AACS vs. Hackers, Round Two


As anticipated by hackers at the Doom9 forums, the Advanced Access Content System (AACS) License Administrator has issued a new set of keys for Windows PC software players to replace those already compromised. Discs manufactured after the key revocation date will require users to download a software update in order to play them.

AACS LogoSo is AACS dead, or not? Well, it’s quite a bit more complicated than that. Long story short, AACS will doubtless continue to frustrate unsuspecting customers by presenting compatibility and interoperability issues. But new holes are appearing in the dyke faster than DRM engineers can design fingers to plug them with, and the flood tide of Hi-Def video content online will not ebb any time soon.

Concurrently with the update of the software players, hackers compromised not only the software to play HD-DVDs, but the the hardware as well — the Toshiba-manufactured drive for the Xbox 360, one of the more popular HD-DVD drives, can now be used to extract a Volume ID for the purposes of copying the data. This means that even the newly manufactured discs will be trivial to decrypt, if I understand correctly.

The only solution for the AACS License Administrator would be to revoke the keys for the actual hardware, making users download a firmware upgrade for their drives. In an analysis of the AACS attack and counter-attack timeline, Doom9 user jmac698 described the cycle: “The reaction time of the industry seems to be around 3 months to make a decision, and another month to release updated PC software, and yet another month for latest pressings of discs.”

It was at the end of last year, the first chink in HD-DVD and BluRay discs’ AACS copy protection technology appeared. Then the first copies of HD-DVD and BluRay content popped up on file sharing networks and torrent trackers a few weeks later.

What’s important to remember is that, thanks to file sharing, an HD-DVD or BluRay disc only really needs to be cracked once. Then the unencrypted data is fair game network wide. So content providers have a choice: they can continue paying what amounts to a permanent tax by DRM licensors, and frustrating customers, or drop the charade all together.

Comments are closed.