Slashdot Mirror
HD-DVD and Blu-Ray Protections Fully Broken
gEvil (beta) writes "According to an article at BoingBoing, the processing keys for the AACS encryption scheme used by both HD-DVD and Blu-Ray video discs have been extracted, and a crack has been released. What this means is that there is now a method to extract the copy-protected content of any HD-DVD or Blu-Ray disc out there. This is different from Muslix64's previous crack, which only extracted the volume key for each disc. This new method bypasses this step and allows anyone to extract the data without first requiring the volume key."
In five years, when I finally buy into HD television and content, there should be an assload of free content out there to download.
Blar.
The time has come to make the upgrade.
I wish Jon Johansen would have done it so he could be called HD-DVD Jon, or maybe Blu-Ray Jon.
In a world of acronyms, the words are the real victims.
years to create, weeks to break- sounds about right.
It puts a smile on my face knowing that a small group of unpaid media hackers are able to crack the AACS encryption scheme what tooks many developers and millions in R&D to create, in just a few short weeks.
Vista Help Forum
Windows Vista Help Forum
DRM is fundamentally broken by design. Ciphers of this kind rely on the attacker not getting hold of the key. At the same time, the recipient needs the key to get the data. I can never work because the attacker is the same person as the recipient.
In effect, DRM is security through obscurity.
How much longer will we have to put up with this crap before the media companies realise this and stop inconveniencing their customers and wasting our money and time as well as their own?
-- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz
Can this be fixed by revoking a player key? Or is this a more extensive breach like what happened with DECSS? Will this work on all future discs, or does it just work on the discs that are currently being produced?
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
It all starts here: http://forum.doom9.org/showthread.php?t=121866&pag e=6
Later posts seem to confirm that it works for both BR and HD-DVD
... there are developers clever enough to lie to the media companies that this can be done, and then get paid to do it over and over again. :) I kinda like the idea :) :) :)
...As most people know is that you're trying to copy protect an inherently open media format. Even in theory it's very difficult to copy protect media in a widely open, public format.
Until vastly different technology is available 20 or 30 years down the road, all that DRM is going to amount to doing is preventing the 'average joe' from copying en-mass. They just have to make it difficult enough for the casual user to be deterred from copying the content. Look at the copy protection scheme on the iPod - it's basically useless, but it prevents grandma from copying bulk amounts on content. It's like how photocopiers are not a danger to printed media, as it's just 'too' difficult to walk up to a copier and copy things on mass. The industry just has to make it hard enough to deter joe user.
The real problem for the recording industry comes in when now people are getting more and more saavy at copying content, and it's becoming more and more common place, and digital media sharing is now common place and digital media is now common place in the living room now. 10 years ago MP3's were just making there way on the scene and basically only very saavy users knew what an MP3 was, let alone what to do with it. What happens when 10 years from now mobile HD video players are just as common as MP3 players, and your average iPod video has a half a TB of flash storage? Copying (High-Def) DVD's at that point will be common place like MP3's are relatively common place now.
New DRM protection methods are now in the works which were cracked last week.
The original generic sig.
One key thing to take away from this is that the authors of the software made it really easy to pull the device keys out of memory for two reasons
- They kept them in variables that were physically near the variables for the volume key
- They zero-ed them out after use, leaving big gaping holes of zeros in memory in a place where that kind of looked funny, drawing attention to those areas
If they are smart (and if the MPAA even give them another chance), the powerdvd/windvd authors will reimplement their AACS decryption code to never store the keys in memory. Without double-checking, I believe the keys are only 128 bits, they could be loaded into the SSE registers in encrypted form and then decrypted on chip. The authors will still need to take measures to prevent an OS context switch from storing the registers in kernel-private memory during the period in which the device keys are present, but that is not an extended period of time, presumably they can kick their priority up high enough that it won't happen without hurting the system much.Even that approach isn't hack-proof, but it is a lot harder to dump the cpu registers under such conditions than it is to trace memory accesses.
When information is power, privacy is freedom.
People still buy books, including audio books and eBooks, even though photocopier exist.
I think the recording and motion picture industries need to look at why, and follow that lead. Instead of millions in copy protection R&D, why not spend millions to improve the product? Make the product something people liked owning. (Notice how libophiles obsess over the actual tangible book?).
The one really viable way to control it would be to mandate that all players have an internet connection and it verify the purchaser has rights to the media before playing it. Of course if people have good high speed connections to the internet there's no reason to buy the physical media, which they recording and motion picture industries simply can't abide with.
