Google Takes Down Repositories that Circumvent its Widevine DRM
takyon writes:
Google Takes Down Repositories That Circumvent its Widevine DRM
GitHub has removed several repositories that helped to bypass Google's Widevine DRM, which is used by popular streaming services such as Netflix and Amazon. Google requested the code to be removed as it would violate the DMCA. The company also sent a sensitive data takedown request for the associated RSA key which, ironically, remains easy to find through Google.
[...] The code, originally published by security researcher Tomer Hadad, is a proof-of-concept code Chrome extension that shows how easy it is to bypass the low-security ["L3" version of Widevine Digital Rights Management]. Google was aware of this vulnerability and previously informed Krebs on Security that it would address the issue.
[...] Google sees the code, which was explicitly published for educational purposes only, as a circumvention tool. As such, it allegedly violates section 1201 of the DMCA, an allegation that was also made against the youtube-dl code last month.
[...] This 'key controversy' is reminiscent of an issue that was widely debated thirteen years ago. At the time, a hacker leaked the AACS cryptographic key "09 F9" online which prompted the MPAA and AACS LA to issue DMCA takedown requests to sites where it surfaced.
DMCA: Digital Millennium Copyright Act
DRM: Digital Rights Management
AACS: Advanced Access Content System
MPAA: Motion Picture Association of America
AACS: Advanced Access Content System
AACS LA: https://en.wikipedia.org/wiki/AACS_LA
Read more of this story at SoylentNews.