Your drm can watch you too: exploring the private implications of browsers (put) implementations of widevine eme – ufr istic computer and electronic, widevine cdm (for EME/DRM support) | Online help for the Vivaldi browser

Widevine CDM (for EME/DRM support)

If the videos protected by DRM cannot be read:

DRM Widevine

Thanks to html5, Users can now Videos on Web Browsers Without Instaling Plug-ins or Relying on specific devices. In 2017, W3C Published Encrypted Media Extensions (EME) AS The First Official Web Standard for Digital Rights Management (DRM), with the Overarching Goal of Allowing Seamless Integration of Drm Systems on Browsers. EME has prompt numbers Voices of Disse with respect to the inadequate protection of users. Of Particular Interest, privacy concerns were articulated, eSpecially that drm system inherently require uniquely identifying information on users’ devices to control content distribution better. Despite this anecdotal evidence, we lack a understanding overview of How Browsers have supported Eme in Practice and what Privacy implications are caused by their implementations. In this Paper, We Fill This Gap by Investigating Privacy Leakage Caused by Eme Relying on Proprietary and Closed-Source Drm Systems. We focus on google widevine because of its versatility and wide adoption. We conduct empirical experience to show that browsers diverge when complying eme privacy guidelines, which might undermits’ privacy. For Instance, we find that mary Browsers Gladly Give Away the identifying widevine customer id with no or little explicit consent from users. Moreover, we Characterize the Privacy Risks of Users Tracking when Browsers Miss Applying Eme Guidelines Regarding Privacy. Becuse of Being Closed-Source, Our Work Involves Reverse Engineering to Dissect the Contents of Eme Messages as Instantiated by Widevine. Finully, we implement Eme Track, A Tool that automatic exploits bad widevine-based implementations to break privacy.

Keywords

Areas

Complete metadata list
your_drm_can_watch_you_too.PDF (705.83 KB) Download the file
Origin: Files produced by the author (s)

Submitted on: Wednesday August 9, 2023-16: 07: 18

Last modification: Thursday August 31, 2023-16: 36: 47

Download to view

Dates and versions

HAL-04179324, version 1 (09-08-2023)

Licence

Paternity

Identifiers

  • HAL ID: HAL-04179324, version 1
  • Arxiv: 2308.05416
  • Doi: 10.56553/POPTS-2010-0112

To quote

Gwendal Patat, Mohamed Sabt, Pierre-Alain Fouque. Your drm can watch you too: exploring the private implications of browsers (put) implementations of widevine eme. Proceedings on Privacy Enhancing Technologies, Jul 2023, Lausanne, Switzerland. pp.306-321, ⟨10.56553/POPTS-2010-0112⟩. ⟨HAL-04179324⟩

Widevine CDM (for EME/DRM support)

Widevine is a “content deciphering module” (CDM) which allows Vivaldi to support the Encrypted Media Extensions (EME). EMEs are a kind of digital rights managers (DRM) and are required by many popular audio/video streaming services like Netflix, Amazon Prime, Spotify, Tidal, etc

Test the Widevine support by your browser

To check if your browser supports the videos protected by Widevine, go to Demo.castlabs.com and try to read the videos that are marked with “DRM”.

Install Widevine

If the videos protected by DRM cannot be read:

  1. Open Vivaldi: // Components
  2. Look for “Widevine content decryption module”
  3. Click on “Search updates”

Problems solving

If the DRM test video is still not read, submit a bug report indicating that you cannot read the owners. Specify your operating system (including architecture and version).

Was this page useful for you ?

Let us know if something is missing in this article. This is the only way to improve.

Thanks! You've already liked this
No comments