HD DVD anti-rip encryption cracked

Has the HD DVD next-generation optical disc format's anti-rip technology been cracked? That's certainly what's being claimed by a programmer going by the name muslix64 who has posted a Java-based app he maintains will free the video on a disc from its encryption shackles.

HD DVD used the AACS copy-protection system to encode content. So does the Blu-ray Disc format, though it adds a couple of extra anti-piracy techniques to boost its level of protection. According to muslix64's posting on a Doom9 forum, nosing around his PC's memory, he found his test disc's title encryption key and was able to use to copy the movie to his hard drive and decrypt the video.

View: The full story
News source: The Reg

Report a problem with article
Previous Story

Another Vista Activation Crack Appears

Next Story

Apple reveals stock option errors

56 Comments

Commenting is disabled on this article.

Sony owns 20th Century Fox?

Better tell News Corp!

Or ZDnet?

Or Time/Warner (Warner Home Video Blu-ray)? Or Viacom (Paramount Blu-ray)?

MGM controls their home video division and is distributed by Fox Home Video.

LionsGate is completely independent.

80% of studios are releasing Blu-ray discs. 50% of those are EXCLUSIVE to Blu-ray.

DaveBG said,
You wish...

http://video.movies.go.com/bluray/ - Buena Vista Home Entertainment
http://foxbd.com/ - Twentieth Century Fox
http://www.disneybluray.com/ - Disney Blu-ray
http://www.playb3yond.com/ - Play Station 3
http://www.blu-raydisc.com/ - Official Blu-ray site
http://blogs.zdnet.com/blu-ray/ - Official Blu-ray blog
http://forum.blu-ray.com/ - Blu-ray forum


Considering sony owns or in part owns all those listed except disney.

Conflict of interest come to mind?

how is it that on torrent sites etc,there are hd-dvd movies available to download illegally if they haven't yet been cracked?

Non-encrypted sources, like HDTV movie channels, have often been used in the past.
Certainly this will change in the future

Quote - Ferret said @ #18
Good to hear this, but i'm waiting for 'DVD Jon'

Yeah, he can steal the code and slap on a GUI like he did with deccs :P

Yeah... That guy only noticed that keys are left in memory and he used that. He wrote/took code how to decrypt files. took few keys from memory playing movies and released. This is first step in cracking HD-DVD. But DVD Jon still can make this move... Just give 6 months more...

This will however be quite an attack vector for as long as the keys need to remain in memory.

Putting "only" in front is a bit like saying "the guy only noticed where the archive password was to extract the files". It's a pretty big "only".

Quote - Jugalator said @ #17.1
This will however be quite an attack vector for as long as the keys need to remain in memory.

Putting "only" in front is a bit like saying "the guy only noticed where the archive password was to extract the files". It's a pretty big "only". :)


Yes but all it needs is for the key Powerdvd uses to be blacklisted from the HD-DVDs made from now on and an update to Powerdvd software and thats it sorted.

Quote - Sheppard said @ #17.2
Yes but all it needs is for the key Powerdvd uses to be blacklisted from the HD-DVDs made from now on and an update to Powerdvd software and thats it sorted.

If a specific version of PowerDVD stores the title key in memory (allegedly), could it not be possible that it's player key (not sure of the correct terminology) is also stored in memory?

If so, would it not be possible to hook/hack the app and replace the blacklisted player key with another one? Obviously, this is based on the assumption that player keys are only checked to see if they are blacklisted and not checked to see if they are valid (i.e. the system only knows about blacklisted player keys and not every player key issued).

As with most things like this, it's not the technology which is easily crackable...it's the implementation....


No, AACS Was Not Cracked

All that happened was the method Cyberlink to decrypt AACS used was semi-compromised. Their implemention kept the key in memory, a key which is needed to legally decrypt the content protection. What is likely going to happen is that specific key will be revoked, and Cyberlink will have to issue an update in order to play newer titles. CSS didn't have a good way to revoke the keys, AACS does.

Waiting to see what Cyberlink and AACS said happened, but I don't see that AACS was cracked.

Source

I'm waiting to see what happens when a "key" for a brandname HDDVD player gets released on the internet and if if gets blacklisted.

It would be ironic if Sony (for example) HD-DVD players got blacklisted and all the Sony HD-DVD players stopped working!

Quote - Peter McGrath said @ #16.2
I'm waiting to see what happens when a "key" for a brandname HDDVD player gets released on the internet and if if gets blacklisted.

