![]() Speaking to Wired, a Google spokesman noted that the company was examining the issue, but didn't go as far as to say it would issue a patch, saying the problem is not exclusive to Chrome and could apply to any browser created from the open source code Chromium code. For now, the researchers have released a video demonstrating the vulnerability in action. 90 days is the minimum that Google's own security researchers give vendors to fix vulnerabilities they uncover before they disclose the bugs publicly. However, the researchers have not disclosed exactly how the vulnerability is accessed, and will not do so until at least 90 days after its disclosure to Google. With the right software-and let's face it, it doesn't take long for pirating software to appear following the discovery of a vulnerability-any user would be able to download streaming content for keeps. Unfortunately for Google, the researchers discovered it's possible to hijack the decrypted movie stream right after the CDM decrypts the film, before it's displayed in the browser. ![]() ![]() Widevine uses two pieces of tech to protect content: the encrypted media extensions (EME), which handle key exchanges and other high-level functions, and a content decryption module (CDM), which unscrambles encrypted video for playback in the browser. The vulnerability centers around the Widevine digital rights management system-which Google owns and has implemented into Chrome-and specifically how it handles decryption of encrypted media streams. According to Wired, Google was alerted to the problem on May 24, but is yet to issue a patch. Security researchers have discovered a vulnerability in the Google Chrome browser that could allow users to bypass itscopy protection system and download content from streaming video services like Netflix and Amazon Prime Video. Valentina Palladino reader comments 104 with
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |