You will be redirected back to your article in seconds

It’s hacked, but will it be sacked?

New copy-protection scheme grapples with first attack

Muslix64 may become the “DVD Jon” of the hi-def era.

That would be Jon Johansen, the then-16-year-old Norwegian hacker who in 1998 was the first to publish DeCSS, a few lines of computer code that effectively circumvented the copy-protection on DVDs.

His exploits earned him two criminal prosecutions in Norway (he was acquitted both times) and a starring role on a U.S. witness stand in the first major court test of the Digital Millennium Copyright Act.

It also made Johansen a digerati folk-hero.

Now comes Muslix64, who on Jan. 2, became the first to publish instructions for circumventing AACS, the supposedly unbreakable copy-protection used on HD DVD and Blu-ray discs.

By Jan. 13, the first pirated HD DVD, Universal’s “Serenity,” was posted online.

At least on a surface level, this appeared to be devastating news to the studios, some of which saw the development of next-generation hi-def discs as a way to fix the copy-protection problems they’d long grappled with on standard-def DVD.

“We got screwed on DVD,” noted one studio official back in 2002 during the preliminary meetings that led to the development of the Blu-ray format.

Since Muslix64’s first posting, AACS decryption keys have been uncovered for nearly 100 pics using Muslix64’s cheat, with the results published on the Internet for all to use.

Besides “Serenity,” that’s led to a few other hi-def movies showing up on peer-to-peer networks, although how many people are actually downloading the massive computer files — which take up about 20 gigabytes — is unknown.

A mam or a sir?

Finding a way around AACS actually took the hackers less time than it took to crack CSS, leading many on the Doom9.net forum (and other places where hackers gather online) to liken Muslix64’s work to that of the legendary DVD Jon.

Muslix64 himself, in his only published interview, was more modest in his claims.

“I really respect the work of DVD Jon and his friends,” the hacker told Slyck.com. “They do more than me. They had to reverse a cipher! I didn’t have to reverse anything. So technically speaking, it was easier to bypass AACS than CSS.”

Whether his (or her) exploits will earn Muslix64 the same sort of legal attention it earned Johansen remains to be seen.

Michael Ayers, a spokesman for the AACS Licensing Authority, says the group does not yet know who Muslix64 is or where in the world this person is based. But he would not rule out taking legal action against the code cracker if he or she is successfuly tracked down.

“We have a variety of legal and technical steps we can take,” Ayers says. “One step could be an effort to find out legally who he is and to bring charges against him.”

Just how serious a breach Muslix64’s work represents remains a matter of debate within the industry.

“I guarantee you there are much better (pirated standard-def) versions of our movies available on the Internet,” says Universal homevid exec VP Ken Graffeo, noting that some of the illicit HD DVD movies have been “full of chops” and are difficult to play.

Besides, Graffeo adds, unlike the copy protection found on standard-def DVDs, AACS is designed as a fluid system that can be updated and patched.

Locks and keys

According to Ayers, the basic encryption algorithm used in AACS remains unbroken.

AACS is a multilayered system. Blu-ray and HD DVD players are issued a set of digital keys, and individual movie titles are issued their own discreet keys, too. When the disc is inserted, the player uses its device keys to decrypt the title key, then uses the title key to decrypt the movie for playback.

After the industry’s experience with DVDs, where cracking the encryption left all discs vulnerable to ripping, AACS was designed to recover from just the sort of attack mounted by Muslix64.

Once the type of player used in an attack is identified, its device keys can be “revoked,” and discs pressed afterwards can be set not to give up their title keys to those players.

How quickly the system can be made to respond, however, is one of the questions being posed by the Muslix64 attack.

In the nearly six weeks since Musilix64 posted his or her work-around, no official action has been taken by AACS, apart from confirming the breach.

Officials for InterVideo — the company that made the hacker’s DVD playback software — say they’ve taken “voluntary steps” to address the problem, but they haven’t explained what those steps are.

Simply revoking the device keys could end up disabling the players of consumers who have done nothing wrong.

“There are a lot of steps that have to happen,” Ayers says. “You have to confirm what happened, you have to identify the player involved, then you have to design a response that will work and test that response. All of that takes time.”

Paul Sweeting edits Variety’s new sister Web site, Content Agenda.

Popular on Variety

More Scene

  • Lowell Smokes Cafe Marijuana

    With Cannabis Lounges, On-Site Consumption, Marijuana-Infused Meals Go Legit

    Can this century’s Roaring ’20s repeat history but with pre-rolled joints instead of whiskey flasks and soccer moms as the new flappers? This month, West Hollywood will see the opening of the nation’s first at least quasi-legal cannabis consumption lounge, officially dubbed Lowell Farms: A Cannabis Café, located at 1211 N. La Brea between Fountain [...]

  • Elizabeth McGovern, Laura Carmichael, Jim Carter,

    'Downton Abbey' Movie Sequel? Producers Tease That They Have 'Some Ideas'

    “Downton Abbey” holds the record as the most-nominated international show at the Emmy Awards with 69 nominations and 15 wins — and now, it stands a chance to nab an Oscar. More than three years after the beloved series signed off the air following six critically-acclaimed seasons, “Downton Abbey” is making its big-screen debut. “It [...]

  • Thandie Newton and Regina King70th Primetime

    Emmys 2019: The Ultimate Party Guide

    The 71st annual Emmy Awards may be going hostless this year, but that doesn’t mean the big night will be any less of a celebration. For all the details on the biggest bashes happening this week and throughout the weekend, check out Variety‘s Ultimate Emmys Party Guide below. Tuesday, Sept. 17 Variety’s Showrunners DinnerEveleigh, 7:30 p.m [...]

More From Our Brands

Access exclusive content