Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Crypto :: decssdst.htm

42 ways to Distribute DeCSS (or just about anything else "they" don't want you to know!) by Samuel Hocevar



DeCSS

42 ways to distribute DeCSS

This page is about distributing DeCSS, the famous CSS descrambler which the MPAA tries to stop being distributed but which is also the only program available out there which lets you play DVDs under various operating systems such as Linux or FreeBSD.

HTTP, FTP, E-Mail, but also WAP, finger, TFTP, and even DNS, SNMP, Corba, BackOrifice, XDMCP: there are dozens of ways to get DeCSS.

History

October 22nd, 2000: added details of the IMAP session using telnet, as well as a link to the webmail interface.

October 21st, 2000: don't send me the Corrs album, I couldn't help buying it :)

October 20th, 2000: added the history section, brought back the gopher server because the buffer overflow in it got fixed (deactivated would be a more proper word), explained why 42.

October 18th, 2000: added an explanation on how the DVD CCA's nameservers are distributing DeCSS as well.

October 17th, 2000: Submitted the site to GeekNews. but the announce quickly spread to da Linux French Page, and then on Slashdot, before I had mirrors set up for the movies. The box was brought down for undetermined reasons (not the usual slashdotting crash -- the load was below 1.0 and it was pretty responsive), most presumably faulty memory. It did fine after a reboot and a RAM upgrade.

October 12th, 2000: reached 42 methods, and decided the page was finished.

August 30th, 2000: started writing a page about amusing ways to distribute DeCSS, for fun.

October 6th, 1999: the DeCSS source code got released.

42 ?

For those wondering, yes, 42 is related to Douglas Adam's work, you could have noticed this by checking the META tags. It's not a coincidence, I just like this number. One of the others I like is 12, but this page would have been a lot less interesting.

Overview of the 42 methods

1. plain text via HTTP

The main protocol used on the web is HTTP. See http://decss.zoy.org/decss.c to get DeCSS.

2. FTP

You can easily retrieve the DeCSS source code via anonymous FTP on ftp://decss.zoy.org/pub/decss/decss.c.

3. NNTP or e-mail

DeCSS can be posted on Usenet, directly in the message body (see <decss.c@body.post> or the copy on Deja).

Of course, you can do exactly the same using e-mail, but I didn't set up a system sending DeCSS by e-mail since it would probably have been quickly abused.

It seems that some moron spammed Usenet with the DeCSS source code. As a news administrator, I find this behaviour unacceptable. Usenet isn't a child's playground, there are a few rules one should follow so that it remains a nice place. So whoever did that, you should know it was a rather stupid idea, and doing it anonymously proves that you don't have the guts to fight the battle anyway.

4. hidden as HTML comments via HTTP

HTTP allows a few more ways to send data: if you are reading this page in a web browser, then you probably already downloaded DeCSS, since it is in this page's HTML comments (use your browser's view source function).

5. NNTP or e-mail (attached to the message)

You can also post DeCSS as an attachment, either on Usenet or by E-mail.

6. Gopher

Gopher can be considered the web's ancestor. You can get DeCSS on gopher://decss.zoy.org/.

7. IRC

On IRC, a DCC send is the common way to quickly transfer files. But DeCSS can also be put in the server's MOTD (message of the day). Try for instance the IRC server decss.zoy.org.

8. CVS

CVS stands for "Concurrent Versions System" and is aimed at managing projects. It handles conflicts, concurrent works on the same file, and a lot of interesting things. Okay, actually if you have used it a bit, you will know it sucks, but we don't have anything else, and hopefully stuff like Subversion will work pretty soon.

So, to retrieve DeCSS with CVS, use the following commands:

cvs -d :pserver:decss@zoy.org:/var/cvs/decss login
cvs -d :pserver:decss@zoy.org:/var/cvs/decss get decss

Of course, the CVS password is decss.

9. DNS (coolest hack)

DNS is a protocol mainly used to make correspondence between IP addresses and domain names. But one can also put information in it. To retrieve the DeCSS code, try this shell command:

for DVDs in Linux screw the MPAA and ; do dig $DVDs.z.zoy.org ; done | \
  perl -ne 's/\.//g; print pack("H224",$1) if(/^x([^z]*)/)' | gunzip

It should work with any sh-compatible shell, like bash, zsh, or plain old Posix shell. Users of brainf*cked shells such as csh should really consider using a proper shell.

