Print 58 comment(s) - last by wallijonn.. on Jan 30 at 5:15 PM

Lord of War gets defeated by high-definition hackers
The hacker who cracked HD DVD strikes again by defeating Blu-ray Disc encryption

Late last year, a crafty individual who goes by the name “Muslix64” circumvented the copy protection scheme used to protect HD DVD. Given the similarities between the copy protection methods used in the high-definition optical formats, it was only a matter of time before Blu-ray Disc’s protections would be bypassed. However, Muslix64 has no access to Blu-ray hardware, limiting his exploit methods to HD DVD. That is, until Muslix64 came across some specific data for Blu-ray Disc, allowing him to apply his methods to the yet-uncracked format.

Another individual interested in Blu-ray’s protection scheme, “Janvitos,” who also participates in the same online forum where Muslix64 revealed his HD DVD work, posted a message showing the directory structure from a Lord of War Blu-ray Disc movie. Janvitos extracted the information by going through his system’s memory with WinHEX after playing the movie on his computer using WinDVD.

The memory dump information caught the attention of Muslix64, who replied to the thread saying, “In less [than] 24 hours, without any Blu-Ray equipment, but with the help of Janvitos, I managed to decrypt and play a Blu-Ray media file using my known-plaintext attack.” Muslix64 then posted a file as an example of his decryption work, though he did say that his method does not address BD+.

Muslix64 then went on to explain how he was able to accomplish this feat with his plaintext attack method. “This is a very basic, but [powerful] crypto attack that I have used to decrypt both [HD DVD and Blu-ray] formats,” he wrote. “After reading posts of people trying to get the keys in memory, I realized, I have a different way of looking into the problem…A lot of people try to attack the software, I'm attacking the data!”

“So I spent more time analysing the data, to look for patterns or something special to mount my known-plaintext attack,” Muslix64 explains. “Because I know the keys are unprotected in memory, I can skip all the [painful] process of code reversal.”

Although Muslix64 did not have any Blu-ray equipment at his disposal, he was still able to recover the keys with the help of Janvitos’ memory dump file and media file. Blu-ray media files are divided into individual aligned units. The first 16 bytes of each unit are not encrypted, with the rest being encrypted using AES in CBC mode. Muslix64 examined the non-encrypted portions of the data and found a reoccurring pattern, which he used to mount his known-plaintext attack.

Muslix64 goes on: “In most cases, the know-plaintext attack is in fact a guessed-plaintext attack. We ‘assume’ the data will look like something we ‘guessed’ when decrypted. Most of the time, it works! Knowing that, all you have to do, is to write a small program that scan a memory dump file, that comes from of a software player while it was playing the movie. The key is in that file, you have to locate it.”

Once the value and position of the key is in memory, all one has to do is to use a memory landmarking function to locate the key and defeat the encryption. The method discovered by Muslix64 and Janvitos is specific to Blu-ray, though similar means were used to decrypt HD DVD. This hack was made possible by the fact that the keys were not protected in memory when running video-playing software on the PC.

Even without any Blu-ray hardware at his disposal, Muslix64 shortly followed his findings reveal with the alpha release of BackupBluRay V.0.21, software he wrote to decrypt Blu-ray Discs. Limitations to his software at this time are that it doesn’t support BD+ or volume unique keys and that it only supports one CPS key per disc. Users wishing to utilize the software will also have to provide their own CPS unit key.

Those who have tried the software report that they have successfully been able to decrypt and copy their own Blu-ray Discs for playback on both PC software and set-top players. If the cracking of HD DVD and the release of pirated files is of any indication, however, Blu-ray may soon see illegal copies hitting the black market and parts of the Internet.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

good job hollywood!
By fijillian on 1/23/2007 9:54:01 PM , Rating: 5
great to see the vast amount of money & time from the movie studios has gone to good work, NOT! they were really silly to think that the encryption would not be broken

RE: good job hollywood!
By daftrok on 1/23/2007 10:50:22 PM , Rating: 4
You know what this means, though. HDCP is powerless! We are free!

