So-called Ultra HD (UHD) Blu-ray ‘friendly’ drives send data to a server when the drive is used to rip discs. The application responsible for data collection and submission of the data, appears to be loaded from a hidden partition on UHD Blu-ray discs, that can only be seen with UHD Blu-ray ‘friendly’ drives.
A security researcher that goes by the alias sl00f04 contacted us about the issue. He has been analyzing Windows 10 telemetry data for the last couple of weeks because of privacy concerns. He noticed that every time he had ripped an UHD Blu-ray disc, his computer ‘phoned home’ to a specific server that appears to be operated by the AACS-LA. The server seems to be collecting ‘Extended Telemetry’ (E.T.) data when phoning home through an encrypted connection.
For monitoring telemetry data, sl00f04 uses software called
Fiddler. This software offers the ability to
decrypt HTTPS. This is possible as the Fiddler website explains, “Fiddler2 relies on a man-in-the-middle approach to HTTPS interception. To your web browser, Fiddler2 claims to be the secure web server, and to the web server, Fiddler2 mimics the web browser. In order to pretend to be the web server, Fiddler2 dynamically generates an HTTPS certificate.”
This ensured sl00f04 could not only monitor encrypted telemetry traffic from Microsoft, but also the encrypted traffic to the AACS-LA operated server. The servers appear to be collecting the software used for the UHD Blu-ray rips, the firmware and drive, the disc and specific details of the computer such as IP address, longitude and latitude (when available), to which network the computer is connected and the drive used for the rips and its firmware version. Also, the total number of discs ripped on the computer is collected and transferred.
.......
.......
.......
