Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Movies Piracy

Flood of 4K James Bond Leaks Further Point To iTunes Breach (torrentfreak.com) 114

AmiMoJo writes: All 24 movies from the iTunes exclusive 4K "James Bond Collection" have leaked online. This is further evidence to suggest that pirates have found a way to decrypt 4K source files from the iTunes store. How, exactly, remains a mystery. While most regular releases can be ripped or decrypted nowadays, 4K content remains a challenge to breach. Up until a few days ago, pirate sites had never seen a decrypted 4K download from Apple's video platform. However, a flurry of recent leaks, including many titles from the iTunes-exclusive "James Bond Collection," suggests that the flood gates are now open. It all started earlier this month ago when a pirated 4K copy of Aquaman surfaced online. The file is a so-called "Web" release, also known as WEB-DL in P2P circles. This means that it's a decrypted copy of the original source file. These were never seen before for 4K releases. Because the Aquaman release was only available on iTunes in this quality at the time, the most likely conclusion was that Apple's platform was the source. However, based on just one single leak, it was tricky to draw strong conclusions.
This discussion has been archived. No new comments can be posted.

Flood of 4K James Bond Leaks Further Point To iTunes Breach

Comments Filter:
  • by skam240 ( 789197 ) on Thursday March 21, 2019 @10:24AM (#58310192)

    Did anyone honestly believe that SPECTRE wouldn't be able to figure out a way to decrypt Apple's 4k movies?

    • Why the need to decrypt? If it can be played, it can be screencaptured, reencoded and shared. Load of bollocks the whole drm thing is.

      • Why the need to decrypt? If it can be played, it can be screencaptured, reencoded and shared. Load of bollocks the whole drm thing is.

        Yeah, but aside from maybe watching on a table while in a car/plane, who would want to actually watch a crappy copy like that?

        I certainly didn't buy nice OLED big screen TVs for the house to watch subpar quality videos, you know?

        I also have in my main room an audio system that I like to play the soundtrack while watching from too, and I like to have a good audio signal fo

        • by guruevi ( 827432 )

          You can also capture the data stream straight from the video buffer. Every frame has to pass a video card or be converted pixel-perfect onto an LCD/LED array. With the right electronics and a cheap ASIC you could do a perfect digital capture.

          Same goes for audio, at some point, some buffer in some DAC has to have an unencrypted stream.

          • True, just connect on the t-con of the LCD matrix of the TV, and with an FPGA and some RAM, you store the whole picture as you receive it, and save it via PCIe, double the RAM for double buffering of course, so while a frame is being sent to the PC, another one start to fill memory. On your PC where you receive the frame via PCIe, encode it with your GPU in realtime or just save it on your 4TB RAID array or something.

          • Couple of points here.

            You can also capture the data stream straight from the video buffer

            Okay I'm going to ignore a lot of things here. One, TPM. Two, actual quality of playback. Three, that we're skipping capture cards (besides there isn't a 4K capture card at the moment). Okay so that said, reading memory is not a zero time operation. It requires some non-zero value of time to read memory. So that said, you are going to be reading a buffer that's always refilling with new data. That's going to give you timing issues that, unless you've got control of the flow into

        • by AC-x ( 735297 )

          Yeah, but aside from maybe watching on a table while in a car/plane, who would want to actually watch a crappy copy like that?

          So, Nvidia includes vastly improved hardware screencap encoders [nvidia.com] in their new RTX cards... and now 4k iTunes rips are appearing. Coincidence???

          • Comment removed based on user account deletion
            • It can not be lossless if the original source is not lossless. If we are talking about iTunes streaming then the best possible quality that any decoder can do is the original lossless source minus iTunes compression. When encoding the resulting stream you are double encoding. This results in an unexpected, and sometimes quite significant, loss of quality.

              So how does one achieve the best possible quality without access to the original lossless source? You have to break the encryption on the iTunes com

              • Comment removed based on user account deletion
                • capture the full lossless detail of reality

                  Of course not, but one can capture the full lossless detail observable by a human being. There is an entire field of study devoted to this concept.

