The device used in the original blog post is an Amazon streaming box, playing back video from Amazon's streaming service. So that device absolutely can be updated with new revocation lists.
For Blu-Ray players, discs contain updated revocation lists and players are required to store the most recent list. So any time you buy a new movie, you update that list. The delivery mechanism for this list is actually way more insidious than just having a file on the disc that players need to copy. There's actually a whole virtual machine in every Blu-Ray player, called BD+.
You see, if you were to just decrypt AACS[0] video data on a commercial Blu-Ray, you'd actually get a corrupted data stream, because you need to also run the BD+ program to get the fixup tables to unscramble the decrypted data. BD+ also adds facilities for the BD+ program to authenticate the player, inspect the state of the player software, and even run native code to update your player. If you don't provide the correct data[1] to the BD+ program, you don't get your fixup table, so every licensed Blu-Ray player implements BD+ such that all the inspection and update functionality works as intended.
[0] AACS is the DRM scheme that encrypts Blu-Ray disc data. It's HDCP's fraternal twin.
[1] Much of which is cryptographically signed and verifiable by the BD+ program
For Blu-Ray players, discs contain updated revocation lists and players are required to store the most recent list. So any time you buy a new movie, you update that list. The delivery mechanism for this list is actually way more insidious than just having a file on the disc that players need to copy. There's actually a whole virtual machine in every Blu-Ray player, called BD+.
You see, if you were to just decrypt AACS[0] video data on a commercial Blu-Ray, you'd actually get a corrupted data stream, because you need to also run the BD+ program to get the fixup tables to unscramble the decrypted data. BD+ also adds facilities for the BD+ program to authenticate the player, inspect the state of the player software, and even run native code to update your player. If you don't provide the correct data[1] to the BD+ program, you don't get your fixup table, so every licensed Blu-Ray player implements BD+ such that all the inspection and update functionality works as intended.
[0] AACS is the DRM scheme that encrypts Blu-Ray disc data. It's HDCP's fraternal twin.
[1] Much of which is cryptographically signed and verifiable by the BD+ program