What exactly does BackupHDDVD do? Oh, and version 1.0 is released.
By Ryan Block 
posted Jan 3rd 2007 7:03PM
posted Jan 3rd 2007 7:03PM
In simple terms (ok, not that simple), muslix64 does not claim to have cracked the AACS DRM itself, but instead to expose and use each disc's hard-coded private key in order to make the hardware device run through its routine decryption process. By doing so, BackupHDDVD effectively bypasses the key revocation system which might otherwise prevent it (or your HD DVD hardware, like an Xbox 360 HD DVD drive) from being mass-invalidated as soon as the RIAA blinks. The trick here, however, is the private key extraction -- no one really knows how muslix64 exposed and extracted the private keys on the HD DVD discs needed to strip the DRM from the HD DVD discs. S/he claims it can be done with any poorly built software or hardware as the private disc keys are held in memory, but we still don't have specifics. So while we're sure to see master key lists for HD DVDs popping up on file networks in the near future, we're still hazy about how a regular user can extract his or her own keys for their own fair use purposes. We'll be sure to keep you up to date on this, though, as more information becomes available.
Whichever this unfolds, it's bad news for HD-DVD, as what media studio in their right mind is now going to trust AACS? At least Blu-Ray has additional methods of protection (BD+)
This is the final nail in HD-DVD's coffin..
As far as I know, HD-DVD is the projected winner by most analysts. If this is the "final nail" in its coffin, then it's a roomy coffin in which the future of the entertainment industry is buried.
"This is the final nail in HD-DVD's coffin..."
And the final nail in blah-ray is Sony. So I guess they'll both die...?
Sweet.
I am partial to blu-ray but I love hearing stories like this anyway. Keep up the good work.
If I buy an HD movie, I expect to be able to watch it on all my devices, be they PC's, portables or network devices. That means digital extraction.
POWER TO THE PEOPLE!
It's hard to say if this will be one of the nails in the coffin for HD-DVD. For me as a consumer it's a reason to buy HD DVD media content. I'll gladly pay for HD DVD movies that I have full control over. If I can strip the DRM I can load it on my media server and stream it to all my televisions/computers in my house. I can convert it to watch it on my PSP, Zune, ipod, etc. I can compress it and archive it.
For me, not having DRM is a major factor is making the purchase. I think more and more there are people like me who are aware of what DRM is and how it cripples them from using a purchased product in a way that's useful to them. And once our dollars pour into it, the Jeanie doesn't get put back in the bottle. Right now cracking a dvd is the easiest thing ever, but it doesn't stop the movie studios from releasing media on it. I can only imagine/hope HD DVD will be the same way. Once people realize they don't have as much control over blu-ray content, their spending dollars will go other places. Personally I think it's a travesty that sony expects me to buy the dvd, buy the blu-ray, buy the UMD. Just give me one copy of the movie and let me do whatever I want with it.
"push an update down the line"
And how does that happen on a stand alond dvd player? Am I now gonna need to somehow get firmware updates for my (thoeretical) hd dvd player? I don't see it happening that way.
All HD DVD players have (or should have) Ethernet for connecting to the internet and receiving updates, which include key revocation lists, firmware upgrades, dynamic content, etc.
There is another method - such as how the PSP does it. When you insert a game with a higher firmware requirement level (such as, say, "DJ Max Portable", which requires 2.0), then you can not play the game until you have updated your firmware.
The HD-DVD players could follow such a route. Upon sticking in a new movie, if you don't update the firmware on your HD-DVD player (which is on the HD-DVD disk itself, so you don't have to upgrade), then you can't watch the movie.
Which is one of the reasons why I am staying far, far away from HD-DVD and Blue-Ray. I don't want people mucking around with the stuff I bought just because they feel they still have some ownership on it.
Everyone has been mentioning this is the end of hd dvd with the encryption cracked but this actually makes me like HD DVD more knowing that I can have full use of the disc itself. I am more fore HD DVD now that this has been released.
He got the device key from one of the software players that exist. I believe it was WinDVD based on the screenshots from his test video. From there, you can publish encryption keys for any disk you're able to find. However, it's a catch-22 from here on out: If you publish the player key, they can revoke that key from future discs being published. If you publish the content key, then the content can be reencrypted with a new key for future publishings of the movie. Basically, unless the AES algorithm is cracked (which doesn't look to be any time soon), AACS LA always has an option to stop any compromises of a player or disc.
Hasn't the US government already said that, despite the DMCA, circumventing DVD copy protection is alright to ensure Fair Use? If so, there's no way that the copy protection for Blu-Ray or HD-DVD could be granted special exception when DVDs are allowed to be cracked.
Ergo, this crack is perfectly legal and will stand. Nevermind everywhere else in the world that doesn't have DMCA-style legislation, meaning that, in those jurisdictions, people can crack any copy protections till their heart's content.
No.
