Jump to content

Recommended Posts

Posted

Intervideo Statement

WinDVD customers who are currently using either HD DVD or BD playback will need to download the free security update from your PC or Drive manufacturer's websites.

This update includes security enhancements as well as updated licensing keys that will be required to view both newly purchased HD DVD/BD titles and those in your existing HD DVD/BD collections. By downloading Corel's free update, you will be able to continue to enjoy the latest HD DVD/BD content, while ensuring that copyrighted materials are properly protected.

Please be aware that failure to apply the update will result in AACS-protected HD DVD and BD playback being disabled.

Reading between the lines, this would be the first AACS key revocation.

There may well be more to follow.

How many HD playback systems with AACS will be able to correctly revoke and re-new keys without issue?

Posted

This entire issue revolves around poorly written PC software. AFAIK no standalone hardware player has been breached. With that in mind, the only keys being revoked are for these software players. Even if the worst outcome for PC players came about (ie, the end of PC player software), it wouldn't make much difference to the industry. The industry may even view that as a plus. PCs have been a thorn in the side of the industry for years, removing it sounds like a plus to me.

Posted
Yeah. As long as there are software players, AACS will be bypassed/hacked.

and the hardware ones will be chipped.

I disagree with the above post that software players are the bane of the industry. Pc-dvd sales at the beginning of the DVD era helped grow the market. In a similar fashion, i've just updated my HTPC with a HD-DVD drive, and now have full HD running on the bravia. it's beautiful, and it's cost a total of $220aud for the upgrade.

Now, i'm going to buy the media.... creating sales, growing the brand. having the only option as a $1500K+ player will kill it.

Posted

The ratio of HTPCs to standalone hardware players (DVD) is so lopsided as to make it practically 0:1. HTPCs could evaporate and almost no one would notice. The figures might look healthier for HD formats, but only because its such a young market. Come back in a couple of years and it'll be the same situation - standalones ruling the roost.

Posted
and the hardware ones will be chipped.

Good luck 'chipping' a single chip integrated system.

The initial HD players were multichip solutions. Pretty soon they'll be single (or few) chip solutions where 99% of the functionality is performed by a single million legged package in much the same way a typical DVD player is constructed. There won't be any external flash RAM for the system firmware. What exactly would 'chipping' replace? Remember, DVD players were fairly loose WRT to system security. HD players are being built specifically with the intent of making them 'secure'.

Posted

I suspect the need to update software every time AACS is hacked is going to get very annoying very quickly.

I wonder what will happen if a standalone is hacked (not saying it will, but hypothetically speaking)? Are punters (who have hitherto been used to standalone players well... standing alone) going to be expected to have their HD players hooked up to the interweb to download firmware updates? What if the manufacturer has gone bust? And what will happen to Blu-ray players without an ethernet port?

The more I see of AACS, the less I like...

Posted

The discs have the potential to carry updates to fix (or cause :blink: ) problems and the updates are automatically and transparently applied. Load the disk and your player gets updated. If a standalone is hacked an update targetting that model can be released. If it turns out that the machine is hopelessly and unrecoverably comprimised, it can be completely disabled via the update mechanism or its keys simply get left off all future discs making the player unable to play any future releases.

Posted

http://www.theage.com.au/news/home-theatre...5971057115.html

Confirmation that the keys have indeed been revoked...

HD DVD, Blu-ray security compromised

April 10, 2007 - 9:57AM

The group behind security measures for next-generation DVDs said on Monday it had fixed a leak that allowed hackers to discover the keys for unlocking movies on HD DVD and Blu-ray discs.

Makers of software for playing the discs on computers will offer patches containing new keys and closing the hole that allowed observant hackers to discover ways to strip high-def DVDs of their protection.

Digital rights management protection, or DRM, is intended to prevent copying of the movies. Hackers working late last year and early this year were able to observe computer code found on the PC-based DVD players and discover keys that unlock protections on all high-def discs, so copies could be made.

On Monday, the group that developed the Advanced Access Content System said it had worked with device makers to deactivate those keys and refresh them with a new set.

Companies such as Corel, which owns InterVideo, makers of a popular PC-based playback software, will also distribute more secure versions, said Michael Ayers, chairman of the AACS License Administrator.

"The device keys associated with the InterVideo player are being deactivated and InterVideo has updated its player," Ayers said. "They are taking steps that block off access to the inner workings of the application."

New high-def DVDs will include updated keys and instructions for older versions of the PC-playback software not to play discs until the software patch has been installed.

Corel has told users of its software that failure to download the free patch will disable the ability to play high-def DVDs.

Stand-alone DVD players, such as the Toshiba HD DVD player and the Sony Blu-ray player, are not affected by Monday's announcement. So far, no problems have been found with their security.

Ayers said future assaults by hackers can be similarly fixed by replacing compromised keys with new ones.

"AACS is a high-profile technology and is protecting high-profile content, so we fully expect there will be future attempts," Ayers said.