This is my favourite hack. There used to be another version wandering on the Web; please don't use it, it used AXFR requests, which only work when you have direct connection to the Internet. This one is really better, because it also stays in every nameserver's cache for 31536000 seconds. That is, one year :)

I made the zone by hand. This tiny routine might help you:

gzip < decss.c | hexdump | grep ' ' | sed 's/^[^ ]*//; s/ \(..\)\(..\)/\2\1/g'

You may want to adapt it and put it in your own zones, or just copy mine :)

Note: Mark Baker noticed that you could do the request to any nameserver. Which means for instance that the DeCSS source code is available from the DVDCCA's nameservers ! Here is how to get it (assuming you chose the first nameserver for dvdcca.org which is ns1.or.com:

for DVDs in Linux screw the MPAA and ; do dig $DVDs.z.zoy.org @ns1.or.com ; done | \
  perl -ne 's/\.//g; print pack("H224",$1) if(/^x([^z]*)/)' | gunzip

10. Hidden in picture files

The DeCSS code can be put in any file format allowing comments. Andrea Gnesutta (who won the "best high-tech entry" award at the Distribution Contest) managed to put the DeCSS code in a PNG image (local copy). As you already saw, one can also hide DeCSS in HTML comments.

David Touretzky's Gallery of CSS Descramblers has a few more examples of hiding DeCSS code in various files, like a JPEG image (local copy).

Another guy whose full name I couldn't find has put the code in GIF images. His hack differs from the others in that the code here isn't hidden in comments, but is part of the image data. And, well, DeCSS looks rather nice :)

11. finger

An enhanced finger daemon such as cfingerd allows to easily pass misc data to the user doing a request. Try the following:

finger decss@zoy.org

12. NFS

NFS is a file sharing protocol widely used on the Unix platform. To mount an NFS share containing DeCSS, you might want to use a command similar to this one (Linux command, YMMV):

mount -t nfs decss.zoy.org:/mnt/decss/ /mnt ; cat /mnt/decss.c

13. NNTP or e-mail (hidden in the headers)

You can post it hidden in the message headers (see <decss.c@headers.post>).

If your newsserver doesn't have this article, try the copy on Deja. To see all headers, you will need the text format. Deja mixes headers, so to retrieve the source from the Deja message, you'll have to use such a command:

grep X- message.txt | sort | cut -b7-

It is also possible to post such a message by E-mail.

14. TFTP

TFTP is a protocol mainly used by boxes booting on an Ethernet card and retrieving their operating system via the network. The following command lets you do the same for DeCSS:

% tftp
tftp> connect zoy.org
tftp> get decss.c
Received 11347 bytes in 13.0 seconds
tftp> quit
%

15. Wearing DeCSS

The Copyleft guys made two versions of a DeCSS t-shirt: the "Got DeCSS ?" version and the "OpenDVD" version. Surprisingly, they are being sued for the "Got DeCSS ?" shirt, but not for the other one.

Deadtech are also planning to do DeCSS t-shirts for October 6th, 2000 (one year after the first DeCSS release).

16. telnet

A simple telnet request can give you the DeCSS source code. Try the following:

telnet decss.zoy.org 31337

You can also log in directly as user decss with password decss:

telnet decss.zoy.org -l decss

17. ssh

You can retrieve DeCSS by logging in using ssh, as user decss with password decss:

ssh decss@decss.zoy.org

18. chargen

chargen is a character generator which runs as an inetd service. I made it output totally random characters:

nc decss.zoy.org chargen

19. NetBIOS

NetBIOS, also refered to as SMB, is the file sharing protocol of the Windows OSes. On an Unix system, programs like Samba or Sharity allow to serve and access data using this protocol. This is a typical smbclient session to access DeCSS (the password is blank):

% smbclient '\\zoy.org\decss'
Password:
Anonymous login successful
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 2.0.7]
smb: \> ls
decss.c 11335 Mon Sep 11 14:22:21 2000
smb: \> get decss.c
getting file decss.c of size 11335 as decss.c (8.26687 kb/s) (average 8.26687 kb/s)
smb: \>

20. Singing DeCSS

There are two famous mp3 files related to DeCSS: Xader Vartec read the first one and Joe Wecker sang the second.

