Title: Sparring Begins Over High-Def Movie Hacks
Post by: don on April 11, 2007, 01:56:56 PM
Corel is updating WinDVD 8 after its device key was discovered and posted on the Internet
A cat-and-mouse game between the guardians of the copy-protection system on next-generation DVDs and those intent on hacking it has kicked off with the first revocation of a descrambling key used in a popular software application.
Last week the Advanced Access Content System Licensing Administrator said it was expiring a key used in Corel's InterVideo WinDVD 8 application after the key was discovered and posted on the Internet (http://forum.doom9.org/showthread.php?t=122664).
Writing on the Doom 9 message board, a user with the name "Atari Vampire" said that he or she had managed to find the device key for the software. The device key is used in conjunction with individual keys on each movie title to decrypt the data on the disc.
In response Corel is updating WinDVD 8 with a new device key and warning users that they won't be able to watch HD DVD or Blu-ray Disc titles unless they upgrade.
"Our decision stems from recent reports that hackers have illegally obtained certain software licensing keys and have used them to duplicate copyrighted content without prior authorization," Corel said in a statement.
The discovery of the device key is the latest in a string of attacks on AACS, which is used on both HD DVD and Blu-ray Disc.
The first to be disclosed was a title key for Stanley Kubrick's 1987 film, "Full Metal Jacket." A user with the name "Muslix64" posting to the same discussion board said he or she began attacking the copy-protection system after it prevented the viewing of the movie on a high-definition monitor. As an anti-piracy measure the system only allows high-definition video output over a monitor connection that supports copy protection.
Then on Feb. 13 an additional key, called a processing key, was also published online.
AACSLA downplayed the impact of both attacks, saying of the first that it "does not represent an attack on the AACS system itself" and of the second that it "represents no adverse impact on the ability of the AACS ecosystem to address the attack."
Ironically technical documentation (http://www.aacsla.com/specifications/) on AACSLA's own Web site appears to be lending a hand to people like Atari Vampire who are looking for weaknesses in the copy-protection system.
"I even printed out all 70 pages of the AACS Introduction and Common Cryptographic Elements document, painfully reading through this material," wrote Atari Vampire before explaining how an analysis of memory contents was conducted using data "per page 13 of the AACS Common Crypto doc."
The attacks to date have all involved exploiting weaknesses in PC software used to play the discs and in this respect they bear a close resemblance to the downfall of the CSS (content scrambling system) used on DVDs. The first attacks on that system were through badly written software rather than a brute-force attack on the encrypted data. The cracking of CSS has led to the widespread availability of software that can copy DVDs.
The architects of AACS learned from the mistakes of CSS and built into the system several different types of keys and the ability to change keys whenever attacks were successful. In this way they can re-establish the security of the system once details of an attack are public.
This situation is very similar to one currently being played out by manufacturers of other connected consumer electronics devices like the PlayStation Portable or recently-released Apple TV. Developers are finding ways to get around restrictions in the software of the devices and typically the developers are quickly responding with security patches that block the exploits of weaknesses in their code.
For an indication of how long this might last, the Decrypting forum on the Doom 9 message board is well worth a look. It's already home to a community of people who are spending vast amounts of time pulling out various keys from high-definition movie discs and anticipating the next move of AACSLA and how they might get around it.
Title: Re: Sparring Begins Over High-Def Movie Hacks
Post by: Cutaway on April 12, 2007, 08:48:46 AM
As an anti-piracy measure the system only allows high-definition video output over a monitor connection that supports copy protection.
What? Now my monitor connection has to support copy-writing protections? That is just wrong. These things are starting to spread too far. These protections need to be limited to the media and the software involved with reading it. Somebody needs to grab these guys by the throat and tell them to knock it off. (I know, that is not very PC but neither are they.)