|
|
HD-DVD copy protection cracked
Author: Brett ThomasPublished: 28th December 2006
"On the first day of Christmas, my true love gave to me - a copy of an HD-DVD."
For those of you who haven't bothered to care about the latest anti-consumer measures, AACS stands for "Advanced Access Content System." The system is designed around two keys - a title key and a player key. The discs are designed with several player keys on them in a hash with the title keys, providing an encryption algorithm. If a player has the right player key and the disc has the right title key, the movie will play.
Of course, the untold beauty of this (as far as the movie companies are concerned) is that companies who don't pay up their technology licenses year after year can have their players excluded from future titles - thus shafting the consumer.
The new technology, called BackupHDDVD, was posted on the Doom9 forums by a cracker named muslix64. The small, unobtrusive program is a command-line program written in Java, and strips the AACS right off of the *.EVO files. It does so by use of a title key which you feed into it (composed from a serial number physically programmed into the disc among other things) - the program comes bundled with a few for the most popular movies, and more will be added later.
Like DeCSS, BackupHDDVD works by trying to exploit weak player keys. When it finds a match, it can take the title key you provide and decrypt the movie, thus allowing you to make a copy of it that will play in any HD DVD player. Though there aren't exactly HD DVD burners out right now, it would work for any type of MCE box.
The boys over at Engadget are giving the tool a go and posting their results, so we'll try to keep you updated with it. So far, it appears the encryption itself doesn't actually alter that many bytes in each file...curious. In the meantime, if you want to check out the YouTube! video, we've included it below.
Have you got a thought on the fall of AACS? Tell us in our forums.
Merry Christmas, MPAA!
Recent articles on bit-tech.net
Comments (22)Stats: 0.092 seconds
-- Fixed, thanks! - Da Dego
So much for unhackable then.
LOL
These days everything can be cracked.
Yeah only a matter of time with these things
But see, knowing how the system works, that is the first step. Now that there is attention towards how it works, we can expect many more budding minds to come and take a stab at the problem. It won't be long.
So what, we're faulting him because he still needs the input code to begin with? Every decrypted version requires an original encrypted version in order to start the process - you can't copy something where there's no original.
And if the MPAA disables certain players, the companies will be in an uproar - because it's not their faults, nor is it the consumers' who bought those players.
He implemented the decryption algorithm. Why is that a big deal? Because it means that simply by feeding the program one input string, which he has found the way to obtain directly from the discs themselves, he can decrypt them into files that are subsequently saved as unencrypted, and thus no longer deal with AACS at all.
Sounds pretty f'ing broken to me. :)
I dont get it, your a peice of immoral sh*t if you download a movie for free, and when you actually buy the content they want to screw you over anyway by barley letting you even watch the movie or play a CD.
You're treated like a criminal whichever way you go, either you are a pirate, or you *might* pirate it seems. So screw em.
I think it is funny that they never seem to notice that every DRM scheme they can come up with is busted flat in a matter of days.
It's half cracked. You can get the files onto you harddisk but until they strip the DRM completely so as you can backup the files to a HDDVD (when the burners arrive) or DVD (?! Dual layer is still 8.5GB) and bung it in some Chinese player that'll play Region 0 stuff, it's not really cracked-per say.
at least they got it into the harddisk with a very small software...... the next logical step is to get rid of the DRM, if there is still some DRM left, or to convert it into a smaller or more usefull file type.
speedfreek - I think this is a general AACS "crack" which would apply to both formats, the "cracker" in question simply did it to an HD-DVD movie.
I'd say that's the easy part... you already have the content, decrypted in physical media (albeit a HDD). The rest is just a matter of stripping the flag used to degrade content on non-HDCP items and dumping the content to blank media.
If you think about it, probably most HD players (whether BD or HDDVD) will play unflagged and decrypted HD content just fine, just like most of DVD players play home made DVDs perfectly fine.
What I find interesting about this story is that (if I got it right), they guy got the keys by reading the RAM. Either Vista is way more closed in this regard (and still, there will always be perfectly valid reasons and applications for reading your system's RAM), or AACS is, cracked or not, pretty much useless. The key has to be stored somewhere to decrypt the content, be it RAM, an IDE/SATA bus or somewhere...so in the end, it will just be a matter of catching and reading it. If I'm right, I predict that 100% of titles and or player keys will be available on the net minutes after (or even before) the release.
i would hate to say this but it looks like he was checking the size while the file was still building. watch it again....
all i have to say is...HOORAY!! i love people who create these programs because i digitize all my stuff and use the files to take my media on the road with me or share it from my servers in my house. i think the RIAA can...well you think of just about anything and its applicable.
on the off hand this video is completely made up (i don't think it is and am praying its not) then this guy is going to have some people pooping bricks at the RIAA. :p
cheers to you kind sir for your hard work who ever you are ;)