RE: good job hollywood!
By borowki on 1/24/2007 12:58:43 AM , Rating: 1
Free? Are you kidding? This basically bring us one step closer to a bandwidth tax. Once the entertainment industry can convince congress that dispite their best efforts they can't prevent their properties from being stolen, the most likely outcome is some form of compensation scheme, with the cost pegged to home internet usage. Just watch, it's going to happen. Suddenly one day there'll be yet another mysterious surcharge showing up on your phone/cable bill.

RE: good job hollywood!
By JimFear on 1/24/2007 4:12:22 AM , Rating: 5
And dont forget all those tubes getting full with trucks causing senators to wait longer for their internets to finish downloading :)

RE: good job hollywood!
By CorrND on 1/25/2007 10:40:37 AM , Rating: 1
I find it hilarious that people complain about DRM practices and rejoice when they are broken. I'm certainly no fan of the studios or DRM, but you all realize that we brought DRM upon ourselves, right? There's no inherent right for music or movies to be free. By taking them without paying (by whatever means) we forced "the man's" hand.

If no one ever stole, the studios would have no reason to put all this protection crap on and we'd all be a lot happier. CDs, DVDs and everything else would probably be a bit cheaper too.

RE: good job hollywood!
By AnnihilatorX on 1/26/2007 6:31:38 AM , Rating: 2
But you have to realise that's not possible for everyone to behave good. And even if only 1% of people are pirates, the studios will still be happy to chuck out DRM to protect their 1% loss.

RE: good job hollywood!
By CorrND on 1/26/2007 11:09:12 AM , Rating: 2
Fair enough. I just wish people would realize that cracking protection will only make things worse in the future.

RE: good job hollywood!
By oTAL on 1/30/2007 3:49:03 PM , Rating: 2
While I do agree with some of what you said, this bit:

CDs, DVDs and everything else would probably be a bit cheaper too.

is utter bullshit.
The market decides the prices. In many situations, the piracy even makes titles cheaper (it happened for PS2 titles in China with executives admitting it). Why? because they figure that if contents are cheaper people will take the comfortable and legal way. If they feel overcharged, then many people will prefer to put aside a "dubious" moral issue than not have their contents. I only say dubious because, when contents are overpriced many people would not be able to buy them any way, which means, by their logic (which is not all that incorrect), that they can steal the product without harming anyone (assuming they would not buy it if piracy was not an option).

The most important message I wanted to pass is that the myth that "piracy makes software and media more expensive" is FUD. The market decides the prices. They will charge what people are willing to pay.

Only in extreme piracy environments does piracy reflect hardly on the industry. Pay TV in Spain was temporarily killed by piracy. Investments on legit businesses like movie-rental and many others are made hard due to rampant piracy in Latin America and large portions of Asia.

RE: good job hollywood!
By dijuremo on 1/30/2007 11:07:12 AM , Rating: 2
Are you stupid?

You enjoy paying the movie studios to tell where you can play your movies and where you can't?

Did you know it is illegal for you to rip a DVD that you have purchased to play it in your iPod? But why should it be, if you have already paid for the damn DVD. Start being smarter and think before you speak.

The more we allow the studios to control the way we see the stuff we pay for, the worst thnigs will get. The hacking efforts are totally welcomed by me, I am an advocate that if you pay for a movie, you should be able to play wherever the hell you want, not have to pay for one copy for your dvd player, one copy for your PC, one copy for your ipod, etc...

RE: good job hollywood!
By alifbaa on 1/23/07, Rating: 0
RE: good job hollywood!
By stmok on 1/24/2007 3:39:28 AM , Rating: 5
Have you even looked at AACS specifications?
The theory of weak encryption is incorrect.

Its the implementation itself, and how it works when it plays content. (Did you even read the article? Do you understand how AACS works?)

The weakness of AACS is where there is a point when the stream must be decrypted for viewing. (The keys are in system memory). At that point, its vulnerable. Because there is no protection of the keys itself during content playback.

To prevent that, they will need you to buy a whole new PC that is completely infected with DRM hardware technologies.

If you look at this...

Output Content Protection and Windows Vista


A Cost Analysis of Windows Vista Content Protection

And listen to these...

