aiolos
VIP Member
Joined: 16 Jan 2006
Posts: 641
|
| Blu-Ray AND HD-DVD broken for good ! |
 Posted: Tue 13 Feb, 2007 |
|
Arnezami, a hacker on the Doom9 forum, has published a crack for extracting the "processing key" from a high-def DVD player. This key can be used to gain access to every single Blu-Ray and HD-DVD disc.
Previously, another Doom9 user called Muslix64 had broken both Blu-Ray and HD-DVD by extracting the "volume keys" for each disc, a cumbersome process. This break builds on Muslix64's work but extends it -- now you can break all AACS-locked discs.
AACS took years to develop, and it has been broken in weeks. The developers spent billions, the hackers spent pennies.
For DRM to work, it has to be airtight. There can't be a single mistake. It's like a balloon that pops with the first prick. That means that every single product from every single vendor has to perfectly hide their keys, perfectly implement their code. There can't be a single way to get into the guts of the code to retrieve the cleartext or the keys while it's playing back. All attackers need is a single mistake that they can use to compromise the system.
There is no future in which bits will get harder to copy. Instead of spending billions on technologies that attack paying customers, the studios should be confronting that reality and figuring out how to make a living in a world where copying will get easier and easier. They're like blacksmiths meeting to figure out how to protect the horseshoe racket by sabotaging railroads.
The railroad is coming. The tracks have been laid right through the studio gates. It's time to get out of the horseshoe business.
But then I realized why I first didn't find the Media Key: it was removed from memory after the Volume ID was retrieved and the VUK calculated. I also saw that in my "corrupt" memdump the VUK, Vol ID, Media Key and the Title Key MAC were all closely clustered in memory: in the first 50kb (of the entire multi megabyte file!) but there were large empty parts around it. Almost as if it was cleaned up.
This gave me an idea: what I wanted to do is "record" all changes in this part of memory during startup of the movie. Hopefully I would catch something insteresting. In the end I did something a little more effiecient: I used the hd dvd vuk extractor (thanks ape!) and adapted it to slow down the software player (while scanning its memory continously) and at the very moment the Media Key (which I now knew: my bottom-up approach really paid off here) was detected it halted the player. I then made a memdump with WinHex. I now had the feeling I had something.
And I did. Not suprisingly the very first C-value was a hit. I then checked if everyting was correct, asked for confirmation and here we are. |
_________________
I would love to change the world, but they won't give me the source code ! |
|
pakigang
VIP Member
Joined: 22 Jan 2006
Posts: 136
|
| Re: Blu-Ray AND HD-DVD broken for good ! |
| Posted: Tue 13 Feb, 2007 |
|
go hackers go hackers go! |
_________________
If history is to change, let it change. If the world is to be destroyed, so be it. If my fate is to die, I must simply laugh.
-Magus from Chrono Trigger |
|
aiolos
VIP Member
Joined: 16 Jan 2006
Posts: 641
|
| Re: Blu-Ray AND HD-DVD broken for good ! |
| Posted: Wed 14 Feb, 2007 |
|
Another more detailed article
__tp://www.betanews.com/article/HD_DVD_User_Claims_to_Have_Bypassed_AACS_Encryption/1171404780
The important bit is the last paragraph :
If AACS LA does decide to pull the trigger for the first time, some HD DVD users who were never party to this action in the first place could discover their license to view the content they've purchased has been revoked. In such an event, the legal authority for an outside agency to declare purchased content invalid at will may receive its first major challenge. |
_________________
I would love to change the world, but they won't give me the source code ! |
|
Register
Index
Portal
Groups
Staff
Members
Search
