Arnezami Hacks HD-DVD/Blu-ray – Discovers the One “Processing Key” to Rule them All

A hacker known as Arnezami has gone a giant step further than Muslix64 in hacking AACS. Arnezami has discovered and published the cryptographic key (known as the "processing key") that can be used to circumvent AACS copy restrictions on any Blu-ray or HD-DVD movie (the "one key to rule them all" 🙂 ).  He did so by using an Xbox 360 HD-DVD drive and studying all changes (comparing hex-dumps) to a key part of memory during startup of the movie King Kong.

Previously, Muslix64 had discovered the "volume keys" for individual HD-DVD movies (and subsequently Blu-ray titles) which, when used with his BackupHDDVD software, allowed technically adept users to decrypt and copy individual HD titles protected by AACS. Since then, volume keys for more than 100 HD titles have circulated on the Internet.  The processing key discovered by Arnezami can, until revoked, be used to easily determine the volume key needed to decrypt and copy any HD title.  

Continue reading “Arnezami Hacks HD-DVD/Blu-ray – Discovers the One “Processing Key” to Rule them All”

BackupHDDVD & Doom9 Forum Create End-to-End HD-DVD Crack?

It appears that the latest entry into the DRM arms-race, BackupHDDVD, along with the Volume Unique Keys in memory found by Doom9 forum member Musilix64, is able to isolate private keys within AACS protected HD-DVD disks needed to crack them. The cracked HD-DVD movies have made their way to torrent sites and are now circulating the globe. Some minor playback glitches have been reported, however.

Dale's Comment: I want to be clear about something. I do not endorse piracy nor the use of BitTorrent to circulate pirated copies of HD-DVD content.

I do, however, believe the DMCA unfairly criminalizes the behavior of honest consumers wishing to exercise their "fair use" rights to make copies of and/or format shift copies of content purchased by the consumer for the consumer's own personal use.  The DMCA and the WIPO Copyright Treaty unfairly take away rights that U.S. consumers have under the fair use provisions of U.S. Copyright law. It is therefore understandable why consumers would choose to use software such as BackupHDDVD to exercise the rights the U.S. Copyright regime otherwise affords them. In my opinion it is copy-protection mechanisms such as AACS put in place by the content industry to penalize the activities of honest consumers that leads to massive piracy by the same consumers through BitTorrent and other P2P networks. As I've said here for years, treat honest consumers fairly and they'll purchase your products in record numbers. Treat them like criminals and they'll rebel.

Sources:  Engadget | ars technica | DigitalMusicWeblog

Continue reading “BackupHDDVD & Doom9 Forum Create End-to-End HD-DVD Crack?”

HD-DVD & Blu-ray Cracked?

Reports are coming in fast and furious that the AACS DRM system used by both HD-DVD and Blu-ray players has been cracked by someone with the codename muslix64. I had reported earlier on a possible brute-force print-screen method of cracking HD-DVD.

This new method seems to rely on a compromised HD-DVD player whereby muslix64 was first able to access the unique decryption keys for particular HD-DVDs. Then using those keys and his java-based BackupHDDVD program, muslix64 was able to implement the AACS decryption protocol as outlined at (the official AACS website) and play it back using standard HD-DVD play-back software (in this case PowerDVD 6.5 HD-DVD). 

Muslix64 says the tool works on his XBOX 360 external HD DVD player, but that the software would not be limited to just one specific player.

Continue reading “HD-DVD & Blu-ray Cracked?”

TiVo Decode Manager v1.0 Automates TiVo’s Cracked DRM on Macs

This was inevitable. I didn't expect it so soon.

Within days of TiVo's DRM being cracked, someone has automated the rather difficult to use TiVo Decode Manager and created an easy to use TiVo2Go application, without DRM, on Apple computers. The software automatically discovers local TiVos. With one mouse click shows are downloaded from the TiVo, DRM-free, to the Mac by episode, recorded date etc. The resultant Mpeg-2 files still need to be converted to a PC-usable format such as .wmv using a program like VLC. My guess is that it won't be long before the end-to-end process is fully automated.

Dale's Comment: I foresee TiVo-released DMCA take-down notices being sent to whoever controls (the site hosting the program) in the near future!

Sources: Engadget | PVR Wire

Related Posts:

TiVo’s DRM Reportedly Cracked

Gizmodo, Engadget and others are reporting that the folks at have successfully hacked the TiVo DRM using a program they call the TiVo File Decoder.

