Sparring Begins Over High-Def Movie Hacks

Discussion in 'DVD Video' started by Ablang, Apr 15, 2007.

  1. Ablang

    Ablang Guest

    Sparring Begins Over High-Def Movie Hacks
    Vendors revamp copy-protection schemes as hackers descramble each in
    Martyn Williams, IDG News Service
    Monday, April 09, 2007 07:00 AM PDT

    A cat-and-mouse game between the guardians of the copy-protection
    system on next-generation DVDs and those intent on hacking it has
    kicked off with the first revocation of a descrambling key used in a
    popular software application.

    Last week the Advanced Access Content System Licensing Administrator
    LLC said it was expiring a key used in Corel Corp.'s InterVideo WinDVD
    8 application after the key was discovered and posted on the Internet.

    Writing on the Doom 9 message board, a user with the name "Atari
    Vampire" said that he or she had managed to find the device key for
    the software. The device key is used in conjunction with individual
    keys on each movie title to decrypt the data on the disc.

    In response Corel is updating WinDVD 8 with a new device key and
    warning users that they won't be able to watch HD DVD or Blu-ray Disc
    titles unless they upgrade.

    "Our decision stems from recent reports that hackers have illegally
    obtained certain software licensing keys and have used them to
    duplicate copyrighted content without prior authorization," Corel said
    in a statement.

    The discovery of the device key is the latest in a string of attacks
    on AACS, which is used on both HD DVD and Blu-ray Disc.

    The first to be disclosed was a title key for Stanley Kubrick's 1987
    film, "Full Metal Jacket." A user with the name "Muslix64" posting to
    the same discussion board said he or she began attacking the copy-
    protection system after it prevented the viewing of the movie on a
    high-definition monitor. As an anti-piracy measure the system only
    allows high-definition video output over a monitor connection that
    supports copy protection.

    Then on Feb. 13 an additional key, called a processing key, was also
    published online.

    AACSLA downplayed the impact of both attacks, saying of the first that
    it "does not represent an attack on the AACS system itself" and of the
    second that it "represents no adverse impact on the ability of the
    AACS ecosystem to address the attack."

    Ironically technical documentation on AACSLA's own Web site appears to
    be lending a hand to people like Atari Vampire who are looking for
    weaknesses in the copy-protection system.

    "I even printed out all 70 pages of the AACS Introduction and Common
    Cryptographic Elements document, painfully reading through this
    material," wrote Atari Vampire before explaining how an analysis of
    memory contents was conducted using data "per page 13 of the AACS
    Common Crypto doc."

    The attacks to date have all involved exploiting weaknesses in PC
    software used to play the discs and in this respect they bear a close
    resemblance to the downfall of the CSS (content scrambling system)
    used on DVDs. The first attacks on that system were through badly
    written software rather than a brute-force attack on the encrypted
    data. The cracking of CSS has led to the widespread availability of
    software that can copy DVDs.

    The architects of AACS learned from the mistakes of CSS and built into
    the system several different types of keys and the ability to change
    keys whenever attacks were successful. In this way they can re-
    establish the security of the system once details of an attack are

    This situation is very similar to one currently being played out by
    manufacturers of other connected consumer electronics devices like the
    PlayStation Portable or recently-released Apple TV. Developers are
    finding ways to get around restrictions in the software of the devices
    and typically the developers are quickly responding with security
    patches that block the exploits of weaknesses in their code.

    For an indication of how long this might last, the Decrypting forum on
    the Doom 9 message board is well worth a look. It's already home to a
    community of people who are spending vast amounts of time pulling out
    various keys from high-definition movie discs and anticipating the
    next move of AACSLA and how they might get around it.
    Ablang, Apr 15, 2007
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Allan
  2. RR

    High Def DVD?

    RR, Oct 1, 2004, in forum: DVD Video
    Trevor S
    Oct 3, 2004
  3. Allan

    High Def Brings High Sales Hopes.

    Allan, Aug 2, 2005, in forum: DVD Video
    Kimba W. Lion
    Aug 8, 2005
  4. Replies:
    Tom Zielinski
    Oct 31, 2006
  5. Theo Markettos

    VOIP over VPN over TCP over WAP over 3G

    Theo Markettos, Feb 3, 2008, in forum: UK VOIP
    Theo Markettos
    Feb 14, 2008