Posted
The ratio of HTPCs to standalone hardware players (DVD) is so lopsided as to make it practically 0:1. HTPCs could evaporate and almost no one would notice. The figures might look healthier for HD formats, but only because its such a young market. Come back in a couple of years and it'll be the same situation - standalones ruling the roost.

thus the reason for my "in the beginning" comment. I had a dvd collection of over 100 disks before i'd even bought my first hardware player (back in 99..seems sooooooo long ago)

Good luck 'chipping' a single chip integrated system.

The initial HD players were multichip solutions. Pretty soon they'll be single (or few) chip solutions where 99% of the functionality is performed by a single million legged package in much the same way a typical DVD player is constructed. There won't be any external flash RAM for the system firmware. What exactly would 'chipping' replace? Remember, DVD players were fairly loose WRT to system security. HD players are being built specifically with the intent of making them 'secure'.

Interesting comments, but realistically - what hasn't been hacked yet? Any level of comfort that the studios have with this system will be completely destroyed in a year. no question. Region coding, HDCP restrictions, HDDVD title coding have all been hacked already, and it's -barely- in it's infancy. I know it's the title's code that was hacked, not the algorithm logic in it's entirety - but they did it once, they'll do it again.

Anything that stores those keys in memory, which they all do, are susceptible. Are they going to change the AACS everytime it's hacked? resulting in 'having to update' players for people at home who aren't connected, or better yet - aren't thrilled about the concept of connecting their dvd players to the internet? Software players are easier to hack admittedly - but hardware can be done as well.

It's a cat and mouse game with the clever kids on the net, vs the studios. Always will be.

Posted
Interesting comments, but realistically - what hasn't been hacked yet?

The xbox 360 ?

Any level of comfort that the studios have with this system will be completely destroyed in a year. no question. Region coding, HDCP restrictions, HDDVD title coding have all been hacked already, and it's -barely- in it's infancy. I know it's the title's code that was hacked, not the algorithm logic in it's entirety - but they did it once, they'll do it again.

maybe, but they will learn from their mistakes and make it harder and harder to crack (not leaving unencrypted keys in memory would be a good start).

Are they going to change the AACS everytime it's hacked?

Yes, any new disc that is released could revoke your player's key .... no need for an interweb connection.

Andrew.

Posted

Bill Gates was on the Daily Show for the launch of Vista and where the question was put to him what the solution is too the 13 year old kids hacking their system is. He replied "hire 14 year olds".

Posted
thus the reason for my "in the beginning" comment. I had a dvd collection of over 100 disks before i'd even bought my first hardware player (back in 99..seems sooooooo long ago)

Thus my comment that in the grand scheme of things, PC players don't matter. If they all went away, the industry would have one big thorn in its side removed.

Interesting comments, but realistically - what hasn't been hacked yet? Any level of comfort that the studios have with this system will be completely destroyed in a year. no question. Region coding, HDCP restrictions, HDDVD title coding have all been hacked already, and it's -barely- in it's infancy. I know it's the title's code that was hacked, not the algorithm logic in it's entirety - but they did it once, they'll do it again.

Lots of stuff, and that's without even trying to make secure hardware.

Anything that stores those keys in memory, which they all do, are susceptible. Are they going to change the AACS everytime it's hacked? resulting in 'having to update' players for people at home who aren't connected, or better yet - aren't thrilled about the concept of connecting their dvd players to the internet? Software players are easier to hack admittedly - but hardware can be done as well.

How do you propose the 'hackers' get access to the on-die RAM within the do everything CPU package? Look at the current generation of smart cards if you want to see how 'easy' it isn't to 'hack'. AACS hasn't been breached to date. So far its all stemmed from poorly written PC software players. Even if AACS was fatally flawed, the system provides for the distribution of a completely new content protection scheme. As I said before, there is no need to connect a player to the internet. The updates will be included on the discs along with the movie. Insert the disc and your player unpreventably gets the update.

Posted

AACS hacked to expose Volume ID on Xbox360 HD DVD Addon

In parallel efforts, hackers in both the Xboxhacker and Doom9 forums have exposed the "Volume ID" for discs played on XBOX 360 HD DVD drives. Any inserted disc will play without first authenticating with AACS, even those with Volume IDs which have already been revoked by the AACS LA due to previous hacking efforts. Add the exposed processing keys and you can decrypt and backup your discs for playback on any device of your choosing. Now go ahead AACS LA, revoke the Toshiba-built XBOX 360 HD DVD player... we double-dog dare ya.
Posted
I won't be surprised if they do.

Assuming the drives do get revoked a firmware update will be issued to fix the initial problem with the drive and to make it work again with future titles. Then it'll be back to square one for the 'hackers'.

This is the entire point of AACS' updatability. Even if a workaround / crack / hack is discovered, it'll be stamped upon fairly quickly. All the 'hackers' are doing is fault finding for the AACS LA. Each time a crack in the wall is found, it'll be patched and AACS will become more secure.

Notice that so far AACS itself hasn't been hacked. Every single work-around has been due to something not fully complying with the security requirements. Notice also that so far no hardware has actually been hacked.

Its early days for AACS in the public arena. Eventually this comparative flood of work-arounds will dry up.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...
To Top