Dale's Comment: If true, expect a patch from TiVo soon! 🙂  Unfortunately for those of us waiting for the TiVo Series 3 software upgrade that was due out about now, my guess is we'll be waiting awhile longer while TiVo's engineers work at sorting this one out. 🙁

Sources: Gizmodo | Engadget | Engadget 2 | Crunch Gear | PVRWire | Megazone-TiVoLovers | PVRBlog | TiVoCommunity Forum | Daily Tech | ars technica

Related Posts:


Law Review Article – Microsoft’s War Waged with FairUse4WM

Text of Microsoft v. Viodentia Complaint (Sept 22, 2006)
Engadget replicates an article from the Columbia Science and Technology Law Review entitled "Microsoft's War Waged with FairUse4WM". It provides a good history of DRM circumvention, Microsoft's suit and the DMCA.

What's new to me from this piece is that Judge John Coughenour granted a motion request to subpoena e-mail providers Yahoo! and Google in search of Viodentia's identity. If that yields a relevant IP address, Microsoft is permitted to issue subpoenas to the ISP that operates or issued that IP address in order to determine the identity of Viodentia. Engadget says Viodentia claims to live outside of the U.S. If this is true, none of these subpoenas should amount to anything.

Soucrces: Engadget

Related Posts:

Users Find Work-a-Round to Defeat 360 Marketplace Region Coding

If you follow Major Nelson’s (Larry Herb’s) day-to-day missives about what is available for download through the Xbox 360 Marketplace, you’ll note that many arcade games, game demos, trailers and other downloadable content is only available in certain regions of the world. This has lead to much consternation among Microsoft’s international customers. But the issue was brought to a head recently when, for the first time, North American XBox Owners were initially restricted from downloading a Rainbow Six: Las Vegas demo that was available for download by European users. This doesn’t happen very often to U.S. customers.

As a result, some clever users found a way around Microsoft’s XBox 360 region-specific MarketPlace download restrictions. You can read about them in the linked articles below.

Dale’s Comment: Just as Sony had legitimate legal reasons for opposing Lik-Sang’s import of PSP systems into the UK, no doubt Microsoft has legitimate legal reasons for restricting access to content on a country by country basis. For example, game publishers/developers that provide downloadable content to Microsoft probably have granted exclusive distribution/marketing and other rights to that content in the prohibited regions to others. My hope/expectation is that over time licensing and distribution deals will be structured to recognize the increasingly globalized nature of the market so as to anticipate and, indeed, facilitate global distribution/downloads without this kind of constraint.

Sources: Gizmodo | SAGN

Google Torrents

As the RIAA systematically works to shut down Torrent Sites around the Internet, some enterprising person at Digg Torrents found a way to use Google to search for and download torrent files. Torrent files are small files containing the data used by BitTorrent clients to locate the specific content (ie: a video, a document, music etc.) available for downloading from other BitTorrent users at that particular moment in time.

[Nov 18 Update: Since I first posted this, the service has changed its name from Google Torrents to Digg Torrents and moved to the new URL linked-to below. The name has changed but the use of Google to find torrents has not.]

Sources: Digg Torrents

Related Posts:

Microsoft Sues Viodentia – Viodentia Responds with a Software Update

  Text of Microsoft v. Viodentia Complaint (Sept 22, 2006)
Microsoft filed a lawsuit in federal court against "John Does 1-10," for breaking their PlaysForSure DRM software. Viodentia – the pseudonym for the person that created FairUse4WM is, of course, the prime target for this lawsuit. Viodentia's response was to issue version 1.3 of the DRM-cracking software.

Law Suit Story Sources: Engadget | ars technica | ZDNet | | CNet | DRM Watch

Engadget Interview with Viodentia (pre-lawsuit): Engadget

Viodentia Response to Lawsuit: Engadget

Related Posts:

Who Needs Kazza or eDonkey when You Have Google?

The recording industry has successfully shuttered several peer-to-peer networks of late. To what end? This recent entry demonstrates how easy it is to find and download almost any music without DRM restrictions using a simple Google search. What's more, there is no way that I know of for such downloads to be traced by the means currently employed by the RIAA. No P2P application installations are needed, no attendant spyware, no messy port forwarding, no TPM circumvention is involved, just a simple Google search and download.

Dale's Comment: The RIAA can feel self-satisfied that it is successfully shuttering P2P Networks and ratcheting four digit settlements out of hapless P2P users unwilling or unable to fight the thousands of recent RIAA lawsuits, but until the content industries realize that they need to provide a fair way for honest users to purchase downloadable content, there will always be alternative ways for end users to pirate DRM-free content. The content industry needs to realize and accept the fact that there will always be some amount of piracy. Once it accepts this fact, it can turn its attention to providing first-rate and fair download services that meet the legitimate needs and expectations of honest people. Until they do, there's always Google, or the next new thing. Here's a terrific and topical EFF Article: The Consumer is Always Wrong: A User's Guide to DRM in Online Music.


