Watching DVDs under Linux is illegal in the USA

Not all Linux users know that running a licensed DVD on a computer may violate the Digital Millennium Copyright Act (DMCA), as well as unlocking and rooting phones, removing DRM protection from books, and much more.

By the way, it is for this reason that Ubuntu and other Linux distributions abandoned the built-in DVD player, and each user must independently find and download the libdvdcss library, but not from the official repository.

Journalist and Linux Chris Hoffman (Chris Hoffman) quite easily outlined the essence of the problem . The problem is in the libdvdcss library, which breaks the protection of DVDs using the brute force of a 40-bit cipher. This is done in the background invisibly to the user.

The DMCA (Digital Millennium Copyright Act, copyright law in the digital age) takes not only the direct infringement of copyrights by copying out of the legal field, but also the production and dissemination of technologies that allow circumventing technical means of copyright protection. Similar laws apply in some other countries, such as Germany.

Most licensed DVDs are encrypted using the Content Scramble System.(CSS), one of the varieties of DRM. Rights holders formed the DVD Copy Control Association (DVD CCA) and receive royalties from every DVD player sold in the world that has CSS support. Without such support, the player simply cannot play the encrypted contents of the disc. Under the terms of the agreement, the manufacturer of the DVD player is required not only to pay deductions, but also to implement support for the regional coding system in the player, so that a DVD purchased in one region of the world will not play on a player sold in another region.



Unfortunately for media companies, in 1996, when they adopted the CSS specifications, America still had export restrictions on strong cryptography. Therefore, the CSS encryption key had to be limited to 40 bits, and the effective key size is only 16 bits. Because of this, the CSS system was hacked pretty quickly. In 1999, the famous DeCSS program was released, written by 15-year-old Norwegian schoolboy Jon Johansen based on the decompilation of the Xing player code. The DeCSS program was widely used on the Internet because it made it fairly easy to remove CSS protection from any DVD using brute force. The young hacker was dragged around for several years, but, in the end, was found not guilty, now he works as a programmer in the USA.

After the advent of DeCSS, Linux users first got the opportunity to watch licensed DVDs on a personal computer. Pentium II performs bruteforce of a 16-bit cipher in about a minute, and a modern PC - in a few seconds, completely sorting through all the options and extracting the correct encryption key.

Now we come to the most important thing - the libdvdcss library, which does just that, that is, hacking CSS protection. When a user inserts a DVD and starts the video player, the libdvdcss library in the background launches a brute force attack. It ends so quickly that this delay may not even be visible to the user, after which playback of the contents of the DVD begins.

Although there was no criminal prosecution against developers, distributors, and users of the “hacker” libdvdcss library, as was the case with DeCSS, there is no difference. Libdvdcss also violates the DMCA law.

A legal way to watch licensed DVDs for Linux for an American is to purchase a certified DVD-based program with official CSS support, such as the Fluendo DVD Player .