[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/proprietary uhd.html
|
From: |
Dora Scilipoti |
|
Subject: |
www/proprietary uhd.html |
|
Date: |
Thu, 18 Jan 2024 09:43:41 -0500 (EST) |
CVSROOT: /web/www
Module name: www
Changes by: Dora Scilipoti <dora> 24/01/18 09:43:40
Removed files:
proprietary : uhd.html
Log message:
Remove uhd.html, it was replaced with
uhd-bluray-denies-your-freedom.html (www-discuss Jan 18, 2024).
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/uhd.html?cvsroot=www&r1=1.2&r2=0
Patches:
Index: uhd.html
===================================================================
RCS file: uhd.html
diff -N uhd.html
--- uhd.html 18 Jan 2024 11:32:19 -0000 1.2
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,292 +0,0 @@
-<!--#include virtual="/server/header.html" -->
-<!-- Parent-Version: 1.99 -->
-<!-- This page is derived from /server/standards/boilerplate.html -->
-<!--#set var="DISABLE_TOP_ADDENDUM" value="yes" -->
-
-<title>UHD Blu-ray Denies Us Freedom
-- GNU Project - Free Software Foundation</title>
-<style type="text/css" media="screen"><!--
-.details, .hide, .show:target, .hide:target + .details { display: none; }
-.show:target + .hide { display: inline; }
-.show:target ~ .details { display: block; }
-.show, .hide { line-height: 1.5em; }
---></style>
- <!--#include virtual="/proprietary/po/uhd.translist" -->
-<!--#include virtual="/server/banner.html" -->
-<p class="breadcrumb">
- <a href="/"><img src="/graphics/icons/home.png" height="26" width="26"
- alt="GNU Home" title="GNU Home" /></a> /
- <a href="/proprietary/proprietary.html">Malware</a> /
-</p>
-<!--GNUN: OUT-OF-DATE NOTICE-->
-<!--#include virtual="/server/top-addendum.html" -->
-<div style="clear: both"></div>
-<div class="article reduced-width">
-<h2>UHD Blu-ray Denies Us Freedom</h2>
-
-<div class="comment">
-The Anatomy of an All-Controlling Authoritarian Media Subjugation System
-</div>
-<div class="column-limit"></div>
-
-<div class="introduction">
-<p>The UHD (Ultra High Definition, also known as 4K) Blu-ray standard involves
-several types of restrictions, both at the hardware and the software levels,
-which make “legitimate” playback of UHD Blu-ray media impossible on
-a PC with <a href="/philosophy/free-sw.html">free/libre</a> software.</p>
-</div>
-
-<h3>Companies that restrict our freedom</h3>
-
-<p>The main DRM that restricts playback of Blu-ray media is the
-<a href="https://en.wikipedia.org/wiki/Advanced_Access_Content_System";>
-Advanced Access Content System (AACS)</a>. It is developed and enforced
-by <a href="https://en.wikipedia.org/wiki/AACS_LA";> AACS LA</a>, a consortium
-of megacorporations that want to achieve total control over the distribution
-and playback of high-definition optical disks. The founding members are IBM,
-Intel, Microsoft, Panasonic, Sony, Toshiba, Walt Disney and Warner Bros.</p>
-
-<p>As it travels across connections, the audio/video data is
-subjected to the
-<a
href="https://en.wikipedia.org/wiki/High-bandwidth_Digital_Content_Protection";>
-High-bandwidth Digital Content Protection (HDCP)</a> DRM, which is developed
-by Intel.</p>
-
-<h3>Hardware requirements</h3>
-
-<p>Playing a UHD Blu-ray disk on a PC requires (1) an AACS-certified optical
-drive, (2) an Intel CPU made between 2015 and 2022, with integrated graphics
-(not found in every model) and a number of DRM-imposing or otherwise malicious
-anti-features, and (3) support for HDCP, the sole purpose of which is to make
-exact copying impossible. Such a computer does not respect users' freedom and
-denies them control over it.</p>
-
-<div>
-<a href="#show1" id="show1" class="show"><i>[show details]</i></a>
-<a href="#hide1" id="hide1" class="hide"><i>[hide details]</i></a>
-
-<ul class="details">
-<li>UHD-compatible optical drive
-<p>Not only are the technical requirements to read the UHD Blu-ray format very
-demanding, but the drive needs to be certified by AACS LA. This makes
-replacement of its firmware with free software impossible.</p>
-</li>
-
-<li>Intel SGX
-<p>The PC must have an Intel CPU that supports the Intel Software Guard
-Extensions (SGX). SGX essentially creates a
-“<a href="/philosophy/can-you-trust.html">trusted</a>” execution
-environment called <i>enclave</i>, which is designed to prevent users from
-tampering with imposed restrictions. Intel introduced this
-“feature” in 2015, but
-<a
href="https://hackaday.com/2022/01/18/sgx-deprecation-prevents-pc-playback-of-4k-blu-ray-discs/";>
-deprecated</a> and discontinued it from their mainstream CPUs in 2022, due to
-a series of reported
-<a
href="https://en.wikipedia.org/wiki/Software_Guard_Extensions#List_of_SGX_vulnerabilities";>
-security vulnerabilities</a>. The playback software will refuse to play a
-movie if Intel SGX is not enabled in the BIOS, which means <em>your new PC
-will not play the UHD Blu-ray disk you just
-purchased</em>. However, <a href="https://sgx.fail/files/sgx.fail.pdf";>a group
