New Hack Attack Widens Cracks in HD DVD

Relentless attempts by those determined to undermine the copy-protection technology used on HD DVD movies continue to yield successes.

The newest discovery, revealed on the Doom9 Forum by someone with the screen name "Arnezami," involves the location of the "processing key" vital to the high-definition disc antipiracy system. This could give computer cryptography buffs a relatively easy way to find the so-called "volume keys" needed to make movie copies.

To do that, they can use a program called HDDVDBackup developed by another Doom9 Forum member -- named "Muslix64" -- and revealed in late December. Even without Arnezami's discovery, users have been finding, and publicizing, the volume keys for about a month, resulting in the copying of several high-def films including "King Kong," "Mission: Impossible" and "Jarhead," according to published reports.

A Way Around AACS

Arnezami's work should allow people to more easily find the title keys, circumventing, at least temporarily, the highly-touted -- and expensive to develop -- Advanced Access Content System (AACS) designed to prevent disc piracy.

The program that he created slows the playback of an HD DVD disc and allows him to search for changes in critical locations in memory, according to Arnezami. Both his work and that of Muslix64 involved the software-based WinDVD players that run on personal computers.

The AACS Licensing Authority has not issued a response to the latest hack, but it could issue what it calls "revocation keys" that would disable players until they obtained new keys, possibly over secure Internet connections.

Harder, but Not Impossible

"It's a sort-of multi-step process to hack that technology," Bill Rosenblatt, founder of Giant Steps Media Technology Strategies, told TechNewsWorld. "Unlike with the DVD encryption where, once you discovered the set of keys you were done ... the AACS scheme is designed to be stronger. It's not as simple to break."

However, the need to allow people to play high-definition movies on their computers is proving to be the AACS' weak knee, Rosenblatt suggested.

"The HD DVD encryption is stronger, but if you implement it on software in a PC ... it's not a very effective way to hide encryption keys because there always is going to be somewhere in memory that somehow, if you're a clever enough hacker, you're going to be able to figure out where they are," he added.

Arnezami's efforts are just another step in the typical hacker progression, agreed ABI Research Director Michael Wolf.

"It is somewhat significant. It's more serious than the previous one [because] it shows a method of acquiring these things," he told TechNewsWorld. "It's a knowledge-base these guys build on. This method will be used by another guy and built upon. They keep getting progressively more sophisticated."

No Big Deal to Average Joe

While all this is very exciting to the hackers, both Wolf and Rosenblatt said high-def movie copies are not about to become commonplace. "The impact of these hacks is limited," Rosenblatt said, adding "these hacks still require some degree of technical savvy" to implement.

"It means very little to John Q. Public," asserted Wolf. He doubted the world will see pirated copies of high-def movies shared over peer-to-peer networks -- as happens by the millions with music files -- anytime soon. Nevertheless, Wolf is sure the entertainment industry will not give up the fight for effective digital rights management (DRM) systems for high-def films.

"An HD disc is almost a perfect digital master," he observed. "If you can copy that, you are allowing pirates to have an almost perfect digital master, so I think it's worth the investment. But there is no perfect copy protection. Ultimately this stuff gets cracked."