Tim: if you read the whole writeup, you see that Muslix64 doesn't use any of the keys that can be revoked. there is no such thing as volume key revocation with the AACS spec, and the volume key is exactly what's used. in theory, later pressings could possibly use different volume keys or revoke the player with the vulnerabilities used to extract the volume keys - but the first solution would only thwart the key extraction for a short time and the latter would only make regular consumers mad. there will always be a piece of hardware or software that's vulnerable enough to grab an unrevokable key from.
Just to pick nits, it would be the MPAA or DVDCCA blinking, not the RIAA. I doubt much music will be released in HD/BR. (As I await the dolts crowing about 5.1 surround music).
Down with DRM of any fashion!
"Down with DRM of any fashion!"
Quite so, old chap!
I don't understand why a programmer can't just claim to be a start-up making HD-DVD/Blu-ray playback software and get all the insider info etc to make their own playback software, then just make the software not listen to security measures, but output raw data instead of display frames.
This IS entirely possible.
you go ahead and do that - then see how long the MPAA has your ass in jail and how much you have to pay them.
Yeah, you know, there is a catch if you have to sign a contract to get some information. Mostly that you are liable if it is used in "improper" ways ...
There is a hefty fee associated with the license. Once you sign the paperwork for the license and pay the fee, there is a good papertrail to find you. This is of course assuming the approval process doesn't weed-out fake startups only looking to get keys.
If an app shows up in the market that allows users to circumvent the copy protection, the key can be traced back to you. With that nice papertrail, it won't be long before lawyers and possibly law enforcement is knocking on your door...
... but at least your screen name will be in a story on digg for a few hours.
push an update down the line that basically invalidates whole groups of pirated movies, hacked hardware, player software, etc
This isn't quite right. Key revocation means that a particular player will no longer be able to access new HD-DVD discs. This means that once the key to the player muslix64 used is revoked (I thought it was PowerDVD...) he'll no longer be able to extract volume keys with it. But there are lots of other software players that can probably be used in similar ways.
And pirated movies can never be revoked, since once the data is unencrypted once it will presumably be redistributed on the net (and on burned discs) in a DRM-free format.
Matt B., except the fact that the only people who are typically arrested and convicted are large scale movie pirates. Even then, busts are too far and few, and usually the convicted get off on a easy plea bargain. Basically, the FBI has no real desire to thwart your ass for copy-right infringement.
Simon, actually, a EULA cannot specially infringe and take away your personal rights. It falls under the Federal Reserve Regulation AA. It would be considered "unfair business"
IANAL but I hope to be
I always wonder how anybody could dream up the idea of revokable player keys ...
I can't believe every single player will have it's own key, so revoking a whole generation of one particular player will not only hurt the pirates but mostly a lot of legit customers. They will scream and kick and sue the hell out of the smartasses who sold and then revoked their players. And once they get over it they will swear never to buy DRM-ridden stuff again.
Great way to shot yourself in the foot.
Hail to the demise of the content nazis.
No matter what, all, read it ALL protections can and will be cracked. Just depends how popular the content protected by them is.
When will all these movie/music companies finally realize that if there is a way to "protect" something, then there will ALWAYS be a way to get around that protection. Nothing is 100% safe.
So basically, this is the first step towards me being able to bittorent a Hi-def disk rip in the near future. Outstanding!
Sigh. Look at the screen shot. "Look for this movie in my database."
You need the key. The key is obtained via a compromised player (in this case Cyberlinks) and then applied. This is not a crack per-se and will be nothing more than a trial run for the key revocation process. I think it's funny that it was a compromised PowerDVD that exposed the CSS keys and now Cyberlink blows it again. Quality not exactly job-1 at Cyberlink.
Cyberlink will prop a player that no longer exposes the keys. The keys that were exposed will be revoked. I suspect newer titles will not play on the compromised player.
they can revoke the player, but then all that does is piss off the people that bought the player and used it legit (unless they do per-player keying, but I think that'd be nigh impossible), and there will always be a flaw in some software to get the keys. the volume keys CANNOT be revoked, so there's no way to 'stop' the already 'cracked' HD DVDs from being ripped unless the next pressing has a different volume key (if that's even possible), and if it does have a different volume key, all that has to be done is what has already been done - getting the volume key from a flawed player.
Holy shit...when did pirating movies become so complicated? While this a small step it is just that, small considering no one knows how to extract these keys as of yet, it is also very complicated. The average person isn't going to understand how to utilize this so even though progress has been made the Entertainment industry still has the upper hand big time
The point is that it CAN be done, and while MOST consumers don't understand the cracking process (and wont) all it takes is a couple smart programmers to create a simple program that does all the work, such that consumers can easily pirate (cough DVD Shrink cough AutoGK).
Anywho, it'll be an uphill battle forevermore. The programmers creating DRMs of sorts are never going to be of greater skill than those programmers who are trying to be subversive to those ends.