Deadtech (again !) plan to release an audio compact disc titled "Circumvention Device" featuring artwork based on the DeCSS source code.

21. AppleTalk

AppleTalk is the file transfer protocol commonly used on MacOS. I know it stinks, but this page is about "I can do it", not about "I can do it nicely" :-)

If you are a Macintosh user, then you just have to mount the DeCSS share on decss.zoy.org. Or you can access it via afp://decss.zoy.org/

22. BackOrifice

BackOrifice is a network administration tool available for the Microsoft OS platform. If you have a BackOrifice Client you can connect to decss.zoy.org and type dir for instructions on how to retrieve the DeCSS source code.

23. CORBA

It is possible to retrieve DeCSS using a CORBA interface, with an IDL as simple as this one:

interface decss
{
   string getDeCSS();
};

And here is the client code for ORBit:

#include <stdio.h>
#include <orb/orbit.h>
#include "decss.h"

int main (int argc, char* argv[]) {
  CORBA_ORB orb;
  CORBA_Environment ev;
  CORBA_Object decss_ref;
  CORBA_char * result;

  CORBA_exception_init(&ev);
  orb = CORBA_ORB_init(&argc, argv, "orbit-local-orb", &ev);

  if (ev._major != CORBA_NO_EXCEPTION) { exit (1); }

  decss_ref = CORBA_ORB_string_to_object(orb, argv[1], &ev);
  if (ev._major != CORBA_NO_EXCEPTION) { exit (3); }

  result = decss_getDeCSS (decss_ref, &ev);
  printf("CORBA Server response:\n%s\n",result);
  CORBA_free(result);

  CORBA_exception_free(&ev);
}

Save the IOR to IOR, the client code to client.c and the IDL to decss.idl, then run the following commands to compile and run the client:

orbit-idl decss.idl
gcc -o client client.c decss-stubs.c decss-common.c \
    `orbit-config client --libs` `orbit-config client --cflags`
./client `< IOR`

24. HTTP cookies

Also, if your browser accepts cookies, you can try to get DeCSS using cookies. Check for cookies named decss00 to decss24, they contain a hexadecimal dump of the gzipped source file. Unfortunately I have no idea where usual browsers store their cookies, so I couldn't make a script to get back the code.

25. XDMCP

This protocol is used to serve remote X sessions. The most common server is xdm, but you can also use gdm or kdm. To request an X session giving you DeCSS in an xmessage window, you can use this simple command:

X -query decss.zoy.org

If you already have X running, you'll have to specify another display such as :1. If your moronic system administrator firewalls port 6000-6010 on your site, you can try higher values such as 12:

X :12 -query decss.zoy.org

Oh, and please don't try to log in if you do not have a legitimate account. There are no window managers or X terminals installed anyway.

26. POP3

The DeCSS source code is present in the decss user's mailbox. You can retrieve it using pop3 by using server decss.zoy.org, user decss and password decss. Don't worry if you delete the message on the server, it will be recreated 5 seconds later.

If your mail user agent does not support pop3, you can retrieve the mail using fetchmail, or even telnet:

% telnet zoy.org pop3
user decss
pass decss
retr 1
quit
%

27. favicon.ico

Every Apache admin hates favicon.ico. This file is automatically downloaded by the Internet Explorer browser when a new website is visited, which fills the server's logs with 404 errors when this file does not exist. On this site the file exists, and if you have a small "42" logo in the corner of your browser window, then your browser has downloaded it and displayed it. As you may imagine, DeCSS is hidden in this file. Just do the following to get it back (dd is a Unix command, but you see the point - any editor, even notepad, should do the job):

dd if=favicon.ico skip=2238 bs=1

For people with real browsers, you can still get the icon at http://decss.zoy.org/favicon.ico.

28. Dict

The dictionary protocol dict is a very handy way to transfer information. Just add zoy.org to your list of dict servers in your favourite client, and search for decss. If you only have the command-line dict client, you can run the following command:

dict decss -h zoy.org -P - | grep '^ ' | cut -b3-

Note: the dict server is currently b0rken, please be patient while I fix it.

