×
You will be redirected back to your article in seconds

It’s hacked, but will it be sacked?

New copy-protection scheme grapples with first attack

Muslix64 may become the “DVD Jon” of the hi-def era.

That would be Jon Johansen, the then-16-year-old Norwegian hacker who in 1998 was the first to publish DeCSS, a few lines of computer code that effectively circumvented the copy-protection on DVDs.

His exploits earned him two criminal prosecutions in Norway (he was acquitted both times) and a starring role on a U.S. witness stand in the first major court test of the Digital Millennium Copyright Act.

It also made Johansen a digerati folk-hero.

Now comes Muslix64, who on Jan. 2, became the first to publish instructions for circumventing AACS, the supposedly unbreakable copy-protection used on HD DVD and Blu-ray discs.

By Jan. 13, the first pirated HD DVD, Universal’s “Serenity,” was posted online.

At least on a surface level, this appeared to be devastating news to the studios, some of which saw the development of next-generation hi-def discs as a way to fix the copy-protection problems they’d long grappled with on standard-def DVD.

“We got screwed on DVD,” noted one studio official back in 2002 during the preliminary meetings that led to the development of the Blu-ray format.

Since Muslix64’s first posting, AACS decryption keys have been uncovered for nearly 100 pics using Muslix64’s cheat, with the results published on the Internet for all to use.

Besides “Serenity,” that’s led to a few other hi-def movies showing up on peer-to-peer networks, although how many people are actually downloading the massive computer files — which take up about 20 gigabytes — is unknown.

A mam or a sir?

Finding a way around AACS actually took the hackers less time than it took to crack CSS, leading many on the Doom9.net forum (and other places where hackers gather online) to liken Muslix64’s work to that of the legendary DVD Jon.

Muslix64 himself, in his only published interview, was more modest in his claims.

“I really respect the work of DVD Jon and his friends,” the hacker told Slyck.com. “They do more than me. They had to reverse a cipher! I didn’t have to reverse anything. So technically speaking, it was easier to bypass AACS than CSS.”

Whether his (or her) exploits will earn Muslix64 the same sort of legal attention it earned Johansen remains to be seen.

Michael Ayers, a spokesman for the AACS Licensing Authority, says the group does not yet know who Muslix64 is or where in the world this person is based. But he would not rule out taking legal action against the code cracker if he or she is successfuly tracked down.

“We have a variety of legal and technical steps we can take,” Ayers says. “One step could be an effort to find out legally who he is and to bring charges against him.”

Just how serious a breach Muslix64’s work represents remains a matter of debate within the industry.

“I guarantee you there are much better (pirated standard-def) versions of our movies available on the Internet,” says Universal homevid exec VP Ken Graffeo, noting that some of the illicit HD DVD movies have been “full of chops” and are difficult to play.

Besides, Graffeo adds, unlike the copy protection found on standard-def DVDs, AACS is designed as a fluid system that can be updated and patched.

Locks and keys

According to Ayers, the basic encryption algorithm used in AACS remains unbroken.

AACS is a multilayered system. Blu-ray and HD DVD players are issued a set of digital keys, and individual movie titles are issued their own discreet keys, too. When the disc is inserted, the player uses its device keys to decrypt the title key, then uses the title key to decrypt the movie for playback.

After the industry’s experience with DVDs, where cracking the encryption left all discs vulnerable to ripping, AACS was designed to recover from just the sort of attack mounted by Muslix64.

Once the type of player used in an attack is identified, its device keys can be “revoked,” and discs pressed afterwards can be set not to give up their title keys to those players.

How quickly the system can be made to respond, however, is one of the questions being posed by the Muslix64 attack.

In the nearly six weeks since Musilix64 posted his or her work-around, no official action has been taken by AACS, apart from confirming the breach.

Officials for InterVideo — the company that made the hacker’s DVD playback software — say they’ve taken “voluntary steps” to address the problem, but they haven’t explained what those steps are.

Simply revoking the device keys could end up disabling the players of consumers who have done nothing wrong.

“There are a lot of steps that have to happen,” Ayers says. “You have to confirm what happened, you have to identify the player involved, then you have to design a response that will work and test that response. All of that takes time.”

Paul Sweeting edits Variety’s new sister Web site, Content Agenda.

Popular on Variety

More Scene

  • 10 Storytellers to Watch

    Variety Celebrates Inaugural 10 Storytellers to Watch Event

    Storytellers from across the spectrum of entertainment — film, literature, podcasting and play writing — were honored Thursday at Variety’s inaugural 10 Storytellers to Watch luncheon at Gramercy Park Hotel, hosted with partner the Independent Filmmaker Project and presented by Audible. Honorees Nana Kwame Adjei-Brenyah, author of “Friday Black”; “Limetown” podcasters Zack Akers and Skip Bronkie; [...]

  • Demi Moore Corporate Animals

    Demi Moore Teases Upcoming Memoir 'Inside Out,' Talks 'Corporate Animals' Team Bonding

    As Demi Moore gears up for the Sept. 24 release of her autobiography “Inside Out,” the actress says she feels like a weight has been lifted. “Even the stuff that I may have been nervous about is completely lifting…because it’s a process,” Moore told Variety at the premiere of her upcoming film “Corporate Animals” at [...]

  • Connie Britton BlogHer Summit

    Connie Britton on ‘Friday Night Lights’ Remake: ‘You Need to Let it Go’

    Connie Britton opened up at a fireside chat Wednesday at the #BlogHer19 Creators Summit in Brooklyn by talking about one of her most beloved roles — Tami Taylor in the fan favorite series “Friday Night Lights.” When asked if a remake of the sports cult film and Emmy-winning TV show is in the works she [...]

  • Mariah Carey Tracee Ellis Ross

    Mariah Carey, Tracee Ellis Ross Celebrate Biracial Heritage at “Mixed-ish” Premiere

    Mariah Carey and Tracee Ellis Ross embraced their “ish” at Tuesday night’s series premiere event for ABC’s “Mixed-ish” by reflecting on how their biracial identity makes working on the new show even more personal. “I’m just so thankful that this show exists,” Carey told the assembled crowd during a Q&A with series creator Kenya Barris. [...]

  • #WorldIsInOurHands Campaign

    Rainn Wilson, Rosario Dawson, Joaquin Phoenix And More Join #WorldIsInOurHands Campaign

    At the 44th annual Toronto Film Festival last week, in addition to attending red-carpet premieres and promoting films, some stars also joined in the fight to tackle the climate crisis. Antonio Banderas, Susan Sarandon, Joaquin Phoenix, Rainn Wilson, Rosario Dawson, Neve Campbell and Alfre Woodard are among the bold-faced names to join forces with the [...]

  • Hopper Reserve

    Dennis Hopper's Dying Wish: His Own Strain of Marijuana

    Even as celebrity brands are starting to flood the emerging Cannabis market, Hopper Reserve stands out. The brand was launched by Marin Hopper, Dennis Hopper’s daughter from his marriage to Brooke Hayward. Hopper Reserve is a gram of California indoor-grown flower, two packs of rolling papers, a pair of matches and a trading card either [...]

  • Lowell Smokes Cafe Marijuana

    With Cannabis Lounges, On-Site Consumption, Marijuana-Infused Meals Go Legit

    Can this century’s Roaring ’20s repeat history but with pre-rolled joints instead of whiskey flasks and soccer moms as the new flappers? This month, West Hollywood will see the opening of the nation’s first at least quasi-legal cannabis consumption lounge, officially dubbed Lowell Farms: A Cannabis Café, located at 1211 N. La Brea between Fountain [...]

More From Our Brands

Access exclusive content