Hackers have exposed new hole in AACS encryption

Shortly after the AACS LA, which is responsible for AACS key assignment, put the compromised version of WinDVD player on the black list to prevent new movies from being played with this software, hackers have exposed a new hole in the security system for HD DVD movies. According to a posting in the Doom 9 forum, a hacker named xt5 has found a way to read out the volume ID, which is necessary for decryption, by using an unmodified Xbox 360 HD DVD drive(Toshiba SD-S802A), which can be connected to a PC via USB. This volume ID can be used to disclose all keys necessary for copying HD DVD movies without requiring player software such as WinDVD.

To close this new hole, AACS LA would have to put the Xbox 360 external HD DVD drive on the "revocation list", completely preventing the playing of HD DVD movies on this drive. However, it would be legitimate users who would suffer, while hackers could continue to use the drive to copy movies.

Alternatively, Microsoft or the drive vendor Toshiba could fix the vulnerability with a firmware update. Drives with a secure firmware update would not be put on the revocation list and users could continue to play HD DVD movies with these drives. However it is doubtful that such a firmware update would provide a permanent solution, since in the past, two hackers named arnezami and Geremia were able to modify the firmware of the drive to read out the volume IDs of movies, bypassing the AACS copy protection.

While no such hole has so far been detected for Blu-ray drives, corresponding postings in forums show that hackers are already searching for a similar vulnerability.

(mba)