AACS Attack: a Clear and Present Danger to DRM
January 26, 2007
The overwhelmingly successful attack against HD DVD and Blu-ray represents several well-entrenched facets of the online community. Perhaps most important is the inherent cooperation that manifests itself against a seemingly common enemy - DRM (Digital Rights Management.) Attached to this cooperation are the vast resources of the online community: primarily its virtually unlimited supply of talent, intellect, and most importantly, its rapid response to a commonly perceived threat.
It therefore comes as little surprise that muslix64's exploit of AACS, an attack that merely involves circumventing the copy-protection mechanism, has been downplayed extensively. According to AACS spokesman Michael Ayers, because of the current technology requirements necessary to obtain, download, and play an exploited high definition movie, the threat is currently limited in nature.
"The large size of the files and the high cost of writable hi-def discs make large-scale copying of high-definition DVDs impractical, but the attacks on the new format echo the early days of illegal trafficking in music files," Ayers said on Thursday.
“Impractical” is a strong word to describe the motivation of the file-sharing community. On AACS' homepage
, which interestingly enough is splashed with a logo that reads "Share the vision", the attack is further downplayed in a statement released yesterday.
"AACS LA has confirmed that AACS Title Keys have appeared on public web sites without authorization. Such unauthorized disclosures indicate an attack on one or more players sold by AACS licensees. This development is limited to the compromise of specific implementations, and does not represent an attack on the AACS system itself, nor is it exclusive to any particular format."
However as muslix64 stated in an interview with Slyck.com, his exploit indeed is an attack on AACS - as AACS' strength is limited by its peripheral implementation.
"People say I have not broken AACS, but players. But players are part of this system! And a system is only as strong as his weakest link. Even if players become more secure, key extraction will always be possible."
In other words, one could argue that AACS has not been attacked directly - which in the strictest and most literal interpretation is true. However this is much like saying four stolen tires is not an attack on a car's engine. Either way, the individual is stuck - and like AACS, it has been merely ignored in exchange for the ultimate goal. In many ways, not attacking AACS directly is much worse than a direct assault, as it highlights the irrelevance of this once highly regarded copy "protection" scheme.
This story is filed in these Slyck News categoriesFile-Sharing/P2P Related :: DRMYou can discuss this article here
There has also been a tendency to downplay the exchange and distribution of high definition content online. The logic behind this suggests that because of the large file size of high definition movies, typically between 15 gigabytes and 30 gigabytes, it is "impractical" to share these movies online. Again, this has some truth - if more mainstream file-sharing applications such as BitTorrent were used.
However as many file-sharers are rediscovering Usenet, the limitations imposed by BitTorrent are rendered obsolete. Because of Usenet's ultra-fast and direct nature, the amount of time needed to download a 20 gigabyte movie is not exceptional. The arguments of impracticality, which echo the same arguments used for DVD rips and XviDs, are slowly disintegrating. Those on high speed cable connections can generally expect to download such large files after a good night's sleep.
The threat to AACS and DRM in general is indeed grave. Bandwidth speeds are increasing steadily as are hard drive storage capacities. Although HD DVD and Blu-ray hardware is currently expensive, this too will change in the near future. However, many file-sharers take a “slash and burn” approach to their downloading habits, as they prefer to simply download a movie and store it on their hard dive rather than burn it to disc. From there, a compromised high definition movie can be simply exported to a computer monitor or HDTV.
There’s no denying that high definition movies are being exchanged online as this article is being written. Usenet is the primary delivery mechanism at this point, and the number of available titles is increasing daily. While the practice of engaging in HD file-sharing currently represents the fringes of the P2P community, remember the first MP3 first showed up on the newsgroups in the not so distant past.
- 17 replies