The copy protection technology used by Blu-ray discs has been cracked by the same hacker who broke the DRM technology of rival HD DVD discs last month. The coder known as muslix64 used much the same plain text attack in both cases. By reading a key held in memory by a player playing a HD DVD disc he was able to decrypt the movie been played and render it as an MPEG 2 file.

HACK DVD NeXt COPY NeXt Tech

The latest Blu-ray hack was performed by muslix64 using a media file provided by Janvitos, through the video resource site Doom9, and applied to a Blu-ray copy of the movie Lord of War. In this case, muslix64 didn't even need access to a Blu-ray player to nobble the DRM protection included on the title.

The hack sidesteps, rather than defeats, the AACS encryption used as part of the content protection technology used by both next-generation DVD formats. The approach relies on obtaining a particular movie's unique "key" and can't therefore be trivially replicated to rip content across all titles encoded via a particular format, as tools like DVD Decryptor make easy with standard DVD titles.

Blu-ray and HD DVD both allow for decryption keys to be updated in reaction to attacks, for example by making it impossible to play high-definition movies via playback software known to be weak or flawed. So muslix64 work has effectively sparked off a cat-and-mouse game between hackers and the entertainment industry, where consumers are likely to face compatibility problems while footing the bill for the entertainment industry's insistence on pushing ultimately flawed DRM technology on an unwilling public.

2. A technology coordinator installs the one copy of Photoshop the school owns on a central server so students are able to access it from their classroom workstations. This is a violation of copyright law.

4. The state mandates technology proficiency for all high school students but adds no money to schools' software budgets. To ensure equity, public schools are allowed to buy what software they can afford and copy the rest.

6. A teacher downloads pictures and information on marine life from various sites. True. The Web may be mined for resources. Download away (of course, don't hack into subscription sites)! But remember: you can't put these projects back up on the Web without permission from the copyright holders.

12. A student tries to digitize the shower scene from a rented copy of Psycho. True. Manufacturers are instituting blocking technology, authorized under the law, so newer material like VHS rentals and DVDs block educators from their constitutional right to use material for teaching. It's time to begin complaining. In the meantime, educators should grab all the laserdiscs they can find. They're unblocked.

16. At a local electronics show, a teacher buys a machine that defeats the copy protection . True. Manufacturing these machines is now prohibited (it previously wasn't). But teachers have the right to use material that is technologically blocked. Personally, as a teacher, I would absolutely use it to unlock content for students, but I would absolutely not use it to make copies at home.

A rogue security software program tries to make you think that your computer is infected by a virus and usually prompts you to download or buy a product that removes the virus. The names of these products frequently contain words like Antivirus, Shield, Security, Protection, or Fixer. This makes them sound legitimate. They frequently run right after you download them, or the next time that your computer starts. Rogue security software can prevent applications, such as Internet Explorer, from opening. Rogue security software might also display legitimate and important Windows files as infections. Typical error messages or pop-up messages might contain the following phrases:

See also: Best browser for privacy: Secure web browsing Navigating data privacy Gartner predicts privacy law changes, consolidation of cybersecurity services and ransomware laws for next 4 years

Also: FBI warning: Crooks are using fake QR codes to steal your passwords and money Meta and Twitter want a review of Australian government's social media laws next year Microsoft: This new browser feature is 'huge step forward' against zero-day threats UK government announces crackdown on cryptocurrency adverts

The Public Inspection page on FederalRegister.gov offers a preview of documents scheduled to appear in the next day's Federal Register issue. The Public Inspection page may also include documents scheduled for later issues, at the request of the issuing agency.

Put simply, a cache is a temporary storage area that contains a copy of data that is used frequently. Your browser does this by creating a cache of web pages you view to make them load faster the next time you visit them.

If you've been in the business long enough, you've likely run into this situation: you've just finished your design work and sent it off at 4:50 p.m. At 5:05 p.m., you get a call to let you know they don't have the font you used, but you're on your exercise mat, leg warmers on. You don't get the message until the next day and you now can't meet your deadline.

