Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chrome Bug Makes It Easy To Download Movies From Netflix and Amazon Prime

Posted by msmash on from the buggy-software,-worried-companies dept.

A vulnerability found in Chrome by researchers allows people to save copies of movies and TV shows from streaming websites such as Netflix and Amazon Prime. From a Gizmodo report:The vulnerability, first reported by Wired (Editor's note: Wired blocks adblockers), takes advantage of the Widevine EME/CDM technology that Chrome uses to stream encrypted video from content providers. Researchers David Livshits from the Cyber Security Research Center at Ben-Gurion University and Alexandra Mikityuk of Telekom Innovation Laboratories discovered a way to hijack streaming video from the decryption module in the Chrome browser after content has been sent from services like Netflix or Amazon Prime. The researchers created a proof-of-concept (which is currently the only evidence of the exploit) to show how easily they could illegally download streaming video once CDM technology has decrypted it.Google was notified of the bug last month but is yet to patch it.

6 of 128 comments (clear)

  1. This is not a vulnerability by Anonymous Coward · · Score: 5, Insightful

    It's a feature!

  2. DRM the poem by downright · · Score: 5, Funny

    DRM will always fail.
    If it is on a screen or through a speaker
    I can capture and re-feature
    So spend your money and waste your time
    I want media I buy to be mine
    I can watch it on a tv
    I can watch it on a phone
    I can watch it in a car
    I can watch it at home
    I know to this you are appalled
    But any other way and we don't want it at all.
     

    1. Re:DRM the poem by Calydor · · Score: 4, Informative

      He wasn't talking about getting anything for free. He very specifically talks about media that has been bought.

      --
      -=This sig has nothing to do with my comment. Move along now=-
  3. Re:Illegally? by NotInHere · · Score: 5, Interesting

    thanks to mpaa and friends, bypassing DRM (even if its for legal purposes!) is illegal. Documenting how to bypass it is illegal too.

    In fact, if you tell google about the "vulnerability", you already commit a crime. Therefore, I think its best that google doesn't fix the "vulnerability", because if they fix it, people will find out about the details of the "vulnerability" by reading the git history, and this means google commits a crime itself.

  4. Or do it the better way... by Lumpy · · Score: 4, Informative

    Netflix Disc subscription... MakeMKV + handbrake. end up with far FAR better quality rips and 100% undetectable by the copyright police.

    --
    Do not look at laser with remaining good eye.
  5. Re:Netflix shares to rise by flyingfsck · · Score: 5, Informative

    For real operating system users:
    ffmpeg -f x11grab -r 25 -s cif -i :0.0 out.mpeg

    For toy operating system users:
    install uscreencapture dshow filter, then ffmpeg -f dshow -i video="UScreenCapture" out.mp4

    You are welcome.

    --
    Excuse me, but please get off my Pennisetum Clandestinum, eh!