                  The point was that if you start with a compressed file, after decompressing there is no way to encode the file while achieving quality greater then the source. To make it equal to the source you would have to compress with a lossless compressor thereby generating a file that is at least an order of magnitude larger then the source. So having an Nvidia card

      • If it can be played, it can be screencaptured, reencoded and shared. Load of bollocks the whole drm thing is.

        Besides the loss of quality there's a decent chance the account information is added to the visuals with subband coding.

        Also, hardware DRM is supposed to prevent the interception of the decoded data. yeah, yeah, #include von_neumann.h , etc.

        • there's a decent chance the account information is added to the visuals with subband coding

          Objection- speculation.

          Also, hardware DRM is supposed to prevent the interception of the decoded data.

          It does. HDCP encrypts the stream over external digital interfaces (DVI, HDMI, DP).
          Of course, somewhere, at some point, it must be decrypted for transport to the actual pixel device.

          • Of course, somewhere, at some point, it must be decrypted for transport to the actual pixel device

            That's done within the central processor of the display. If you ever look at the memory within a 4K display, they are exactly the DDC packets as transmitted be it HDCP encrypted or not. By the time the data leaves the processor, it's already in a format that only makes sense to the display array. Actual color space data like YCBCR is never transmitted on the traces and is always handled within the chip. That actual representation, pixel by pixel, never sees life outside the display's processor, unless i

        • If it can be played, it can be screencaptured, reencoded and shared. Load of bollocks the whole drm thing is.

          Besides the loss of quality there's a decent chance the account information is added to the visuals with subband coding.

          Wait, what? The image quality suffers notably, but the hidden info in the image stays intact?

    • Did anyone honestly believe that SPECTRE wouldn't be able to figure out a way to decrypt Apple's 4k movies?

      Plot twist: they decoded it but their screens were such shit that they couldn't stand to watch the films anyway.

    • by ToTheStars ( 4807725 ) on Thursday March 21, 2019 @11:49AM (#58310728)
      No, Mr. Bond, I expected you to pay!
  • by King_TJ ( 85913 ) on Thursday March 21, 2019 @10:28AM (#58310238) Journal

    I never saw how it was supposed to be possible to really prevent someone from ripping digital content that can be played back on a computer?

    It seems like iTunes itself handles the content decryption process so you can view what you purchased. And once that can take place, you could write software that captures each frame out of the video buffer along with the audio that's playing back to the speakers and saves them to a new file?

    I'm sure there are challenges in keeping the video and the audio synchronized as you're saving that much data in real-time as it plays ... but modern computers should have the CPU power to do it.

    • by DarkOx ( 621550 ) on Thursday March 21, 2019 @10:56AM (#58310414) Journal

      I'm sure there are challenges

      Yes major ones. I don't know where you have been. Here is the not-to-technical-explaination: this is what all this trusted platform; EFI bios "secure mode" stuff is about. Its so primarily you don't have a way tell the Windows kernel that its alright to load an unsigned video driver. The signed drivers are all certified to not let you read those buffers when protected content is playing. This why you can't 4k commercial content on anything but Windows for the most part btw. (with some exceptions).

      Now there are things you might be able to do. You could try to convince the content playing software that platform integrity modes were enforce when they are not; or you could try to use some kind of kernel exploit to gain access to modify the video driver stack with integrity mode enforce; load a fake video driver etc.. You could also possibly re-verse engineer the content players and patch them to not check for platform integrity, but they heavily obfuscated and usually use some kind of nasty VM layer.

      The NSA was nice enough to release GHIDRA recently so if you are of for any of this sort of thing start there; you don't have to buy a copy of IDA pro anymore :-). Its not going to be easy though. A lot of really smart people have put a lot of effort into making it really really hard, they will fix whatever bug you find and probably find a way to force patches on most folks.. None of this is impossible but its hard enough that few people have the skills to approach it.

      • That's all so well and so good but why can't you just stick the tv end of the hdmi (or whatever) into something that just records rathers than displays? By the time the signal gets to the screen it has to be out in the open, right? It's not like tvs do any decrypting or any real signal processing anything.
        • That's where HDCP comes in. It is broken for normal 1080p content but effectively it was about detecting a non-certified device (e.g. a recording device) and then preventing playback

        • by AmiMoJo ( 196126 ) on Thursday March 21, 2019 @12:13PM (#58310862) Homepage Journal

          It was supposed to be impossible to get HDCP keys for devices that would let you make copies of protected streams. The standard even includes the ability to revoke keys if they are used for that purpose, and some older software and physical players need updates to replace the key with a new one due to revocations.