1. Visit netflix-codes.com in your PC or mobile browser. 2. Find the genre or subgenre you want to explore. 3. Tap the code next to the genre or subgenre you want.4. If you're on a device that has the Netflix app installed, the app should open and take you directly to the genre or subgenre you chose. If you don't have the app installed, it'll open Netflix through the browser and you can view the specific movies and shows available. 5. Tap the title you want to watch.

In the next 24 hours, you will receive an email to confirm your subscription to receive emails related to AARP volunteering. Once you confirm that subscription, you will regularly receive communications related to AARP volunteering. In the meantime, please feel free to search for ways to make a difference in your community at www.aarp.org/volunteer

When users receive phishing email through certain techniques, it is often called social engineering. For instance, you receive an email explaining that your Yahoo account is about to be disconnected. In order to prevent this from happening, you are prompted to provide personal information such as your user ID, password and full name. If you respond to this phishing email with the requested information, you will have given a hacker access to your email and to personally identifiable information (PII) located within your account.

Reverse Social Engineering. This is when a hacker poses as a technical aide to fix a computer problem which they actually created, or which doesn't exist. The user contacts this aide and is then prompted to give sensitive information to them in order to fix the problem. The user provides the required information and the problem seems to be solved.

Hackers can also use USB drives to gain access to sensitive information kept on a computer or network. Hackers may infect one or more USB drives with a virus or Trojan, that when run, will provide hackers with access to logins, passwords, and information on the user's computer or the network the computer is connected to. The hacker may then leave the infected USB unattended on the floor, in or next to a cluster machine, in hallways, restrooms or any areas with a relatively high volume of traffic. A user who finds a USB drive will often install the device on their computer or on a cluster machine to search for identifiable information that can be used to locate the owner of the USB device.

On November 15, 2005 vnunet.com announced[19] that Sony BMG was backing out of its copy-protection software, recalling unsold CDs from all stores and allowing consumers to exchange affected CDs for versions without the software. The Electronic Frontier Foundation compiled a partial list of CDs with XCP.[20] Sony BMG maintained that "there were no security risks associated with the anti-piracy technology" despite numerous virus and malware reports. On November 16, 2005, US-CERT, part of the United States Department of Homeland Security, issued an advisory on XCP DRM. It said that XCP uses rootkit technology to hide certain files from the user and that the technique is a security threat to users. They also said that one of the uninstallation options provided by Sony BMG introduces further vulnerabilities. US-CERT advised: "Do not install software from sources that you do not expect to contain software, such as an audio CD."[21]

The next day, Massachusetts attorney general Tom Reilly announced that Sony BMG CDs with XCP were still available in Boston despite the Sony BMG recall of November 15.[27] He advised consumers not to purchase the Sony BMG CDs with XCP and said that he was conducting an investigation of Sony BMG.

