HD DVD decrypted using 360 drive
by Ross Miller 
{ Dec 29th 2006 at 3:45PM }
In eight days, or so he claims, hacker muslix64 managed to break the AACS encryption on HD DVD drive so as to play the films on any HD DVD software or simply "archive" your discs in case the physical copy breaks. As muslix64 explains, he utilized the Xbox 360 HD DVD drive as his player of choice (read the full thread to see). Wow!
The hack is useless, however, unless you have the encryption key for the disc; however, as he was able to find certain keys, that task is not impossible. In the FAQ for the program, muslix64 provides an explanation as to how the keys are encrypted. As Team Xbox points out, the AACS encryption is identical to what is found on a Blu-ray disc, so a way to rip those other next-gen discs is inevitable.
The security on HD DVD and Blu-ray has long been touted as one of the reasons for movie studios to start looking past that antiquated DVD format, and something that the studios thought would be unbreakable. Never underestimate the ingenuity of someone told "no."
Of course, there is another, more involved way to backup HD DVD discs, if you're a masochist. Video of the hacker's achievement, decrypting Full Metal Jacket, can be found embedded after the break.
[Via Xbox 360 Fanboy]
Reader Comments (Page 1 of 1)
Field Anony-mouse @ Dec 29th 2006 4:04PM
As long as people have direct access to the content, no encryption is unbreakable. Some forms just take longer than others to break. Until the day that all consumer interaction is removed (except for paying and then passively watching) there will be a way to break it. And even then, there will be ways to bootleg.
ill trooper @ Dec 29th 2006 4:07PM
Nice one. Cool in theory, but the reality of either...
a) downloading/torrenting 18gigs,
b) storing 18 gigs on your hard drive,
c) burning an HD-DVD or Blue-Ray copy of a movie
...makes simply buying the movie itself and having it in a small HD-DVD or Blue-Ray package seem like a good value at $18.99, which is what BestBuy was selling the Full Metal Jacket Blue-Ray disk for.
Antonio @ Dec 29th 2006 4:07PM
I'm not sure if this will help or hinder HD DVD. One thought is that studios could pull support and kill it. Another thought is that people might start ripping HD DVDs and then needind to buy the players (and hopefully some legal movies too). I love my HD DVD player (360 version) and I'd hate for it to loose out because of this.
matt @ Dec 29th 2006 4:18PM
If I can't pull a movie off of a disc I paid for and put it on my network so I can watch it on any computer or television in my house than I'm not going to be pleased with that media type. This gives HD-DVD and Blu-Ray hope in that respect.
Marty @ Dec 29th 2006 6:14PM
There is no encryption they will ever use for media that won't be broken by someone who is determined to do it..
Tim Dorr @ Dec 29th 2006 4:45PM
Antonio, this is the same encryption method used in Blu-Ray, so it's not going to make HD-DVD any less viable. Plus, AACS LA just has to pull this player key and it will stop working on any discs manufactured after this date.
I'm actually curious to see how often they re-encrypt discs, or if they'll send out the same discs for the life of production of a movie on HD DVD/Blu-Ray. Basically, one you have the media key for the disc, it doesn't matter what player you have. But if they re-encrypt a disc and start using a new media key on future copies of these movies, the published key will be useless. So, unless AES is cracked, it's going to be a cat and mouse game for a while.
otakucode @ Dec 29th 2006 4:48PM
ill trooper: Downloading 18GB is nothing. Storing 18GB is nothing. Look at the speed of connections today and the cheapness of hard drives. And who would want to burn the things? Discs are a pita. Keep it on the HD and stream it over a network is your best option.
All content producers really need to go to the Internet Archive and search for "piracy is good" and watch the seminar about bit torrent. It's their only hope.
Rootbeer @ Dec 29th 2006 4:50PM
Five years ago, people were saying that nobody would ever be transferring multi-gigabyte DVD disc images over the Internet. Ten years ago, people were predictng internet video wasn't feasible. Fifteen years ago, no one could imagine sharing digital audio clips more than a few seconds long.
We'll all be streaming HD video over the Internet regularly by 2010, whether or not either of the hi-def disc formats ever takes off.
syco @ Dec 29th 2006 4:50PM
I love how none of this matter to me since I do not have, nor will be able to afford for many many years, an HDTV.
Tequilla @ Dec 29th 2006 5:29PM
Excellent story research.
AACS has not been hacked in the slightest. As you eloquently contradicted yourself, you need the Title Key in order to decrypt the movie! Well of course if you have the key you can decrypt the damn movie! So what was hacked? Ohhh... It was PowerDVD for allowing the Title Key to be read in clear text in memory.
So now AACS will go through its first key revocation cycle and PowerDVD will have to be patched, not only to fix the security issue but to continue playing titles.
Sorry the real story isn't as sensational, but I think it's just as interesting.
Jeff @ Dec 29th 2006 5:30PM
Yeah, DRM doesn't work. How many times does it need to be said? It just doesn't work. It doesn't do what it's intended to do, which is to keep people from copying stuff. It never has. When are people gonna learn?
Moreover, it fundamentally *can't* work. It's not just that the implementation has been poor. AACS, like CSS before it, was supposed to be uncrackable. But the problem is the same as it was with CSS; as long as you have encryption, you need to have some way of unlocking it. There is no way around that. And all anyone has to do is figure out how to replicate the unlocking process, which just involves getting the keys. And that seems as trivial with AACS as it was with CSS.
AACS's big improvement was supposed to be that the keys can be revoked if they're cracked. I'm unclear both on whether this hack gets around that somehow and also on whether or not that revocation is really going to end up practical in the first place. It assumes, first of all, that either people are going to have their machines hooked up to the internet (and seriously, I doubt *anybody* is going to hook up their electronic components to the internet) or that content providers are all going to get together and maintain this big list of broken keys and then distribute them on future discs so that players can de-certify them internally. I'm also unclear on whether this would then break legitimate earlier discs, but it sure seems like it would. So I personally can't see that this feature would really be used to begin with.
Lekko @ Dec 29th 2006 5:35PM
the whole point of encryption and copy protection, or for that matter security in general, isn't that it should be made impossible to crack, it's simply to make it more of a pain in the ass to steal than to buy it in the first place.
Zertoss @ Dec 29th 2006 5:54PM
The whole reason Muslix64 even attempted this, which wasn't in Joystiq's write-up (I'm sure it's in one of the links, I'm just going from memory of the article I read yesterday), was because he bought the movie and couldn't play it because he didn't have a HDCP-compatible video card or monitor. He thought that was BS, since he should be able to play HD movies on an HD monitor, so he decided to crack it. Now he doesn't have to go through the HDCP crap to watch his legally bought movie.