(Listen to Episodes 74 and 75)

You realise the Content Providers (RIAA/MPAA/etc) have learnt from the DVD era. They have set up a massive framework of DRM when you combine these three major elements together.

(1) Software:
Microsoft has helped them. (And that's fact). If you look at the DRM technology in Vista, you realise they have implemented a framework there specifically for Content Protection. Stuff like polling the system a number of times per second, revocation of drivers if its a known leak of HD content, and checking for electrical fluctuations against possible tampering for hardware.

Such technologies will have an affect on system performance and stability. (It doesn't take a genius to realise where there will be scenarios when the monitoring of certain components is too aggressive and causes problems for the user).

(2) Hardware:
MS is basically "encouraging" hardware makers to implement crap like HDCP and in the future, extra chips in relation to sensing possible modifications to hardware. (called "tilt bits"). Hardware makers need MS, as MS controls 90%+ of the desktop market.

And implementing DRM technology doesn't benefit the hardware makers. It doesn't improve performance, provide new features worthy of selling, etc...In fact, hardware makers try not to emphasize it! (Otherwise, people won't buy the hardware!)

Its interesting that the law makers have basically made the rules up of how a hardware company is supposed to act. That is, they must prove themselves worthy. What annoys me is that some of the technologies used to enforce DRM can also be used for security of the PC. So PR/marketing dept can use the excuse of security for selling the hardware, when the truth is, its to control the end-user.

(3) Law:
Stuff like DMCA or in Australia, the Copyright Amendment 2006. (America has infected Australia with a version of DMCA as part of the Free Trade Agreement). :(

Guess who pays for all this...You, me, and every other end-user on the planet. ie: Get the consumer to pay!

DRM has and always will be about CONTROL. Control of how people can view content. This is exactly what the RIAA/MPAA wants.

The PC has always been an open-platform. This is in direct contradiction to DRM...And those scumbag Content Providers want to lock it down.

Think about it...If the content providers had the ability to control what you can see, they will use it.

BTW, expect Microsoft's professional spin doctors to twist it around and try to side step the issues with distinct "lawyer/marketing" wording that doesn't answer the questions of the consumer. Its because they need Vista to sell.

RE: good job hollywood!
By masher2 on 1/24/07, Rating: -1
RE: good job hollywood!
By stmok on 1/24/2007 4:10:59 PM , Rating: 5
What you're saying is that its OK to charge customers, and corner them into features and functions they didn't ask for.

If you want to view Blu-ray or HD-DVD on your PC in full resolution glory, you have buy a new video card AND a display that supports HDCP. What if I don't need a video card or display as my existing ones are perfectly fine? What do you call that? I call that blackmailing the end-user into paying for DRM technology.

You pay them to control you.
ie: You pay to lose your freedom on YOUR PC.

Freedom (in the sense of freedom to choose) is what Dell is currently doing with their n-series desktops. Pre-install with FreeDOS, and let the user decide if they want to install whatever OS they please. I don't care if its Windows, Linux, or whatever. That's choice.

Anyway, its none of their friggin business what I do on my PC, as long as I paid for the content I'm viewing, and circumventing protection mechanisms only to make a backup of the content I paid for. (Not to share or distribute for profit, but to store or transfer to another device that I own, say a portable media player).

RE: good job hollywood!
By SunAngel on 1/24/07, Rating: 0
RE: good job hollywood!
By Lazarus Dark on 1/25/2007 10:48:56 AM , Rating: 2
I actually like HDCP because it is a standard. All equipment must adhere to the standard. Knowing that I will not have any problems because all equipment is supported takes one consideration I had to worry about away.

Umm... have you not heard of the numerous 'handshake' issues of hdcp. Even if you have all hdcp hardware its basically a crapshoot as to whether it works. Lots of hdcp devices are in fact incompatible, despite being a 'standard'. Just look around for the many ps3 handshake issues. Sony's ps3 isn't even compatible with some of its own tv's because the hdcp is faulty!

