[HN Gopher] Microsoft PlayReady - Complete Client Identity Compr...
___________________________________________________________________
Microsoft PlayReady - Complete Client Identity Compromise
Author : tithe
Score : 173 points
Date : 2024-05-09 13:53 UTC (9 hours ago)
(HTM) web link (seclists.org)
(TXT) w3m dump (seclists.org)
| earth-adventure wrote:
| So this is pretty much about breaking the client side DRM, with a
| bad side effect of abusing someone else's Identity (as used
| within the DRM context) for nefarious purposes. Did I understand
| this correctly?
| repelsteeltje wrote:
| Yup.
|
| Basically the means to forge an authenticated cookie.
|
| [Update]
|
| It's a bit more subtle: Having the keys to forge a license
| request and decrypt server response allows you to emmulate or
| re-implement a DRM client.
|
| Because the server is oblivious to this fake, it will respond
| as though it's taking to a genuine "secure" client thereby
| ultimately exposing the content decryption key.
| xurukefi wrote:
| The "client" whose "identity" is abused here is not an end
| user. A "client" in this context is a program or library that
| talks to the license servers and receives the content
| decryption keys. On my Windows machine I see a
| "Windows.Media.Protection.PlayReady.dll", which I guess is the
| client that they cracked. Maybe there are also other clients
| that are widely accepted by license servers.
|
| The attack essentially means that they could write a program
| themselves that acts as
| "Windows.Media.Protection.PlayReady.dll" to get decryption keys
| from a server. What will happen now is that Microsoft will
| deprecate the client and release a new one with new obfuscation
| and new keys. The license servers will start rejecting the old
| cracked client. And then people will crack the new client. And
| the cycle continues.
| nonrandomstring wrote:
| > The "client" whose "identity" is abused here is not an end
| user. A "client" in this context is a program or library that
| talks to the license servers and receives
|
| Thanks for the clarification.
|
| Otherwise people would be worried about being targeted and
| having "personal" keys tied to a financial account or online
| identity getting sold and used by others to access arbitary
| content.
|
| This seems kinda good news for concerned users, but even
| worse news for Microsoft.
| qingcharles wrote:
| Does PlayReady now require a secure enclave/TPM on your PC?
| Otherwise as you say, the only thing protecting the keys is
| obfuscation. This has been the same way all the way back to
| the first Microsoft DRMv1 in 1998 (?).
|
| The decryption keys have to be stored on your device so you
| can play your media or your game. So, the level of encryption
| is totally moot. The level of obfuscation is all that really
| protects the content.
| xurukefi wrote:
| With PlayReady, as with any other DRM scheme really, there
| are different tiers. There is SL2000, which is done
| completely in software (whitebox crypto), and there is
| SL3000, which does require a TEE. Which tier is requried
| for which type of content is driven by streaming provider
| or studio requirements. I think it is pretty common to
| allow content up to 1080p to be used with whitebox crypto,
| whereas 4k+ content will require hardware DRM.
| zeta0134 wrote:
| > In that context, this is vendor's responsibility to constantly
| increase the bar and with the use of all available technological
| means.
|
| Or the vendor could just let me consume the content I paid for in
| whatever player I like. Which is what happens anyway, as this
| sort of DRM is always breakable. If the media consumer can view
| the content at all, they can simply record that output and re-
| encode in a more convenient storage format.
| repelsteeltje wrote:
| Yes, there is always the analogue loophole. And opening
| cryptography toolbox to control _how_ users consume content is
| a lost cause. Crypto can only protect contents from adversaries
| that don 't have the key. But here the paying user _is_ the
| adversary and the only way the DRM can paint the video on
| screen is through that key.
|
| So DRM boils down to security through obscurity. Turns out
| obscurity is hard, expensive and never works very well.
| Jerrrry wrote:
| Given how horribly all major companies, MS most certainly
| included, confuse authentication vs. authorization, this is
| almost certainly able to be paired with a 'vulnerable' (all)
| endpoint to retrieve/post/update player information.
|
| The horizontal pivot from DRM/crypto-managed Identity to a
| session token, an unassumingly-kosher redirect, or just omitting
| the "AUTHENTICATION" header itself is a trivial exercise for the
| common script kiddie.
|
| This is how exploit chains get a foot-hold, and "secure" accounts
| get compromised like it was 2010 again.
| nonrandomstring wrote:
| And it paints an even bigger target on domestic Windows
| machines used for media content.
|
| Who wants to "steal" their _own_ keys?
|
| Microsoft's broken DRM scheme creates objects of value which it
| then tries to store on the client's machine deliberately beyond
| the owners control and security management. It is adversarial
| to the user. This is clearly a no-win situation... hence the
| snarky sign-off about vendors "raising the bar", basically
| saying; Good luck with that! It really seems quite unhinged.
|
| So now there is collateral damage: - A motive
| to hack Windows machines to steal content keys. - A
| misuse of "identities" through a market in stolen keys
| - Pivots (as parent says) to other malware vectors
|
| So, predictably, because of DRM, Microsoft Windows is now an
| even more dangerous and insecure system. Why do people persist
| chasing this unnecessary, pathologically involuted
| technological misadventure? Surely "controlling and monitoring
| peoples content" is not a hill worth dying on?
| Jerrrry wrote:
| I'd agree, but licensed content can be revoked - MS is pretty
| good at publishing digests of "known-compromised"
| ID's/Serials/Private Keys.
|
| I'd be more concerned about any other, more important facets
| of a user's account/assets/property that assumes the DRM is
| secure, and leans on that.
| amaccuish wrote:
| I don't understand a word you've said.
| Jerrrry wrote:
| Find an endpoint that checks the validity of the DRM token
| they have broken.
|
| See if that endpoint just hinges on that DRM token, since its
| crypto-secure, why check any other fields?
|
| Spoof other fields.
|
| 10k+ 0-day exploit.
| londons_explore wrote:
| Is there any video DRM scheme which successfully protects video
| content appearing on the pirate bay within 24 hours?
|
| I really don't see why so many millions (billions?) of dollars
| have been spent on technologies which so far have never kept the
| bad guys out.
| makin wrote:
| Denuvo mostly works. Allegedly they have a custom approach to
| each new game, so cracks can take months to appear, with some
| unpopular games never having been cracked at all. The price is
| lowered performance, of course.
| free_bip wrote:
| That's a video game DRM scheme, not a video DRM scheme
| ParetoOptimal wrote:
| > Denuvo mostly works.
|
| Not for users: https://gamerant.com/denuvo-outage-servers-
| down-persona-5-ro...
|
| > Allegedly they have a custom approach to each new game, so
| cracks can take months to appear, with some unpopular games
| never having been cracked at all
|
| From what I hear, it's cracked in a matter of days or weeks.