Bill Gates, one of the world's major sellers of DRM technology mind you, recently commented that DRM has become "excessive". Blue-laser video players that demand always-on Internet access simply to allow your fully-paid-for discs to play? Reality check: that's excessive. The fact that the equivalent of a desktop PC stands idle in each player, waiting to perform this key-passing decryption mess? That's excessive.
So how did we end up this way? Like Yoda says, "Fear is the path to the Dark Side."
The content providers will always fear the next technological wave. In 1977 MPAA president Jack Valenti gave an impassioned, inflammatory speech to Congress demanding that VCRs be pulled from US shelves; Jack insisted VCRs were insidious tools designed by Japan to destroy America!
At the time what came of that paranoia was the FBI Warning that still clutters the beginning of every major video release made since. That and a bit later, Macrovision -- the apex of "copy protection" for analog video, itself such a weak technique that latter-day VCRs actually possessed a Macrovision detector to remind them to pretend they couldn't copy Macrovision tapes.
Along comes CSS in 1996, a move foisted on the world by Hollywood. Europeans are no big fans of CSS and routinely defeat it, either by releasing "Region 0" titles or by building all-region DVD players. Do they do this to commit piracy? Hardly! Europe remains a strong market for canned video. They simply entertain fewer illusions about the "benefits" of being divided into five marketing territories by film distributors, each with its own region code.
Within the US CSS is doted upon -- a satisfying illusion indeed. Surely it's what keeps the stock prices of Sony and Warner up, and that's what's really important in a country of 401k plans and mutual funds isn't it? DeCSS was thus a big shock to Middle America and its politicians, precisely because it promised to destabilize blue-chip investments.
The DeCSS backlash was AACS -- an exquisitely overwrought mess that was primarily intended to convince 401k holders to invest in studio-parent stocks. As a political symbol it is like a 600-mile border fence -- comforting to those in power, a slap in the face to everyone else. And as we now see with DeHDDVD, not so much an impregnable barrier as yet another waste of the public's wealth.
AACS is really the limit of how complex and invasive a content-protection protocol can get with our present software-engineering skills and our present international climate; breach it even a little bit and there is no way it could be bolstered or replaced in time to salvage the reputation of certain blue-chip stocks.
Result? Massive divestiture of studios by parent corporations, mainly to regain stockholder faith. Studios selling their names to each other for a pittance as their assets auction for ten cents on the dollar to pay off massive debts remaining from the orgy of leveraged buyouts in the 1990s. And Bill Gates emerging as the biggest asset-holder in Hollywood. OMIGAWD! GATES AT THE GATES!
Yeah! Getting all political up in this bitch!
Thanks for the good read, John!!!
Maybe the author of the article should read a bit about private key crypto and about AACS before posting such nonsense.
Now AACS discs have a "hard-coded private key"? Gimme a break and learn about cryptography.
And those who say "They can't revoke shit because only the title keys or volume keys or 'master keys' will be published" should maybe stop talking out of their ####, should read the AACS docs at aacsla.com and learn about sequence keys and traitor tracing.
It's incredible all the nonsense that it said since BackupHDDVD has been released. And btw, this software does NOTHING to break AACS, everything in backupHDDVD is publicly available on aacsla.com.
you should cite specific books, versions, and page numbers. as of common spec book 0.91, HD DVD and DVD book 0.912, and prerecorded spec book 0.91, there is no mention of "traitor tracing". also, sequence keys are optional, and, even when used, the volume key method currently implemented for current decryption (seems to me) to bypass any way of using the sequence key against decrypters.
All, Go up to YouTube and watch the video again. S/He shows the UI of the app that he used to get his keys.
Some creative googling should get you an answer. And no, I can't post it here for ethical reasons (CISSP/CISM).
I understand that the keys are 32 Hex Chars
Hex is 0-9 and A-F... 15 chars total
there are 32^15 possible combinations for the Keys. Each key is 16 bytes long (from the FAQ.txt) so to generate a table of all the possible keys, you would need (32^15 * 16) bytes of storage. Thats over 549,755,813,888 TB, if my math is correct.
Perhaps a Brute force decryptoion tool could be made?
00000000000000000000000000000000, 00000000000000000000000000000001, ...
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE,
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
That would be 16 chars, not 15.
Hahah. Suck on it Universal!
it's possible download for check it?
Simon, why would every player having a unique key even be a difficult thing? Every single one has a different serial number on the outside sticker, so changing a string whilst blowing the PROM isn't going to be at all hard. Plus, they are all supposed to be networked, so they could write an app that does a kind of DHCP for serial numbers, and assigns them automagically when connected. Either at the factory, or once connected at home.
I'm just not looking forward to having to bounce the ethernet via a US proxy to watch a film, once they decide to wreck the grey market trading of films from other countries. That will just be a pain in the arse. Probably just download them instead... After all, you could get what, 20 to 50 MP4 movies on a single BluRay disc?