It would be ironic if Sony (for example) HD-DVD players got blacklisted and all the Sony HD-DVD players stopped working!

Sony doesn't make any HD-DVD players.

Quote - foxconn287 said @ #15
i love how you guys object to the entertainment industry trying to make money and protect their stuff!

yay for communism!


It's not that simple though, is it?

It's all about them making you use/watch something you've paid good money for in a way they choose. I don't think that equates to 'Fair Use' to be perfectly honest.

Quote - pollaxe said @ #15.1

It's not that simple though, is it?

It's all about them making you use/watch something you've paid good money for in a way they choose. I don't think that equates to 'Fair Use' to be perfectly honest.


Exactly, I want to get my DVD and stream it over my network if I want to, I want to copy it to my iPod, I want to compress it on to CD to back it up.

He's absolutely right. Don't blame the movie industry for wanting to protect their intellectual property. Blame the thieves who force others to take these kind of steps that in the end effect you. Do you blame the greedy door lock companies for forcing you to buy locks and security systems for your house? At least point your finger at the correct culprit as for why you are so restricted.

Ack... they'll never be able to do something uncrackable.. if there's a way to do it, there's a way to break it, right?

Quote - PsykX said @ #14
Ack... they'll never be able to do something uncrackable.. if there's a way to do it, there's a way to break it, right?

Correction, "What's created by Humans is crackable by Humans."

The real story is how he obtained the keys; all his program does is use the key with the already available information on how to decode AACS. This is no DeCSS but it's a step in the right direction.

Yeah, that's what I was wondering too. If there appears a reliable way to extract the AACS keys, it is indeed finito for that protection system as much as it was for DVD region coding. I wonder about that. It may not be a full crack for AACS now, because it relies on keys, but if keys are extractable at will (and I can't really see another way of him getting hold of them unless he knows someone in a "favorable" position in the movie industry), it truly is AACS no more.

Quote - Kreuger said @ #12
You knew it was only a matter of time. But Java? :worried:

thought java has no access to the memory byte stream directly.

well... This is (again) good for this format. This (like vista) make the ppl at least get "some" interest.
Personally I think HD-DVD is better than Blu-Ray. But thats just my opinion.

Anti-Piracy bull**** sux anyways
The companies always try to bash the Pirates, but they only bash themselves with makin crappy **** like this :P
Arrrr, do you like Seamonkeys?

The way I see it, this means two things:

- consumer interest in HD-DVD increases
- movie studio interest in HD-DVD decreases

Time will tell whether the movie studios will provide the consumer with what he wants. That will determine which format wins out.

Then you see it incorrectly.

They use the same protection; If HD-DVD is 100% cracked like this, then Blu-Ray is 99% cracked already.

Quote - rIaHc3 said @ #6.1
Then you see it incorrectly.

They use the same protection; If HD-DVD is 100% cracked like this, then Blu-Ray is 99% cracked already.

Incorrect. Blu-Ray has additional steps, whose circumvention will not necessarily be aided by this. This crack is due to a key being stored in memory unencrypted. It is not a flaw of the encryption scheme. As such, this key will not be usable for any Blu-Ray title (why would the use the same keys?). Furthermore, it is likely that this key will simply be removed from future titles, much as CSS's leaked keys were. CSS then failed because the leaked keys allowed people to thoroughly analyze the encryption scheme and discover exploitable flaws.
It is possible that AACS also has exploitable flaws that could be revealed from this, but not something you can count on. If it is the case, however, those flaws should then also exist on Blu-Ray -- and Blu-Ray's addition measures to stop piracy may or may not save the day for them.

It could nonetheless sway minds of movie executives towards Blu-Ray, and could give it an edge in game.

Quote - ieatlint said @ #6.2

Incorrect. Blu-Ray has additional steps, whose circumvention will not necessarily be aided by this.

Like I said; Blu-Ray has this same protection so with this Blu-Ray is already 99% cracked; That 1% thats left is the additional (stupid) protection unique to Blu-Ray...

When will they learn. This is NOT the way to protect their content. It's only hurts US legal users, not the pirates.

Quote - HawkMan said @ #3.1
Oh he's going to make another GUI and then act stupid and go claim credit again to be popular then...
He never claimed credit

He never claimed credit
It's like saying Mozilla never claimed Firefox innovated tabs or is secure.

BTW from the article:

After the DVD format's more basic encryption technology, Content Scrambling System (CSS), was cracked by 'DVD Jon' Johanssen, AACS was heralded as a much bigger hurdle for hackers.