Call it the St. Valentines Day massacre for HD copy protection. On Feb. 14, we picked up a story on yet another DRM crack published on the internet. But this time, rather than the crack of an individual HD-DVD or Blu-ray title, (see Jan 2 Display Daily) this crack involved the one universal AACS cryptographic key that will decrypt every Blu-ray and HD-DVD title - and more remarkably, it’s done without intruding on the copy protection scheme and therefore perfectly legal.

Steve Sechrist
Senior Analyst and Editor
Projection Monthly

Getting around the legal issue of encrypted content was not that hard. The compromised "media key" as it is called by AACS Licensing Authority, belongs to the player side of the encryption scheme. The hacker who goes by the name Arnezami realized that since decrypted content must reside in memory at some point in order for the film to play, the tools for decryption must be available (addressable) even if only for a brief time. In essence, the hackers are only using tools given to them by the AACS.

Arnezami then wrote a small program to dump a small area of memory incrementally, and examine each stream for changes. Voila, the media key appeared and in that instant - millions of dollars and years of software development were rendered moot. Adding insult to injury - it did not require reverse engineering or the breaking of a controversial (bad) law - that also must have cost Hollywood plenty in lobbying (and re-election) funds.

The AACS Authority is supported by Hollywood elites like Disney, Warner Bro’s, CE companies like Sony and Toshiba (proponents of the HD format wars) and other major players like Panasonic and Microsoft, who worked to make the system more robust than DVD encryption that was cracked in 1999.

However, it didn’t take long for word to get out big-time and the crack to go commercial. A company called SlySoft (www.slysoft.com) that publishes "AnyDVD" software has just made the move into HD and is now selling "AnyDVD HD" that, according to the company, "removes AACS encryption from HD DVDs, allowing users to play movies on non-HDCP compliant hardware." The software also allows the user to watch movies over a digital display connection without HDCP compliant graphics card and display.

As for the AACS, they’re "studying" the situation and are quiet for now. But make no mistake - their options are few.

The group could resort to its "revocation mechanism" and issue new player keys that would in effect revoke the keys of all existing players - a media key block (MKB), as they call it. New keys could be distributed through an on-line connection or with new HD discs that contain the required updates. But this will not solve the flaw in the mechanism and start the process all over again.

Also, it would create for the first time potential injury to HD content users who discover their legally purchased content is no longer working. This is just the circumstance consumer rights groups are looking for to set-up a legal challenge to the entire copy protection scheme.

Bottom line, and we’ve said it before, the system that assumes all customers are thieves wanting to steal HD content are attracting the very results Hollywood is trying to prevent. The bulk of HD consumers are honest, law abiding folks and will take the path of least resistance, choosing to pay a fair priced for content rather than steal it. The studios may eventually learn it is more profitable to simply focus on delivering fair-use content at a fair (much lower) price rather than investing in elaborate protection schemes that punish the innocent along with the guilty, and inevitably and ultimately fail. But don’t bet on it.