They find devices that are easy to hack (and I mean rip and tear) and extract the decryption keys from each of them, from what I have heard cheap chinese tvs and set top boxes, they extract the keys from the chips (hardware hacking, heard some even use microscopes to read the keys by hand), and then use them to decrypt streams, I heard that they catch them pretty fast to they use like 1 device per season. This is why they use mostly stollen devices.
The really shitty thing is that vulnerable devices get blacklisted en masse, so all legitimate users get stuck with 480p video content on streaming services. The Nexus 5 got this treatment, as I understand it, because it was too easy to extract the keys.
Not a Netflix user here: Are you saying that paying customers get cut off from higher video quality, that they are possibly paying for, and pressured into buying new devices? That shit should be illegal!
Search for widevine decrypt. You’ll find code and forums where at least some L3 (software) keys are publicly shared. For high resolution on some platforms, you need L1 keys, but as far as I understand the decryption process basically stays the same once you have a working key.
You won't find a ton of up-to-date info that would let you do the same - the scene groups hold their methods closely specifically because of this cat-and-mouse game.
I.e I know that hdmi stream can be encrypted so I guess for Netflix you can't juste have a "hdmi splitter"? Do you need to go as far as plugging yourself just before the lcd pixels ? And if so , is it the moment where its easier to have a high def camera pointed at your lcd screen with post processing?
Breaking HDCP is a lot easier than breaking the other things. You don't have to attack the torment nexus directly. This is not the most ideal option but it is information theoretically correct assuming your capture rig is set up properly.
They find devices that are easy to hack (and I mean rip and tear) and extract the decryption keys from each of them, from what I have heard cheap chinese tvs and set top boxes, they extract the keys from the chips (hardware hacking, heard some even use microscopes to read the keys by hand), and then use them to decrypt streams, I heard that they catch them pretty fast to they use like 1 device per season. This is why they use mostly stollen devices.
The really shitty thing is that vulnerable devices get blacklisted en masse, so all legitimate users get stuck with 480p video content on streaming services. The Nexus 5 got this treatment, as I understand it, because it was too easy to extract the keys.
Not a Netflix user here: Are you saying that paying customers get cut off from higher video quality, that they are possibly paying for, and pressured into buying new devices? That shit should be illegal!
1 reply →
It provides a good incentive for manufacturers to invest into security for their devices.
2 replies →
Interesting - do you have any sources to read further?
Search for widevine decrypt. You’ll find code and forums where at least some L3 (software) keys are publicly shared. For high resolution on some platforms, you need L1 keys, but as far as I understand the decryption process basically stays the same once you have a working key.
Random article: https://www.ismailzai.com/blog/picking-the-widevine-locks
Claimed to be L1 key leaks (probably all blacklisted by now): https://github.com/Mavrick102/WIDEVINE-CDM-L1-Giveaway
You won't find a ton of up-to-date info that would let you do the same - the scene groups hold their methods closely specifically because of this cat-and-mouse game.
More easily in the past (I don't think if it's still true for 4K) you only needed an HDMI splitter to bypass HDCP copy protection.
Now you need both a buggy HDCP 1.4 splitter and an HDCP 2.1 to 1.4 converter.
The analog hole is real.
I was wondering how easy it is
I.e I know that hdmi stream can be encrypted so I guess for Netflix you can't juste have a "hdmi splitter"? Do you need to go as far as plugging yourself just before the lcd pixels ? And if so , is it the moment where its easier to have a high def camera pointed at your lcd screen with post processing?
Breaking HDCP is a lot easier than breaking the other things. You don't have to attack the torment nexus directly. This is not the most ideal option but it is information theoretically correct assuming your capture rig is set up properly.
It would be harder to break HDCP and you wouldn't even get the original compressed media content. It's a worse idea.