AACS Copy Protection For DVDs Defeated Again

SlySoft reportedly updated its AnyDVD HD software with a new AACS encryption code to enable the copying of ostensibly protected HD-DVD and Blu-Ray discs.

Thomas Claburn, Editor at Large, Enterprise Mobility

May 18, 2007

2 Min Read

Digital rights management suffered another setback Thursday when Antigua-based software company SlySoft reportedly updated its AnyDVD HD software with a new AACS encryption code to enable the copying of ostensibly protected HD-DVD and Blu-Ray discs.

Earlier this month, the Advanced Access Content System Licensing Administrator (AACSLA), the organization that oversees the licensing of HD-DVD and Blu-Ray video players, infuriated DRM foes by sending Digital Millennium Copyright Act takedown notices to Web sites demanding the removal of the online posts containing the compromised AACS code.

Digg, one of the sites that received a takedown notice, angered its users by attempting to censor user-submitted posts that contained the code. The site's users retaliated by posting the code faster than it could be removed and ultimately succeeded in ending the censorship effort.

In mid-April, the AACSLA said that it had "expired" cracked AACS encryption keys, requiring consumers and manufacturers to update their video players with a new key though an online download.

Discs to be released next week will be the first to blacklist compromised keys, according to J. Alex Halderman, a Princeton computer science graduate student.

But SlySoft appears to have a new key to the AACS digital lock. The AACSLA can also expire this key but it will take weeks. In the meantime, the discs on the market will be copyable.

"To be successful in the long run, AACS needs to outpace such attacks," Halderman said in a blog post. "Its backers might be able to accelerate the blacklisting cycle somewhat by revising their agreements with player manufacturers, but the logistics of mastering discs and shipping them to market mean the shortest practical turnaround time will be at least several weeks. Attackers don't even have to wait this long before they start to crack another player. Like SlySoft, they can extract keys from several players and keep some of them secret until all publicly known keys are blacklisted. Then they can release the other keys one at a time to buy additional time. All of this is yet more bad news for AACS."

About the Author(s)

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights