HD DVD cracked?

[Queasy]

Link

Reports are circulating that the AACS content protection system shared by both Blu-ray and HD DVD has been cracked. None of the sites reporting this information have confirmed the crack, however, and our own investigation suggests that this is not a full working crack at this time. From the available details, the hack appears to only address AACS encryption, which means that Blu-ray would not be fully crackable using this method, as it has additional forms of DRM.

The crack was announced on the Doom9 forums, where user muslix64 revealed that his application "BackupHDDVD" would strip encryption from HD DVD discs. Details are very scarce, and we've had only limited time to investigate this matter. Here's what we've found, so far.

The BackupHDDVD does not take any HD DVD disc and rip it without intervention; that much is certain at this time. It is not a cracking tool but a circumvention tool. Currently one needs to somehow obtain each disc's encryption key to complete the process, and it is not clear how this is to be done. In the video posted to YouTube celebrating the hack (shown below), there's a brief shot of a key list containing information for for Full Metal Jacket, Van Helsing, Tomb Raider, Apollo 13, The Last Samurai, and The Fugitive. How muslix64 obtained these keys is not clear, but our educated guess is that muslix64 has access to a cracked software player, and is using that device to sniff keys first. As Nate noted in his report "Hacking Digital Rights Management," many of these newer cracks?BackupHDDVD would qualify if verified? focus on obtaining keys rather than cracking them. BackupHDDVD appears to be a "crack" of this sort.

Thus, the real story here isn't the decryption process, which appears to be nothing special, but rather the acquisition of the decryption keys. The video suggests that PowerDVD was cracked in such a way as to reveal the keys, but that can only remain speculation at this time. Mostly likely, muslix64 used PowerDVD to play back movies, and he has discovered a way to read the keys from memory when that application is in use. He then feeds the keys into his decryption routine, which was written based on publicly accessible information made available by the AACS Licensing Authority.

If all of this pans out (and that's a pretty big if, at this time), we'll get the chance to see how robust key revocation is with AACS. The planners behind this next-gen content protection system designed it to deal with this kind of situation. That doesn't mean it will actually work, of course.

Hypothetical fallout could be something like this: if PowerDVD is the source of the keys, an AACS initiative will be launched to revoke the player's keys to render it inoperable and in need of an update. There is some confusion regarding this process, however. It is not the case that you can protect a cracked player by hiding it offline (the idea being that the player will never "update" with new code that way). Instead, the player's existing keys will be revoked at the disc level, meaning that new pressings of discs won't play on the cracked player. In this way, hiding a player from updates will not result in having a cracked player that will work throughout the years. It could mean that all bets are off for discs that are currently playable on the cracked player, however (provided it is not updated). Again, this is all hypothetical at this time.

Video of guy "cracking" in link.

 

[dainthomas]

There is too much financial gain for large scale pirates (AAARRRRGH!) for these formats to NOT be cracked fairly quickly. Either that or some bored 11 year old in Finland will have them cracked in a week. If these companies took the millions they waste on anti-copy technologies and put them toward reducing the price of the disks, then that would probably do a lot more to combat piracy (AVAST, YE SCURVY DOG!!!)

 

[K1052]

I am Jack's complete lack of surprise

 

[Miramonti]

It seems that AACS hasn't been cracked, but a version of PowerDVD software has been compromised. When loading a movie, it places the encryption key in memory, where the author then extracted it, and wrote a program to use the key for decryption and then ripping his HDDVD's. So at this point you need to have a key respective to each movie that has been previously extracted using PowerDVD for ripping.

 

[mrrman]

cool

 

[YOyoYOhowsDAjello]

Originally posted by: K1052
I am Jack's complete lack of surprise

:laugh:

 

[JeffreyLebowski]

Well if this is true then that means HD-DVD will win the format war as people will now be able to copy them and distribute thus making HD-DVD burners more common.

 

[Lonyo]

If they can keep cracking programs, then every new batch of DVD's will get copied, and you only need one ripped/cracked copy for it to spread on the internet. Even if later it's patched, that one copy is enough.
It may take longer for HD rips to appear after a disc is released, but they probably will appear, even as keys are revoked.

 

[toekramp]

Originally posted by: YOyoYOhowsDAjello

Originally posted by: K1052
I am Jack's complete lack of surprise

:laugh:

and now i have to go watch fight club

 

[jimbob200521]

Wow, that's pretty cool.

BTW, does anyone know what movie that was that played in that video clip?

 

[toekramp]

Stanley Kubrik's A Full Metal Jacket

 

[FoBoT]

i thought this was about a physical crack in the disc, like "hey, my dog sat on my HD disc and it got a crack, can i super glue it back together?"