RE: good job hollywood!
By SunAngel on 1/25/07, Rating: 0
RE: good job hollywood!
By Pandamonium on 1/25/2007 12:58:01 PM , Rating: 2
HDCP isn't a standard- it's a specification. HDMI is a standard. HDMI is what makes it easier for the consumer. HDMI is what reduces cable clutter. HDMI is DVI with audio in a different shape. (Which is why DVI>HDMI and HDMI>DVI adapters are literally cables that rewire HDMI pins to DVI pins)

HDCP exists to benefit the entertainment industries. It does not bring any added benefit to consumers. It *costs* consumers more than anything else.

RE: good job hollywood!
By SunAngel on 1/25/07, Rating: 0
RE: good job hollywood!
By Steve Guilliot on 1/25/2007 12:56:42 PM , Rating: 2
The "features and functions" you mention are only required for playing protected HD content. Guess what? You don't have the god-given right to view that HD content in any way you please. The IP (intellection property) rights belong to the studios. They own it. It's theirs. They can place any desired conditions on it's use.

So, the logical progression is that anyone who wants to participate in the HD-love-fest has to do business with the studios, including MS and Apple. You imply incorrectly that the software companies are part of some DRM conspiracy, but that only highlights your misunderstanding.

If you don't like the current copyright laws, then lobby your congressman to change them. That's the way democracy works. Of course, the general public loves their $300M blockbusters, which the studios fund with licensing fees and royalties, so you would be in a very small minority.

RE: good job hollywood!
By thejez on 1/24/2007 10:15:28 AM , Rating: 2
so what do you propose? NO movies on the PC? No HD-DVD players for the PC?

Make no mistake, the MPAA and the RIAA are driving this not MS and not the hardware people... THEY say, "You want to play our disks, then play by these rules" -- so your company makes DVD drives and HD-DVD players etc... what are you going to do? tell them no thanks?? You dont really get options here because the RIAA and the MPAA OWN content that YOU want to consume... so you have to consume their content on their terms...

the thing i dont understand yet is how Linux/XOS fits in here.... do they not have any DRM? Can you simply play an unprotected HD-DVD movie on linux with no DRM? It seems to me if the terms dictated by the MPAA arent complied with you may very well arrive at a situation whre those disks simply cant be played on these OS's until they come into comliance.... or if what you are saying is really true and Vista is the real issue here (adding extra DRM not required to play this content) and not Linux then it would seem people will gravitate toward the more open system... but does anyone think the MPAA/RIAA will let that happen? I think its going to come to comply with us or "no content for you"....

Now the other point to the argument is of course is it even possible to really secure something that has to be consumed by the end user at some point.... somewhere in the chain of all this elaborate security the fact remains that the content MUST be displayed... and if it can be displayed then it can be copied... like has been said many many many times before... DRM doesnt prevent pirating but only makes life miserable for those who actually choose to purchase the content...

RE: good job hollywood!
By Beh on 1/24/2007 12:34:42 PM , Rating: 2
From what I remember while using Ubuntu linux, you can't even play regular DVDs without installing some packages of dubious legal status. You'll probably be able to play HD-DVD and Blu-ray on linux eventually but it likely wont be through any officially supported means. As far as OSX is concerned, it should be even easier for Jobs to convince the Mac zealots that DRM is what they want.

RE: good job hollywood!
By stmok on 1/24/2007 3:50:59 PM , Rating: 2
Yes, Linux requires that you install DVD support manually. (Depending on which distro, its often a very trivial exercise). This is because, to actually play DVD movies on Linux, you have to circumvent CSS. Circumventing protection mechanisms isn't legal in some countries.

I suspect you're right about Blu-ray/HD-DVD and Linux. Someone will probably port Muslix64's source code into C/C++ for the Linux version. (Or possibly a project like VLC or MPlayer will implement the necessary bits to play such media).

RE: good job hollywood!
By thejez on 1/24/2007 4:11:31 PM , Rating: 2
so then Vista really doesn't matter then in this equation.... since I can continue to watch ripped content instead of native in Vista (like I would do in Linux)... doesnt matter how much DRM they pack in since DRM cant/doesnt prevent backups with proper tools.

