[Infowarrior] - DVD Security Group Says It Fixed Flaws

Richard Forno rforno at infowarrior.org
Wed Apr 11 12:02:53 UTC 2007 

...and this improved version will be cracked in how many days???    -rf


DVD Security Group Says It Fixed Flaws
By Gary Gentile
Font Scale:
Posted 09 April 2007 @ 05:20 pm EST

http://ibtimes.com/articles/20070409/dvd-security.htm

The group behind security measures for next-generation DVDs said Monday it
has fixed a leak that allowed hackers to discover the keys for unlocking
movies on HD DVD and Blu-ray discs.

Makers of software for playing the discs on computers will offer patches
containing new keys and closing the hole that allowed observant hackers to
discover ways to strip high-def DVDs of their protection.

Digital rights management protection, or DRM, is intended to prevent copying
of the movies. Hackers working late last year and early this year were able
to observe computer code found on the PC-based DVD players and discover keys
that unlock protections on all high-def discs, so copies could be made.

On Monday, the group that developed the Advanced Access Content System said
it had worked with device makers to deactivate those keys and refresh them
with a new set.

Companies such as Corel Corp., which owns InterVideo, makers of a popular
PC-based playback software, will also distribute more secure versions, said
Michael Ayers, chairman of the AACS License Administrator.

"The device keys associated with the InterVideo player are being deactivated
and InterVideo has updated its player," Ayers said. "They are taking steps
that block off access to the inner workings of the application."

New high-def DVDs will include updated keys and instructions for older
versions of the PC-playback software not to play discs until the software
patch has been installed.

Corel has told users of its software that failure to download the free patch
will disable the ability to play high-def DVDs.

Stand-alone DVD players, such as the Toshiba HD DVD player and the Sony
Blu-ray player, are not affected by Monday's announcement. So far, no
problems have been found with their security.

Ayers said future assaults by hackers can be similarly fixed by replacing
compromised keys with new ones.

"AACS is a high-profile technology and is protecting high-profile content,
so we fully expect there will be future attempts," Ayers said.

More information about the Infowarrior mailing list