Idea: The ultimate CD/DVD auditing tool

Thomas Shaddack shaddack at ns.arachne.cz
Sat Jul 5 19:13:32 PDT 2003 

Pondering. Vast majority of the CD/DVD "protection" methods is based on
various deviations from the standards, or more accurately, how such
deviations are (or aren't) handled by the drive firmware.

However, we can sidestep the firmware.

The drive contains the moving part with the head assembly. There is an
important output signal there: the raw analog signal bounced from the
disk and amplified.

We can tap it and connect it to a highspeed digital oscilloscope card. And
sample obscene amount of data from it. In comparison with fast-enough
ADCs, disk space is cheap. The problem can be in bandwidth, but for the
drive speed set up to possible minimum (or for "normal" players) the
contemporary machines should be sufficient. Real-time operating system
(maybe RTOS-Linux) may be necessary.

We get the record of the signal captured from the drive's head - raw, with
everything - dirt, drop-outs, sector headers, ECC bits. The low-level
format is fairly well documented; now we have to postprocess the signal.
Conversion from analog to digital data and then from the CD representation
to 8-bit-per-byte should be fairly straightforward (at least for someone
skilled with digital signal processing). Now we can identify the
individual sectors on the disc and extract them to a disc image file that
we can handle later by normal means.

We can push the idea a step further, making a stripped-down CD/DVD drive
that would be able basically just to follow the spiral track with its head
in constant linear velocity (easier to analyze than CAV) mode, with the
ability to control the speed in accordance with how fast (and expensive)
ADC, bus, and disks we have, and the possibility to interrupt/resume
scanning anytimes in accordance with how much disk space we have (or to
scan just a small area of the disc).

As a welcomed side effect, not only we'd get a device for circumvention of
just about any contemporary (and possibly a good deal of the future ones)
optical media "protections", but we would also get a powerful tool for
retrieving data from even very grossly damaged discs, for audit of
behavior of CD/DVD writers and CD vendors (eg, if they don't attempt to
sneak in something like a hidden serial number of the writer), and for
access to all areas of the discs - including the eventual ones unreachable
through the drive's own firmware.

If we'd fill this idea with water, would it leak? Where? Why?

More information about the cypherpunks-legacy mailing list