Without revealing the secret sauce, what were the fundamental flaws with PlaysForSure that allowed you to break it? Did Microsoft know about these flaws?I find the programming side of DRM a bit conceptually confusing - it's hard for me to quite picture what you could do to a file that could make it playable and then not playable - so this is a fun little window into some very specific aspects of the issue.
Once code is released, there's really nothing secret anymore -- Microsoft didn't follow standard security practices, and left sensitive data unencrypted on the stack while calling routines out of kernel32.dll. Even when they fix this by changing malloc() to alloca(), it'll still be a big task to audit other sensitive routines for DLL calls. On a theoretical level, they have to send the decryption keys outside of their control, and their only defense is through obfuscation.
I also love when asked why he did it - is he a subcriber to Napster or Rhapsody (subscription services that rely on this protection to ensure the fence around the files)?
No, due to geographic location, I'm unable to subscribe to those services. Only my selfish rationale is the challenge in pitting my skills against the industry leader.
No comments:
Post a Comment