29. OpenLDAP

OpenLDAP is an opensource implementation of the Lightweight Directory Access Protocol which can serve information to the whole Internet. For more information, see http://www.openldap.org/. and to get DeCSS through LDAP, see:

ldapsearch -h zoy.org -b 'o=decss' 'cn=*' | perl -ne 'if(s/^sn=://){print $_}'

30. IMAP

This protocol is has the same purpose as pop3 (managing a remote mailbox) but with additional functionalities. To retrieve the DeCSS source using IMAP, you will need an IMAP client such as Netscape, pine, Outlook Express. There are also a few free software clients such as fetchmail or Mozilla. As usual, connect to zoy.org on standard port 143 with login decss and password decss.

If you do not have an IMAP client, you may try the webmail interface. Or this simple telnet session:

% telnet zoy.org 143
1 login decss decss
2 select inbox
3 fetch 1 body[text]
% 4 logout

31. MUD

MUDs are popular text mode online adventure games. Try to connect to decss.zoy.org port 9993 with your favourite MUD client. If you don't have a proper client, you can use telnet:

telnet decss.zoy.org 9993

When you first arrive in the place, there is an MPAA lawyer you can play with, and a look at the carved stone will give you the DeCSS source code.

90/90h 80/80m 80/80e> shout wazzzuuuuuup
You shout `wazzzuuuuuup'
90/90h 80/80m 80/80e> kill lawyer
You attack The MPAA lawyer!
You strike The MPAA lawyer a crushing blow with your bare fist.
The MPAA lawyer is bleeding profusely.
90/90h 80/80m 80/80e>
You strike The MPAA lawyer fatally with your bare fist.
The MPAA lawyer falls to the ground dead.
90/90h 80/80m 80/80e>
Maggots chew hungrily on the remains of The MPAA lawyer.
90/90h 80/80m 80/80e> look stone

Note: the MUD server I found (AIME) seems to crash quite often, so it might be unavailable from time to time. I'll have a look at other MUD servers to see if I can find a more stable one. MUSE seems interesting.

32. Linux kernel patch

The Linux kernel has a big /proc filesystem with a lot of information about the system that userland programs can retrieve. There is a kernel patch (for Linux 2.2.16, YMMV and use at your own risk) that creates a /proc/decss entry. You can then get the code by doing (uudecode and bzip2 needed):

cat /proc/decss | uudecode -o - | bunzip2

33. WAP

WAP is, according to the Wap Forum, "the de facto worldwide standard for providing Internet communications and advanced telephony services on digital mobile phones, pagers, personal digital assistants and other wireless terminals". For those who don't know what this means, it's just another shitty and useless protocol to make consultants happy.

To get DeCSS on your favourite marketdroïd WAP device, go to http://decss.zoy.org/decss.wml.

34. PostgreSQL

You can retrieve DeCSS from a PostgreSQL database:

echo -e "decss\n select textline.line from textline, sourcecode \
   where textline.id = sourcecode.id order by sourcecode.linenumber" | \
psql decss -h decss.zoy.org -U decss | sed 's/^ //'

35. FSP

FSP is the File Service Protocol. It is a bit like FTP, but does not need connection since it uses UDP. Actually it is what anonymous FTP should have been. Here is an FSP session example:

% export FSP_HOST=decss.zoy.org
% export FSP_PORT=21
% export FSP_DIR=/
% flscmd
decss.c
% fcatcmd decss.c
(...)
% fgetcmd decss.c
%

36. SNMP

SNMP is the Simple Network Management Protocol. You should be familiar with it if you ever worked with switches or routers, otherwise it is quite likely you never had to fiddle with SNMP. Information about a system can be obtained using the snmpwalk command, for instance to get the DeCSS source code:

snmpwalk -v 1 zoy.org public .1.3.6.1.4.1.2021.50 | \
   perl -ne 'if(s/.*"(.*)\.".*/\1/){print $_}'

Sorry for the ugly numbers, but I had no time to learn how to create a proper MIB.