by J.S. Kelly (IDG) -- On Monday, January 24, authorities in Norway searched the home of Jon Johansen, a 16-year-old Norwegian member of the Masters of Reverse Engineering (MoRE) -- the group which created the DeCSS DVD playback utility for Linux. Jon and his father Per Johansen have both been indicted by Norway's Department of Economic Crime. LinuxWorld talked to Jon about DeCSS, the investigation, the controversy -- and about why he feels that this case is at the same time so ridiculous and so important. LinuxWorld: How did this whole thing start? How did you get involved with DVD and DeCSS? Jon Johansen: Well, I got involved with DVD about two years ago. I bought my first DVD-ROM and an MPEG-2 decoder card. And, about at the end of September last year, I got in contact with a German computer programmer and a Dutch computer programmer, and we decided that it was time to add DVD support to Linux -- and, of course, to other operating systems, such as FreeBSD.MESSAGE BOARDLinux LinuxWorld: Had you expected any problems like this when you set about to make the player? Jon Johansen: We knew that they would probably go after someone. But when [Norwegian authorities] visited me yesterday with a search warrant, I really hadn't expected them to, because it's been about two or three months now since [the subject] first appeared in the media and, well, to me, that's a pretty long time. MORE COMPUTING INTELLIGENCE IDG.net home page LinuxWorld's home page LinuxWorld free e-mail alerts LinuxWorld features & columns Judge silences Websites in Linux DVD 'hack' case Reviews & in-depth info at IDG.net E-BusinessWorld Year 2000 World Questions about computers? Let IDG.net's editors help you Subscribe to IDG.net's free daily newsletter for IT leaders Search IDG.net in 12 languages News Radio Fusion audio primers Computerworld Minute LinuxWorld: You removed the code from your Webpages when they asked you to, and have been cooperating with what they have asked of you, is that right? Jon Johansen: Actually, I was only linking [to the source code] and they wanted me to remove the link -- which I did, so that I could think it over. And then the link appeared again on my Website at the end of the week. LinuxWorld: Did they question you at your house? Jon Johansen: No. They took me to the local police station. But my father was sick, so they questioned him here at home. LinuxWorld: But they just took you in for questioning -- they didn't arrest you or anything like that? Jon Johansen: Well, the biggest Norwegian newspaper regarded this as an arrest, since they hadn't told us that they were coming and they brought me in. So the biggest Norwegian newspaper looked upon that as an arrest. LinuxWorld: But did they give you a choice to not go in for questioning? Jon Johansen: Well, of course I do have the right to have an attorney present. So I [could have] told them that I did not want to do it without an attorney, [and] they would have had to call my attorney and schedule an appointment. LinuxWorld: And you didn't do that. Jon Johansen: No, I didn't do that. LinuxWorld: Why? Jon Johansen: Basically, because I didn't have anything to hide. So I decided to cooperate. LinuxWorld: The code that you wrote -- now, is it called DeCSS or is it CSS-auth? Jon Johansen: It's called DeCSS. LinuxWorld: OK. Because I've seen conflicting media reports on that, and other things. Like, some say that you are 15, others say you are 16. Jon Johansen: I'm 16 now, I was 15 when it happened ... and the encryption code wasn't in fact written by me, but written by the German member. There seems to be a bit of confusion about that part. LinuxWorld: The other two people that you had worked with to make the player are remaining anonymous -- is that right? Jon Johansen: Yes, that is correct. LinuxWorld: Do you think they will try to find out who they are from the data on your computer? Jon Johansen: Yes, probably. They also asked what I knew about them. But I don't have the identity of any of them. I only had the nicks that they used on Internet Relay Chat. LinuxWorld: And did you give those up? Jon Johansen: Well, lately they have been changing nicks from time to time. So I gave one of the nicks they had used before. LinuxWorld: Do you know why they want to remain anonymous? Jon Johansen: They are both a lot older than me, and they are employed. So I guess they just didn't want the publicity, and they were perhaps afraid of getting fired. LinuxWorld: And why is your father involved in this? Jon Johansen: Basically because he owns the domain [at which] my Webpages were located. LinuxWorld: And how do your parents feel about this whole thing? Jon Johansen: They consider it [to be] just as stupid as I do. The charge is totally off-topic. It doesn't have anything to do with reality. LinuxWorld: Do you know why they took your cell phone? Jon Johansen: I asked them why, and they said that they considered it to be so advanced that they had to take it in, because it was a Nokia 91-10. And I did have, in fact, a backup of the source on it. LinuxWorld: And do you know what is going to happen next? Jon Johansen: They are currently investigating, and I still haven't received my computers back. So I have ordered a new one today, which I will be receiving on Friday. Which is a bit too late, because ABC News is coming tomorrow, and I was supposed to demonstrate DVD playback under Linux. So I'm going to call some people now and try to get hold of a computer with a DVD-ROM and get Linux installed on it. LinuxWorld: So, can DeCSS in fact in any way be used for pirating? I mean, I realize that isn't the purpose for which it was written. Jon Johansen: Well, yes, it can be used for pirating. Because you can decrypt a DVD disk and put it on your hard drive and then you can convert it, say, to VCD and then post it on the Internet. But tools to do that had already been available on the Internet, long before DeCSS, which was also a complete digital solution which gave you the same quality. So DeCSS didn't introduce anything new for pirating and had already been available. LinuxWorld: So why do you think they are going after you, and not the authors of the other tools? Jon Johansen: Well, the authors of the other tools are, as far as I know, anonymous. And [in] the charge, they say that the encryption is copy protection. But that's not correct at all. Anyone with a little computer experience knows that anything can be copied bit-by-bit with the right equipment. LinuxWorld: And the authors of the other tools didn't break the encryption? Those previous tools had been written for the Windows platform, is that right? Jon Johansen: Yes. There was one tool, I think it was called DVD-rip, which I believe actually hacked in to the Xing DVD player and then, when the Xing DVD player had decrypted the MPEG stream, the DVD-rip utility dumped that stream to disk and you had yourself an unencrypted DVD movie. LinuxWorld: Well, it seems then all the more that they should be going after those other authors. Jon Johansen: I guess it is because those other tools haven't received any media attention. But perhaps they don't even know about them -- but I would think that they do, because they are not that stupid. LinuxWorld: Why did you decide to come forward and to not to remain anonymous? Jon Johansen: We discussed it in the group and they thought it was OK, and I think the first reporter I talked to was from Wired. I think it was Declan [McCullugh], and he asked me if he could publish my name, and since we had already talked it over in MoRE, I said yes. LinuxWorld: Are you sorry now that you did? Jon Johansen: Not really, because I think the fight we are now fighting is a very important fight for free speech and for the open source community. LinuxWorld: Why is it so important? Jon Johansen: Basically, if reverse engineering is banned, then a lot of the open source community is doomed to fail. Because [you need to reverse-engineer] when creating software for compatibility with, for example, Microsoft Windows. For example, Samba was totally dependant on reverse engineering. Of course, the whole computer industry was allowed to reverse-engineer IBM's BIOS. LinuxWorld: What was your reaction to the injunctions in the US? Jon Johansen: I was a bit surprised, but then I read about how EFF [the Electronic Frontier Foundation] had presented the defense. And, if what I read on Slashdot about that was true, then I don't understand how exactly EFF could have argued that way. LinuxWorld: Why? Jon Johansen: Well, what I read on Slashdot was that they basically said that the encryption was bad, and it was kind of their fault. And I don't understand why they used those arguments. LinuxWorld: What kind of arguments would you have expected, or what kind of arguments do you think might have been better? Jon Johansen: I would have expected for them to try to explain to the court that this had nothing to do with copying, because encryption does not prevent copying -- which the DVD CCA [Copy Control Association] and MPAA are claiming. And everybody knows that even if something is encrypted you can still copy it if the reading of the data goes through decryption. LinuxWorld: At the hearing I attended, the defense did argue that the DVD encryption was flawed. At the same hearing, the plaintiffs had some really, some pretty strong feelings about the way people have been acting when they repost the code. Do you know about that? Jon Johansen: I did actually read on Slashdot where the plaintiffs had actually read from Slashdot debates. LinuxWorld: Exactly. And they picked out only the ones which were saying things like "fuck the law." And so they picked those out on purpose and they said, "Look at these people. They don't want to play back movies. They are saying 'fuck the law.'" So do you have anything to say to people about that? Jon Johansen: Well, that's really sad that they can't behave, because they should have known that the plaintiffs would have used something like that against us. They should stop doing things like that and help inform the media that this has nothing to do with copying but [rather has to do with] with playback. LinuxWorld: How best can people help to do that? Jon Johansen: Well, first of all they could head over to OpenDVD.org, and see what's written there, and then perhaps call or email their local media, and inform them about the case. LinuxWorld: Thanks, Jon, for talking to us. We wish you the best of luck. 2ff7e9595c