| I haven't checked whether this is true or not, so I can't say
| you are wrong about some (most?) cracks taking months.
| crtasm wrote:
| Looking at the previous two years of uncracked Denuvo and
| only selecting games that seem notable:
| Dragon's Dogma 2 (2024) Like a Dragon: Infinite
| Wealth (2024) Suicide Squad: Kill the Justice
| League (2024) Street Fighter 6 (2023) Hi-Fi
| Rush (2023) Dead Space (2023) Star Wars
| Jedi: Survivor (2023) Persona 5 Tactica (2023)
| EA Sports FC 24 (2023) NBA 2K24 (2023)
| Assassin's Creed Mirage (2023) Atomic Heart (2023)
| Lost Judgment (2022) Sonic Frontiers (2022)
| Sonic Origins (2022) Persona 4 Arena Ultimax (2022)
| Persona 5 Royal (2022) Sniper Elite 5 (2022)
| Marvel's Midnight Suns (2022) Total War: Warhammer
| III (2022)
|
| Going back further there's more high profile games that
| were never cracked. The system seems to work as intended in
| some cases.
| lossolo wrote:
| Some of the games you mention were already cracked but
| not by the scene.
| crtasm wrote:
| Which ones? My list has nothing to do with scene or
| otherwise.
| kyriakos wrote:
| Many denuvo games are eventually released without denuvo
| and are then instantly pirated. Looks like the cost of
| denuvo is high enough for game publishers to stick to it
| just enough to reach profitability and then ditch it.
| lossolo wrote:
| > Allegedly they have a custom approach to each new game, so
| cracks can take months to appear
|
| It's because it's tedious to crack it, it's not really a
| rocket science, they just generate new VM for the binary so
| you can't automate it, they inject A LOT of code paths which
| you need to manually follow and change. That's the only
| reason why games stay uncracked for months. It's a war of
| attrition.
|
| > with some unpopular games never having been cracked at all
|
| That's not exactly true actually, you need to pay for Denuvo
| license every year, that's why after some months or a few
| years it's removed from most of the games.
| jsheard wrote:
| 4K streaming content is hit or miss because most services lock
| that behind Widevine L1, which requires implementors to use a
| secure enclave and the entire signal path to use strong
| encryption. If an L1 implementation gets compromised it quickly
| has its keys revoked and is downgraded to L2/L3, so piracy
| groups have a limited time window to dump as much 4K content as
| possible. Those lower Winevines tiers are permanently broken
| though so everything is immediately available in at least
| 1080p.
|
| 4K Blurays are currently always ripped due to an unfixable
| compromise in Intel SGX allowing PowerDVDs keys to be
| extracted, they could close that hole by revoking PowerDVDs
| keys for new Bluray releases but they haven't done that yet. I
| imagine they will at some point because PowerDVD _requires_ SGX
| to play UHDs, and Intel stopped supporting that on newer
| consumer hardware, so 4K Bluray playback on PCs is effectively
| being phased out.
| ricktdotorg wrote:
| ^^^ great comment. hard to imagine a better synposis of 4k
| DRM in ~2 grafs. thanks!
| gorkish wrote:
| Not mentioned above, but should be noted that all of this
| DRM is still only protecting the compressed and encoded
| video content. Schemes to protect the uncompressed digital
| video data are all permanently and universally broken or
| bypassed. The 'analog hole' has gone fully digital. One
| would think that alone would be enough to seal the deal on
| the pointlessness of DRM, but unfortunately there are a lot
| of gullible execs out there that want to keep pouring money
| on the fire.
| gjsman-1000 wrote:
| As long as it stops even 100,000 people from not
| downloading videos off of Netflix, from an executive's
| perspective, it pays for itself.
|
| To them, it's like saying Speed Limit signs are useless,
| because cars can go faster than the number posted by
| literally pressing a button. That's not the point.
| gorkish wrote:
| If you take the capitalistic lust of the corporate
| executive to its logical extreme, given the massive costs
| of the DRM tech you'd think that at least one of them
| would realize that they could make more money if they
| didn't have to pay for something that doesn't work. The
| economics of distributing the copies are such that it
| doesn't actually matter if it's easy or hard for 1 or
| 100,000 people to break the protection.
| gjsman-1000 wrote:
| I can get DRM, right now, for my videos, with 500,000
| plays for $1665. That's publicly available, commercial
| pricing. That's a third of a cent per play. At Netflix
| scale, it's probably cheaper.
|
| DRM is a drop in the bucket compared to normal costs. A
| Netflix subscription is, what, $10? That's enough to pay
| for 3,300 encrypted plays. The same provider, if I was
| doing over 10,000,000 plays, will drop it to just under
| one tenth of a cent per play, enough for over 10,000
| encrypted plays. Compare that with how much the internet
| bandwidth, storage, and distribution costs - and the DRM
| is a rounding error.
|
| You're seriously telling me that not even one out of
| 10,000 plays is going to attempt a serious theft, to
| share it with random friends and family? Hah, it's
| probably closer to 5 in 100.
|
| Believe me - I'm not a guy who defines himself by living
| in a Hacker News bubble where everything needs to be
| perfect to be effective. I'd have DRM yesterday if I ran
| a streaming service, just like my copyright filings and
| the deadbolt on my front door.
| temac wrote:
| Sharing with friend and family is not "serious theft". It
| is benevolent and what people do with books and DVD,
| without industry people becoming insane about.
| gjsman-1000 wrote:
| I meant sending copies; where the next thing you know one
| purchased copy becomes thirty people holding copies.
| repelsteeltje wrote:
| I agree, DRM has significant costs.
|
| Consider you've encoded and packaged your mezzanine into
| ABR (dash, HLS) and it's working on phones, browsers,
| smart TVs, STBs etc. Now you add common encryption:
| repackage and get double the number of tracks (CENC as
| well as CBCS). You buy your licenses from Apple
| (Fairplay), Google (Widevine), Microsoft (Playready) and
| Marlin (old crap). What used to "just work" now has all
| kinds of subtle interop problems.
|
| Audio sync issues on iPad? Ah, Apple pushed a bad
| firmware update, thank you. Tomorrow it's users
| complaining about Widevine in Firefox. Only Netflix,
| maybe Disney+ -- the biggest of the biggest can do
| streaming with DRM _and_ make a profit.
| bee_rider wrote:
| I think DRM works fine for the actual customers, the
| companies that are distributing video who need to
| convince the movie producers that they are taking it all
| very seriously, so they need to check some "our platform
| uses DRM" box. It all looks very odd from us downstream.
| But, still, most people don't break DRM so it must be
| doing something.
