Slashdot Log In
Decryption Keys For HD-DVD Found, Confirmed
Posted by
kdawson
on Sat Jan 13, 2007 02:14 PM
from the house-of-cards dept.
from the house-of-cards dept.
kad77 writes "It appears that, despite skepticism, 'muslix64' was the real deal. Starting from a riddle posted on pastebin.com, members on the doom9 forum identified the Title key for the HD-DVD release 'Serenity.' Volume Unique Keys and Title keys for other discs followed within hours, confirming that software HD-DVD players, like any common program, store important run-time data in memory. Here's a link to decryption utility and sleuthing info in the original doom9 forum thread. The Fair Use crowd has won Round One; now how will the industry respond?"
Related Stories
[+]
HD DVD's AACS Protection Bypassed 161 comments
Mr. BS writes "Playfuls.com is running a story how HD DVD's AACS protection has been compromised. Although the video of the hack leaves much to be desired, the source code has already been made available. Feel free to start backing up your HD DVD's whenever you feel the need."
[+]
Interview with Developer of BackupHDDVD 223 comments
An anonymous reader writes "HD DVD and Blu-Ray were supposedly protected by an impenetrable fortress. However a programmer named "muslix64" discovered that this was not the case, and released BackupHDDVD. Now, Slyck.com has an interview with the individual responsible, who provides some interesting insight to his success."
[+]
AACS Device Key Found 351 comments
henrypijames writes "The intense effort by the fair-use community to circumvent AACS (the content protection protocol of HD DVD and Blu-Ray) has produced yet another stunning result: The AACS Device Key of the WinDVD 8 has been found, allowing any movie playable by it to be decrypted. This new discovery by ATARI Vampire of the Doom9 forum is based on the previous research of two other forum members, muslix64 (who found a way to locate the Title Keys of single movies) and arnezami (who extracted the Processing Key of an unspecified software player). AACS certainly seems to be falling apart bit for bit every day now."
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
A simple answer (Score:5, Funny)
Lawyers. Lots of them.
Re:Even simpler (Score:5, Informative)
Ahhh. But only the player key can be revoked, not the title key for discs already in the wild. They could use different keys on all subsequently pressed discs of the same title, but that doesn't affect the titles already cracked. And they can't expect to do a recall of cracked titles.
Or they could revoke the device key for the software player, which would mean the software player gets upgraded with a new key, and newer discs can be cracked using the exact same technique. Otherwise anyone selling software players would be faced with the massive liability of having sold something that doesn't work as advertised.
Since this technique relies on using the title and/or volume key and not the player key, it will not be so easy to fix through the device key revokation system that's a part of AACS.
Round one definitely goes to the good guys. And I don't see how it's anything but a matter of time before AACS is as completely broken as CSS is. Even with device key revokation, it's just a cat and mouse game with newer titles and newer devices. And how will the MPAA and the device manufacturers react when people who pay out the nose for players and films are no longer able to use them?
Parent
Re:Who cares about existing titles? (Score:5, Insightful)
Yeah, right. Take a look at the prices for DVD seasons of for example Babylon 5 or Star Trek... they're incredibly expensive even though they're many years old. How much does Disney classics go for again? Besides, it's probably not like pirates are going to announce their player keys, they'll likely just release the titles.
The sad thing is that it'll work for release groups having decryption keys and pirates getting decrypted versions, while it probably won't work for average consumers who wants to do fair use like back-ups, format shift, non-HDCP screens and so on, because they don't have a disc from the same batch.
Parent
Re:Even simpler (Score:5, Informative)
The only question is whether they have the guts to do it.
Parent
Fantasy Land (Score:5, Funny)
Re:Too many customers ARE 'criminals' though (Score:5, Insightful)
Only because exercising fair use is acting like a criminal. Except its only acting; it isn't being.
The actions of a criminal can also be the actions of a law-abiding citizen legally exercising his rights. It is to what ends the acts are performed that (are supposed to) define them as criminal.
I can swing my fists in the air as long as I like as long as I don't hit your nose. It's bad laws like the DMCA that would make swinging my fists in the privacy of my single-occupancy home a crime.
Parent
Re:Too many customers ARE 'criminals' though (Score:5, Insightful)
DRM will never be this advanced, because this proposal is fundamentally impossible, because it implies logically inconsistent outcomes. Either I can copy no part of the video for any reason, or I can copy some part of the video (no matter how small) for any reason. If I can copy any part, even screenshot by screenshot, for any reason, I can re-assemble it outside the player and the DRM is therefore useless. If I can't, fair use is violated.
DRM, in all it's manifold and perverted forms, can go to hell.
