I'm a little confused if this line of attack will be a massive gain.
Essentially it seems that by finding the device key you will be able to get the volume key directly without the need to do a memory dump while the player is playing it.
However if AACS take action against the compromised player they should start issuing new discs with a MKB file that does not contain the Media Key encrypted with the compromised player device key. Therefore the player could try and paly the media but it would not be able to decrypt it. Likewise any decryption utility using that device key would fail.
It got me thinking about what is in a Media Key Block file. Presumably AACS have generated all the device keys for all future players and when a new player is developed the AACS will release a key to that player. Also all discs (and all discs that have been made in the past) must have there media keys encrypted with the the total set of device keys. However the moment that a player is "revoked" then that device key is not used to encrypt future media keys.
In saying that it may take a long time for a key to get revoked. And the creation of a utility that can get the Volume Key without using a player would be nice as you don't need a VUK finder program. Don't want to discourage just want to check if my reasoning right