          But of course it didn't work and there was high demand for devices which make copies or strip out the protection - not least from TV channels and streaming services. There is a Chinese company that makes a popular line which is used by Netflix and several TV networks to rip Bluray discs for streaming/broadcast.

          I don't know what they thought would happen... I suppose it stops causal copying at home, but all that says is that they didn't anticipate the internet even in the post-Napster world.

    • by DrYak ( 748999 )

      And once that can take place, you could write software that captures each frame out of the video buffer along with the audio that's playing back to the speakers and saves them to a new file?

      In theory, that not possible :

      From a purley theoretical point of view, to obtain 4k content, you need a setup (hardware+software+OS) that follows certain precise rule.
      You need to run special hardware (like monitors that accepts encrypted content, so on the HDMI cable, you only see encrypted noise, you can't see the actual picture).
      You need to run a special OS that is designed to refuse you access to windows that contain protected content (e.g.: you don't have direct access to the frambuffer, and when you as

    • It seems like iTunes itself handles the content decryption process so you can view what you purchased. And once that can take place, you could write software that captures each frame out of the video buffer along with the audio that's playing back to the speakers and saves them to a new file?

      The decryption is done inside an encrypted virtual machine, which is coded to pass the resulting video and audio directly to the GPU and audio hardware. This is why your phone can play Netflix using the Netflix app, b

  • by Cajun Hell ( 725246 ) on Thursday March 21, 2019 @10:35AM (#58310270) Homepage Journal

    Pretty sure the number of surprised people is around 0.

    I suppose this is good news for people who want 4k content but can't use proprietary stores or players. They might as well just pirate the stuff until/unless the industry starts selling standard files. (Who the fuck wants to have to use iTunes?)

    • by AmiMoJo ( 196126 ) on Thursday March 21, 2019 @10:59AM (#58310444) Homepage Journal

      I wonder what the cost/benefit ratio for the DRM looks like.

      Costs:
      - Develop the DRM
      - Manage the keys/accounts
      - Protect secrets
      - Piss off customers
      - Lose sales to people outside your ecosystem/who hate DRM

      Benefits:
      - Lower piracy for a limited time
      - Regional pricing for a limited time
      - ???

      • "- Lose sales to people outside your ecosystem/who hate DRM"

        I'm no DRM fan, but do you honestly think that population of people is greater than 1% of fans who would have otherwise made such a purchase?

        I am a Bond fan, but I have neither purchased or pirated a movie. I just wait about 30 minutes and one will invariably be on TBS or some other network.

      • by Bert64 ( 520050 )

        DRM also makes the playback devices more complicated, which increases the unit costs and also increases the support costs when problems are caused for paying customers by the DRM.

    • They might as well just pirate the stuff until/unless the industry starts selling standard files.

      Yup, just steal what you want because you're entitled to it. No need to pay the people who produced the content, it's yours because you deserve it.
      • by Anonymous Coward

        it's yours because you deserve it.

        Yep, it's time for the buyers to set the rules for a change. The sellers can suck it up! Everybody still gets paid.

      • Yeah, pretty much that, plus the fact that they don't even really sell it yet, so there aren't downsides to make things more nuanced or cause there to be another "side."

        (What else you gonna do, run their software on your computers? That'd be silly; it's not happening. If everyone did that, we'd be living in a world full of malware and unreliable compu.. hey, waitaminute.)

        If the people who made it want money, they can run a business, just like the media companies did up until the late 1990s. Back then I sp

  • I buy 4K content on iTunes to play on my AppleTV on occasion, but when you download a copy to a computer it's limited to 1080p. Does this mean I can finally get copies of movies I've paid for in 4K so when Apple pulls them from its catalog I have a copy? I would actually make more 4K purchases on iTunes if I was sure I could download a copy, even if it had DRM as long as I could play it from my Mac to my TV.

    • by Bert64 ( 520050 )

      If there's DRM then you've no guarantee that your copy will still be playable once they pull it from their catalog.

  • Insider Leak? (Score:2, Insightful)

    by Anonymous Coward

    Like many security issues, piracy often leverages insider leaks. Accessing the content before the DRM is applied and sharing with an insiders list is often simpler. These closed circles keep things quiet, but eventually, somebody shares outside the closed circle and then things get shared wider.

    If the DRM was broken, I would expect their full catalog to have been shared online.

    • Like many security issues, piracy often leverages insider leaks.

      Indeed. Most high-quality captures of movies before they have a dvd/streaming release came from theaters where whomever had access to the physical reels could scan the individual frames. With digital projection, it's changed a bit in that encrypted hard drives are being shipped, not 35mm film cans, but you can still get a decent video by plugging in an audio recorder to the sound in the projection booth, and an HD camera aimed at the screen.

  • by Anonymous Coward

    Are these just 4k resolution or do they also use some wonky colorspace that looks all washed out and displays properly on virtually nothing?

    I recently tried my hand at ripping some UHD blurays. The ripping part went without a hitch but when I used ffmpeg to reencode transparently to a manageable size (h.265 CRF 19) I noticed three things.

    1. Color metadata gone
    2. Resulting bitrate almost identical to HD version of the same content.. WTF?
    3. Nothing I have not PC or TV would play it or the original ripped cop

  • by schweini ( 607711 ) on Thursday March 21, 2019 @11:32AM (#58310632)
    I think this showcases how piracy and torrenting and DRM don't really matter - BluRay rips of basically anything are always available, if you know where to look. Sure - this 4k version is new, but whatever.
    All that Netflix and iTunes etc. do is help keep honest people honest, by convenience. And they are doing very well with that. They don't really sell exclusive access to media - they sell the EASE of access to the media.
    As an example: I use Netflix when possible, but fire up a very easy to use netflix-like interface to torrent streaming when I want to watch something not available there. My non-technical wife thinks that even having to consider stuff like different torrent health for the different available qualities is too much hassle, and sticks to Netflix.
    This is also why I think that the really easy ways to pirate (torrent-based netflix alternatives, piracy enabled Kodi devices, etc.) should keep on being slightly suppressed in the mainstream media and general mindset. Not banned as such, but don't advertise them. This way, everyone can be happy.
    In the country I live in, that's the way prostitution is legally handled: it is legal, but pimping or promoting it is quite illegal.
  • I mean it's been years, but there was this one guy that decided to say fark all to convention, and was just calling things 1080p when it was really just badly upscaled content of a much lower size. It was obvious, because the files he uploaded were half the size an actual 1080p video of that length would be. He just made it harder to find true 1080p 5.1 content because so much was labeled as being it, but wasn't. So like, you guys sure it's really 4k?
  • by Anonymous Coward

    Living in France, lots of TV shows and movies are either just not available or only available dubbed in French. The delightful media companies of course geo-fence and disallow any legal streaming from an English speaking country.

    "Voila" - only workable option to see stuff I would happily pay for is via pirated copies.

    • by Bert64 ( 520050 )

      And many people hate dubbing, even if they can understand the language into which it has been dubbed. If you can understand the original language it's almost always preferable to watch a movie with its original language track.
      I did find that a lot of content in France was available with the original language as an option tho, you just have to switch the language track used by the player - most digital tv broadcasts, as well as dvds allow this etc.

  • by technosaurus ( 1704630 ) on Thursday March 21, 2019 @12:53PM (#58311078)
    Studies have shown that "pirated content" actually increases sales. By leaking it, not only can they benefit from increased revenue, but they can also extort money from "illegal downloaders".
    How can an end user know whether a copy is authorized? Obviously they haven't been given permission to distribute it, so seeders beware, but leachers have no way of knowing until it has been downloaded especially with all the fragmentation in streaming services.
  • Have the online freedom to talk about movies, DRM and 4K.
  • In the end, the signal is sent electrically and non-encrypted to the pixels. It can, at the very least, be captured in this step, with hardware that an advanced hobbyist can afford and build. This is known as the "analog hole" and nothing can be done about it unless everybody gets Digital Restriction Management hardware installed in their eyes. (Not that I would put that idea past the copyright Mafia.) Very likely it can be captured earlier.

Think of it! With VLSI we can pack 100 ENIACs in 1 sq. cm.!

Working...