Category: Computing

In my recent post I talked about the problems I had with blu-ray playback and Ubuntu. I’m now happy to report that I can accomplish what I originally set out to do: rip and convert blu-ray discs on my Ubuntu system for playback on my mobile devices.

The solution was provided by an update to makemkv (1.6.13), it now supports bus encryption capable drives (BEC). As I wrote last time, installing makemkv on your Ubuntu system is straight forward if you follow the detailed instructions. If you’re a developer familiar with ‘make‘ and are comfortable doing a bit of unix admin stuff, then it’s easy.

Makemkv is shareware: free to try for 30 days, then if you’ve found it useful you’re asked to pay for it. The purchase price is 50 euros. The key you receive is valid for all platforms and all versions (including future ones). The price may seem steep, but compare it to the cost of a blu-ray playback device or a video game and it starts to be very reasonable. The linux version is in beta, and while it is in beta it is free.

Unlike my previous experience with makemkv being unable to process a blu-ray disc, this version happily detected the movie and gave me simple way to rip the movie (25Gb!). The data is being decrypted on the fly so this cuts the read speed down to 3.6x – resulting in a 36 minute job for the 2 hour movie.

There is an option to stream the movie from the original disc. When I initially tried this with mplayer it worked, but was laggy. Using vlc streaming is smooth, but my version (1.0.6) doesn’t support the trhd audio codec so I get the spanish track. Running mplayer with a larger cache (-cache 8192) results in smoother playback, but the same spanish audio track problem. The ripped version of the movie plays back smoothly under mplayer and vlc with no audio issues.

The main reason I installed a blu-ray player in my PC was to enable me to rip and convert the movies for use on my mobile devices. Handbrake is my tool of choice for this type of conversion.

As you can see, Handbrake is quite happy to convert the ripped video. My system can typically do a DVD in 20 minutes from physical media to mobile format. With blu-ray it seems I’m closer to real time (ie: 2hrs for a 2hr movie) due to the amount of data and the two step process. Still in the end, I’ve got a version of the movie I can take with me when I travel.

For folks interested in reading up on blu-ray and AACS, I came across the specification (pdf).

 

 

 

 

 

 

Recently I picked up a bluray drive for my PC. As I use Ubuntu as my desktop it would be nice to be able to play back (or rip & convert) movies I own. There is documentation on this, but it is somewhat non-trivial and didn’t work for me.

The model drive I have is the LG CH12LS28 Black 12x Blu-ray Read 16x DVD+/-R/RW Write Combo Drive LightScribe SATA, an amazing amount of technology for the price. Plug it in and away I go. Bluray discs show up just fine (but I lack the software on Ubuntu to play them back), and the other attributes of the drive all appear to check out just fine.

I started out looking into DumpHD. There are multiple bits of software to install to get things to the point where they should work, but I kept hitting the error:

The given Host Certficate / Private Key has been revoked by your drive.

After banging my head on this particular problem for a bit, I then decided to try out makemkv. Installing it takes a bit of doing, but no more than 5 minutes later I was ready to try it out. The end of the error log looked very similar:

Can't read AACS VID from disc - most likely current AACS host certificate is revoked by your drive
The volume key is unknown for this disc - video can't be decrypted
Failed to open disc


However, what I didn’t notice right away was what made it actually fail – this was dumped near the top of the error log:

Drive 'HL-DT-ST BDDVDRW CH12LS28 1.00' requires AACS bus encryption, disc decryption may fail.
Error 'Scsi error - ILLEGAL REQUEST:COPY PROTECTION KEY EXCHANGE FAILURE - AUTHENTICATION FAILURE' occurred while issuing SCSI command

You’d think I’d remember this cardinal rule of debugging – always look at the very first error! So it turns out that the main issue I’m having is AACS bus encryption.

I found a good description of the problem which I’ll rephrase here. AACS bus encryption is a new twist in the story. Bluray has DRM to protect the contents of the media, to access the contents you need to unlock the DRM. Previous to AACS bus encryption the player software would have the key, pass it to the drive, and the content would stream decoded over the sata bus to the player. This let all sorts of traffic ‘sniffing’ attacks happen to the data on the bus. Newer drives (mine include) support additional encryption of the data over the sata bus to block these sniffing attacks. Both makemkv and DumpHD (currently) depend on these sniffing attacks. There is a thread on makemkv on this topic.

As with any DRM scheme, it can be broken for the simple reason that decoding the disc on a computer is a legitimate thing to do using licensed software. Thus all of the magic to decode the disc can be stored on your computer, it is just a matter of knowing the secret to the trick. Sadly, today there is no licensed software for Linux.

Off to windows I went (the same PC I run Linux on, also has a licensed Windows XP install). I dutifully installed the software that came with my new bluray drive – a free copy of PowerDVD 9. I was very sad to see this as the result:

I’m running a fairly economical setup on a core i3 using onboard graphics. What’s burning me here is the lack of suitable graphics drivers from Intel to support HDCP (yes, more DRM). I can either buy a graphics card that supports the right kind of drivers, or upgrade to Windows Vista (or beyond). While I could use this as the excuse to buy a graphics card, I’m certain there is a way to do this in software.

The solution ended up being a combination of three elements:

1. AnyDVD HD
2. UDF 2.5 Filesystem viewer
3. DAUM POTPlayer

AnyDVD HD solves both the AACS bus encryption and DRM issue. It is a driver that accesses the bluray drive directly (avoiding the bus encryption) and can unlock the DRM. There is a free trial.

Since Windows XP can’t read a UDF 2.5 filesystem, which is how the data on a bluray is stored, we need a utility that allows this to be done.

The DAUM POTPlayer can manage to play back bluray content, assuming it has been decrypted (thanks to AnyDVD HD) and is visible as files on disk (UDF 2.5 filesytem). The result you can see evidence of in the screen capture at the top of this post. The experience isn’t very user friendly, but it works well enough.

Most of us have a multitude of online systems we connect to, some on a regular basis and others from time to time. Each of these systems usually has a unique user ID and password. How many of these can we reasonably remember? Many, many people attempt to keep at least the passwords aligned across systems and often user name as well. The risk is that one of these systems is compromised (or worse, malicious) and suddenly someone other than you has the keys to the castle.

There is also the challenge of picking a strong password. There are several online password generators, and tools that help verify the strength of a password. For a while I was relying on my browser to remember my password (via a cookie) and using randomly generated passwords, when the cookie expired I’d use the “I lost my password” feature to fix it (or just recreate a user). This works ok for throw-away sites (web forums) but really sucks for a site like PayPal.

So I was guilty of password re-use across a number of sites. No longer now that I’ve moved to KeePass. Of course, now I need to ensure that I have one password (for KeePass) that I will not forget and is secure enough. To help in creating one I’ll reference a great article on the usability of passwords, I encourage everyone to read this.

You can get versions of KeePass for almost any platform. For my needs I needed to cover Windows, Linux and Android. On first launch you’ll be asked to create a database (to store passwords) and assign it a password and/or a keyfile.

From the documentation “Key files provide better security than master passwords in most cases. You only have to carry the key file with you, for example on a floppy disk, USB stick, or you can burn it onto a CD. Of course, you shouldn’t lose this disk then.” This is a neat option, but not very practical on my NexusOne.

Once you’ve created your .kdb database on one of your systems, in my case an Ubuntu box – you can move that DB to other systems you’ve got KeePass on. The Android app KeePassDroid happily consumed the (1.x) database created by KeePassX. You need to figure out a method for synchronizing that database across your systems, some people use dropbox or just simply scp.

By using KeePass it is easy to create strong passwords (a generator is built into the app) and track your unique user id and password for all sites you access. Giving yourself a rule that says you’ll switch to a KeePass based password on your next visit to the site will help you move over relatively quickly.

If you need any more encouragement to rethink how you handle passwords and account, just do a quick google search. Better to lose control of one account than all.