Stories
Slash Boxes
Comments

SoylentNews is people

Google Takes Down Repositories that Circumvent its Widevine DRM

posted by martyb on Sunday November 15 2020, @01:46AM   Printer-friendly
from the closing-the-barn-door dept.

takyon writes:

Google Takes Down Repositories That Circumvent its Widevine DRM

GitHub has removed several repositories that helped to bypass Google's Widevine DRM, which is used by popular streaming services such as Netflix and Amazon. Google requested the code to be removed as it would violate the DMCA. The company also sent a sensitive data takedown request for the associated RSA key which, ironically, remains easy to find through Google.

[...] The code, originally published by security researcher Tomer Hadad, is a proof-of-concept code Chrome extension that shows how easy it is to bypass the low-security ["L3" version of Widevine Digital Rights Management]. Google was aware of this vulnerability and previously informed Krebs on Security that it would address the issue.

[...] Google sees the code, which was explicitly published for educational purposes only, as a circumvention tool. As such, it allegedly violates section 1201 of the DMCA, an allegation that was also made against the youtube-dl code last month.

[...] This 'key controversy' is reminiscent of an issue that was widely debated thirteen years ago. At the time, a hacker leaked the AACS cryptographic key "09 F9" online which prompted the MPAA and AACS LA to issue DMCA takedown requests to sites where it surfaced.

DMCA: Digital Millennium Copyright Act
DRM: Digital Rights Management
AACS: Advanced Access Content System
MPAA: Motion Picture Association of America
AACS: Advanced Access Content System
AACS LA: https://en.wikipedia.org/wiki/AACS_LA

Original Submission

 
This discussion has been archived. No new comments can be posted.
Google Takes Down Repositories that Circumvent its Widevine DRM | Log In/Create an Account | Top | 21 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Insightful) by Anonymous Coward on Sunday November 15 2020, @02:20AM (2 children)

    by Anonymous Coward on Sunday November 15 2020, @02:20AM (#1077476)

    What's to stop someone from hosting it in a country where the DMCA doesn't apply, i.e anywhere outside the USA? Granted there are non-USian lickspittles that roll over for the MPAA and their purchased laws (Hi, NZ! The target might not be an angel, but we still remember what you did in 2012!), but there are bound to be some countries with a little backbone.

    Starting Score:    0  points
    Moderation   +3  
       Insightful=2, Interesting=1, Total=3
    Extra 'Insightful' Modifier   0  
    Total Score:   3  

  • (Score: 2, Interesting) by Anonymous Coward on Sunday November 15 2020, @02:38AM

    by Anonymous Coward on Sunday November 15 2020, @02:38AM (#1077477)

    Hosting "it" is not hard. Hosting all of it, i.e. making a DMCA-ignoring GitHub, requires a country that respects freedoms (aka does not give a shit about piracy). New Zealand is compromised, try Russia, Ukraine, or the Netherlands.

  • (Score: 1, Insightful) by Anonymous Coward on Sunday November 15 2020, @11:51PM

    by Anonymous Coward on Sunday November 15 2020, @11:51PM (#1077695)

    Hosting risk due to fascists. Another reason why we should move a distributed web [ipfs.io]