Looking back over a few of the best-known hacks of the past decade, a few key points stand out. First, DRM schemes are like houses: they have many ways in. If the front door is locked, there might be an open window. If the windows are bolted, check for a house key under the fake rock by the geraniums. If the main floor is secure, do the unexpected—slide down the chimney.
The ingenuity shown by the various hackers is a testament to the creativity of the human spirit (and to the desire for unencumbered media). The CSS algorithm can be cracked by a brute force attack in a couple of days, but it’s the exception here. Most ciphers no longer succumb to brute force attacks in any reasonable amount of time, so hackers have looked for other ways to get at the content encrypted inside. Grabbing the key works well, but can be terribly complicated to do; sometimes it’s just easier to let the decryption code do all the work, then grab the unencrypted stream from memory.
Read this article from Ars Technica
*What is “Digital Rights Management“? Find out, and contribute what you know at the Whats New Media Wiki