----------------------------------- aiolos Tue 13 Feb, 2007 Blu-Ray AND HD-DVD broken for good ! ----------------------------------- Arnezami, a hacker on the Doom9 forum, has published a crack for extracting the "processing key" from a high-def DVD player. This key can be used to gain access to every single Blu-Ray and HD-DVD disc. Previously, another Doom9 user called Muslix64 had broken both Blu-Ray and HD-DVD by extracting the "volume keys" for each disc, a cumbersome process. This break builds on Muslix64's work but extends it -- now you can break all AACS-locked discs. AACS took years to develop, and it has been broken in weeks. The developers spent billions, the hackers spent pennies. For DRM to work, it has to be airtight. There can't be a single mistake. It's like a balloon that pops with the first prick. That means that every single product from every single vendor has to perfectly hide their keys, perfectly implement their code. There can't be a single way to get into the guts of the code to retrieve the cleartext or the keys while it's playing back. All attackers need is a single mistake that they can use to compromise the system. There is no future in which bits will get harder to copy. Instead of spending billions on technologies that attack paying customers, the studios should be confronting that reality and figuring out how to make a living in a world where copying will get easier and easier. They're like blacksmiths meeting to figure out how to protect the horseshoe racket by sabotaging railroads. The railroad is coming. The tracks have been laid right through the studio gates. It's time to get out of the horseshoe business. But then I realized why I first didn't find the Media Key: it was removed from memory after the Volume ID was retrieved and the VUK calculated. I also saw that in my "corrupt" memdump the VUK, Vol ID, Media Key and the Title Key MAC were all closely clustered in memory: in the first 50kb (of the entire multi megabyte file!) but there were large empty parts around it. Almost as if it was cleaned up. This gave me an idea: what I wanted to do is "record" all changes in this part of memory during startup of the movie. Hopefully I would catch something insteresting. In the end I did something a little more effiecient: I used the hd dvd vuk extractor (thanks ape!) and adapted it to slow down the software player (while scanning its memory continously) and at the very moment the Media Key (which I now knew: my bottom-up approach really paid off here) was detected it halted the player. I then made a memdump with WinHex. I now had the feeling I had something. And I did. Not suprisingly the very first C-value was a hit. I then checked if everyting was correct, asked for confirmation and here we are. ----------------------------------- pakigang Tue 13 Feb, 2007 Re: Blu-Ray AND HD-DVD broken for good ! ----------------------------------- go hackers go hackers go! ----------------------------------- aiolos Wed 14 Feb, 2007 Re: Blu-Ray AND HD-DVD broken for good ! ----------------------------------- Another more detailed article __tp://www.betanews.com/article/HD_DVD_User_Claims_to_Have_Bypassed_AACS_Encryption/1171404780 The important bit is the last paragraph : If AACS LA does decide to pull the trigger for the first time, some HD DVD users who were never party to this action in the first place could discover their license to view the content they've purchased has been revoked. In such an event, the legal authority for an outside agency to declare purchased content invalid at will may receive its first major challenge.