 

[potato28]

HD-DVD was doomed to be cracked from the start. All formats are eventually cracked, and until the prices come down alot there's still gonna be pirates looking for free movies and such.

 

[KeyserSoze]

Not cracked, but semi-compromised?



KS

 

[ryan256]

Only a matter of time. Professional pirate will find a way to crack anything you throw at them. Meanwhile us honest consumers continue to get shafted harder & harder.

 

[Eug]

Originally posted by: KeyserSoze
Not cracked, but semi-compromised?

Indeed.

Part of the AACS spec is to include revocable keys. So, the key for this is going to be changed. It was designed this way specifically to address issues like this.

I suspect PowerDVD will be updated soon.

 

[Mark R]

It doesn't look like this is much of a crack.

Indeed, HD-DVD/Blu-ray were designed with this type of exploit in mind.

This exploit appears to decrypt a movie, as long as you give it the decryption key. Hardly difficult, and the specifications on how to do this are freely available. The catch is obtaining the decryption key. In this case, it looks as if he has found an exploit in a HD-DVD software player - whereby he is able to attach a debugger and isolate the key from memory. No problem, but not really an automatable task.

The point is that HD-DVD and Blu-ray have 2 keys - the 'title' key (which is what actually decodes the movie) and the 'player' key, which is a key built into the player/software that is used to obtain 'title' key. However, the 'player' key can easily be revoked by the studios. So let's say that XYZ DVD player v1.0 has been exploited, once the studios find out they can simply cancel XYZ v1.0 compatability for future discs. So, although XYZ v1.0 will always be able to play King kong, King kong 2 will not be playable. If you have XYZ v1.0 you won't be able to watch KK2 until you upgrade. Of course, XYZ v2.0 won't get a key unless they can prove that the new version is resistant to the same type of hack.

 

[mordantmonkey]

Originally posted by: Mark R
It doesn't look like this is much of a crack.

Indeed, HD-DVD/Blu-ray were designed with this type of exploit in mind.

This exploit appears to decrypt a movie, as long as you give it the decryption key. Hardly difficult, and the specifications on how to do this are freely available. The catch is obtaining the decryption key. In this case, it looks as if he has found an exploit in a HD-DVD software player - whereby he is able to attach a debugger and isolate the key from memory. No problem, but not really an automatable task.

The point is that HD-DVD and Blu-ray have 2 keys - the 'title' key (which is what actually decodes the movie) and the 'player' key, which is a key built into the player/software that is used to obtain 'title' key. However, the 'player' key can easily be revoked by the studios. So let's say that XYZ DVD player v1.0 has been exploited, once the studios find out they can simply cancel XYZ v1.0 compatability for future discs. So, although XYZ v1.0 will always be able to play King kong, King kong 2 will not be playable. If you have XYZ v1.0 you won't be able to watch KK2 until you upgrade. Of course, XYZ v2.0 won't get a key unless they can prove that the new version is resistant to the same type of hack.

what if someone compromises a standalone hardware player?
if someone compromises a popular hardware player, then all of the legitmate consumers basically get stuck with a big fat paper weight that will no longer be able to play new movies?

 

[Eug]

Originally posted by: mordantmonkey

Originally posted by: Mark R
It doesn't look like this is much of a crack.

Indeed, HD-DVD/Blu-ray were designed with this type of exploit in mind.

This exploit appears to decrypt a movie, as long as you give it the decryption key. Hardly difficult, and the specifications on how to do this are freely available. The catch is obtaining the decryption key. In this case, it looks as if he has found an exploit in a HD-DVD software player - whereby he is able to attach a debugger and isolate the key from memory. No problem, but not really an automatable task.

The point is that HD-DVD and Blu-ray have 2 keys - the 'title' key (which is what actually decodes the movie) and the 'player' key, which is a key built into the player/software that is used to obtain 'title' key. However, the 'player' key can easily be revoked by the studios. So let's say that XYZ DVD player v1.0 has been exploited, once the studios find out they can simply cancel XYZ v1.0 compatability for future discs. So, although XYZ v1.0 will always be able to play King kong, King kong 2 will not be playable. If you have XYZ v1.0 you won't be able to watch KK2 until you upgrade. Of course, XYZ v2.0 won't get a key unless they can prove that the new version is resistant to the same type of hack.

what if someone compromises a standalone hardware player?
if someone compromises a popular hardware player, then all of the legitmate consumers basically get stuck with a big fat paper weight that will no longer be able to play new movies?

HD DVD players can be updated via ethernet, or else by an update disc you stick in the drive.