The whole concept (DRM) is a bad one and will probably do nothing more than drive more people to piracy because of how cumbersome it is for people who try to play by the rules... i already gave up on buying music online because of how hard it was to move the files to my new machine... i'll never buy a song online again... its worth buying the whole disk just so I can rip it myself at a high bitrate and share it with any of my devices....

RE: good job hollywood!
By glynor on 1/24/2007 4:33:08 PM , Rating: 4
And you really think if Microsoft told them "shove it" we won't play in your sandbox then, and there will be no HD disc format for PCs, that the MPAA's tune wouldn't have changed?

With their market share and power? That'd have as likely killed BluRay and HD-DVD as anything!

Microsoft has plenty of power here, they just chose not to use it because they agree with the content owners. They do the same thing with their software!!

RE: good job hollywood!
By andtechand on 1/26/2007 10:57:33 PM , Rating: 2
There's speculation that the Canadian guy mentioned in "Cost Analysis of Windows Vista Content Protection", is Muslix64. Like Muslix64 he's a programmer. Like Muslix64 he bought an HD-DVD system what won't play HD-DVDs because the monitor doesn't support it. This happened in mid-December - the same time as Muslix64. And a week or so before Muslix64 made his announcement he was talking to a crypto expert who's been examining the AACS/HDVP protection in Windows - the author of the article.

RE: good job hollywood!
By randomname on 1/24/2007 6:12:31 AM , Rating: 1
Well, basically they haven't broken the AACS, but the software player. Given all the effort put into Vista, it is apparent the software players for XP will eventually be blacklisted. They may try to release new versions of the players for XP (that don't leave unencrypted software keys laying around in the memory) before revoking the old ones, but if even that doesn't work, all players for XP will be blacklisted. Maybe even all software players. For me it was surprising that they would allow software players for XP at all. I guess that was to get an early boost in the format war.

As for the performance drop in Vista due to polling the system, it will most likely be very small. The system is always running stuff in the background, and that is just one additional program/task. I found the article "A Cost Analysis of Windows Vista Content Protection" to be a poorly argumented, mostly FUD. The DRM will be inactive when protected content isn't run (apart from possible polling), but of course there will be a performance drop when protected content is playing. That performance drop is already manageable, and in a few years it will be a completely moot point.

Regardless of the OS (whether it is Vista, XP, OSX, or Linux), if you want legal playback of Blu-ray and HD-DVD, you must implement the DRM. Software players for systems that cannot implement the DRM will not be allowed. That is, if the industry as a whole doesn't change its mind, and view the approach as technically impossible / counterproductive. Somehow I doubt that will happen anytime soon.

RE: good job hollywood!
By AlexWade on 1/24/2007 8:16:43 AM , Rating: 5
Once again, the only ones who are screwed over by DRM are average consumers. DRM does nothing except inconvenience pirates for a few days. DRM only punishes the innocent. DRM should be banned, and instead all effort should be put into prosecuting those who do break the law. And let us backup copies. That is not a sin.

RE: good job hollywood!
By darkdemyze on 1/24/07, Rating: 0
RE: good job hollywood!
By Aiyee on 1/24/2007 1:52:01 PM , Rating: 3

Not at all like "a key on your house door" but more like the car dealer putting a Club on your steering wheel and deciding when you can drive.

The Fair Use doctrine says that the content does not belong exclusively to the creator, but that the purchaser has the legal right to create backup copies.

Yes, DMCA is in conflict with Fair Use, but that is no reason to laud DRM just because it protects the studios--at our expense.

"DailyTech is the best kept secret on the Internet." -- Larry Barber
Related Articles
First Pirated HD DVDs Released
January 17, 2007, 4:30 PM
Hackers Claim HD DVD Encryption Circumvented
December 28, 2006, 12:24 PM

Most Popular Articles5 Cases for iPhone 7 and 7 iPhone Plus
September 18, 2016, 10:08 AM
No More Turtlenecks - Try Snakables
September 19, 2016, 7:44 AM
ADHD Diagnosis and Treatment in Children: Problem or Paranoia?
September 19, 2016, 5:30 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM
Automaker Porsche may expand range of Panamera Coupe design.
September 18, 2016, 11:00 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki