You keep using that word. I do not think it means what you think it means.

Politicians Logic

Explained in the YPM episode "Power to the People" by Sir Arnold and Sir Humphrey. It follows the following scheme: "Something must be done. This is something, therefore we must do it.". But doing nothing is better than doing the wrong thing.

http://www.yes-minister.com/polterms.htm

If by "multiple hashes" you mean a hash of a hash, then it's a bad idea. A hash function compresses the input data (lossily) to a (usually) smaller amount of data. As for computing both hashes and XOR'ing them together, it doesn't seem like too bad an idea, but it's beyond my ability to give a more definitive answer. It's entirely possible that the two hash algorithms effectively cancel out parts of each other, or at least make the job of cryptanalysis easier. That is, it could make the job of finding hash collisions (which is the usual measure of security for hashes, assuming that the hash is effectively one-way to begin with) potentially much easier. When in doubt, it's safer to use a single system.

Also, iirc MD5 and SHA-1 give different length hashes so some additional mungeing will be needed to come up with a uniform length hash.

The NIST article mentions:

The attack primarily affects some digital signature applications, including timestamping and certificate signing operations, where one party prepares a message for the generation of a digital signature by a second party, and third parties then verify the signature.

There's an easy solution here as mentioned in Applied Cryptography (2nd edition). To paraphrase, when given a document to sign using a hash-based digital signature protocol, make sure to make some trivial edits to the document first. Otherwise, you run the risk that the person asking you to sign the document has already calculated a hash collision for that document, meaning that at a later date they can use your signature as "proof" that you signed some more nefarious document which has the same hash. Funnily enough, I think SHA-1 was mentioned somewhere in that same section...

The VCR didn't have any copy protection built in, so there would be no "circumvention" to trip the DMCA.

Since I don't know anything about this software, I don't know if it decrypts the disc or not. But it is possible to make a perfect copy of a disc without decrypting it. That, and the fact that CSS (Content Scrambling System) is no longer a trade secret, should be enough to show how groundless this suit is.

I know it's not what the article is about, but I thought it was a cool hack nonetheless... remember how the invaders changed colour as they moved down the screen? Well it wasn't because they had a full colour screen. Instead different coloured strips of plastic were placed over different areas to give the illusion of a colour display. But I guess most of you knew that...