Web Sites that Automate this Google Search: CyberWyre | G2P Tyoogle

Related Posts:

Michael Geist Concludes 30 Days of DRM

Version of 30 Days of DRM
Canadian Copyright reform is in the air. In anticipation of possible legislative action this fall, Michael Geist’s 30 day series of daily articles “30 Days of DRM” has come to an end. While he ultimately argues, as I do, that it would be preferable NOT to adopt
DMCAlike anti-circumvention legislation in Canada, the Conservative government may succumb to the copyright lobby. These articles, which are quite good, propose limitations that should be included in any such Canadian DMCA-like legislation to fairly protect Canadian consumers and to guard against the multitude of problems created by the U.S.’s enactment of anti-circumvention measures in the U.S. Digital Millennium Copyright Act.

30 Days of DRM:
Day 1 – Linking Copyright and Anti-Circumvention (Markets)
Day 2 – Region Coding (Markets)
Day 3 – Oversite of DRM Misuse (Markets)
Day 4 – DRM Misuse Sanctions (Markets)
Day 5 – DRM Labeling and Consumer Awareness (Public Protection)
Day 6 – Interoperability (Public Protection and Markets)
Day 7 – DRM-Free Library Deposits (Public Protection)
Day 8 – Privacy (Circumvention Rights)
Day 9 – Reverse Engineering (Circumvention Rights)
Day 10 – Security Research(Circumvention Rights)
Day 11 – Involuntary Installation of Software (Circumvention Rights)
Day 12 – Research and Private Study (Circumvention Rights)
Day 13 – Criticism, Review and News Reporting (Circumvention Rights)
Day 14 – Private Copying (Circumvention Rights)
Day 15 – Artistic Access (Circumvention Rights)
Day 16 – System Repair (Circumvention Rights)
Day 17 – Broken or Obsolete Technology (Circumvention Rights)
Day 18 – Backup Copies of Software (Circumvention Rights)
Day 19 – Backup Copies of Digital Consumer Products (Circumvention Rights)
Day 20 – Public Domain (Circumvention Rights)
Day 21 – Print Disabilities Circumvention Rights)
Day 22 – Libraries (Circumvention Rights)
Day 23 – Education Institutions (Circumvention Rights)
Day 24 – Time Shifting (Circumvention Rights)
Day 25 – Statutory Obligations (Circumvention Rights)
Day 26 – Investigation of Concealed Code (Circumvention Rights)
Day 27 – Government Works (DRM Policy)
Day 28 – Review of New Circumvention Rights (Circumvention Rights)
Day 29 – No Ban on Circumvention Devices (Foundation Issue)
Day 30 – Prohibition on Contractual Circumvention of Rights (Foundation Issue)
30 Things You Can Do

Source: Michael Geist’s 30 Days of DRM Page

Microsoft Issues Takedown Notices for Sites Hosting FairUse4WM

Microsoft has begun sending out boilerplate cease and desist orders to web sites hosting the DRM Circumvention Tool FairUse4WM.

Sources: ars technica | Engadget | Warez | Inquirer

Related Posts:

Microsoft & Viodentia Play Cat & Mouse with DRM-Circumvention Tool FairUse4WM

Microsoft has been playing cat and mouse with the creator of FairUse4WM, a lone programmer who calls himself Viodentia. FairUse4WMV was first released by Viodentia on the Internet on August 19. Engadget first broke the story on August 25th. Microsoft released its first fix on August 28, but that was thwarted three days later by the release of an updated version of FairUse4WM. As of this posting, no new Microsoft fix has been released. In the mean time broadcaster BSkyB has stopped its broadband movie download service until Microsoft secures its DRM system. Other content download services such as Movielink, RealNetworks and MTV's Urge service use Microsoft's PlayforSure technology and are equally vulnerable.

Sources: New York Times | CNet News | Top Tech News | L.A. Times (AP) | CCRC | ZDNet Blogs | Times of India | Engadget | ZDNet | WindowsITPro | Ireland Online | Inquirer | | Physorg | DailyTech

BSkyB Suspends Use of Microsoft DRM: Times Online | The Register

Related Posts:

Hymn is Back with QTFairUse in an Ongoing Tit-for-Tat with Apple Over iTunes DRM

In the last few weeks both iTunes Fairplay DRM and Microsoft's PlayForSure DRM have been under a tit-for-tat attack by QTFairUse6 and FairUse4WM respectively. Within hours of Apple's updated iTunes 7.0 to counter an earlier version of QTFaireUse6, a new version 2.3 was released to counter the update. QTFAirUse6 strips songs purchased through iTunes 7 of their DRM permitting honest Apple music purchasers to play their music on any device of their choosing.