37. Avantgo channel

Avantgo is a service for PDAs that eases the synchronization of web pages with your assistant. Most of them are shipped with Avantgo preinstalled today. You can easily add the DeCSS channel to your assistant using a a one-click URL.

38. rsync

rsync is a protocol widely used to mirror large file archives because it has, amongst its other interesting features, the ability to download differences between files instead of complete files, which makes it faster than mirroring equivalents.

To test the connection with an rsync server, type the following command, which will give you the list of all available anonymous rsync shares.

rsync zoy.org::decss

Then to retrieve the DeCSS archive, use:

rsync -av zoy.org::decss /tmp/decss

39. UUCP

UUCP (Unix to Unix CoPy) is an old protocol created in the late seventies as a network protocol over telephon lines. It is still used nowadays as a file transfer protocol, mostly for mail and news, because it is often cheaper than a real Internet connection.

Setting up UUCP isn't straightforward and requires some skills. If you are using Taylor UUCP (today's most widely used version), you may want to try my configuration files (more than ever, YMMVAL). First, you have to set up a nodename entry in /etc/uucp/config. Then, put this in your /etc/uucp/sys:

system          zoy
address         zoy.org
call-login      decss
call-password   decss
time            any
port            TCP
local-receive   /tmp
protocol        t

And to get the DeCSS source code, issue the following command:

uucp 'zoy!~/decss.c' /tmp

40. MPEG Movie

I calculated an animation of the DeCSS source code, using a few Gimp scripts I made. It isn't very different from the DeCSS-in-a-picture method, apart from the amusing fact that DVDs are MPEG movies as well (technically they are MPEG2 movies, but it's almost the same).

The movie is really huge (I didn't find a decent encoder), so you may want to have a look at a few screenshots first.

still 1 still 2 still 3 still 4 still 5 still 6 still 7

Download DeCSS - the movie:

noemie.nerim.net   decss.glou.net   ftp.via.ecp.fr  
360x288, low quality (36.4 MB)   360x288, lowq   360x288, lowq  
360x288, high quality (72.3 MB)   360x288, hiq   360x288, hiq  
720x576, low quality (141.8 MB)   720x576, lowq   720x576, lowq  
720x576, high quality (269.3 MB)   720x576, hiq   720x576, hiq  

41. Quake

The QuakeForge project is a free software initiative to enhance the original Quake game. I set up a server on quake.zoy.org with a few default maps. No bots for the moment because I'm still in the process of writing one, but you can still get the DeCSS code by typing the following command in the quake console:

download progs/decss.c

The file decss.c will then be downloaded into your Quake progs directory.

42. Postal services

It may sound funny, but there are actually ways to share data which do not require using the Internet ! There's treasure everywhere.

I'm trying to do a CD containing the DeCSS movie that can be read by a DVD player. If people actually order a few of them, most of the money will be sent to the EFF. And yes, they will be shipped through snail mail. See below for more details.

Omitted methods

Some methods were deliberately omitted because they weren't technically interesting, because they were too heavy to implement, or required so much programming skills that few people would have been able to implement them again.

I also omitted methods such as Freenet, Napster, Hotmail, Gnutella, mostly because I think they are inherently bad and would have lead to misinterpretation of my goals. I am an OpenSource user and developer, not a pirate: if I can't get something for free, I try to do it myself rather than stealing it. Things like Napster are only intended at illegally sharing copyrighted material, while DeCSS is intended at making legitimate use of movies I buy. I can't name any illegal use of DeCSS; what is illegal is to copy a DVD (one doesn't need DeCSS to do it), or to rip a DVD, compress it using some sort of DivX crap, and distribute it on a CD (will the MPAA make DivX illegal as well ?).

Order the DeCSS movie CD for $10.00

For those of you who don't have the necessary bandwidth, I can burn a CD-Rom (a CDRW actually) with the DeCSS animation (in both high and low resolution) in MPEG1 format.

I am looking for a music background for the movie. If you are an artist and can compose and record a song for the movie, I would be eternally grateful to you. Please avoid the StarWars theme, I'd get automatically sued for obvious reasons.

The DeCSS CD currently does not work with a standalone DVD player, because it has MPEG1, not MPEG2. I am working on this but cannot promise when it will be ready. Just tell me if you want the DVD version when you order it.

