AACS revokes released HD-DVD and Blu-ray keys

In December 2006, a member of the Doom9’s forum (named Muslix64) released code that would allow a person to copy HD-DVD and later Blu-ray movies. Many claimed Muslix64 did not truly break AACS at that time, because the ‘hack’ only went after the player. On the same forum, in February, a user named Arnezami posted the details and research, but more importantly, the processing key that allowed free copies to be made of any HD-DVD and Blu-ray disk. AACS DRM protection was broken completely.Shortly after Arnezami’s discovery and the news surrounding it, the AACS-LA, the ones responsible for the DRM used on HD-DVD and Blu-ray released a statement about the reports of the encryption being busted wide open.“Regarding the reported attacks on 2/13/2007, AACS has confirmed that an additional key (called a “processing key”) has been published on public websites without authorization. This is a variation of the previously reported attack (a compromise of a specific implementation) on one or more players sold by AACS licensees. Although a different key was extracted, this represents no adverse impact on the ability of the AACS ecosystem to address the attack. All technical and legal measures applicable to the previously reported attack will be applicable against this attack as well.” –AACS statementIt would appear that now the action taken was to revoke the published keys, which invalidates the methods used to break the encryption. “In response to attacks against certain PC-based applications for playing HD DVD and Blu-ray movie discs, Advanced Access Content System Licensing Administrator, LLC (“AACS LA”) announces that it has taken action, in cooperation with relevant manufacturers, to expire the encryption keys associated with the specific implementations of AACS-enabled software,” said the AACS LA over the weekend.The AACS advised consumers to check with the manufacturer of their player to get any of the needed updates compatible with the new keys issued on the newly released movies. Corel was one of the first to announce an update and release a mandatory patch to fix the cracked processing key.In a news post on the InterVideo website, a letter to the public announcing the update was posted including a strong warning for those who would choose to skip the update.“To our valued InterVideo WinDVD Customers, Today Corel is releasing an important new security update for InterVideo WinDVD. Our decision stems from recent reports that hackers have illegally obtained certain software licensing keys and have used them to duplicate copyrighted content without prior authorization. Corel takes this situation very seriously. We have been working closely with our partners and other industry organizations to ensure we take the steps necessary to prevent copyright infringement from happening in the future.”The warning that came after is what caused a ruckus on several websites and forums, “Please be aware that failure to apply the update will result in AACS-protected HD DVD and BD playback being disabled.” That led people to believe that, if they did not update that the ability to play HD-DVD movies or Blu-ray, would be lost to them. This is true only after the new disk with an updated Host Revocation List (HRL) is placed in the drive and played. If the HRL on the new disk is newer than the one on the player, the player will refuse. This is explained in the specs for the AACS in section 4.8. (AACS Introduction and Common Cryptographic Elements)What do the users like Arnezami, and the others on Doom9, the forum where the cracks first gained attention, think about the loss of they keys. Will this prevent the known methods of breaking the encryption form working?“They cannot revoke this hack. No matter how many Private Host Keys they revoke, we will still be able to get Volume IDs using patched Xbox 360 HD DVD drives. Of course some measures must be taken to make sure a patched drive will not be identified as such and revoked (in theory they could make new versions of WinDVD and PowerDVD ‘examine’ your patched drive and if confirmed to be hacked they could (in theory) "call back home" and tell the AACS LA who can revoke your drive). But by simply reflashing the drive (with the original firmware) after getting all your Volume IDs (or making this feature stealthy) this will not be an issue at all,” said Arnezami on Doom9.If the patches and revocation of the keys help stem the loss of the DRM protection, then the AACS will have won in the ongoing fight to prevent piracy. However, if the claims on Doom9 are true, then this is just a minor setback. In the meantime, WinDVD owners might want to patch the players just incase.

And Also

Look Back at the Worst Celebrity Breakups

Look Back at the Worst Celebrity Breakups - PopEater
GASP: Goldstriker creates world's most expensive iPhone - The Tech Herald
Sneak Peak: Smallville - Absolute Justice - Cinema Blend
Guide to Avoiding Red Carpet Faux Pas - PopEater
A&E series 'Hoarders' and 'Intervention' premiere Monday, Nov. 30th, preview

Your Talkback on this Story

Latest Headlines in Tech

Older Talkback

page: 1

MattApr 10th, 2007 - 13:00:17

Equating loss of DRM protection with piracy seems rather ignorant to me. There are plenty of legitimate reasons one might want to bypass DRM. Bypassing previews on rented disks, for example, playing files in environments that lack the latest and greatest DRM technology, or, when better technology comes out, moving data over to newer, more space efficient storage media while destroying the older disks all seem perfectly legitimate reasons to bypass a DRM scheme to me.

Report this comment

TomApr 10th, 2007 - 15:11:14

The fact that U.S. Copyright Law allows the owner of such media tha ability to create archival (backup) copies and/or use limited samples of an entire work for educational or research work should be authorization enough.

If I choose to migrate the content I purchased to another medium or device, that I own, for the purposes of MY listening/viewing and use the original media as the archival copy should be of no consequence as it is a right afforded to me by law.

It amazes me how many lawyers and other so called 'professionals' employed by the entertainment industry can misconstrue a long establish federal mandate on such a huge scale.

DRM employed by Blue-ray and HD-DVD will eventually force consumers out of the now multi-billion dollar video market due to on-going hardware/software compatibility issues driven by updates to that DRM model to keep it secure.

It's been both said and proven that DRM and the DMCA is movie and musics attempt to circumvent the protections afforded to U.S. consumers.

And just like the music industry if the move to uber-secure HD-DVD and Blue-ray continues I'm sure we'll be hearing Hollywood squeal that market losses on DVD sales are a result of piracy and NOT the fault of the industry choking the consumer with unjust restrictions.

Report this comment

Kaiswil2Apr 10th, 2007 - 18:50:16

Just give the hackers time. That is all they have and a goal to make it available to all.

I think in light of Apple and their overseas issues with DRM. Making mandatory hardware updates is just insane. Just look my own example. I do not have satellite or cable television, but I do own a HDTV, Upscaling DVD player, Xbox360 with HD-DVD Drive. I am lucky enough that the xbox will automatically update the DRM / Key.

What if in 6 months they make it mandatory that my surround system is DRM required to even hook up to my devices.

And to make sure that all components have access to the internet to update? Come on people are not going to connect all that junk.

Report this comment

ErvinApr 11th, 2007 - 07:02:17

This isn't about preventing piracy... it's about controlling what we watch and/or listen to and controlling what equipment we choose to watch and/or listen our entertainment on, This is about selling and reselling the customer the same product over and over again. It's about screwing the consumer with the benefit of lubricant much less a little respect.

Report this comment

Digital Rights MinimizersApr 11th, 2007 - 09:16:58

I view every single implementation of DRM as another step down a very dark, and very slippery slope.

Report this comment

JamesApr 12th, 2007 - 00:28:57

Why would anyone willingly purchase a device that can, retroactively, deny you access to the media that you legitimately bought and paid for?

Report this comment

StanMay 22nd, 2009 - 11:00:57

With this retroactive revocation, I see more and more reason to rip your disks as soon as you buy them, so that you are guaranteed to be able to watch them in the future... If you can't rip them yourself, get a rip from the net.

Report this comment

page: 1

Tech

Tech News

AACS revokes released HD-DVD and Blu-ray keys

And Also

Your Talkback on this Story

Latest Headlines in Tech

Older Talkback

From Sites we Like

In Monsters and Critics

Corporate

The Fine Print