Parent
Wait!!! (Score:5, Insightful)
The response will be the dumping of HDDVD. (Score:5, Insightful)
The point is to create as much damage as possible, so the industry learns that the only one hurt by DRM are they themselves. Revoked keys mean more work, more expense, more hassle and dissatisfied customers who have to jump the hoops. This will in turn create more awareness for DRM and the problems it creates.
We have to teach the studios that DRM is a failure. That it only generates hassle and problems for their paying customer and is no barriere or even a deterrent for the pirates. For this, the customer has to be the one hurt, too. Learn the easy or the hard way, learn about DRM by investigating or by having your tools stop working.
Yes, that's not the usual gentle way of teaching. But appearantly some people don't learn 'fore it starts to hurt.
Industry response? (Score:5, Interesting)
It will send in a few lawyers. After a while, they will realise that their impact is negligible in the grand scheme of things: the DRM will continue to deter casual copying to some extent, but will continue to be impotent in preventing anyone determined to make a copy and willing to spend a little time on the 'net to find out how (or download a pre-ripped version).
Meanwhile, genuine customers will get seriously annoyed at the fact that DRM in HD-world has now moved beyond a minor inconvenience or ethical question as it was with things like DVDs, and into the realms of seriously impeding their enjoyment of the product they have legally purchased. A consumer backlash will result, with the effect that DRM becomes a "dirty word" 2-3 years from now, and distributors drop heavily-encumbered formats and go back to what works: a mostly hands-off scheme that's enough to deter casual copying by schoolkids but nothing that risks seriously impacting the marketability of their merchandise.
On the same sort of time scales, on-line distribution will reach a critical mass, and the movie distributors will adopt a second, parallel strategy where cheap, legal, unencumbered downloads are the norm. They will make their profit from on-line users through many small incomes, rather than the larger one-offs represented by (HD-)DVD purchases today. This will render illegal distribution channels mostly irrelevant, and the damage due to illegal copying will revert to being low-level noise as it mostly was before they started their current crusade anyway.
Hey, it's a new year and everyone else is making crystal ball predictions. Can't I have mine, too? :-)
Again, this is NOT a crack! (Score:5, Insightful)
However, it is my understanding that the decryption process can be done by the TPM; once this is supported, the problem will be much more difficult. Make no mistake, the battle has only just begun. Before long, software based attacks may be rendered impossible.
Another version of serenity? (Score:5, Funny)
/. paradise (Score:5, Funny)
2. HD-DVD encryption is broken
3. The Pirate Bay will buy a country
Put them together and you have pirated porn in HD. Note to self: add KY Jelly and a pack of kleenex to the shopping list.
When will tech people starting getting (Score:5, Insightful)
The real question is not how they will respond, but when will they learn?
youtube demo removed (Score:5, Interesting)
Analog Hole (Score:5, Insightful)
No piracy is being stopped by these means. They're and will always be utterly useless.
Hash information (Score:5, Informative)
MD5(BackupHDDVD.zip)= 484a73b61fb795d84e11d72614f77db0
SHA1(BackupHDDV
SHA512(
3dd2617
ED2K(BackupHDDVD.
GNUNET(BackupHD
BDF83IMEJI74A3H0QNTGMEGDS6
Sesame open .. (Score:5, Informative)
1BAB7EEBB20C5425F5911E0272F07DD8F7208747=Aeon Flux |V|MM/DD/YY| A5F1A71839B666A68B1138B1DDDDEBAB
4ACABE525F5CBF77DAA43EA2B83E04918D5FA6D4=Apollo 13 |V|MM/DD/YY| 8BA9C422F93C9B4B4247814530B29C48
B9A62093767C0E7CB2BF16447A52E864A45FE50D=Batman Begins |V|MM/DD/YY| 423C48E5ABB185FC7FB8DB2BF764BEB0
A236F74A67CC51270E328F94BC6B4D905A628F9F=Casino |V|MM/DD/YY| A1DC17F6FA052A4BB4A0D66A7C49DBD9
4DF295764864556F3B44B71C0B8828DB80D84CA0=Chronicl
E34FBD5B8ABDC5312B38028002865BB3530AE3CE=Enter the Dragon |V|MM/DD/YY| 15C7F34076AED16E75637DC3BFDE84F8
419D740F2288CEE1EEB60613DAD9D74D7B63203B=Equilibr
A6EF2686A417863FEC63D1F7824F9406DEEB5ACC=Fear & Loathing Las V |V|MM/DD/YY| 246D84CBD2B6F747B6962B53BE026BF2
0E75082678AAD5CD4410A28A662D6832D21EB325=King Kong |V|09/18/06| 802F78B1B20D1183638D84E1A96D6EDD
EBC08E19B2059140DFF133E2B953D3A1538D7669=Miami Vice |V|MM/DD/YY| 3CB25E9C23BED3A496D049B9FCD0915B
EDEA3051F5802CB7FF80A24DFE7C720705D36A0F=Mission: Impossible |V|MM/DD/YY| 10CA125A572A96AE6EB74F6574CCC24D
1DBFD499BC05FB33F14FB76BBDD847B79B190AEA=Mission: Impossible 2 |V|MM/DD/YY| 8FD8341028A8A300AA16D7F8CCAB7E89
AF4BC7D6A55B08E6175204CABE862ECBB33B1DED=Mission: Impossible 3 |V|MM/DD/YY| 11D6A8CD59494EF3D4EC4E9002E902F9
A85B0043201474AC56794EA4AAE2C35577752FB3=The Mummy |V|MM/DD/YY| D6984C6B80D56F96CAE369474345E2B9
EB7A44A88AE2AF4B14C0B69B5DD5C621DE988593=Pitch Black |V|MM/DD/YY| 9D82A55BF2DAC3995AD24B40B802D71F
BA3C0208848EA13383F34E9E5BB95BDF0D89F1C8=Red Dragon |V|MM/DD/YY| 80596E6D9A94D2A3FDB094B9BA2D0A0A
C8A57242AF4CB5C0D7848BDA10821F984DC656E0=Serenity |V|MM/DD/YY| D075568AE6BB0B3F85446927B3794C28
17C8312A7BEA25A08606F118AD265FD657161D0D=SuperMan Returns |V|MM/DD/YY| EC2EC7F847F6D304B3C26F121CA578DA
87A660A656EDD1E07F66DB1A7DE594028A9587E2=V for Vendetta |V|00/00/00| AE196597E6A87A04AE6A24655990A4A6
B32592B86E782DBAEB4801FC1CD1B64CB3FF94A3=World Trade Center |V|01/13/07| DA41B36D90C25E533EE84A307EB2D929
Re:The fair use crowd? (Score:5, Insightful)
or people who want to watch movies they bought on their mythtv system
or people who like to buy movies and watch them, but don't run windows
Parent
Re:"now how will the industry respond?" (Score:5, Informative)
The second thing is that they might not be located in the USA. The whois dossier shows that the domain was registered by (anonymous) proxy, and it's entirely possible that he's not American. If his servers are physically located outside of the USA, then he can't be legally threatened by civil suits, and he's not subject to DMCA. (However, this is a hypothetical, and since he refuses to host DeCSS, it is my guess that he is somewhere in the USA.)
The third thing is that the website is http://www.doom9.org/ [doom9.org] , not doom9.com.
Parent
Re:"now how will the industry respond?" (Score:5, Funny)
Microsoft: "Crap. We sued the wrong company. Refile for doom9.NET"
Doom9.net: "Go fly a kite. We run Linux as well so you have no authorization to do an 'audit'. And go fuck yourself with the DMCA. US laws don't apply in England."
Microsoft: "Shit. Wait. Why the hell do we care if HD DVD are cracked. That's the MPAA's problem."
Parent
It does hurt the consumer (Score:5, Insightful)
So, because the MPAA is afraid of an attack that isn't feasable, and may never be, they are forcing early to buy new hardware (for no good reason). I can't help but wonder if this wasn't a simple money grab -- force everyone to upgrade so they pay you twice for the same hardware.
Parent
Re:Blu-Ray? (Score:5, Informative)
Yes, surely you can. For a start it's approximately 30 frames a second (it's 60 fields a second). That gives you a stream of:
(1920 * 1080 * 12 * 30) / (1024*1024) = ~ 712 Mib/s (megabits per second) or
about 89 MiB/s.
I would have though an array of high speed reasonably standard disk drives could handle that quite easily, after all consumer SATA drives have a theoretical 1.5 Gib/s interface.
Parent
Re:Blu-Ray? (Score:5, Informative)
I'm able to record three HD streams at once via nfs(nfs ver3, ver4 cause kernel panic under that load). Playback of one of the three streams while it is being recorded isn't do-able but recording two and watching an earlier(yet to be transcoded) one all at the same time works.
An hour of 1080i is a little shy of 8.5GB. The network link is the bottleneck in my setup, the disk array handles the task without a problem.
Parent
Re:Blu-Ray? (Score:5, Informative)
http://www.fi-llc.com/boards/Products/AccuStream1
Real-time recoding of HDTV videos is not that far away on consumer PCs either. I doubt that it would be a problem in 5 years.
So if there was no HDCP, and there was no way to get the compressed signal, capturing the data would become a viable option.
Parent