 

[toekramp]

Originally posted by: mordantmonkey

Originally posted by: Mark R
It doesn't look like this is much of a crack.

Indeed, HD-DVD/Blu-ray were designed with this type of exploit in mind.

This exploit appears to decrypt a movie, as long as you give it the decryption key. Hardly difficult, and the specifications on how to do this are freely available. The catch is obtaining the decryption key. In this case, it looks as if he has found an exploit in a HD-DVD software player - whereby he is able to attach a debugger and isolate the key from memory. No problem, but not really an automatable task.

The point is that HD-DVD and Blu-ray have 2 keys - the 'title' key (which is what actually decodes the movie) and the 'player' key, which is a key built into the player/software that is used to obtain 'title' key. However, the 'player' key can easily be revoked by the studios. So let's say that XYZ DVD player v1.0 has been exploited, once the studios find out they can simply cancel XYZ v1.0 compatability for future discs. So, although XYZ v1.0 will always be able to play King kong, King kong 2 will not be playable. If you have XYZ v1.0 you won't be able to watch KK2 until you upgrade. Of course, XYZ v2.0 won't get a key unless they can prove that the new version is resistant to the same type of hack.

what if someone compromises a standalone hardware player?
if someone compromises a popular hardware player, then all of the legitmate consumers basically get stuck with a big fat paper weight that will no longer be able to play new movies?

firmware update via a DVD/CD?

 

[Kaido]

Even if they do hack HD-DVD and Bluray, aside from copying discs what good is it? I'm not going to download 25gb movie on a torrent or store my movie collection on my multimedia server like I do with my DVD movies, they're just too big! :Q

 

[Matthias99]

Originally posted by: mordantmonkey
what if someone compromises a standalone hardware player?
if someone compromises a popular hardware player, then all of the legitmate consumers basically get stuck with a big fat paper weight that will no longer be able to play new movies?

Potentially, yes.

If it's something that could be fixed by, say, a firmware update, the manufacturer would likely provide that (either online or via CD/DVD as mentioned above). If it's a deeper sort of problem... guess we'll find out when/if this occurs. Some people have questioned whether the MPAA would have the clout to be able to revoke the keys to a popular player once many of them have been sold to consumers if it can't be fixed easily.

 

[mordantmonkey]

Originally posted by: toekramp

Originally posted by: mordantmonkey

Originally posted by: Mark R
It doesn't look like this is much of a crack.

Indeed, HD-DVD/Blu-ray were designed with this type of exploit in mind.

This exploit appears to decrypt a movie, as long as you give it the decryption key. Hardly difficult, and the specifications on how to do this are freely available. The catch is obtaining the decryption key. In this case, it looks as if he has found an exploit in a HD-DVD software player - whereby he is able to attach a debugger and isolate the key from memory. No problem, but not really an automatable task.

The point is that HD-DVD and Blu-ray have 2 keys - the 'title' key (which is what actually decodes the movie) and the 'player' key, which is a key built into the player/software that is used to obtain 'title' key. However, the 'player' key can easily be revoked by the studios. So let's say that XYZ DVD player v1.0 has been exploited, once the studios find out they can simply cancel XYZ v1.0 compatability for future discs. So, although XYZ v1.0 will always be able to play King kong, King kong 2 will not be playable. If you have XYZ v1.0 you won't be able to watch KK2 until you upgrade. Of course, XYZ v2.0 won't get a key unless they can prove that the new version is resistant to the same type of hack.

what if someone compromises a standalone hardware player?
if someone compromises a popular hardware player, then all of the legitmate consumers basically get stuck with a big fat paper weight that will no longer be able to play new movies?

firmware update via a DVD/CD?

so you have to send a request to the company that will probably force you to register so they can sell your info to spammers, then wait for the dvd to come in the mail. or waste your own media and burn it off of the internet.
DRM is such a pain in the ass.

and that's only after they actual create an update that is approved as fixing the expoit, and then recieve a new key.

 

[Eug]

Originally posted by: Kaido
Even if they do hack HD-DVD and Bluray, aside from copying discs what good is it? I'm not going to download 25gb movie on a torrent or store my movie collection on my multimedia server like I do with my DVD movies, they're just too big! :Q

You can buy bootleg DVDs in some areas, and internet bandwidth will just increase.

When DVD first was hacked, downloading movies was not an option because it would take far too long. I don't download movies at all, but now I could these days if I wanted to.

 

[Queasy]

Originally posted by: Kaido
Even if they do hack HD-DVD and Bluray, aside from copying discs what good is it? I'm not going to download 25gb movie on a torrent or store my movie collection on my multimedia server like I do with my DVD movies, they're just too big! :Q

You'd be surprised....