-of researchers was able to exploit the security holes in Intel SGX and play a
-UHD Blu-ray disk without restrictions</a>, although such exploitation is likely
-impossible for an average user to accomplish.</p>
-</li>
-
-<li>Intel ME
-<p>The Intel Management Engine (ME) driver is also required. If the driver
-version is too old, the software will refuse to
-play. <a
href="https://www.fsf.org/blogs/sysadmin/the-management-engine-an-attack-on-computer-users-freedom";>The
-Intel ME is a proprietary embedded system</a> that resides in every Intel CPU
-since around 2013. Users have no control over it; they cannot replace it with
-free software nor can they write free software for it. As the CPU cannot boot
-without the ME driver, this is the perfect tool for remote access and
-surveillance through a backdoor.</p>
-</li>
-
-<li>Integrated graphics
-<p>The Graphics Processing Unit (GPU) must be
-<a
href="https://en.wikipedia.org/wiki/Graphics_processing_unit#Integrated_graphics_processing_unit";>
-integrated into the CPU</a>. Why insist on integrated graphics, which is
-typically less capable than dedicated GPUs? Presumably because the integrated
-GPU shares the SGX enclave with the CPU, thereby minimizing the chances that
-users will access and copy audio/video data.</p>
-</li>
-
-<li><a href="/proprietary/proprietary-drm.html#M200803040">HDCP</a> compliance
-<p>The integrated GPU, monitor and audio/video cable must support HDCP 2.2
-over the HDMI 2.0a/DisplayPort 1.3 interface, and be HDCP-certified. One of
-the requirements is that the monitor should be unable to record the
-audio/video stream, except in a very degraded form.</p>
-
-<p>HDCP authenticates the two devices and encrypts the stream between them. It
-can also revoke the keys of devices that have been “compromised”
-(i.e., that users have liberated).</p>
-</li>
-</ul>
-</div>
-
-<h3>The AACS DRM</h3>
-
-<p>AACS is a set of cryptographically complex standards for encrypting
-high-definition media and restricting their playback, which currently applies
-to HD DVD, Blu-ray, and UHD Blu-ray disks. The flavor of AACS used
-by UHD Blu-ray further attacks users' freedom (and possibly privacy) by forcing
-them to connect to a company server to download the decryption keys.</p>
-
-<p>Decryption proceeds in several steps, the first one being the mutual
-authentication of the player and optical drive to make sure they both carry
-valid certificates, issued by AACS LA. This organization can arbitrarily
-revoke certificates, making the affected devices or software unusable with
-AACS-restricted media.</p>
-
-<p>But the worst blow to users' freedom is that certification requires the
-developers of software players to sign a license agreement that
-<em>prohibits free sofware</em>.</p>
-
-<div>
-<a href="#show2" id="show2" class="show"><i>[show details]</i></a>
-<a href="#hide2" id="hide2" class="hide"><i>[hide details]</i></a>
-
-<ul class="details">
-<li>The Adopter Agreement
-<p>While regular Blu-ray disks are encrypted with AACS 1.0, UHD Blu-ray disks
-are encrypted with AACS 2.0 or 2.1. Unlike version 1.0, versions 2.0 and 2.1
-of the specifications are unpublished, and the developers can only obtain
-them <a href="https://aacsla.com/license-aacs/";>after signing a license
-agreement with AACS LA</a>, and paying huge “administrative” fees
-($25,000 per year in 2009 according to Exhibit B of the
-<a
href="https://aacsla.com/wp-content/uploads/2022/09/AACS1-Adopter-Agrmt-220519-v1.1-FINAL_review-only.pdf";>
-AACS 1 Adopter Agreement</a>).</p>
-<p><em>More importantly, the agreement is incompatible with the freedom to
-study how the program works and change it
-(<a href="/philosophy/free-sw.html#four-freedoms">freedom 1</a>)</em>,
-and therefore prohibits free software. See for example this excerpt from
-Section 7 (our emphasis):</p>
-<blockquote>
-<p>Such implementation shall:<br />
-7.6.4.1. Comply with Section 7.4 above […], provided further that
-maintaining confidentiality of Device Keys […] shall be implemented
-by a reasonable method that effectively and uniquely associates those values
-with a single device […] and that effectively isolates those values
-from exposure by mere use of programming instructions or data […];
-and, in addition, <strong>in every case of implementation in Software, using
-techniques of obfuscation clearly designed to effectively disguise and hamper
-attempts to discover the approaches used</strong>; and<br />
-7.6.4.2. Be designed so as to perform or ensure checking of the integrity of
-its component parts such that unauthorized modifications will be expected to
-result in a failure of the implementation to provide the authorized
-authentication and/or decryption function. […]</p>
-</blockquote>
-</li>
-<!--
-<li>Certification and keys
-<p>Hypothetically, the developers overcame the first obstacle, then they need
-to
-<a
href="https://aacsla.com/wp-content/uploads/2019/02/AACS_Key_Order_Form_120227.pdf";>
-purchase device keys from AACS LA</a>. The price depends on the number of
-distributed copies, which is nearly impossible to determine in the case of
-free software because anyone is free to download and install copies without
-informing the developers—another obstacle to the development of these
-players, another successful campaign against free software indeed.</p>
-</li>
--->
-<li>Disabling the player
-<p>If the player certificate has been “compromised” according to
-AACS LA, this organization issues a revocation certificate, which is burned
-into all new UHD Blu-ray disks as part of a list of all the revocation
-certificates issued so far. When playback of a new disk is attempted, the
-revocation list is automatically loaded into the drive firmware, and from then
-on, the drive refuses to interact with the newly revoked player; <em>it
-becomes impossible to play AACS-restricted disks, old ones as well as new
-ones</em>. This method is also used by
-<a href="https://wiki.archlinux.org/title/Blu-ray";>AACS 1.0</a> for
-regular Blu-ray disks. What a nice backdoor in the drive firmware! This is
-reminiscent of the
-<a href="/proprietary/malware-amazon.html#M201210220.1">Orwellian erasure of
-<cite>1984</cite> from users' Swindles by Amazon</a>.</p>
-</li>
-
-<li>Tethering
-<p>UHD Blu-ray actually uses an “enhanced” flavor of AACS 2.0/2.1
-that does not allow shipping encryption keys with certified playback software.
-Instead, <a href="https://sgx.fail/files/sgx.fail.pdf";>the keys must be
-downloaded from a remote server</a>. This makes regular update and internet
-connection a requirement if the user purchases more than one UHD Blu-ray disk
-over time. Moreover, fetching the encryption keys from a remote server that
-users have no control over exposes the user's viewing history.</p>
-</li>
-</ul>
-</div>
-<div class="column-limit"></div>
-
-<p class="important">In short, the UHD Blu-ray standard is fundamentally
-incompatible with our freedom. Therefore, we need to take action to defend
-this freedom: <a href="/philosophy/opposing-drm.html">we must boycott media,
-services, and players that implement AACS or other forms of DRM</a>, and call
-for legislation to prohibit these.</p>
-</div>
-
-</div><!-- for id="content", starts in the include above -->
-<!--#include virtual="/server/footer.html" -->
-<div id="footer" role="contentinfo">
-<div class="unprintable">
-
-<p>Please send general FSF & GNU inquiries to
-<a href="mailto:gnu@gnu.org";><gnu@gnu.org></a>.
-There are also <a href="/contact/">other ways to contact</a>
-the FSF. Broken links and other corrections or suggestions can be sent
-to <a href="mailto:webmasters@gnu.org";><webmasters@gnu.org></a>.</p>
-
-<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
- replace it with the translation of these two:
-
- We work hard and do our best to provide accurate, good quality
- translations. However, we are not exempt from imperfection.
- Please send your comments and general suggestions in this regard
- to <a href="mailto:web-translators@gnu.org";>
- <web-translators@gnu.org></a>.</p>
-
- <p>For information on coordinating and contributing translations of
- our web pages, see <a
- href="/server/standards/README.translations.html">Translations
- README</a>. -->
-Please see the <a
-href="/server/standards/README.translations.html">Translations
-README</a> for information on coordinating and contributing translations
-of this article.</p>
-</div>
-
-<!-- Regarding copyright, in general, standalone pages (as opposed to
- files generated as part of manuals) on the GNU web server should
- be under CC BY-ND 4.0. Please do NOT change or remove this
- without talking with the webmasters or licensing team first.
- Please make sure the copyright date is consistent with the
- document. For web pages, it is ok to list just the latest year the
- document was modified, or published.
-
- If you wish to list earlier years, that is ok too.
- Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
- years, as long as each year in the range is in fact a copyrightable
- year, i.e., a year in which the document was published (including
- being publicly visible on the web or in a revision control system).
-
- There is more detail about copyright years in the GNU Maintainers
- Information document, www.gnu.org/prep/maintain. -->
-
-<p>Copyright © 2023, 2024 Free Software Foundation, Inc.</p>
-
-<p>This page is licensed under a <a rel="license"
-href="http://creativecommons.org/licenses/by/4.0/";>Creative
-Commons Attribution 4.0 International License</a>.</p>
-
-<!--#include virtual="/server/bottom-notes.html" -->
-
-<p class="unprintable">Updated:
-<!-- timestamp start -->
-$Date: 2024/01/18 11:32:19 $
-<!-- timestamp end -->
-</p>
-</div>
-</div><!-- for class="inner", starts in the banner include -->
-</body>
-</html>
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- www/proprietary uhd.html,
Dora Scilipoti <=