I've been reading the things you've found out this far, and am pretty impressed. Well, I've been looking at the software side of things, and have found out a bunch of things. Although I dont have a HiMD myself (I have an older netmd player), I'm interested in 'cracking' the encryption used by OpenMG. Really, I'm interested in 'fixing' the PC identifier it creates. Basically, so once the patch is applied, all .omg / .oma files it creates from that point forward, on any PC running the patch, have an identical ID (so you could copy a file between PCs / devices and the programs think it's all the same). Anyway, I'm not into the hardware side of things much, but I've been looking at the software side. Again, I only have a NetMD device, so the stuff I describe might be different or unrelated, but I think it's pretty close. I looked at Simple Burner for this experiment. It seems to start the conversion process by doing some stuff in OmgPcMan.dll. (PC I figured to mean Protected Content) This is a COM DLL, it handles the conversion and management of data at a very abstract level. Really, all it does up front is return instances to interfaces in omgconv2.dll. Ultimately, I traced everything down to Salwrap.dll. This is the core of the encryption technology. It generates all the error messages like the "OpenMG oh my god!!" that we all have seen. (BTW, that message seems to come up a lot when you tamper with the maclist files, and some of the other files as well) Also, it seems that those .ocm files perform the actual conversions. However, they aren't valid DLL files as we expect. I'm figuring that they're some sort of packed code that the salwrap.dll unpacks and runs to handle everything. Basically, if you want to disable the encryption, salwrap.dll is the place to look. Oh yes: It's the DLL that causes stuff to crash when a debugger is run. So in short, most of the other DLLs are just COM objects that eventually marshal everything down to that salwrap.dll. As for the device side of encryption: NetMD (old ones) don't seem to have it, AFAIK. (Well, you can't copy data to PC again). I have no clue how HiMD transfer-to-PC works, or how the encryption works, other than what I see here. Just thought I'd share my findings on the software side of things.