Profile

Cover photo
Kjell Otto
108 followers|8,723 views
AboutPostsPhotosVideosReviews

Stream

Kjell Otto

Shared publicly  - 
1
Add a comment...

Kjell Otto

Shared publicly  - 
 
Well xor'ing arround is called cryptography these days... lets see where this takes us...
 
I bought a digital video download today that required a video player from Leaping Brain. As usual, the proprietary player wasn't great and to transfer it to my iPhone I'd need another proprietary player. Ugh. But I browsed around and found that the video had been downloaded into a hidden directory as a bunch of .mov files. Great, except none of the files would play.

It turned out the actual player, launched from their compiled app, was a Python wrapper around some VLC libraries. Nothing funny going on, as far as I could tell, but when I tried to launch the player directly, nothing happened. The compiled app was modifying the .mov files right before they were loaded into the player, and then reverting the file on disk. According to http://leapingbrain.com/mod-machine/faq/:

 "We apply our BrainTrust™ proprietary video encryption to your movies before we upload them to our servers. If someone ever was able to gain access to your content, the files would be useless and unplayable, because they are stored in a scrambled, encrypted format. Once downloaded to the user’s hard drive, the files are still encrypted and only readable via the MOD Machine Player by a legitimate owner. We are not aware of a better DRM scheme than ours. Where Windows Media DRM is easily crackable, and doesn’t run on Macs, BrainTrust™ works great on Windows 8, Vista, Windows XP and Mac, and is virtually uncrackable."

Virtually uncrackable? Well, since they load the file from a Python script, it's easy to make a copy of the "decrypted" file before it's reverted. Having done so, I was curious to see the encryption scheme. By comparing the binary files, I discovered the "proprietary video encryption" algorithm: for the first 15kB, each 1kB block has its initial bytes xor'd with the string "RANDOM_STRING". That's the "scrambled, encrypted format" that leaves these files "useless and unplayable".
119 comments on original post
1
Add a comment...
Have him in circles
108 people
Peter Radzuweit's profile photo
Heiner Schneehagen's profile photo
Anna S's profile photo
Julia P.'s profile photo
Matthias Friedrich's profile photo
Kai von Luck's profile photo
Sascha Kluth's profile photo
Bastian Karstaedt's profile photo
Alden Rowe's profile photo

Kjell Otto

Shared publicly  - 
 
portable long shell flags 
1
Add a comment...
People
Have him in circles
108 people
Peter Radzuweit's profile photo
Heiner Schneehagen's profile photo
Anna S's profile photo
Julia P.'s profile photo
Matthias Friedrich's profile photo
Kai von Luck's profile photo
Sascha Kluth's profile photo
Bastian Karstaedt's profile photo
Alden Rowe's profile photo
Work
Occupation
programming, developing and hacking arround will all stuff I get interested in
Links
Other profiles
Story
Tagline
I'm what most people call a geek and I love it.
Basic Information
Gender
Male
Das Essen war qualitativ wirklich großartig und lecker. Leider habe ich mich dazu verleiten lassen eine große Portion Nudeln für 5,90€ zu bestellen. Ich musste dann für eine wirklich kleine Portion 8,00€ zahlen, ohne das voher etwas dazu gesagt wurde. Dort werde ich für den Preis nicht wieder essen. Lecker essen mit kleinsten Protionen zu übertriebenen Preisen.
Public - 5 months ago
reviewed 5 months ago
1 review
Map
Map
Map