Feeds

HD DVD, Blu-ray copy protection cracked again

Different method, same result

Internet Security Threat Report 2014

The Advanced Access Content System (AACS) has been cracked. A contributor to the Doom9 online forum has figured out how to extract the so-called Processing Key (PK) from an HD player, allowing any currently available HD DVD and Blu-ray Disc to be copied.

The trick, identified by a coder going by the handle Arnemazi, allows a Volume Unique Key (VUK) to be generated from a disc's Volume ID (VID). Usually, a player retrieves the disc's VID and uses the PK to create a VUK to decrypt the content.

Arnezami said he discovered the crack by scanning the system's memory and found the PK before it was erased after the generation of the VUK. He acquired a VID by monitoring traffic on his system's USB ports as the player software talked to an HD DVD drive.

As yet, there's no code to automate this procedure, so mass duplication of pre-recorded BDs and HD DVDs isn't yet possible, it would seem. The crack also relies on the non-random nature of the VIDs embedded in discs to date, a feature that makes them easier to find in memory and/or the USB traffic - or even to guess. New releases with random VIDs would make spotting the VID much harder, but the fixed data-structure of the VID doesn't help AACS' security.

Arnemazi's efforts come just over a month after a fellow Doom9 coder, Muslix64, discovered Title Keys for various HD DVDs in memory and used them to decrypt those discs for duplication. Backup tools for both HD DVD and BD that require the entry of these keys were published last month.

Intelligent flash storage arrays

More from The Register

next story
Hi-torque tank engines: EXTREME car hacking with The Register
Bentley found in a hedge gets WW2 lump insertion
What's MISSING on Amazon Fire Phone... and why it WON'T set the world alight
You fought hard and you saved and earned. But all of it's going to burn...
Trousers down for six of the best affordable Androids
Stylish Googlephones for not-so-deep pockets
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Fujitsu CTO: We'll be 3D-printing tech execs in 15 years
Fleshy techie disses network neutrality, helmet-less motorcyclists
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Business security measures using SSL
Examines the major types of threats to information security that businesses face today and the techniques for mitigating those threats.