Sources: ars technica | CD Freaks | SDA India | Inquirer | ZDNet Blogs | macnn | Wired Blogs

Earlier Pre-iTunes 7.0 Launch Stories About Emergence of QTFairUse6: Engadget | ars technica | ZDNet | ipodnn | CNet | Information Week | iTnews | CD Freaks | Tech Web | Macworld | Inquirer

Related Posts:

Microsoft’s PlayForSure DRM Successfully Hacked

Like Hymn did to iTunes' "FairPlay" in the past, FairUse4WM does to Microsoft's PlayForSure DRM. Engadget and others are reporting that FairUse4WM successfully strips out Windows Media Player's DRM 10 and 11, but not DRM 9. There is little doubt that Microsoft will quickly address this issues as Apple did before it (see "Apple Brings Discord to Hymn" on January 13, 2005).

Dale's Comment: With Hymn, the purchaser of music was able to strip out iTunes copy-protection technology so that the purchaser can exercise their fair use rights with their purchased content on any device. To the extent FairUse4WM does this for purchased content I believe the law should permit its use. However, use of FairUse4WM on songs accessed through music subscription services (such as Napster) hardly seems fair. The idea behind these services is that users are paying for short term rentals only – not purchases. As such, there is no credible fair use argument that can be made in the music rental case. The user is not purchasing the songs and therefore has no fair right to continue using the music after the subscription period is over. While I oppose DMCA-like Technological Protective Measures (TPM) restrictions on the consumer's use of content that is purchased by consumers, contrary to argument made in Engadget's open letter to Mirosoft, I wholly support it in the context of content rented by consumers via subscription services. In any event, I suspect like Apple before it, Microsoft will quickly send out a patch to nullify FairUse4WM.

Sources: Engadget | Engadget 2 (open letter to MS) | Gizmodo | eHomeUpgrade | techdirt

Related Posts:

HD-DVD and Blu-ray Reportedly Successfully Hacked via PrintScreen

Like DVD's CSS before it, it appears that HD-DVD and Blue-ray have, at least partially, been successfully hacked by a relatively low-tech means that has been discussed in various Internet forums for the last few weeks. Specifically, Windows' PrintScreen function was used by a scripting program to capture each frame of both an HD-DVD and a Blu-ray movie. The resulting approximately 162,000 frames were stitched together in real time to create a viewable 324 GP HD movie. No word yet on whether they were able to successfully synchronize the movie's audio with the resultant movie. Presumably, this process could be further refined to compress the resulting file to a more manageable size. 

[January 1, 2007 Update:  Paul Thurott mentioned on one of his late 06 or early 07 Windows Weekly podcasts that Vista has disabled the "print screen" function when HD-DVD and Blu-ray movies are played at full resolution within Vista – thus removing this hack possibility from Vista-based PCs. But, this is hardly a solution. All it takes is for one person using an XP-based PC to hack an HD title in this way and it will be circulating the globe within minutes through BitTorrent and other P2P technologies.]

Sources: ars technica | HDTV UK

Related Posts:

iTunes Locks out DRM-Free Purchases – Breaks PyMusique

Apple closes a "security hole" in the iTunes music store that allows users to purchase songs without DRM attached.

Dale's Note: Several days after this announcement the next version of PyMusique was released, defeating iTunes again. PyMusique has since been superceded by SharpMusique.

Sources: PC World | Engadget | The Register | Wikipedia's "PyMusique" Entry

Related Posts:

Apple Brings Discord to Hymn

In another tit-for-tat move, Apple's iTunes 4.7.1 breaks the anti-DRM utility Hymn.

Sources: The Register | GizModo | Wikipedia |

Related Posts:

Apple Blocks Music Sales to Older iTunes – Forces Upgrade to Copy-Degraded Version

As it had said it would, Apple Computer is forcing customers using older versions of iTunes to upgrade to recent versions if they want to purchase music online. The company quietly disabled support for iPodDownload, a program that let customers copy music from an iPod into their iTunes library.

Source: ZDNet

Related Posts:

Hacker Takes Bite out of Apple’s iTunes

The Norwegian hacker famous for cracking DVD encryption says he has cracked Apple AirPort Express. Jon Lech Johansen has revealed the public key that Apple AirPort Express, a wireless networking protocol, uses to encrypt music sent between iTunes and a wireless base station.

Source: CNet

Related Posts:

Is Real’s Hacking of iPod Legal?

Code-crackers risk fines and prison time when they defeat copy-protection technology, but such draconian rules likely don't apply in the case of RealNetworks and its iPod "hack," legal experts said.


Related Posts:

RealNetworks Breaks Apple’s hold on iPod

Real Networks announced that it has unlocked some of Apple Computer's most tightly held technology secrets, giving its music a way onto the popular iPod digital music player.

Source: ZDNet

Related Posts:

iTunes DRM cracked wide open for GNU/Linux.

Norwegian programmer Jon Lech Johansen, who broke the DVD encryption scheme, has opened iTunes locked music a tad further, by allowing people to play songs they've purchased on iTunes Music Store on their GNU/Linux computers.

Source: The Register

Related Posts: