audio piracy is bordering on a rounding error of 0 because of Spotify, Apple Music and YT music. Meanwhile, for video content you need to subscribe to Netflix, Prime, Hulu, Apple TV, and even then you won’t get access to all of the “big” shows. Sky sports and co show that the vast majority of people are willing to pay for the content but when the service and availability suffers they’ll go elsewhere

by maccard

3/21/2026 at 3:05:23 PM

You massively underestimate how price sensitive the average person is. Stuff like Spotify ended music piracy by driving the cost of music to nearly zero.

by mike_hearn

3/21/2026 at 8:16:29 AM

Good for you. Good for the guy who sold disks at the flea market too.

DVDs/BRs/etc were always a scam imo, unless it your favorite movie that you will watch repeatedly forever. For most people buying DVDs was just expensive PPV.

As they say, piracy is a service issue.

by flomo

3/21/2026 at 8:57:40 AM

Audio CD's where no DVD's. You are confusing concepts there.

by anthk

3/21/2026 at 8:35:40 AM

> The original reason behind the DVD scrambling system "needing" to be cracked was the lack of software DVD players for the Linux operating system.

Also, this is a false history, and more of an ex-post-facto justification.

The original DeCSS was a VisualBasic program written by some W1nd0z h8X0r teenager. Not for any greater cause, just because they could.

by flomo

3/21/2026 at 9:05:48 AM

Internet says nothing about that; and using VB for DeCSS it's as 'serious' as quickly hacking Perl or TCL (for its day) in order to complete a simple prototype.

If any I can just see C++ code which is pretty much portable because you can decouple I/O with ease, altough under Unix you would need to use ioctl's to command the DVD drive in a low level way.

https://github.com/cthpw103/decss

But for just decoding a dumped ISO Perl would be more than enough, from parsing UDF headers to unscramble the media.

It would last hours instead of 15 minutes under my Athlon 2000 but if would work the same.

by anthk

3/21/2026 at 9:41:12 AM

VB could bang on any Win32 C API, so there's no reason to disbelieve this. In the modern sense it's like saying you couldn't write this in Go. Direct question: do you know what you are talking about, or are you just spewing keywords and reddit mime dancing?

by flomo

3/21/2026 at 1:19:56 PM

So did Perl with bindings and TCL interoperating in two ways. Reddit? I used to compile mplayer and libdvdcss long ago, and even if the prior version was VB/C++ bound, it was the open code (FLOSS) the one who survived every takedown attempt.

The same with Nagra encoding and XawTV for some propietary channels in TV. You can decode any stream (and even extract subtitles) thanks to free software.

Even BTTV cards will still work. Go try that with Windows 7 and up. If you can find drivers, that's it. And working decoding software not messing up with DDraw based codecs and rendering.

I was there, and it was the free software the one who broke most of the chains. Propietary software today it's useless.

by anthk

3/21/2026 at 5:07:05 AM

How was CSS supposed to protect against copying the encrypted data? We should not need to decrypt the video to duplicate the disc.

by janci

3/21/2026 at 5:12:16 AM

Keys were stored on an area of the disc that wasn't writable on DVD-Rs so you couldn't copy the whole disc.

by wmf

3/21/2026 at 9:46:56 AM

It was apparently hidden in the lead-in area, but I can't find any information on how it was encoded. Some sources say "a hidden sector in the lead in" but that doesn't seem right, as there is nothing physically stopping a DVD burner with custom firmware from writing a hidden sector.

The disk key is small (40 bits) and I'm suspicious it's actually encoded as wobble frequency [0], like the PS1's copy protection scheme.

Because CD/DVD burners can't write wobble. Blank CDs/DVDs ship with a pre-made wobble in the pre-groove, which the burners use to determine the absolute position of the write laser.

[0] *https://en.wikipedia.org/wiki/Wobble_frequency

by phire

3/21/2026 at 1:23:34 PM

I could rip PSX games just fine with cdrdao.

by anthk

3/21/2026 at 1:55:54 PM

But you couldn't rip the copy protection signal (not that you needed to, it was a fixed 4 letter string, "SCEA", "SCEI", or "SCEE" depending on region)

Nor could you burn it onto a CD-R. It was there to prevent people from burning copies of games, not to prevent you from ripping the disc.

Of course, it was stupidly easy to bypass with a mod chip. They literally just sit there injecting the copy protection signal into the cd rom electronics, tricking it into thinking every single disc was blessed by Sony, burned or not.

by phire

3/21/2026 at 7:17:50 PM

Not needed for emulation. I never owned a PSX so I used EPSXE and whatever I got for the N64 in early 2000s. I jumped from a GB/NES in late 90's to a PC. It was like crossing a wormhole to another dimension.

by anthk

3/22/2026 at 5:07:58 AM

In this era, console designers were't concerned about emulators or ripping games. They were entirely focused on preventing game duplication (especially with CDs being so easy to copy) and unlicensed games. And the PS1's copy protection makes an ok effort at being a roadblock to running non-sony discs.

In fact, the question of emulators wouldn't have been on the Sony engineers minds at all.

Because in 1994 (when the ps1 launched) there were no viable console emulators.

There were a few early prototypes, but they didn't produce 'playable results'. The first viable emulator (for any console) was arguably NESticle, released in April 1997. Things then moved rapidly, we see the first viable 16bit emulators in 1998.

It's notable that the PS2 doesn't have any protection against ripping games either. The Sony engineers would have been aware of emulators by this point, but they might have assumed that emulation would be stuck in the 8/16bit era for the foreseeable future.

So it must have been a huge shock for the first viable 32bit era emulators to come out in 1999. Connectix Virtual Game station (Jan 1999), UltraHLE (Also Jan 1999) and Bleem! (March 1999)

Yes.. that's right. We went from the first viable NES emulator to viable PS1/N64 emulators in under 2 years.

I'm guessing the PS2 was a little too close to it's March 2000 release date at this point to slap on rip protection, but the Gamecube and Xbox were released 18 months later, and both had time to implement disc encryption schemes.

by phire

3/22/2026 at 9:27:52 AM

By 1994-1995 only the spoiled kids got the PS1. Again, I was 8-9 in that era. Most people resorted to a Chinese NES clone in tons of places. You talk about story, I talk about experience. By 1997-1998, yes, tons of people got it because it was a cheap CD player too, cheaper than a dedicated music set with speakers. But it wasn't odd to find some kid with parents working in an office or working as teachers, so they would have a PC and a CD burner (and elder brothers in college with computers too).

A few years later, months before the PS2/GC era, even at DC times (and good PC games) some PSX games were still emulated because they had tons of value, such as JRPGs. And, again, ripping PSX games to play them in emulators without risking to scratch the CD's was the same task as ripping them to play the games with a modchip.

Also, technologically JRPG's and survival horrors were nothing against Unreal engine based games so they paled against Deus Ex for instance, but man, Parasite Eve and Resident Evil looked good with just a bilinear filter and they ran in a potato.

On being a shock, not much, because somehow in my mind the PSX games were closer in architecture to a PC than a Game Boy ROM emulated on a PC, which looked like black magic, ignoring how the hell the nerd brainiacs dumped the cartridge content (I had no concept of EE burned ROM's in the day, or cartridge dumpers via the serial cable) to a PC. For the PSX, well, it was easier for obvious reasons, CD's were CD's, and again the 'look' of PC games and the PSX looked similar, so maybe they shared similar technologies on drawing/rendering.

Ditto with the N64, that was a bigger shock. How the hell did they dumped the content of the cartridge? Later I knew about Debian Woody, a bit of C, the concept of libraries (not just DLL's under Windows) and that the N64 and PC's with Linux with OpenGL shared some design and the rest was story. I learnt more about computers trying to write some emulator myself in Perl back in the day and with GNU/Linux than in any school...

Also I loved TV tuners for a similar reason. I could dump teletext, dump the EPG from cable TV's even with just plain TV tuners (the decoded signal went vanilla into the PCI bus, so NXTVEPG worked in the same exact way) and so on. And yes, I pirated TV channels for some brief time until everyone shared media in either DivX CD's and P2P networks.

by anthk

3/22/2026 at 10:30:15 AM

That's kind of my point... You are looking at it from the perspective of a western 90s kid who quickly adopted emulators (I am too). Of course it seems obvious to you that Sony should have encrypted the discs or something. Of course it seems obvious that emulation was inevitable.

But to understand Sony's development decisions, you really have to think in the mindset of an adult hardware engineer, in Japan, around 1992/1993.

And like I said, emulators did not exist. At all. The primary method of piracy was actually the game backup device [0]. We didn't really see them in the west, I'm not surprised you missed them, but they were rampant in Asia.

They were floppy drives that plugged into your carriage based console, SNES MegaDrive etc. They could dump any cartridge game to a floppy disk (or two in the case of the largest 2MB games). And then load the dump back into a pool of battery-backed RAM, which the console would see as a cartridge.

Owners of such devices could share the floppies, or copy the files off and share them across the internet.

These devices are why most cartridge game from the 8bit era, 16bit era and N64 (yes, there were N64 backup devices too) was already floating around the internet long before we had viable emulators.

And it's also what Sony Engineers would have been thinking about when they were designing their copy protection system. They didn't really see the need to prevent ripping (besides required cryptography hardware was expensive and actually considered to be controlled military technology, subject to strict export controls until 1996).

And Sony didn't see the need to prevent rips; All piracy devices at this point required the game to be played back on an actual offical console (ignoring Chinese NES clones), so all they needed to do was could close the circle by making the PS1 refuse to play any copied disc. No point ripping if they couldn't be played.

Of course, in retrospect this was a complete failure. Turns out mod chips for the PS1 were stupidly simple, cd burners rapidly dropped in price, and emulators quickly became viable.

[0] https://en.wikipedia.org/wiki/Game_backup_device

by phire

3/21/2026 at 6:09:28 AM

It's implemented in drive firmware, so the drive will refuse to read protected sectors without authentication.

by dddgghhbbfblk

3/21/2026 at 8:06:05 AM

That was a late edition. I have working DVD drives that will happily read anything on a disc, even if they can’t decode it.

Newer drives I bought will refuse reading what they won’t decide themselves (e.g. wrong region).

by beagle3

3/21/2026 at 5:11:37 AM

>He hadn't pirated anything, only made a program to view his DVDs in Linux.

He released a tool for circumventing a protection measure. While already illegal to do in America, it wasn't made illegal in Norway until less than 2 years later.

by charcircuit

3/21/2026 at 6:51:15 AM

See also farmers repairing their tractors. Arguably you can just write DO NOT COPY on a sticker on the disc and then it's illegal to circumvent the sticker.

by gzread

3/21/2026 at 8:59:07 AM

In the US the law makes it illegal to 'circumvent a technological measure', defined as:

> descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner

where

> a technological measure “effectively controls access to a work” if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work.

A sticker doesn't count as a "technological measure".

by eesmith

3/21/2026 at 9:34:37 AM

A sticker on the data side of the disc, then! Removing the sticker is a process.

by pocksuppet

3/21/2026 at 10:17:46 AM

A sticker is not required for the ordinary course of its operation.

by eesmith

3/22/2026 at 2:08:55 PM

[dead]

by badcarbine

3/21/2026 at 9:41:50 AM

09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 /s

by _-_-__-_-_-