Blu-Ray Digital rights management (DRM)
The Blu-ray format employs several layers of DRM.
AACS
Blu-ray HD content is protected by the Advanced Access Content System (AACS) a standard for content distribution and digital rights management. It is developed by AACS Licensing Administrator, LLC (AACS LA), a consortium that includes Disney, Intel, Microsoft, Matsushita (Panasonic), Warner Brothers, IBM, Toshiba and Sony.
Since appearing in devices in 2006, several successful attacks have been made on the format. The first known attack relied on the trusted client problem. In addition, decryption keys have been extracted from a weakly protected player (WinDVD).
BD+
BD+ is effectively a small virtual machine embedded in authorized players. It allows content providers to include executable programs on Blu-ray discs. Such programs can:
* examine the host environment, to see if the player has been tampered with. Every licensed playback device manufacturer must provide the BD+ licensing authority with memory footprints that identify their devices.
* verify that the player's keys have not been changed.
* execute native code, possibly to patch an otherwise insecure system.
* transform the audio and video output. Parts of the content will not be viewable without letting the BD+-program unscramble it.
If a playback device manufacturer finds that its devices have been hacked, it can potentially release BD+-code that detects and circumvents the vulnerability. These programs can then be included in all new content releases.
The specifications of the BD+ virtual machine are only available to licensed device manufacturers.
BD-ROM Mark
The BD-ROM Mark is a small amount of cryptographical data that is stored physically differently from normal Blu-ray data. Bit-by-bit copies that do not replicate the BD-ROM Mark are impossible to decode. A specially licensed piece of hardware is required to insert the ROM-mark into the media during replication. Through licensing of the special hardware element, the BDA believes that it can eliminate the possibility of mass producing BD-ROMs without authorization.
Mandatory Managed Copy
Blu-ray Disc also mandates a Mandatory Managed Copy system, which allows users to copy content a limited number of times, but requiring registration with the content provider to acquire the keys needed; this feature was originally requested by HP.
AnyDVD HD
SlySoft have released AnyDVD HD which allows users to watch Blu-ray Disc movies on non-HDCP compliant PC hardware. The movies can be decrypted on the fly direct from the Blu-ray Disc or can be copied to hard disk. AnyDVD HD is also capable of automatically removing any unwanted logos and trailers. They have stated that AnyDVD HD uses several different mechanisms to disable the encryption, and is not dependent on the use of a single compromised encryption key.[citation needed] They have also stated that AACS has even more flaws in its implementation than CSS,[citation needed] rendering it highly vulnerable, but they will release no details for obvious reasons.