I'm a fiscal conservative, it's a pity we don't have a political party anymore
After reading through the article I must conclude that while the author has made decoding current discs easier, AACS has NOT been "fully cracked". The key embedded in the current software may be expired in the future, rendering this method useless for discs produced after that expiration.
In theory yes, but how easy do you believe it is to update all those specialized video players, all offline?
Don't forget: the people who buy those already had to put up with paying premium for a HDTV, expensive players, and also make sure the TV, cable and player play together through HDMI.
If you start demanding they are hooked non-stop to Internet so they can receive the daily patches, it may just be the thing crossing the line of tolerance.
Also: the hard part is retrieving keys from pure hardware. The new keys come as firmware updates over the network.. it's even easier to update those HD-DVD/BlueRay rippers. After all, you have even the keys they encrypted the patches with: you have the player, don't you.
All in all, the "super morphing update" ability of AACS seems more like a way for the AACS developers to claim "the war it's not over", when it effectively is over.
Companies will refuse to use the new keys for their disks, since they will be incompatible with plenty of the players out there, the AACS creators will whine a bit about how "they could fix it but they don't wanna, not our fault", and this is where it'll end.
The format war is over! We win!
Wrong! Break the DRM, Break it early, and break it often. DRM is dead, in fact it was stillborn. The foundational thinking behind DRM (or CRAP if you like) was so 'not right' that it's 'not even wrong' and it isn't getting any better. The more often the *AAs have to fight back with new DRM the more likely it is that we will see who in the governments is getting paid to support DRM, and then we will really have a target to ridicule, impeach, or tar and feather.
.38 bullets that can only be used in guns made by one manufacturer. It defies the intent of the framers of the law in the US to presume that you are guilty until proven so, yet this is exactly what DRM is all about, the assumption that all consumers are guilty or would be if given even half a chance.
The premise that all consumers are criminals is criminal in and of itself. Bear with me here. It defies logic and law to (analogy time) remove guns from citizens to prevent them from shooting people. It defies logic and good business sense to make
Besides this, governments should not be propping up business models that are antiquated and broken. Desktop publishing put typesetters out of work, did the governments do anything? Trains put buggy makers out of work, did the governments do anything? That is only naming a couple of examples, but the governments seem hell bent on protecting certain industries. I can only conclude that those same governments are being well paid by those industries, for that is the only logical motivation for such infringements on citizen's liberties and rights.
Now that AACS is cracked, time to follow the money and figure out who is getting paid and expose them as broadly as the DRM keys are exposed.
Support NYCountryLawyer RIAA vs People
Poking around Doom9 thread, the processing key for all current HD-DVD discs was found.
Looking over some example source code, the processing key is used with the encrypted C value to build the media key, which can then build the volume key, which can then decrypt the disc.
The MPAA can revoke the processing key, but quoting from the forum:
Some of you are missing the true meaning of this compromise. If they revoke this processing key, we just take a player compatible with a new processing key, put in one of the titles that's already cracked, and go around in memory looking for the known key. We find it, insert a new title, look in the same place and we have a new processing key.
Essentially, it becomes a known-plaintext attack.
Not a typewriter
Web Developers and Web Content-Maker-Guys YEARS ago gave the "no right click" a try. We quickly learned that if some one wants the content off the web site, they will get it, so there is no use in trying to introduce barriers that only hurt the casual user. You don't see "no-right-click" scripts anymore, but we are still producing tons of content for the web. Much of it copyrighted, and mostly the copyright honored.
I can't help but see this as a parent who is all too restrictive with thier child, leading the child into endless rebelion that would have been avoided if moderation was used instead of a billy club.
insight through the mind
I have paid for every single DVD I own. No good deed goes unpunished, I am repeatedly subjected to unskippable previews, FBI warnings, commentary disclaimers and the same fscking flying logo and equally annoying jingle at 4 places before actually getting to the content I purchased. If I were stupid enough to buy into HD/BR I additionally lose my control over the resolution I want. This isn't about Imaginary Property rights, it's about THEIR control of MY property.
There is no right to feel safe thru security vaudeville at the expense of everyone's freedom, privacy and tax money.
The IRS perfected it years ago... Ive been trying to decode my goddam tax return for the past two weeks and I still cant crack it.
We should just let them handle music distribution... "Put the song title from box 34 into this box, but only on a leap year that ends in an odd number...."