HD DVD, Blu-ray Cracks Confirmed

A month after a miffed hacker told the world he had figured out how to copy a supposedly copy-protected high-definition movie disc, the consortium backing the encryption system admitted all was not well in its world.

The Advanced Access Content System Licensing Authority (AACS LA) on its Web site stated that it "confirmed that AACS Title Keys have appeared on public Web sites without authorization."

However, in what appeared to be an attempt to downplay the matter, the AACS LA insisted the effort by those intent on outwitting the copy protection system "does not represent an attack on the AACS system itself."

The Blame Game

The AACS essentially blamed the hackers' success on improper design by disc player manufacturers, a stand that doesn't mean much to those intent on copying HD DVD or Blu-ray movies.

Nevertheless, the consortium's statement asserted the "attack on one or more players sold by AACS licensees ... illustrates the need for the AACS licensees to follow the compliance and robustness rules set forth in the AACS license agreements to help ensure that product implementations are not compromised."

It was someone with the alias "muslix64" who gained file-sharing-culture notoriety when, on Dec. 26, 2006, he created a thread on the Doom9 forum describing how he found a way around the content protection system on an HD DVD movie.

He told forum readers it was anger that prompted him to begin what he thought would be a long quest to break the code. In fact, he claimed he managed to find a way to do it in about eight days.

"I [had] just bought an HD DVD drive to plug on my PC, and an HD movie," wrote muslix64. He said he then learned his software-based movie players wouldn't allow him to view the film.

"I started to get mad," wrote muslix64. "This is not what we can call 'fair use!' So, I decide to decrypt that movie. I start reading the AACS specification I have found on the net. I estimate it will take me about four weeks of full-time job to decrypt that. I was wrong, it was in fact, easy."

He said he was surprised to find the "title key" to the movie, part of the copy protection process, was retained in his player's memory and was accessible. He said he asked himself, "Can it be that easy?"

Experts Not Surprised

The movie industry is self-delusional if it believes it can use Digital Rights Management (DRM) technology to thwart the copying of digital content, declared Bruce Schneier, chief technology officer of managed security company BT Counterpane.

"They have no credibility. DRM doesn't work. Anybody who knows security looked at this and said, 'So what?'" Schneier told TechNewsWorld. Trying to make digital content copying impossible "is like trying to make water not wet," he added.

There is supposed to be a way that the AACS can "cut out" players that have been compromised, but "it's really squirrelly technology and we are now going to see if it works," Schneier concluded.

"This was always expected," Rob Enderle, Enderle Group pricipal analyst, told TechNewsWorld. "It was only a matter of time before any security system is breached ... DRM, as a practice, is largely obsolete and the industry just hasn't figured that out yet."

In its statement Thursday, the AACS LA did not say whether it would revoke the licenses of HD DVD and/or Blu-ray players that were hacked. Doing that might cause a consumer backlash since people who own that equipment, or software, might then be unable to play new releases.

"AACS LA employs both technical and legal measures to deal with attacks such as this one, and AACS LA is using all appropriate remedies at its disposal to address the attack," said the statement.

The Next Move?

While the AACS LA asserted the hackers' success "does not represent an attack on the AACS system itself," muslix64 disagrees.

"There is no easy answer but ... AACS is totally busted. The only thing I can see for now to prevent the attack I have described is to put different keys on every disc! It will cost a fortune for the manufacturing, so I'm not sure they will go that way," he said in a recent interview with file-sharing Web site Slyck News.

The AACS LA's attempt to downplay the situation is silly, muslix64 added. "People say I have not broken AACS, but [the] players," the hacker explained. "But players are part of this system! And a system is only as strong as [its] weakest link. Even if players become more secure, key extraction will always be possible."