[ISN] Companies probe possible high-def DVD hack

From: InfoSec News (alerts@private)
Date: Thu Dec 28 2006 - 22:19:17 PST


http://news.com.com/Companies+probe+possible+high-def+DVD+hack/2100-1029_3-6146267.html

By Reuters
December 28, 2006

The companies behind an encryption system for high-definition DVDs are 
looking into a hacker's claim that he has cracked the code protecting 
the new discs from piracy, a spokesman for one of the companies said 
Thursday.

A hacker known as Muslix64 posted on the Internet details of how he 
unlocked the encryption, known as the Advanced Access Content System, 
which prevents high-definition discs from illegal copying by restricting 
which devices can play them.

The AACS system was developed by companies including Walt Disney, Intel, 
Microsoft, Toshiba and Sony to protect high-definition formats, 
including Toshiba's HD DVD and Sony's Blu-ray.

Muslix64 posted a video and decryption codes showing how to copy several 
films, including Warner Bros' Full Metal Jacket and Universal Studios' 
Van Helsing, on a popular hacker Internet blog and a video-sharing site [1].

The hacker also promised to post more source code on Tuesday that will 
allow users to copy a wider range of titles.

A spokesman for one of the AACS companies, who declined to have the 
company identified, said they were aware of it and were looking into the 
claims, but would not elaborate.

The vulnerability could pose a threat to movie studios looking for ways 
to boost revenue as sales of standard-format DVDs flatten. In 2005, U.S. 
DVD sales generated some $24 billion for the movie industry.

If the encryption code has been cracked, then any high-definition DVD 
released up to now can be illegally copied using the Muslix64 "key," 
according to technology experts.

Jeff Moss, organizer of Defcon, the world's largest hacking convention, 
said in an interview that Muslix64 appears to have found a real breach 
in the encryption system.

"Everybody is talking like it worked, and apparently it's not that 
hard," said Moss, whose annual convention draws thousands of security 
researchers, government workers and hackers. "This will be the first 
trial run of how this (AACS) is going to work whenever a compromised 
player comes out."

Adrian Kingsley-Hughes, a U.K.-based technology expert and author of 
Internet blog PC Doctor, wrote in a Thursday posting on technology site 
ZDNet.com that Muslix64's source code "seems genuine enough."

He said the hack would not necessarily make much of a difference in the 
battle for supremacy between the new HD DVD and Blu-ray formats.

"What's interesting here is that while this hack might give HD DVD a 
temporary advantage amongst enthusiasts who want to backup discs...in 
the long run it won't give either format an advantage because both HD 
DVD and Blu-ray use the now cracked AACS," he wrote.

Story Copyright 2006 Reuters Limited. All rights reserved.

[1] http://www.youtube.com/watch?v=_oZGYb92isE


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Thu Dec 28 2006 - 22:26:50 PST