Now you’ve gone and done it, Digg users. Sure, you all had fun posting the encryption key—E-I-E-I-O or whatever the hell it is—all over the place thinking, gosh darn it, I’d like to see the AACS fuzz come after me.
Well here they come, you little revolutionaries.
The AACS is looking at the “legal and technical tools” to track down those who published the key, saying that y’all crossed the line by posting it all over the place in an act of rebellion.
What’s more, the key won’t even work for newly released HD DVD titles since the one that’s been released as been revoked. In short, you’re posting a worthless line of hex, one that could quite possibly get you into trouble.
But go ahead, keep fighting the good fight for us.
DRM group vows to fight bloggers [BBC News]
New AACS cracks cannot be revoked, says hacker
Only a few days after Corel issued a WinDVD update to close the hole opened by AACS hackers, the folks at the Doom9 forums sent word that they have found yet another way around the copy protection for high definition discs. This time, the method involved the Xbox 360’s HD DVD add-on drive to capture the “Volume Unique Keys” as they were being read by the drive itself. Rather than just point out the crack, we’re going to take a closer look at how this crack was accomplished, because one of the hackers involved in the crack says that it’s more or less unstoppable.
The latest attack vector bypasses the encryption performed by the Device Keys—the same keys that were revoked by the WinDVD update—and the so-called “Host Private Key,” which as yet has not been found. This was accomplished by de-soldering the HD DVD drive’s firmware chip, reading its contents, and then patching it. Once that was done, the firmware was soldered back onto the drive.
Despite the technical difficulty of performing this hack, it does offer some advantages in the race to beat AACS copy protection. “They cannot revoke this hack,” said forum member arnezami, who has been at the center of much of the AACS cracking recently. “No matter how many Private Host Keys they revoke we will still be able to get Volume IDs using patched xbox 360 HD DVD drives.”
Simplified high-def decryption diagram, courtesy of arnezami.
“Kvu” is the volume license key.
In addition to being irrevocable, the hack has the potential to make future decryption even easier. “This hack/technique enables us to figure out how the Volume ID is stored on the disc,” arnezami explained. “It’s very possible we would figure out [...] how the KCD is stored on the disc. Knowing that and being able to teach a PC drive how to read a KCD will open the door for what I called third-generation decryption.”
While this type of decryption (reading keys directly off a PC drive by sidestepping part of the encryption process) is still not a reality, it may not be too far off. The main issue is the cost of purchasing standalone high-def players by the hackers, but as prices for these come down, this problem will slowly go away.
Although AACS has proven much more difficult to fully crack than the copy protection on regular DVDs, it is unlikely to remain only partially cracked for very long. The real problem with trying to create an “uncrackable” copy protection is that the media must come with the keys used to decrypt it somewhere on the device and the media itself. Hiding these keys in different places—security by obscurity—merely delays the inevitable. Of course, for the content providers, any delay is still better than no delay at all, so expect the battles between copy protection and hackers to continue.
Truth be told, I’d sooner believe the Community’s technical expertise over some AACS spokesman’s talking points. Doesn’t eliminate the possible legal trouble, though.
Much ado about nothing in my opinion… HD-DVD is dead.
Jon
ps: thanks for ONLY posting one article today about this CrunchGear guys