I can ship you a copy of this CD for $10.00. Here is where the money goes: I substract the shipping and the CD price (which I believe will be around $4.00-$5.00). Of the remaining, 50% helps me paying the ISP who hosts the zoy.org server and provides bandwidth for it, and the other 50% goes to a monthly donation to the EFF to support their DVD action. In the (rather unlikely) case that I get enough orders to pay a whole month to my ISP, then all the remaining money for that month would go to the EFF.

Send your orders to the following address, with a working email address so that we can quickly work out possible problems:

DeCSS movie - Samuel Hocevar
3, rue Ambroise Thomas
57800 Freyming-Merlebach
FRANCE

People living in Europe can send 10 Euros instead of $10.00. People living in France can send 60 FF. Cheques are preferred, I'm afraid I can't accept credit card payment; if you really, really, badly want this CD and can't pay for it, you can choose to send me Nx$10.00 worth of online-ordered stuff such as blank CDs, peanut butter, DVDs, or the latest Corrs album. I can't give you any guarantees either, except my good faith. If you happen to be unhappy with how things work out, just send your hired assassins to the above address.

You may also think you can just download the damn MPEG movie, burn it to a CD and make your own donation to the EFF. And you would be perfectly right. I'm not doing this as a business (I don't have the time to), it's mostly to make fun and help people with bandwidth limitation. Probably the guys at Copyleft or Circumventiondevice will want to sell it more seriously (if you read me - go on, it's GPLed stuff).

Why this page ?

DeCSS is the only way I have to play DVDs, because most of them are encrypted, and the DVD CCA would like me to use software licensed by them to decrypt and read them. There are a few problems though: their software do not run on BeOS or Linux, and their source is not available, which could mean potential security issues for my computer. This is not acceptable, so I need the source code for a program that decrypts DVDs.

The MPAA is also worried about DVD piracy. One should know DeCSS is not required to copy a DVD onto another DVD, because the copy will be encrypted in the same way, and thus can be decoded in the same way. However, to copy it on another media, such as a video cassette, DeCSS can be useful, but the fact is, one could use any other DVD playing software to record a DVD to a cassette. this is not a DeCSS-only problem. In France, the country where I live, a law allows me to do a private copy of an artwork, such as a DVD (art. L.122-5). Preventing me from doing this copy, for instance by encrypting the data found on it and not giving me the tools or the method to decrypt, is a violation of article L.122-5 of Code de la Propriété Intellectuelle.

Note: someone pointed to me that a private copy wasn't allowed when the media was a CD or a DVD. This ruling does not apply here, because it is not about « copie de sauvegarde » but rather about « copie privée à l'usage du copiste », which isn't the same thing at all. And this can't be considered circumventing the protection of a computer program, because the part of the DVD which contains programmed information is actually unencrypted. Well, IANAL after all, and this is just my personal interpretation.

The MPAA tried to stop people putting DeCSS on their webpages or ftp servers. Then they tried to prevent people from linking to pages containing DeCSS material. This page is about original means of distributing DeCSS. There once was a contest about this, but few entries were announced.

Thanks

First thanks go to the anonymous guy who rewrote my DNS stuff so that it used dig instead of host. No thanks for having used 138.195.138.195 as a nameserver though, it was my firewall ! :) Thanks also to the guy who rewrote the DNS stuff using only one line of Perl, I really suck at writing Perl.

Double thanks to MaXX for the BackOrifice hack and the /proc stuff, thanks to Ol for the Corba code and his ideas, to Kali for the PostgreSQL base, to Colin for his help on the AppleTalk stuff, to Henri for the LDAP database, to Colin again and Alban for their help on the favicon, to LeRouge for the Avantgo channel, and to vb, tibob, eb, pm, moo and Arnaud for their ideas.

Additional thanks go to various readers submitting ideas: Mike Edwards for a small fix to the XDMCP command line, Mark Baker for noticing that the MPAA's or DVDCCA's nameservers were distributing the code as well, Mehmet T. Avcioglu for the IMAP telnet session.

Links


Samuel Hocevar  -  30 Aug 2000
this document validates as XHTML 1.0 Strict & CSS and is best viewed with your eyes


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH