Slashdot Mirror
AACS Device Key Found
henrypijames writes "The intense effort by the fair-use community to circumvent AACS (the content protection protocol of HD DVD and Blu-Ray) has produced yet another stunning result: The AACS Device Key of the WinDVD 8 has been found, allowing any movie playable by it to be decrypted. This new discovery by ATARI Vampire of the Doom9 forum is based on the previous research of two other forum members, muslix64 (who found a way to locate the Title Keys of single movies) and arnezami (who extracted the Processing Key of an unspecified software player). AACS certainly seems to be falling apart bit for bit every day now."
Will they actually do it?
Will they actually revoke these software players from all new disks?
Its time for them to put their money where their mouth is and actually block access to these broken players.
If they allow it to continue, all their movies will be piratable (insert oh noes! here).
I wonder how pissed off people will be if they can't play their new movies?
liqbase
I'm sure all this cracking of DRM by snooping memory will result in hardware protection being rolled out. Of course it woud need to be in the chipset and CPU.
Of course such restrictions would make debugging your own programs harder if it was always on.
I think the time has come for to give up on encryption and move to plan B, and no they don't mean plan A + panic, they mean they will be forced to randomly post armed gaurds on customers DVD player's.
Sure it will be somewhat inconvienient and more expensive for customers, but that's the price they are choosing to pay when they turn a blind eye to piracy.
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
Narrator: In A.D. 2007, war was beginning.
....
MPAA: What happen ?
RIAA: Somebody set up us the bomb.
RIAA: We get signal.
MPAA: What !
RIAA: Main screen turn on.
MPAA: It's you !!
J.Q. Public: How are you gentlemen !!
J.Q. Public: All your video are belong to us.
J.Q. Public: Your revenue stream are on the way to destruction.
MPAA: What you say !!
J.Q. Public: Your business model have no chance to survive make your time.
J.Q. Public: Ha Ha Ha Ha
RIAA: MPAA !! *
MPAA: Take off every 'Lawyer' !!
MPAA: You know what you doing.
MPAA: Move 'Lawyer'.
MPAA: For great injustice.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 is the magic number.
I've got one of those 30" dell monitors. Problem is it does not have the fancy encrypted link, so 'useless' as a blueray/hd-dvd monitor. With this stuff getting cracked, I am looking forward to VLC playing not only my stack of DVD and whatever the next generation of movies I end up buying and re-encoding.
+++ UGUCAUCGUAUUUCU
My parents bought a DVD with a narrated tour of some ruins they visited on vacation outside the country in order to show their friends. It wasn't region 1, so they couldn't play it. They, like the average non-geek, had no idea about region coding, and of course didn't know that they had to look for a certain "type" of DVD.
When I explained to them why their disc wouldn't play, they were mad. When I gave them a working copy of the disc, they were happy.
Within 5-10 years, if DRM is still popular, you will need to have a dongle that does the decrypting of DRM'd materials. The dongle, in conjunction with "protection" circuitry in the video and audio channels, will provide a revocable key between the media player and the video output device.
It will work something like this:
There will be two channels of data, one from the media source to the dongle, and one from the dongle to the playback device.
The dongle will decrypt data from the media source, or possibly ordinary RAM. In some cases, will be done with the aid of software tokens purchased from rights owners. In others, it will merely verify region, time-expiration, and other restrictions embedded in the media are complied with. In some cases, part of the key will be downloaded from the Internet in real time, or a time-bombed key will be renewed at regular intervals.
The dongle will re-encrypt the data so the playback hardware can play it, but memory-snoopers can't access it.
The dongle will be a "black box," protected by hardware features and possibly legal protection: "Tamper with this for the purposes of understanding it and go to jail."
The dongles will be handed out like candy for little or not profit, but they will be revoked individually if any one is compromised. People concerned about privacy and tracking implications will trade dongles or simply buy them by the bucketful.
I don't know if these dongles will be USB dongles or if they will be on a faster bus or maybe even connected directly to the video playback circuitry.
Mark this post, it may prove useful in challenging future dongle patents.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
...DRM just ain't all its cracked up to be.
http://forum.doom9.org/showthread.php?t=122363
Custom electronics and digital signage for your business: www.evcircuits.com
Good luck playing that DVD overseas. Good luck playing that DVD in Linux. Good luck with your new fancy disks if your player gets revoked. And all of this while the people who really ARE doing things they shouldn't are just double-clicking their unrestricted .avi file.
I don't think this is as good as you think it is. I'm all for breaking DRM (and was extremely pleased when they broke the AACS process key), but I think releasing a player key was a BAD idea. I'm betting the MPAA's logic in regards to this will look like one of these two:
- WinDVD is not handling its device key in a secure manner
- WinDVD cannot be trusted
- WinDVD won't be getting another player key
Or even worse:
- WinDVD did its best to protect its device key
- It's impossible to protect a device key in a program that people can reverse-engineer [true]
- We'd better not allow any software to read AACS-protected content
Although this may all be moot anyway, as they can extract future process keys with relatively little effort (though it'll be a lot more effort if hackers have to break hardware systems instead of software).
You have tried to support your argument with faulty reasoning! Go directly to jail; do not pass Go, do not collect $200!
Revocation, obfuscation, TPM chips, hardware tricks ? Whatever, DRM is provably insecure.
So, am I not "supposed" to watch my DVDs on my old TV? The macrovision protection makes the picture nearly unwatchable. The TV is very nice, and does the job well. Why should I have to throw away a perfectly good TV and buy a new one just to watch a DVD? It doesn't make any sense - if I have to buy a new TV, that's less money for me to spend on DVDs, so the copy protection would actually reduce their sales.
Likewise, have you never bought a DVD from another country? If you're not supposed to do that, then why can I buy DVDs from another country? Sure, you can get region-free DVD players, but not everybody has one - and with "RCE" protection, some titles won't even work on some region-free players. And region-free players are technically illegal in some places.
I also like to watch movies but some titles won't let me go straight to the movie, and instead force me to sit through unskippable ads and FBI warnings. I even had one disc that I bought, which made me sit through a quite long lecture about the evils of piracy, telling me how people who copy DVDs are funding terrorism and destroying the industry. Ironically, it was quite simple to make a copy of that DVD, with the anti-piracy ad removed. If they didn't have that unskippable propaganda at the beginning. If I ever get another disc with that ad, I'm going to return it as defective. I paid to watch the movie, not to be lectured by propaganda.
... and then they built the supercollider.
How many keys are there? Why aren't there just one? What's the difference? IS there any difference?
AACS uses a bunch of different keys in a hierarchical structure. Gradually, the cracks have been revealing keys higher and higher up the food chain. As I understand it, this is a bottom-up description of AACS's key structure:
At the lowest level, every piece of content is encrypted with a Title Key, which is unique to at least an individual title, possibly a particular printing of the title. The original cracks revealed the Title Keys for individual titles one at a time. These can be used to decrypt the content, but don't break the scheme, just the encryption on an individual piece of content.
The Title Key is stored on the actual media, encrypted by the Volume Unique Key, which is unique to a given title.
The Volume Unique Key is the result of a keyed hash of the Volume ID (stored on the media) and a Media Key, which is unique per title.
The Media Key used is generated by combining the Media Key Block (stored on the media) with a key unique to the decrypting device. Each device has a different key, but generates the same Media Key.
I'm not entirely sure why so many keys are used, but that's basically how the scheme works. Previous cracks were based on revealing keys that were title-specific. This one has revealed a device-specific key, which means that until the key is revoked, which would cause all future discs to no longer play on that particular player, any piece of content can be completely decrypted.
I know that personally, I refuse to upgrade anything for Blu-Ray or HD-DVD. Even if it weren't for the content 'protection,' what's the real point? Sure, it's nice to put more per disc for PS3 or XB360, but should that really determine the format of movies, or music? The 'truth' that the xxAAs don't understand is that physical medium are on the way out.
So, of course; don't buy them. Tell your friends not to buy the, and spread the word. If technology was selected based on worth and merit, we'd all have been using beta-max and mini-discs. But consumers don't always go for quality, innovation or convenience. Most often they like whet their friends have, they like what they already have, and sometimes? They just follow the pr0n industry (uh oh, did i just predict the HD-DVD?) THe point being, this one is easy to 'nip in the bud.'
Now, if you were to start a large-scale boycott of xxAA products? That would rock the boat. But I'm not holding my breath for you.
"What is the final ACCS "key"? How many levels are there?"
It seems to go on and on forever. But then you get to the end and a gorilla starts throwing barrels at you.
If you're trying to demonstrate that DRM is futile waste of energy, it's in your best interests to release as early as possible.
Releasing an exploit a couple of years after the technology is first released gives people the impression that the DRM was "good" for those two years. On the other hand, releasing the exploit a week later drives home the point that the copy-protection racket is selling nothing but snake oil.
http://outcampaign.org/
This key doesn't really add anything to what's already done. They could already decrypt every movie by simply sticking it in the player and extracting the key, all this does is make it possible to make a standalone tool to decrypt discs (until they revoke this key, anyway). But if you don't mind breaking the DMCA in the first place, how many would have moral problems getting a copy of WinDVD to extract the key anyway? This really is non-news.
It's more news in that it could make HD content decryption as universally accessible as DVD decryption currently is. A lot of people might want to extract their HD content but not have the know-how or motivation to do anything beyond "download this program, hit start", though it's less news since I've heard there are already programs that will do that using a list of title keys that's periodically updated over the Internet.
But then, I'm not trying to do something with it that I shouldn't, like copying it when the purchase agreement clearly says I'm not suppose to...
What purchase agreement? I agreed to nothing when I bought it. And I'll do whatever the hell I want with the property that I own. Much like I don't use CDs anymore when playing audio content, I don't want to use DVDs when playing movies. So I rip and watch on a HTPC. The process is much more complex than ripping an audio CD, mostly because of the DRM.
The physical media that we buy can become scratched and broken, even when we take care of it. And thanks to the convenient duplicity of ideology that is held by the content companies, we are said to be buying only a license to the content, which happens to have a copy along with it on the media. Good luck getting replacement media so you can exercise that license if a disc happens to get scratched. They want to have their cake and eat it too, so we get, "You should take better care of your discs." and DRM protecting the content.
This is BULLSHIT. There's really no way to get the message across to them, so no more. I won't buy another movie on DRM-protected media. Until they change, or offer a (paid for) download of the video without DRM, I won't be buying another movie. I'll rent from an online source and rip to a media server. Yeah, I'll still watch them and get the content, but I won't purchase the discs anymore.
Illegal? Probably. Unethical? I don't think so, and really, I don't care.
Qualitas edurus commercium, nullus penitus net rimor, nullus deus beneficium
What do you mean, "will result?" It already has resulted in hardware DRM -- if you have Vista and a machine with a TPM, it's already there!
No, actually, it isn't. While the TPM could be used to "seal" the HD-DVD/Blu-Ray player device keys to a given boot state, the decryption of the disk contents would still have to be done using the main processor (TPMs don't do bulk decryption, don't know anything about AACS, and aren't programmable to teach them how to do the AACS key derivation/decryption scheme).
Also, I don't know that Vista is really TPM-aware.
In the near future, it may become the case that if you have (a) Vista + some service pack, (b) a TPM and (c) a processor with hardware virtualization support (Intel VT/AMD-V), then your HD-DVD/Blu-Ray player may run on a separate virtual machine which your main OS has no access to and which you therefore cannot debug, and the TPM may be used to seal the device keys to the particular software in that VM, so that no other piece of software has any reasonable hope of retrieving them.
Collectively, BTW, (a), (b) and (c) above are known as Palladium, aka NGSCB.
Personally, I think it's more likely that your video card may gain an AACS subsystem, so your PC would feed the data stream from the disk to your video card, which will decrypt the data and display it. The video card would then have to have a way to securely transfer the audio stream to your sound card. Or maybe your sound and video card will negotiate secure data connections to your HD-DVD-ROM drive and the drive would do the AACS stuff and feed it securely to your output devices, so that your main processor never gets to see an unencrypted copy.
There are ways to make software players more secure, but a TPM alone is insufficient, unless the OS is airtight, unhackable/modifiable even by the administrator. Given Microsoft's track record with making an OS unhackable by random people around the world with no privileges on the box at all, I don't think that's going to happen.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Ok, I'm by a DVD player. What are you all doing?