AndrewW Posted February 19, 2007 Share Posted February 19, 2007 Just read an extremely informative post over at doom9 that explains AACS encryption scheme in simple terms. Very interesting read http://forum.doom9.org/showthread.php?t=122363 Also, the AACS group have acknowledged that the processing key posted on that site is in fact legitimate. That is two acknowledgements of the system being broken in the last couple of weeks. Things definitely aren't looking rosy in AACS land. Andrew. edit: I just noticed. Have a look at the picture on the AACS homepage. To me, reading the guy's body language, and the blury screen, I'm guessing he is saying 'WTF, I just spent $10K on a brand new plasma and a HD player, and I'm not getting any image ...' Link to comment Share on other sites More sharing options...
sulimo Posted February 20, 2007 Share Posted February 20, 2007 That is two acknowledgements of the system being broken in the last couple of weeks. I'm not sure its broken, but rather the implementation on software players is flawed. Link to comment Share on other sites More sharing options...
AndrewW Posted February 20, 2007 Author Share Posted February 20, 2007 I'm not sure its broken, but rather the implementation on software players is flawed. You are arguing semantics. It doesn't matter how the keys were obtained, the fact remains that the keys have been obtained and are out in the wild, published for all to see. The genie is definitely out of the bottle. Andrew. Link to comment Share on other sites More sharing options...
sulimo Posted February 20, 2007 Share Posted February 20, 2007 You are arguing semantics.It doesn't matter how the keys were obtained, the fact remains that the keys have been obtained and are out in the wild, published for all to see. The genie is definitely out of the bottle. I think it matters. I mean the AACS people could just revoke all the keys on software players till its fixed. Or just not allow provide keys to software players at all. I know that's what I would have done to start with, as hackers will always find a way. Link to comment Share on other sites More sharing options...
c912039 Posted February 20, 2007 Share Posted February 20, 2007 I'm not sure its broken, but rather the implementation on software players is flawed. I agree. The genie is definately NOT out of the bottle. The current activity around bypassing AACS stems from a software based compromised player. The whole design of the AACS system, is to easily plug any leaks, and render future released disks immune from the particular compromise. The only time one can say that the 'genie' is out of the bottle, is if they manage to calculate, or find out the master key. Once the current keys from the software player are revoked, its 'game over'. Any new titles will not be able to be copied using the current software player's keys. Any new release of the software players and keys will only happen, after they can prove that the player software has been hardened. If they can't, then they may not get new keys granted. There may be a few more rounds where new player's keys are also compromised, however, longer term, AACS WILL win out, as ultimately, they can just refuse to release any keys to software players (they are under no obligations to release keys, if manufacturers cannot provide a secure platform). Link to comment Share on other sites More sharing options...
Autocrat Posted February 21, 2007 Share Posted February 21, 2007 There may be a few more rounds where new player's keys are also compromised, however, longer term, AACS WILL win out, as ultimately, they can just refuse to release any keys to software players (they are under no obligations to release keys, if manufacturers cannot provide a secure platform). I believe that's called "cutting off your nose to spite your face". Link to comment Share on other sites More sharing options...
Recommended Posts