Sunday, November 02, 2008

Blu-Ray's BD+ security has been broken

According to Slashdot, BD+, one of the security schemes protecting Blu-Ray content, has been broken and can be removed to make Blu-Ray content freely copyable. Longtime observers of the HD DVD/Blu-Ray battle may recall that BD+ was an additional protection mechanism championed by 20th Century Fox in the event that the Advanced Access Content System (AACS), the baseline security system for both HD DVD and Blu-Ray, was ever cracked. The whole issue probably added a year to the HD DVD/Blu-Ray battle. AACS was broken last year, and now, BD+ is gone.

The consumer electronics companies and movie studios anticipated that both AACS and BD+ would eventually be broken, but they expected it to occur in years, rather than months. Now, the industry has to decide if and when to push out firmware updates for the Blu-Ray players already installed (as well as to slipstream new firmware into production). They also have to agree to the changes that have to be made to AACS and BD+ in order to make them secure again, yet keep them compatible with existing discs that have already been shipped. And, they have to face the fact that they'll probably both be broken again within a year.

My belief is that the industry knew that both methods would be broken, but hoped that they'd stay viable for at least five years, long enough for an orderly transition to downloaded and streamed video. The fact that they've now both been broken, and that the means of both breaks are publicly known and understood, makes them little more than window dressing, no matter how many times the industry updates firmware.
Reblog this post [with Zemanta]

No comments: