Security researcher: Ultra HD Blu-ray ‘friendly’ drives collect and transmit data about rips

Faybert

Level 24
Thread author
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
So-called Ultra HD (UHD) Blu-ray ‘friendly’ drives send data to a server when the drive is used to rip discs. The application responsible for data collection and submission of the data, appears to be loaded from a hidden partition on UHD Blu-ray discs, that can only be seen with UHD Blu-ray ‘friendly’ drives.

A security researcher that goes by the alias sl00f04 contacted us about the issue. He has been analyzing Windows 10 telemetry data for the last couple of weeks because of privacy concerns. He noticed that every time he had ripped an UHD Blu-ray disc, his computer ‘phoned home’ to a specific server that appears to be operated by the AACS-LA. The server seems to be collecting ‘Extended Telemetry’ (E.T.) data when phoning home through an encrypted connection.

For monitoring telemetry data, sl00f04 uses software called Fiddler. This software offers the ability to decrypt HTTPS. This is possible as the Fiddler website explains, “Fiddler2 relies on a man-in-the-middle approach to HTTPS interception. To your web browser, Fiddler2 claims to be the secure web server, and to the web server, Fiddler2 mimics the web browser. In order to pretend to be the web server, Fiddler2 dynamically generates an HTTPS certificate.”

This ensured sl00f04 could not only monitor encrypted telemetry traffic from Microsoft, but also the encrypted traffic to the AACS-LA operated server. The servers appear to be collecting the software used for the UHD Blu-ray rips, the firmware and drive, the disc and specific details of the computer such as IP address, longitude and latitude (when available), to which network the computer is connected and the drive used for the rips and its firmware version. Also, the total number of discs ripped on the computer is collected and transferred.
.......
.......
.......
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top