AACS not cracked (again)

Another day, another round of misleading headlines (gotta love digg) about the destruction of AACS. I spent some time this morning reading to the specs, so I now have a pretty good idea of what’s going on.

The reason for this latest round of headlines is that a new hacker over at doom9, arnezami, has been digging deeper into the different keys used by AACS. Up until this point, if you wanted to make a decrypted copy of an HD-DVD or BluRay disc, you used PowerDVD or WinDVD on your Windows computer, did a memory dump, looked through the dump for the title key, and went about your merry way. Folks have even written tools to make this memory dump / hunt process automatic.

In the long term, this isn’t a particularly sustainable solution. The AACS folks will just revoke the device keys for PowerDVD and WinDVD, forcing users to download updated versions. The updated versions will take more care to hide the title key, and despair will spread throughout the pirate community.

With this bleak future in mind, arnezami went investigating alternatives. What he found is the Processing Key, which is essentially an AES’d combination of the device key and the appropriate elements of the Media Key Block. Don’t worry if I’ve lost you, this bit isn’t all that important. The processing key doesn’t inherently reveal which device key it is spawned from.

The processing key is a major chunk of the decryption process. It is a universal decryption key for all titles, with a big caveat that I will mention later. In order to make use of the processing key, you also need the Volume ID. This is essentially a 128bit string that is unique for each HD-DVD or BluRay title. According to the AACS specs, it should be random, though it appears that many replicators haven’t been following this quite to the letter – the Volume ID for Serenity for instance is “SERENITY “. Clever.

Unfortunately, recovering volume ids isn’t proving to be significantly easier than recovering title keys at the moment. The volume ID is stored on a special part of the disc which can’t be read directly via software. In order to recover it, you have to nicely ask the drive to read it and pass it along. For now, that means using a USB sniffer to watch the bus traffic as your software player retrieves the volume ID. The AACS spec actually has this circumstance accounted for as well, with a specification for bus encryption of the volume ID transfer, but nobody has implemented this process yet.

So, what’s this mean? Is AACS destroyed? Afraid not. If someone can come up with a clever, self contained mechanism for retrieving Volume IDs, it may make widespread HD-DVD/BluRay ripping easier, as there won’t be any need to hunt for an already decrypted title key. Barring that however, you’ll still need to find or be told the volume id before the processing key is of any use to you. At that point, why not just find or be told the title key and skip a few steps?

Truth be told, the only circumstance in which having the processing key is useful is if the AACS folks really don’t know which player generated the key, and thusly don’t know which player to deactivate. However, since the AACS folks do know all of the device keys that they’ve assigned, it should be pretty easy for them to calculate all the various processing keys and come up with the renegade player. And even if that weren’t the case, I don’t think they’d have qualms about just revoking all of the device keys for the software players on the market, forcing an update with better security.

Realistically, AACS will only be truly dead if someone comes up with a master list of all of the device keys (leaked from the AACS folks). The encryption itself isn’t under threat – AES with 128bit keys isn’t going to be brute forced any time soon. However, if talented hackers can keep making trouble by figuring out ways to rip these discs, it may eventually become cost prohibitive to keep deactivating device keys. When folks start sniffing hardware keys from expensive home theater units, it’ll get even more interesting. Maybe it’s time to just give up on this DRM thing?

Before anyone emails me about this…

Every now and again someone will ask me why we don’t support RealVideo encoding on Media Mill. The answer is because we can’t. However, there’s an article up on Kenstone right now that seems to imply otherwise. Most of what the article covers is in line with the way we handle non-Quicktime formats on Media Mill, but the Real plugin bit is a off. Their plugin doesn’t work in 10.4, and doesn’t support intel. Even if it did, I don’t believe the Real plugin ever worked within Compressor.

As Real says here, “There are no plans on the schedule for fixes or feature enhancements to the plug-in. Community members and developers seeking compatibility with Tiger 10.4 and/or with desire to enhance the plug-in, are invited to download the plug-in source for fix and further application development. ” I.E., Don’t get your hopes up.

Video Training Podcast

I’m super excited about this – a few of the student staff at the studios are working to produce a series of video tutorials. We’ve just put the first tutorial online – a basic overview of a light instrument. We’ve got a large list and are hoping to start churning them out routinely.

The podcast will be available from the iTunes Store in a day or so, but for now, you can subscribe to them by clicking below.

Podcast Link (small videos)

Podcast Link (large videos)

Canon HV20 Review (In Japanese)

Impress Watch has gotten their hands on a Canon HV20 and has posted a review with lots of sample grabs and videos. I don’t really know what it says, but Engadget has a summary.

It’s interesting to learn that it supports the xvYCC color space over HDMI, which has a significantly broader spectrum of viewable colors, as compared to sRGB. There are a number of displays hitting the market now that can take advantage of the wider range of colors, so it’s nice to see devices capable of outputting it.

Jobs on Music

Apple.com has published an article written by Steve Jobs called “Thoughts on Music,” discussing the current state of online music sales, DRM, and the world of copyright. Very interesting – nothing new per se, but very interesting to hear it coming from the head of the biggest online music store.