|
| For a long time the industry worked by shipping movies
| off the theaters, to be run in projection room secured by
| kids doing after-school jobs. I think they aren't
| concerned with perfection.
| bobdvb wrote:
| I work for a large streaming service and a significant
| part of my work is content protection.
|
| Honestly, tech folks misunderstanding of DRM and content
| protection is significant. There's some assumption that
| people are inherently honest and that we're just money
| grabbing. In the years that I've been doing this I've
| seen a lot of things and nothing has convinced me that if
| we turned off DRM we'd: 1) save money 2) not have issues
| with piracy proliferation
|
| The cost of DRM license issuing for our company is
| relatively insignificant, a year's worth of DRM for
| millions of users is less than the cost of a single show
| we might make. We pay cents per thousands of plays.
|
| I recall we launched in a new market, we did a show which
| would have been an expensive PPV previously, but it was
| included in our standard subscription. We also offered a
| first month free trial, which you could cancel. So, you
| could enjoy it at zero cost, from the original provider
| in high quality, with no commitment. That night our anti-
| piracy team took down 20,000+ illegal streams, serving a
| large audience.
|
| I also acutely know that DRM isn't as secure as we'd
| like, I know that all security measures are ultimately
| not anywhere near perfect. But you know what? I also lock
| my front door, even though I know how to pick locks. I
| put my car keys in a RFID box, despite knowing there are
| probably CAN attacks against my car. I still need to
| protect my assets, because enough people don't want to
| pay for something if they can get it for free.
|
| We had some research into the attitudes of pirates that
| basically distils down to: 1) 1/3rd would pay if they
| couldn't get the content any other way 2) 1/3rd don't
| care enough and are casual pirates, watching because they
| can. 3) 1/3rd are "pay never", militant, yet still happy
| to take my work without concern for the sustainability of
| that.
|
| Ultimately, if you like content then you should pay for
| it, but it's always a waste of time arguing about this on
| the internet because so many people are in the third
| category, think I'm an asshole for doing my job and
| apparently they know my job better than I do.
| HeatrayEnjoyer wrote:
| That's all beside the point. Hardware belongs to the user
| and should be under the user's control. Treacherous
| computing should be highly taboo and illegal.
|
| The "sustainability" of Disney's profits are not
| important. To suggest otherwise on a site literally named
| Hacker News is comical.
| eklavya wrote:
| Why would bringing up sustainability of any business be
| comical at Hacker news?
|
| How do you make money? Why should it not be for free?
| Your sustainability is important?
|
| We agree on hardware belonging to the user by the way.
| int_19h wrote:
| Hacker ethos is about freedom to control what you own and
| put it to the purposes that you, its owner, want. DRM
| takes away that freedom, so it is obviously incompatible.
|
| If that freedom makes e.g. Disney business model
| unsustainable, then that business model is itself
| incompatible with the ethos.
| gorkish wrote:
| I'm gonna be extremely blunt given that I have you in my
| audience, large streaming media worker bee: It's not
| surprising in the slightest that you have a bias towards
| the effectiveness of DRM when your livelihood depends on
| it. The fact that the unit-cost is "relatively
| insignificant" is simply a continuation of the straw man
| argument that props up the entire notion that DRM is
| somehow cost effective. I don't personally think you are
| a jerk or anything for working your job, but I can say
| that I would not personally find it fulfilling to spend
| my own career on something with such diminishing returns.
| I guess all of those insignificant expenses add up to
| some good money in the end, at least in someone's
| opinion. The incentive to continue burying the failed
| promises of DRM and keep it propped up as long as
| possible is evident though; the story really hasn't
| changed in the 30 years or so that I've been following
| it.
|
| The lack of a "save video" button in the player app is
| the most effective means to prevent the average person
| from distributing the content. By your "lock on the door"
| analogy, a UI that does not allow the thing you don't
| want your users doing is providing more or less
| equivalent protection to the DRM. It doesn't matter how
| many locks you put on your door if all the attacker needs
| to get what they want is to look through the window. Why
| continue to invest in the additional technology if it is
| not actually adding significant additional protection? By
| the time any user presents a willingness to do _anything
| at all_ to circumvent your standard software interface,
| you have lost; the user will succeed. Plugging in a $30
| recorder and pushing the button is all it takes, and all
| the sweet cutting edge secure enclave crypto quantum DRM
| in the world cannot prevent it. How many of those 20k
| illegal streams you cite even bothered to break the
| precious DRM? My guess is zero.
| gjsman-1000 wrote:
| Right, as though extensions for downloading videos
| haven't been Top 10 most installed on all major browsers
| for over a decade.
| jorams wrote:
| The argument from the other side is at least as
| frustrating.
|
| > ...nothing has convinced me that if we turned off DRM
| we'd: 1) save money 2) not have issues with piracy
| proliferation
|
| > That night our anti-piracy team took down 20,000+
| illegal streams
|
| You already have enormous issues with piracy
| proliferation. The money you spend on DRM may be
| "relatively insignificant", but it's still money being
| wasted on "protection" that has already proven to be
| utterly ineffective.
|
| I am in neither of your three groups. I _want_ to pay for
| content. I pay for a lot of music, for example. But you
| 're not going to bully me into paying for your shit by
| making it as user hostile as possible. As a paying
| customer I expect at least the level of service that
| piracy groups have no trouble providing, but instead I'm
| treated like an enemy every step of the way.
|
| In practice this means I avoid TV shows and movies, but
| when I do want to watch one I have absolutely zero moral
| qualms pirating a product that is not for sale. I'll even
| go out of my way to look for a DRM-free copy I can pay
| for first. This takes more time than pirating it once I
| inevitably find out that's not available.
| gjsman-1000 wrote:
| > already proven to be utterly ineffective
|
| The fact that it does not always work, is in no way a
| proof of ineffectiveness.
|
| Otherwise, the tax system, speed limit signs, front door
| locks, and glass windows are also "completely
| ineffective."
|
| He is literally telling you, from his own experience in
| his company, it's effective. Don't cite a sloppily-
| produced research paper from somewhere to make him deny
| reality.
| jorams wrote:
| > Don't cite a sloppily-produced research paper
|
| I'm not, I'm citing their own comment in which they
| describe taking down 20,000+ illegal streams of their
| already DRM-"protected" content _on launch day_. He 's
| describing it not being effective at all.
|
| Glass windows, speed limit signs, the tax system (what?)
| provide value to the people affected by them. DRM is a
| pure negative for customers.
| gjsman-1000 wrote:
| You're assuming it would not have been 100,000 without
| the DRM. You cannot prove, or cite any research, showing
| it would not have been much worse. In which case, it
| could indeed be quite effective.
