Not so scary DRM, as painted

When an employee of the Livermore National Laboratory, Escher Langton bought a film in one online store that required a proprietary video player from Leaping Brain , he had difficulty installing the player on the iPhone. Trying to deal with the problem, he discovered that the video was uploaded to a hidden folder as a set of regular .mov files. True, none of them could be reproduced.

The proprietary player with DRM protection turned out to be a Python wrapper script around several libraries from the VLC project. Python code made some kind of conversion on the file before feeding it to VLC. A FAQ on the Leaping Brain website said that their player uses an incredibly cool cryptographic algorithm to implement DRM:

“We use the proprietary BrainTrust encryption algorithm when uploading videos to our servers. Even if someone can access your content, the files will not play and will be completely useless, because they are stored in encrypted form. After downloading to a user's device, only a legal user can play files and only through MOD Machine Player. We do not know a more reliable scheme than this. Windows Media DRM is easy to hack and works only under Windows, while BrainTrust is almost impossible to hack, and this technology works fine under Windows 8, Vista, XP and Mac. ”

Recovering the script wrapper, Escher Langton saved the processed file and compared it with the “encrypted” one. It turned out that the inaccessible algorithm was that in the first 15 kilobytes of the file, several initial bytes of each kilobyte block were XORed with a "secret key", which was the string "RANDOM_STRING".

Source: Asher Langton's blog .

PS The old version of the FAQ has already disappeared from the official Leaping Brain website. But Google cache remembers !