DVD Security Group Says It Has Fixed AACS Flaws 388
SkillZ wrote to mention an article at the IBT site discussing a fix to the security breech of the HD DVD and Blu-ray media formats. "Makers of software for playing the discs on computers will offer patches containing new keys and closing the hole that allowed observant hackers to discover ways to strip high-def DVDs of their protection. On Monday, the group that developed the Advanced Access Content System said it had worked with device makers to deactivate those keys and refresh them with a new set."
What about the other holes? (Score:5, Informative)
How about future successes [engadget.com]?
Re:Serious Question (Score:5, Informative)
Already hacked via Xbox 360 add on VID (Score:5, Informative)
http://www.xboxhacker.net/index.php?topic=6866.0 [xboxhacker.net]
http://forum.doom9.org/showthread.php?&t=124294&p
http://www.engadget.com/2007/04/10/aacs-hacked-to
Re:"Fixed Flaws"? (Score:5, Informative)
When they revoke keys, they simply remove the old compromised keys from new discs, so players relying on those keys can't play anything.
Re:Even more reason to have nothing to do with it (Score:2, Informative)
Re:"Fixed Flaws"? (Score:2, Informative)
Re:They didn't fix anything (Score:3, Informative)
The AACS scheme has the ability to revoke individual players - not individual models, but actual single units. They use a lot of fancy set theory to do it, but in essence each player is supposed to have a unique set of keys - possibly hundreds of keys out of a total of many thousands (hundreds of thousands perhaps). Each disc has the information on it to allow thousands of different keys to decrypt it. The way it works is that of all the keys on the disc, it is expected that each individual player will have at least one key that matches.
Thus the way they revoke a specific unit is (if they can identify the unit, say the guy was foolish enough to publish the keys he extracted) that they do a bunch of math to figure out what set of keys to put on the new discs such that the compromised player will not have any of his keys on the new discs, but all other players will still be able to find at least one matching key on the new discs.
Remember that this is all in theory, and we have seen evidence that not all of AACS has been implemented yet or is even being used correctly. So it is entirely possible that some of the early units are "simplified" and every unit of a single production run or even every unit of a single model all have the same subset of keys on them. If that's the case, revoking one such player will revoke all such players. But if hardware manufacturers did it "right" then they are supposed to be able to revoke individual players.
Re:What about the other holes? (Score:2, Informative)
Re:i'm not so sure... (Score:4, Informative)
For example. I have a DVD player that made by a no-nane Chinese brand, bought for 30UKP (around 60USD). It's not region free but can be unlocked by a magic button press combination on the remote. Instructions for said inputting magic combination were given to me at the shop when I bought it. It plays anything I throw at it. Even half arsed DVD rips that I failed to burn correctly.
On the other hand, my father has an expensive Sony DVD player. It's region locked, doesn't upscale for his HDTV and takes great offence if anything is slightly out of spec on the DVD disc.
Now to bring this vaguely back on topic, from a consumer point of view, which is better? I suspect those without any knowledge of region encoding (or in the case of HD-DVD, DRM) most would simply conclude the more expensive player is 'broken' and opt for the cheaper region free/DRMless player.
Fair enough, at the moment with HD-DVD they do not have a choice. Bottom line is, while the average consumer might not care about their 'digital rights' they dam well care about their shiny new disks working in their shiny new HD-DVD player. This has the same beneficial effect to my mind, the end of DRM. The movie industry pisses off the average consumer at their peril.
Re:how do you think the new patch adresses the iss (Score:2, Informative)
2. Hiding the key is easy, but I don't know how useful it really is.
Here are some ideas on how I would do it:
1. Instead of calling a standard AES routine that needs the bytes of the key to be in successive memory locations, recode the routine to take bits of the key from different areas of memory.
2. Suppose (to simplify) that we combine a player key (PK) (that we want to hide) with a disc key (DK)(on the disc) to produce a media key (MK). Then we combine an encrypted sector (ES) with the media key (MK) to produce a decrypted sector (DS). Suppose (for illustration) that keys are 256 bits and blocks 4096 bits long.
I would follow these steps: write a single function f(DK, ES) = DS in a simple algebraic language. PK exists as constants in the function body. With a preprocessor, convert this function into 4096 boolean functions of 4352 inputs and output C code to compute their minimal disjunctive form. Recovering PK is equivalent to brute-forcing AES.
Please correct me if I am wrong.
Re:CDs aren't a new format! (Score:3, Informative)
http://www.riaaradar.com/search.asp [riaaradar.com]
Re:"Fixed Flaws"? (Score:3, Informative)
Re:i'm not so sure... (Score:3, Informative)
That will rip incorrectly most of the time; you need to do prescaling using -vf crop=w:h:x:y,scale=x:y,expand=x:y and data you can get from the stdout of mplayer dvd://[title] -chapter [chapter]
Still, there ain't nothin' like gettin' yer hands dirtied on a command line.
Re:Serious Question (Score:3, Informative)
(From the end of: http://news.com.com/Analyst+Corels+DRM+patch+only