This is HUGE! Once the #widevine gets supported in other systems, especially #openbsd they will become much more viably for daily desktop usage.

#bsd #linux #drm

https://www.undeadly.org/cgi?action=article;sid=20260118112808

(Open) Widevine support added to the chromium port https://www.undeadly.org/cgi?action=article;sid=20260118112808 #openbsd #chromium #widevine #openvidevine #video #streaming #current #development

@trashheap

Cannot install emulators/linux_base-rl9: kernel missing 64-bit Linux support

https://www.reddit.com/r/freebsd/comments/1pyab53/cannot_install_emulatorslinux_baserl9_kernel/

#FreeBSD #Linux #Chromium #Widevine #DRM

@trashheap reportedly not working for someone at:

https://www.reddit.com/r/freebsd/comments/1os15la/drm_on_freebsd/

@lobocode

#FreeBSD #Chromium #Widevine #DRM

Another round with #widevine on linux #arm64, and there is still no support for protected content. Using binaries
from other sources fails with OpenGL errors. The "no-hardware-acceleration" configuration is not respected.

So, I need to go back to Windows which ships with working codecs even on arm64.

I think it's time to cancel Netflix etc. and switch to pirated stuff.
I mean, I'm willing to pay for media.
But Y-the-F are they making it impossible to watch it on the device of my choice? 🤬

We're trying out an editorial this week, and in the inaugural editorial, @BobDendry rants about his issues choosing a performant, powerful and modern home theatre streaming setup. Closed ecosystems suck!

https://magazine.fediverse.games/closed-ecosystems-suck/

#FGMag290825 #AndroidTV #GoogleTV #DRM #Widevine #Streaming #VideoGames #Sunshine #Moonlight #Blog #Writing #Ezine #Zine

Man hört ja gar nichts mehr über das Knacken von #Widevine L1. Vor einigen Jahren gab es noch hin und wieder Berichte darüber, dass mal wieder ein Masterkey geleakt worden sei & damals gab es auch häufig wochenl., bis monatel., mal keine 4K-Releases. Sprich, da wurden Lücken geschlossen & es gab für eine gewisse Zeit keine neuen tauglichen Keys.

Mittlerweile laufen die 4K-Releases ja in industriellem Maßstab, es ist also anzunehmen, dass Release Groups einen sehr robusten Vektor gefunden haben.

@landley @machinesbleedtoo Yes, #Widevine and any other #DRM should be #outlawed, because it's intellectually insulting how trivial it is to circumvent shit like it.

https://en.wikipedia.org/wiki/Widevine

🌗 你的DRM也能監控你：瀏覽器對Widevine EME的（錯誤）實作所衍生的隱私問題
➤ 瀏覽器實作的隱私漏洞，讓你的觀影行為暴露於追蹤風險之中
✤ https://hal.science/hal-04179324v1/document
本研究探討了HTML5時代，瀏覽器使用Widevine EME（加密媒體擴展）技術播放影片時，可能存在的隱私風險。儘管EME旨在提供無縫的DRM整合，但研究發現各瀏覽器在實作上對隱私保護的程度不一，許多瀏覽器甚至在未經明確使用者同意的情況下，就洩露了可識別設備的Widevine客戶端ID。研究人員透過逆向工程和實驗，揭示了瀏覽器在遵循EME隱私準則方面的不足，並開發了工具EME Track來自動利用這些漏洞，突顯了使用者在觀看線上影片時的潛在隱私威脅。
+ 沒想到追蹤不只是網站和廣告商，連DRM技術本身也可能成為隱私的隱患。這實在令人擔憂。
+ 這研究很及時，提醒我們在享受線上影音服務的便利時，也要注意個人隱私的保護。希望瀏覽器廠商能重視並儘快修復這些漏洞。
#網路隱私 #DRM #EME #Widevine

DRM Can Watch You Too: Privacy Effects of Browsers' Widevine EME (2023)

https://hal.science/hal-04179324v1/document

#HackerNews #DRM #Privacy #Browsers #Widevine #EME #2023

@sjvn what is this ??? #widevine The internet is not what it was supposed to be #zdnet :angrymsn:

@amszmidt@mastodon.social @fsf@hostux.social
The #FreeSoftwareFoundation/ #FSF is full of shit.

Full stop.

Their characterization is exaggerated and misleading.

#Widevine is not a "#hardware-level #backdoor" that gives #StreamingServices "permanent access" to "deep components" of your device.

Widevine is a #content #protection technology developed by Google and used by many streaming services to prevent unauthorized access and piracy of digital content.

It operates at different security levels, with varying degrees of hardware integration, but none of these constitute a "backdoor".

Widevine offers three security levels:

1. Level 1 (L1): The highest security level, where content processing and cryptography operations are handled inside a Trusted Execution Environment (TEE) on the device's hardware.

2. Level 2 (L2): Only cryptography operations are handled inside a TEE.

3. Level 3 (L3): Content processing and cryptography operations are handled in software, without a TEE.

Widevine's primary functions are:

1. Content #encryption to prevent unauthorized access
2. Secure #key #management
3. Adaptive security based on device capabilities and content quality

FSF's claims about a "hardware-level backdoor" is false. Widevine uses hardware security features when available (L1 and L2), but it's not a backdoor.

FSF's claims about "permanent access" is false! Widevine does not provide permanent access to your device. It operates only when you're using a service that implements it.

FSF's claims about granting services access to "deep components of your machine" is false! While Widevine does interact with hardware in L1 and L2 implementations, it's limited to specific, isolated areas designed for secure processing. It doesn't have unrestricted access to your entire device.

FSF significantly exaggerates the nature and impact of Widevine #DRM. Widevine is a content protection technology, not a "backdoor" or unrestricted access mechanism for streaming services.

It's almost like the FSF has an agenda here they're pushing, and to help push their agenda they're literally making shit up in the process.

https://social.cyware.com/news/googles-widevine-l3-drm-cracked-by-a-security-researcher-eaed58ca

https://github.com/seanpm2001/Its-time-to-cut-WideVine-DRM

https://www.irisa.fr/en/node/1234

https://krebsonsecurity.com/2020/10/google-mending-another-crack-in-widevine/

https://www.fsf.org/givingguide/v12/

@fsf@hostux.social I'm going to need to see some #proof and #evidence of your claim that #Widevine provides a hardware #backdoor into my machine, considering that it's a #software component.

Do you happen to have a source for that claim?

Edit: I provided the proof that the FSF is full of shit. https://queerfedi.com/notes/a1hwepppepwf00jj

RE: https://hostux.social/users/fsf/statuses/113608596180249339

So there's a new #Firefox based browser on the block that seems to aim to be like #Arc, 'cept Firefox rather than yet another #Chromium browser. Its biggest dealbreaker atm described in its FAQ is that it does not have #Widevine #DRM support - due to it costing 5000 USD, and because Zen is a #FOSS project with no real funding.

What I don't understand though is that the project says this issue affects only #Windows and #macOS. What does that actually mean for #Linux - is Linux somehow able to access DRM protected content without the need to acquire Widevine license or something?

🔗 https://docs.zen-browser.app/faq#why-cant-zen-browser-play-drm-protected-content

Heh, #Netflix decided my TV is too old to support and my #RaspberryPi 5 still had issues installing #Widevine. When I last looked into this there was no Arm64 support. I nearly thought I'd have to buy a Bezoz-FireStick or an Apple TV box, but it seems like Arm64 is now supported!

I won't even have to use Chrome because someone already figured out how to work around the plugin not wanting to install it properly in #Firefox! https://www.reddit.com/r/firefox/s/RrhsBy3zjH
(Latest version links: https://github.com/mozilla/gecko-dev/blob/master/toolkit%2Fcontent%2Fgmp-sources%2Fwidevinecdm.json)

SALE第二弾:対象64GBのタブレット9900円、特価購入チャンス
https://ascii.jp/elem/000/004/213/4213938/?rss

#ascii #PRTIMESデジタル #タブレット #Android14タブレット #5G #WIFIモデル #widevine #L1タブレット #格安タブレット #一万円タブレット #DOOGEEタブレット #アンドロイド端末 #楽天市場 #楽天 #マラソン

الإعلان عن Oukitel OT11… جهاز لوحي جديد مزود بـ Widevine L1 وبطاقتي SIM وشاشة مقاس 11 بوصة

https://todaypic.net/archives/204612

The leaked files from the disclosure https://seclists.org/fulldisclosure/2024/Jun/7 have since been removed from https://developercommunity.visualstudio.com/t/Incorrect-code-generation-on-warbirded-b/10680249. Someone on Reddit (https://www.reddit.com/user/TapAppropriate1458/) posted a direct link to a download from azurewebsites.net that's been taken down now too. The #InternetArchive has the files still at:
https://web.archive.org/web/20240624211440/https://sendvsfeedback2-download.azurewebsites.net/api/fileBlob/file?name=B0cde770200a945109437927ba3fe4d67638537352993712632_ICE_REPRO.zip&tid=0cde770200a945109437927ba3fe4d67638537352993712632

Unfortunately I cannot verify whether those files/the link was the original file or a re-upload. But at least all files within `ICE REPRO.zip/Linker/linkrepro.zip' match the size (in bytes) of the originals as given in the listing on seclists.

The file download from there has the sha256 hash:

d4c1a74f81e5259596466027ebac9f7eb026931c7cef02e5c37d884bbbb7f96f ICE_REPRO.zip

---

In addition, the disclosure notes that the MS symbol server does (STILL ONLINE!) leak the PDB of warbird.dll if requested. A backup has been re-upped here: https://files.catbox.moe/8iz2qk.pdb

Again, the sha256 hash. This has been matched against the original served by the MS symbol server:

2e8b5e0c17b4a4693ed494444f347f22a2eed15bcade18a5ac25d370011f8aa5 warbird.dll.pdb

---

I provide those hashes just for people to be on the safe side while analyzing the files. Keep in mind that accessing those files may be illegal.

#MSRP #leak #SecLists #Microsoft #WarBird #PlayReady #DRM #PDB #Widevine #PlayFair #Piracy