| jorams wrote:
| Indeed I can't, just like you cannot prove, or cite any
| research, showing it wouldn't have been 1,000 if the
| content was accessible without arbitrary artificial
| restrictions on the devices consuming it.
|
| By all means keep taking down illegal streams. I'm not
| excusing the people providing them. I'm saying maybe stop
| treating every paying customer as if they're going to do
| that to the detriment of the service provided. Because it
| _is_ negatively affecting the service.
| pmontra wrote:
| I understand your points and I wish you all the best with
| your job. But please tell your bosses to let me buy
| single episodes of the series I like or every movie in
| history. No monthly subscriptions. I stay months without
| watching anything, then maybe two or three series at
| once, one episode per week each. The industry business
| model doesn't fit my habits.
| qingcharles wrote:
| I used to be the chief DRM guy at another large streaming
| service.
|
| I can say 100% that the company did not want DRM as it
| was unreliable and customer-unfriendly, but it was the
| rights-holders that were badly educated and informed and
| would demand it in their contracts. I would suspect that
| is the case at a lot of other streamers too?
|
| (the cost of the DRM was near-zero at our company)
| xyzzy123 wrote:
| Yes if a particular group gets to externalise / socialise
| the costs of maintaining a protection then obviously from
| the perspective of the protected group then it's worth
| it.
|
| The question is, is it good for society overall. Who or
| what is being protected and what impact does that have on
| everyone else?
|
| Speed limit / stop signs represent a decent point of
| discussion I think.
| pas wrote:
| Speed limit signals danger, right?
|
| Does DRM signal an ethical dilemma?
|
| And if yes, what does it mean considering that each year
| we lose millions of people on the roads. (To fatalities
| and horrific injuries resulting in permanent
| disabilities.) Yet the majority doesn't care?
| sureIy wrote:
| > The question is, is it good for society overall.
|
| That's not what execs ask at all. I don't know where
| you're living. The existence of DRM is not in any way
| related to society.
|
| Their analysts say it's a net positive on their balance
| sheets, so DRM is here. Everything else is baseless
| speculation.
| dialup_sounds wrote:
| There is no "particular group" or "everyone else".
| Everyone has rights over their own creative work, even if
| that's mildly inconvenient to others. It's part of the
| social contract of modern society.
| int_19h wrote:
| The people who profit from all this are mostly not those
| who can claim that it is _their own_ creative work.
| panzi wrote:
| > so everything is immediately available in at least 1080p.
|
| Aren't the lower tiers only 720p? At least all the streaming
| services give Linux users only 720p. (There is a workaround
| for one particular service to still get 1080p - I'm paying
| for it so I better can watch it in 1080p! The moment this
| stops working I cancel my subscription.)
| SSLy wrote:
| L3 can do FHD on Linux but it's the services config that
| prevents that.
| brnt wrote:
| Why do they do that?
| daveoc64 wrote:
| The lower levels of Widevine protection are weaker, so
| the content providers like Netflix only allow playback in
| standard definition or 720p at those levels.
|
| They don't want the highest quality to be available on
| devices where the DRM can easily be broken.
| SSLy wrote:
| >They don't want the highest quality to be available on
| devices where the DRM can easily be broken.
|
| they don't want to admit you can get L3 keymaterial from
| androids super easily. They just are obnoxious assholes.
| jsheard wrote:
| There's three Winevine tiers, L1, L2 and L3, which
| generally correspond to 4K, 1080p and 720p respectively
| though it depends on the service. L3 is what you get on
| Linux. L2 is supposed to be more secure than L3 but AFAICT
| it makes little difference to piracy groups, L1 is the only
| actual roadblock for them.
| brnt wrote:
| Why are Linux users limited to L3?
| jsheard wrote:
| Because it doesn't meet the requirements for L2. I think
| L2 implementations are required to block software screen
| recording, for example, and there isn't really any
| practical way to enforce that on an open platform.
| Windows/Android/iOS have special support for compositing
| protected content so if you try to read the framebuffer
| back the content just shows up as a black rectangle.
| Mindwipe wrote:
| L1/L2 requires a third party who could be liable to sign
| that the drivers are unmodified to the hardware.
|
| On a general purpose Linux installation who would do
| that?
|
| (And who in the Linux using community wouldn't take any
| efforts by someone to try as an afront, bluntly).
| bee_rider wrote:
| Also there aren't really enough of us watching videos on
| Linux for it to be a worthwhile market for them to
| address, I think.
| panzi wrote:
| DRM only really works if you're not root on your own
| machine, and with Linux you're always root on your own
| machine. Quite frankly I think DRM (the normalization of
| rootkits) is dangerous.
| lldb wrote:
| So it turns out chrome os ships with a shared library to
| support L2 (since it's entirely in software). There's a
| patch to get it working on other Linux distributions.
| h4x0rr wrote:
| Couldn't scene groups just keep the exploits for decrypting
| streams for themselves? Is there any way for
| Netflix/Widevine/PlayReady to detect this?
| jsheard wrote:
| I don't know the technical details but Winevine claims to
| have a system for watermarking content, which may allow
| them to trace the origin of ripped content back to the set
| of keys which decrypted it so they can be revoked.
|
| https://www.digimarc.com/resources/widevine-announces-
| digita...
| lossolo wrote:
| There are no exploits for Widevine. The system operates by
| requiring a key, which is obtained from the unsecure
| hardware enclaves of some of the thousands of devices
| whitelisted by Widevine. When you access and share publicly
| 4K content, the keys for that specific device are
| blacklisted, necessitating the purchase of a new device to
| extract a new key.
| devrand wrote:
| It does seem like Netflix has been doing a decent cat-and-
| mouse game with Widevine for anything over 540p the last few
| months. There's been several shows that took several days to
| get properly copied (i.e. not just screen recorded).
| 486sx33 wrote:
| "4K Bluray playback on PCs is effectively being phased out."
|
| Which will only perpetuate and speed up the problem. 4K blu
| ray discs suck on a lot of new tvs and players for frame rate
| and detail so the best visual experience is going to be on
| high dpi PCs (or Mac? Retina?)
|
| If I can't play a 4K blu ray I purchased on my pc... I'm
| going to probably download a ripped version and not feel
| guilty about it since I purchased the disc ...
|
| My M2 Pro can decode and play 4K without breaking a sweat and
| with amazing battery life on VLC player
| grishka wrote:
| > the entire signal path to use strong encryption
|
| But the display panel itself still receives an unencrypted
| LVDS signal, which should not be too hard to decode. There
| are (were?) also cheap HDMI splitters that conveniently strip
| HDCP.
|
| Your only issue is that yes, you can't get at the original
| compressed video stream and have to reencode, possibly losing
| a tiny bit of quality.
| jsheard wrote:
| That is true, but ripping content in that way is a much
| bigger burden on piracy groups since it has to be done in
| realtime, can't be done in parallel without multiple
| expensive hardware rigs, and metadata like subtitles can't
| be extracted automatically. Rips of streaming shows often
| have a dozen or so subtitle tracks and nobody is going to
| transcribe and re-time all that by hand if they can't
| decrypt the stream directly.
| grishka wrote:
| Are subtitle tracks also encrypted? I've always had the
| impression that only video itself is.
|
| edit: But the subtitle tracks are also available on
| software-only DRM levels that are easy to break.
| jsheard wrote:
| Actually now I think of it that doesn't matter since you
| could just pull the subtitles from the weakly protected
| 720p version then apply them to the higher resolution
| versions. Ripping the 4K video through LVDS or HDMI
| capture would still be annoying though.
| grishka wrote:
| Yep I realized that and edited my parent comment but you
| beat me to it.
| jsheard wrote:
| Another complication for LVDS capture is that HDR content
| is always tonemapped/filtered (OLED ABL etc) before it is
| sent to the panel, and that processed version is what you
| would get with LVDS capture. It might be usable, but it
| would be a downgrade from other capture or decryption
| methods which grab the unprocessed HDR video.
| kuschku wrote:
| With a $20 HDMI grabber you get 4K HDR video with full
| Dolby Vision or HDR10 metadata, without any tonemapping
| applied, en masse.
|
| Combine that with some software mods to hide the UI at
| all times and you've got a perfect recording.
|
| Re-encoding is the slowest and most annoying part of this
| process, but release groups re-encode everything anyway,
| so that's not an issue either.
|
| DRM only hurts the legitimate customers, no one else.
|
| I'm subscribed to the highest tiers of Netflix, Disney+,
| Prime Video, Paramount+, YouTube Premium,
| CuriosityStream, Nebula and Zattoo.
|
| Yet often enough, I have to rip media from bluray because
| the streaming version only has audio or subtitles
| available in the local language or the quality is subpar.
| qingcharles wrote:
| I don't know the burden is as big as you imagine. I used
| to run a torrent site that was 99% recorded shows through
| capture and we still had every single broadcast show
| uploaded within minutes -- and no uploaders were getting
| paid, they were just bored and doing it for the Internet
| points.
|
| edit: also to add, we would get employees at the studios
| send us discs with the new shows before release, but I
| had agreements with at least one studio to not allow
| uploads until after broadcast if we received any of their
| media
| m4tu4g wrote:
| To add more to this, not essentially 4K is the only thing
| behind L1, even HD streams can be with L1.
|
| It's entirely the services' choice to use what they want,
| like they can even put SD stream behind L1 and leave 4K for
| L3 (this happens widely in lesser known services & L2 is
| hardly used). Also Amazon's 4K is different from Netflix's 4K
| considering the key revocation TAT. So everything changes
| from service to service.
| int_19h wrote:
| Not immediately; sometimes when they revoke the keys it can
| take a few months for the likes of StreamFab and AnyStream to
| catch up even with 1080p. E.g. StreamFab is currently stuck
| on 480p for Netflix, and it has been like that since January.
| miki123211 wrote:
| The point is pressure on equipment manufacturers, making
| borrowing and streaming work for digital content, maybe also
| deterring casual piracy, not necessarily protecting videos from
| appearing on tpb.
| gwbas1c wrote:
| > have never kept the bad guys out
|
| Careful who you call the bad guys. A lot of "piracy" comes from
| the people who spend the most money on the content they pirate.
|
| I personally think the best DRM approaches are those that keep
| "the honest people honest:" IE, metadata that identifies
| copyright owners, flags that identify content that has
| restrictions due to copyright, and casual protections. (Think
| of a "do not enter" sign that you can choose to ignore if you
| have reason to do so.)
|
| Otherwise, DRM really only works when the people consuming the
| content have motivation to keep it secret. (IE, corporate and
| military secrets.)
| repelsteeltje wrote:
| Funny thing is that most streaming platforms _only_ have DRM
| because content owners pressure them. It 's expensive and a
| huge hassle to get right.
|
| While indeed DRM barely contributes in fighting
| redistribution over Pirate Bay, it _does_ prevent stream
| sharing. Ie.: the platform saves a lot of CDN bandwidth by
| forcing that onto torrents.
| watermelon0 wrote:
| I think this is not entirely true, because HBO and Netflix
| have DRM on their own shows.
| andsoitis wrote:
| > A lot of "piracy" comes from the people who spend the most
| money on the content they pirate.
|
| That doesn't strike me as a valid statistic. Where are you
| getting that data from?
| ParetoOptimal wrote:
| > That doesn't strike me as a valid statistic. Where are
| you getting that data from?
|
| I'm going to assume they are trying to say in other forms
| of support like word of mouth marketing, user created
| content, or purchases in other areas such as video game
| merchandise for instance?=
| repelsteeltje wrote:
| I think he alludes to "lore" more than statistic. In the
| CD/DVD age anti-piracy measure like region locks, DRM, but
| also annoying banners you could not skip would often make
| consuming the media with a regular CD or DVD player so
| cumbersome, that you were almost forced into ripping the
| media onto a hard disk first and consuming the media with
| VLC or similar.
|
| The inability to just consume media using official device
| to on rented or purchased disks encouraged ripping, sharing
| and downloading.
| amargulies wrote:
| There are in fact studies that show people that pirate
| tend to spend the most on legal content. See every study
| listed here for example:
| https://www.vice.com/en/article/evkmz7/study-again-shows-
| pir...
| amargulies wrote:
| Simple example: My wife wants to consume certain
| Austrian/German content in Canada which are not available
| on any streaming service here. The streaming services there
| (Germany/Austria) do not support Canada. She was gifted
| DVDs of them, but that means she can't watch them on her
| phone or tablet (or laptop without a usb dvd drive that's
| region coded to Europe). Options are to:
|
| - rip the DVDs (pain in the butt unless you have a specific
| setup for doing it en-masse. Some shows end up with
| episodes out of order, etc)
|
| - download the shows
|
| And this is when she's lucky enough the show/movie had a
| DVD release.
|
| Similar problems exist for local content that doesn't exist
| on streaming sites altogether (bunch of things I grew up
| watching that I'd like to revisit).
| DarkUranium wrote:
| Note that ripping DVDs is still piracy if said DVDs
| contain DRM[1], at least in the US. I don't know about
| CA, but I'd imagine it's similar, considering the state
| of copyright ...
|
| [1] Region locking is a form of DRM, and most DVDs at
| least used to be region-locked. I don't know if that's
| still common practice nowadays.
| ThunderSizzle wrote:
| In the US, it's only a legal violation if you try selling
| it. For personal use, you can rip DVDs.
|
| Granted, the media companies use civil lawsuits to also
| make it feel illegal.
| gjsman-1000 wrote:
| "Careful who you call the bad guys. A lot of "piracy" comes
| from the people who spend the most money on the content they
| pirate."
|
| This is laughably, obviously false. Don't let the Reddit
| bubble of all 300 people who do this, or the 1.2% of Yuzu
| users who actually dumped their own keys, distort your
| understanding of reality.
| DarkUranium wrote:
| https://www.vice.com/en/article/evkmz7/study-again-shows-
| pir...
| prmoustache wrote:
| > or the 1.2% of Yuzu users who actually dumped their own
| keys
|
| As a Nintendo Switch owner, if my console died or I wanted
| to play Zelda at 4K I would probably not go through the
| hassle of dumping my own keys and rip the game myself if I
| can download them on the internet in a more
| convenient/quick way.
|
| So there is probably a much larger fraction of users that
| own their games legally but still use emulators.
|
| Also as said somewhere else, the fact some people play
| pirated games they would probably not even play if they
| were not available that way is orthogonal to the fact they
| may still be the highest spenders in games. Same applies to
| movies/music/shows. People usually have a non infinitely
| stretchable budget. A lot of piracy is opportunistic but
| would not transfer in sales if prevented. When I was a
| teenager/young adult I pirated a lot of stuff to try out.
| My gaming/movie/CD budget was fixed anyway and I still
| spent money on them but for the most part I would not have
| bought more if those things weren't accessibles illegally.
| Some were either out of reach for my budget (softwares like
| photoshop or Music DAWs), other were not deemed good enough
| to pay for them over better records/movies/games.
|
| And it transfers to today: while I have a totally unlimited
| access to 8, 16-bit and 32-bit console roms, I almost only
| play to games I have owned and loved at the time.
| tawa9102930 wrote:
| HDCP is broken so none of it really matters.
|
| The resulting files ("webrips") aren't a lossless copy of the
| original, but are good enough for most.
| Salgat wrote:
| Yeah web-dls might be hit or miss but webrips are such good
| quality that it's irrelevant for most folks anyways, since
| it's nearly the same quality you'd see on your TV.
| gorkish wrote:
| I posted elsewhere in the thread but it bears repeating, "The
| analog hole has gone fully digital." The generational loss
| from one recompression is effectively unnoticeable. What a
| ridiculous arms race!
| bombcar wrote:
| The point of the DRM schemes is basically to keep video "hard
| enough to copy that normies don't do it". And not even "normies
| can't find it on the Pirate Bay" but "you can right click and
| download from Netflix."
|
| If they mostly succeed at that, they consider it good enough.
| jorams wrote:
| If that were true it would be possible to watch in 4k
| resolution on Netflix on Linux. But it's not.
| bombcar wrote:
| Because if "4k on Linux" was doable than "download a 4k rip
| directly" would shortly follow.
| grapescheesee wrote:
| Well, it sure seems to make a market for people who
| would/does pay for legitimate 4k video in their browser
| to pirate. I am happy to pay for streaming, but as the
| quality goes down so does any desire to shell out honest
| money.
| bombcar wrote:
| The thing that's breaking me is that I can't even figure
| out which combination of what I need to get what I want.
|
| I just want to pay the $5 and watch the damn movie/show!
|
| So instead I just ... check out the Roku from the library
| that has all the services and binge ;)
| ParetoOptimal wrote:
| > I really don't see why so many millions (billions?) of
| dollars have been spent on technologies which so far have never
| kept the bad guys out.
|
| A PR campaign to make people think getting that content for
| free is harder than it is?
| hannob wrote:
| DRM schemes never worked, and it has been speculated that the
| people building them always knew it, but had other goals.
|
| Backn in the days it was: Of course you can break DVD
| copyprotection schemes. But you cannot build a legal opensource
| DVD player software. Today it's: Of course every Netflix series
| can be found on the pirate bay. But you're not legally allowed
| to build an alternative netflix player frontend.
| gjsman-1000 wrote:
| From the executive's perspectives, DRM is working just fine.
|
| People can't just go get a random browser extension to save
| videos.
|
| Alternative and unlicensed clients are illegal.
|
| Sure, there's some piracy - but even at the end of the day,
| pirates would watch a smartphone recording to save a buck.
|
| To them, DRM does not have to be perfect to be a good
| investment; any more than copyright needing to be perfect or
| Speed Limit sign enforcement needing to be perfect.
|
| Plus, every layer of complexity that gets broken, is another
| line for convincing the DOJ or the Jury about malicious
| intent.
| oaththrowaway wrote:
| > Sure, there's some piracy - but even at the end of the
| day, pirates would watch a smartphone recording to save a
| buck.
|
| I spend a lot of money on hard drives and Usenet to have
| quality rips. It's a service problem, not about the money
| gjsman-1000 wrote:
| Yes, yes, the Gabe Newell quote - even though that quote
| was only an explanation for why piracy happened. Commonly
| lost in translation, that quote never once said piracy
| was justified or acceptable, nor did he encourage piracy
| under any circumstances.
| oaththrowaway wrote:
| I never claimed he did? I was just responding to your
| incorrect assumption
| burningChrome wrote:
| Just as an aside and probably a dumb question - is Pirate Bay
| still a thing? I know they have archival stuff you can
| access, but I thought Pirate Bay died out a long time ago and
| even pier to pier networks have all but disappeared with
| streaming.
|
| I feel like this is kind of a naive question, but I haven't
| needed to use pier to pier stuff since streaming did become
| the standard and remember a lot of articles on Pirate Bay
| shutting down around 2014. Some of the 1070's movies I've
| found on YouTube that aren't on any streaming platform like
| the 1982 movie Dreams Don't Die about a graffiti artist
| played by Ike Eisenmann.
| sureIy wrote:
| > pier to pier
|
| I can't believe that we don't use this terminology. Of
| course pirates go from pier to pier. Missed opportunity
| zootboy wrote:
| Yes, the Pirate Bay is still a thing:
|
| https://thepiratebay.org/index.html
|
| Feel free to look up your favorite movies from 2024.
| They're on there.
| somenameforme wrote:
| If you approach it at the most fundamental level, it seems like
| a clearly impossible goal to achieve. You are having users
| playing back content on their private devices, and then want to
| try to prevent them from copying that. That's basically
| impossible to achieve on somebody's own machine, and literally
| impossible to do once two enter into the picture. In the
| absolute worst case a high resolution/hertz cam on one's own
| screen with a quick ML software polish job, would look near to
| completely indistinguishable from the original content.
|
| I imagine the reason so much money has been spent on it is
| because studios prefer to blame piracy than content for
| increasingly poor sales. So they see it as their salvation and
| are willing to pay big bucks, even if it's impossible. That's a
| primo ground for hucksters and charlatans to make a killing.
| Something similar happened in poker where players wanting to
| use fully automated software to make their decisions ended up
| just stepping outside the cat&mouse game and using a setup with
| a second computer + cam - completely and absolutely impossible
| to detect.
| eddd-ddde wrote:
| I imagine in the future DRM is directly embedded in the
| viewers brain and if it detects pirate content it just fries
| you.
|
| I genuinely can't imagine any other form of DRM being
| successful.
| LadyCailin wrote:
| Drink a verification can to continue.
| idle_zealot wrote:
| You could require that all devices capable of video or
| audio display or capture embed models to detect copyright-
| protected content, and only proceed with playback or
| capture if they are connected to the internet and are able
| to verify some cryptographic liscense is valid. Put all
| this logic in some secure processor that self-destructs at
| the slightest sign of potential reverse-engineering or
| irregular behavior, along with physical anti-tampering
| measures that make phreaking or uncapping any components
| liable to trigger self-destruction. Then make the
| circumvention of any of these measures or attempts to
| create or import non-compliant display or capture video or
| audio content carry some heavy criminal penalty, such that
| any group well-resourced enough to attempt bypass would
| judge doing so foolish.
|
| That would probably "work".
| bee_rider wrote:
| > In the absolute worst case a high resolution/hertz cam on
| one's own screen with a quick ML software polish job, would
| look near to completely indistinguishable from the original
| content.
|
| I'm not even interested in piracy (no ethical dilemma I just
| can't be bothered), but I think this would be an absolutely
| fantastic tech demo, and also very funny. Ultimately the
| video has to be displayed on a screen, so this must be the
| final defeat for DRM, right?
| kuschku wrote:
| Every now and then I do event tech for some small tech
| conferences, lectures, etc.
|
| A while ago we had an issue where, under some
| circumstances, macbooks would enforce HDCP for their
| output. Obviously an issue if you're trying to record and
| stream a talk. And we didn't have any hdcp removal devices
| on hand.
|
| So I set up a Sony FX30 with fujinon broadcast optics on a
| tripod, aimed at the screen. Some white balancing and
| adjustments to brightness and ISO curve later and the image
| was undistinguishable from the original.
|
| We actually used that setup for all talks on that day, and
| it worked perfectly fine.
| layer8 wrote:
| Getting the colors right would be difficult.
| nonrandomstring wrote:
| > I really don't see why so many millions (billions?) of
| dollars have been spent on technologies which so far have never
| kept the bad guys out.
|
| Sunk cost investment bias [0].
|
| Past a certain point, even when the outcome is obviously
| futile, it becomes a mixture of accumulated momentum and pure
| bloody mindedness to "build it if it kills us". Companies like
| Microsoft or Sony have entire departments of people working on
| "rights management".
|
| Nobody has the courage to just say, "Sorry guys, this is a
| fool's errand, we're going to shut it down and move you all
| onto something more productive".
|
| [0] https://en.wikipedia.org/wiki/Sunk_cost
| jvanderbot wrote:
| It doesn't need to work, it needs to be a clearly demarcated
| legal boundary. If it's hard enough that it takes effort to
| cross, you can prosecute.
|
| Someone who wanders in the woods might not be blamed for
| trespassing. But someone who hops a fence with a sign on it
| doesn't have much defense.
| squigz wrote:
| > I really don't see why so many millions (billions?) of
| dollars have been spent on technologies which so far have never
| kept the bad guys out.
|
| Because the goal isn't actually to "keep the bad guys out" -
| it's to strip user freedom and privacy, and make a shit load of
| money at the same time
| daveoc64 wrote:
| The DRM clearly does work in preventing "casual piracy" - where
| average users do things like downloading a file and keeping it
| forever (even after cancelling a subscription) or copying the
| file to a friend.
| yencabulator wrote:
| Video streaming hasn't been "a file" in a long time. HLS et
| al download little snippets at a time, adjusting to current
| bandwidth circumstances, typically with video and audio
| separate, etc. Even without DRM, the average user couldn't
| "download a file" from Netflix.
| Retr0id wrote:
| At this point, video DRM is more of a legal protection than a
| technical protection.
| devwastaken wrote:
| No. It is fundamentally impossible. DRM centralizes piracy, it
| makes it profitable both socially and financially to pirate
| harder. As DRM tries to get harder it actually gives pirates
| more power.
|
| These pirates release high quality content that is better than
| the service provides on most devices. Typically in HEVC as
| well, requiring less download size.
|
| It's also great for those that don't have consistent Internet
| and want to download over time.
|
| DRM and anti piracy are a snake oil industry for business suit
| types that think they're protecting their assets. They're not,
| but they don't understand the infinitely copiable nature of
| digital. They want control at any cost.
| nevir wrote:
| Publishers demand it, but don't understand it.
|
| The platforms roll their eyes, but implement it anyway; cause
| it's a rounding error, and keeps publishers happy
| whoopdedo wrote:
| I don't believe the "Digital Video Express"[1] (aka DIVX[2])
| discs were ever cracked while they were on the market. But
| that's only because they were only sold for 1 year and nobody
| bought any. Even now finding information about the disc format
| is rare. Although anyone who has a reason to try probably
| should be able to do it easily since it was just 3DES.
|
| [1] https://en.wikipedia.org/wiki/DIVX
|
| [2] And this is when I remember that Wikipedia links are case-
| sensitive
| logical_person wrote:
| do software cracks usually get posted to seclists? this is
| expected in the design of DRM...
| charles_f wrote:
| If like me you don't know what Playready is:
|
| > PlayReady is a media file copy prevention technology from
| Microsoft that includes encryption, output prevention and digital
| rights management (DRM). It was announced in February 2007.
| squigz wrote:
| At some point this silly game of cat-and-mouse is going to
| escalate, and streaming players won't work unless your entire
| computer is locked down and "verified" by Microsoft or Apple.
| dawnerd wrote:
| And yet content will still be torrented within hours. It's
| always the honest consumers that lose.
| squigz wrote:
| This assuredness that piracy will always win will be our
| demise.
| dawnerd wrote:
| The only way to reduce piracy is to make access easier and
| cheaper - something the music industry figured out. Sure
| music still gets pirated but its a lot less.
| squigz wrote:
| Well, no, that isn't the only way to reduce piracy.
| Another way would be widespread collaboration between the
| largest tech corporations to lock down the pipeline from
| manufacturing to sale and onward
|
| If users continue to accept this path, which... they seem
| to, that is where we'll inevitably end up.
| sspiff wrote:
| What about the analog loophole? At some point, the data
| needs to be manifested in the real world.
| squigz wrote:
| It's not as though there's no effort to close this
| loophole (see HDCP and probably others) - I don't expect
| them to give up any time soon
|
| Granted, pointing a camera at a screen and recording will
| always be possible - but I say if we ever reach the point
| where that is the only option, we've lost.
| int_19h wrote:
| It is not a given that this will always be possible. I
| could imagine some kind of steganographic watermark in
| videos - diffused over the entire signal so that it
| cannot be easily cropped out - combined with a check for
| the same in all recording equipment that blocks the
| recording or blacks out the area if detected. Could be
| done "voluntarily" by all large manufacturers for
| starters, then eventually mandated by law for all
| equipment sold or imported into the country.
|
| And there's already precedent for this kind of thing: the
| way copiers block money bills as source.
| dawnerd wrote:
| That wont work. You can't tech your way out of this short
| of brain implants instead of screens. If there's a
| screen/speakers it's going to be pirated full stop.
| Games, okay that's a different story sure but they're
| already going down that path with online only games
| anyways.
| squigz wrote:
| Because the idea of brain implants is so far-fetched?
| utensil4778 wrote:
| No, that's where we are now. Not in the future, right
| now. It isn't working.
|
| You fundamentally _can 't_ prevent someone copying your
| file. It isn't possible, full stop. You can only make it
| maximally inconvenient. You can't encrypt a user's
| eyeballs, so the media has to be transmitted in the clear
| at some level. Be it intercepting the LVDS signal to your
| TV panel or just pointing a camcorder at the screen.
|
| The current tact is to just make it maximally
| inconvenient for anyone to access the file in any way.
| This does not consider the asymmetry in effort required.
| All legitimate users must deal with shitty DRM systems
| and broken apps, where it takes exactly one pirate to go
| through the effort of making a copy. Then everyone else
| who obtains a copy has to expend zero effort to consume
| the media.
|
| Piracy is simply easier, which is why there's a
| resurgence now. The only sustainable option is to make
| legitimate consumption easier than piracy. For a lot of
| media, piracy is the _only_ option to obtain a copy that
| will not vanish at some indeterminate point in the
| future. _even if you paid for it_.
|
| Companies think that they can just make piracy harder,
| but that simply doesn't work. Once the first copy is
| made, the game is over. As established, there's simply no
| way to truly and permanently prevent a copy being
| created. That's simply the nature of digital media. At
| best, you can slow pirates down, you can _never_ stop
| them. Piracy will _never_ go away, and people need to
| accept that. People have been selling bootleg copies of
| goods since the dawn of time, there 's no way to prevent
| it. There will _always_ be someone nabbing copies of
| movies and sharing the files.
|
| You can either waste everyone's time by trying to fight
| it, or you can realize that companies need to _compete_
| to survive, not just be large. If you compete with the
| pirates and produce a better product that people want
| more, well that 's what capitalism is all about, isn't
| it?
| squigz wrote:
| I wish I shared your certainty. I certainly don't share
| your faith in capitalism to solve anything.
| utensil4778 wrote:
| Oh, don't get me wrong, I have zero faith in capitalism.
| After all, that's the entire reason we're in this
| situation.
|
| However, market forces are actually very real. They just
| don't work the way capitalists think they do. Or rather,
| capitalists are convinced they can control the market
| through technology. Unfortunately for them, this is a
| technology that can't be solved or controlled.
| int_19h wrote:
| > This does not consider the asymmetry in effort
| required. All legitimate users must deal with shitty DRM
| systems and broken apps
|
| Oh, they do consider it. But, upon consideration, they
| decide that they don't care.
| stockboss wrote:
| i suspect one factor is that music is a lot cheaper to
| produce than movies, so selling music at an "accessible"
| price is a lot more viable as a solution. plus, there's a
| larger market for music since music is largely consumed
| in isolation. people tend to listen to music themselves
| so they would either buy a copy for themselves, or stream
| for themselves, so there's the benefit of volume as well.
| on the other hand, movies are more likely to be consumed
| in groups - a group of people watching one movie will
| only pay once.
|
| for the tv/movie industry, the best solution we have
| right now is basically streaming services like netflix.
| the issue is that its probably still not economically
| feasible for companies like netflix to pay for the
| streaming rights of new movies for their subscribers,
| especially those big budget movies. so for those, either
| you'd have to wait until the price is more palatable for
| netflix, or you'd have to just pirate it.
| Xerox9213 wrote:
| Whose demise?
|
| Has there ever been a time where piracy hasn't "won"?
| k8svet wrote:
| It's like when that first Motorola came out with a locked
| bootloader, or maybe the second one, I think the first was
| trivially crackable. I remember that year, all of the
| people claiming it was just a matter of time. And nowadays,
| among other reasons, custom roms are largely dead because
| people want access to PayPal, Netflix and their banking
| app.
|
| It's grim. I hope to win the lottery and leave the industry
| before the term "computer" has lost all meaning.
| 015a wrote:
| At some point it escalates to where the media providers make
| watching their media so expensive, time consuming, and
| difficult that piracy ramps back up.
|
| It sounds dumb, like "why would companies shoot themselves in
| the foot like this" but trust that they will. They always do.
| Corpobrain is a form of autopilot, there's no one with
| intelligence in charge not because the people who work at media
| companies are dumb (though, they are), but because there's just
| literally no one in charge. Its autopilot. Each iterative
| decision in isolation makes sense, but when zoomed out and
| interpreted holistically they're killing their own business.
| watermelon0 wrote:
| I think this is already the case today; streaming players don't
| work unless the whole chain from the player to the display is
| verified.
|
| The only reason it's possible to copy such content is because
| keys were leaked in the past, and they are not blacklisted.
| clwg wrote:
| That sounds an awful lot like an Xbox, and I personally don't
| think we're too far off from those becoming general purpose
| cloud connected DRM computers coupled with recurring monthly
| subscriptions for all your app/game/content needs.
| tithe wrote:
| > ...unless your entire computer is locked down and
| "verified"...
|
| This is exactly what the WEI (Web Environment Integrity)[0]
| specification sought to achieve, but at the browser level.
|
| [0] https://en.wikipedia.org/wiki/Web_Environment_Integrity
| surajrmal wrote:
| Most operating systems already offer this. At some point only
| native apps will be supported instead of the web if browsers
| don't also provide it.
___________________________________________________________________
(page generated 2024-05-09 23:03 UTC)