Widevine

Last updated

Widevine
Original author(s) Google
Stable release
1.4.9.1088
Written in C++
Operating system Cross-platform
Type Digital rights management
Website widevine.com

Widevine is a proprietary digital rights management (DRM) system developed by Google. It provides content protection for media. Widevine is divided into three security levels with differing levels of protection depending on the hardware present on the device. Widevine is included in most major web browsers and in Android and iOS.

Contents

Widevine was originally developed by Internet Direct Media, who later rebranded as Widevine Technologies. Following several rounds of funding, the company was acquired by Google in 2010 for an undisclosed amount.

History

Origins (1998–2006)

Widevine was created by Seattle-based Internet Direct Media in 1999 as Widevine Cypher. [1] The company, founded by executive Brian Baker and cryptography researcher Jeremy Horwitz, changed its name to Widevine Technologies. [2] [3]

In February 2001, Widevine Technologies released Widevine Cypher Enterprise; at the time, techniques such as screen recording and network request monitoring were common. Widevine Cypher used DES-X encryption to prevent these techniques. [4] Widevine Technologies partnered with Bellevue-based streaming company Midstream Technologies in April. [5] Baker returned to the company in 2001, leading it through a restructuring process; the process involved recapitalizing the company and firing many of its employees. [6]

In June 2003, Widevine Technologies secured US$7.8 million in funding from venture capital firms Constellation Ventures and Pacesetter Capital. [7] That same year, Widevine Technologies partnered with Taiwanese telecommunications company Chunghwa Telecom in an effort to secure their video-on-demand service. [8] Widevine Technologies would receive further funding in 2004 from Constellation Ventures and Pacesetter Capital, along with Phoenix Capital Partners, in a funding round led by VantagePoint Venture Partners, netting the company $13 million. [9]

Widevine Technologies branched out into digital watermarking in 2005, partnering with content processing company TVN Entertainment (now Vubiquity) for its Mensor system. [10] Widevine Mensor inserts a 64-bit payload into the signal, a computationally inexpensive operation. [11]

Growth (2006–2010)

In April 2006, Constellation Ventures, Pacesetter Capital, Phoenix Capital Partners, and VantagePoint Venture Partners joined digital communications company Cisco Systems and Canadian telecommunications company Telus to invest $16 million into Widevine Technologies. Cisco's involvement in the investment followed its acquisition of set-top box manufacturer Scientific Atlanta for $7 billion. [12] In a six-year agreement, Widevine was awarded a contract with Telus to use its technology in Telus's platforms. [13]

On August 3, 2007, Widevine Technologies filed a patent infringement lawsuit against content security company Verimatrix. [14] The two companies reached a settlement in March 2010. [15]

Vendors utilizing Widevine steadily increased up until 2010. In August 2008, CinemaNow used Widevine to expand its reach to multiple devices, including the Nintendo Wii, disc players from LG and Samsung, and the iPhone and iPod. [16] To implement DRM into Microsoft Silverlight for browsers not using Microsoft Windows, Microsoft worked with Widevine Technologies. [17] Widevine was also implemented into several streaming services using Adobe Flash, including content from Sony and Warner Bros. distributed in the virtual social network Gaia Online. [18]

In December 2009, Widevine received an additional $15 million in funding from telecommunications company Liberty Global and Samsung Ventures, the venture capital subsidiary of Samsung. [19] Samsung would expand its use of Widevine in June 2010. [20] LoveFilm signed a deal with Widevine in July 2010. [21]

Acquisition by Google (2010–present)

On December 3, 2010, Google announced that it had acquired Widevine for an undisclosed amount. [22] The acquisition occurred on the same day Viacom filed an appeal in Viacom v. YouTube , a case regarding Google's role in users uploading content owned by Viacom onto YouTube. [23] A CNN report in February 2011 revealed that Google had paid $150 million for Widevine, despite an internal valuation of the company being between $30 million and $40 million, making it the company's ninth largest acquisition until that point. [24]

Architecture

Widevine is divided into three security levels. The security level used is dependent on the usage of a trusted execution environment (TEE) in the client device. For example, ARM Cortex-A processors implement TrustZone technology, allowing cryptography and video processing to occur entirely within the TEE. [25] In Widevine L1, media decryption and processing occurs entirely in a TEE, and content is available in its original resolution. In Widevine L2, media decryption and processing occurs in software or dedicated video hardware, despite the presence of a TEE, and content is available in a fixed resolution. In Widevine L3, media decryption and processing occurs in software and no TEE is present, and content is available in a fixed resolution. [26]

In Android, Widevine L1 can be implemented into Stagefright, Android's media playback engine. [27] This is implemented in Qualcomm chips, where an OpenMAX (OMX) component communicates with the video driver at the kernel level. Multimedia memory is carved out through the memory management unit driver for ION, a memory manager introduced in Android 4.0 to address the various memory management interfaces across Android. [28] The input/output buffer is then allocated, and the content is decrypted and stored to a secured input buffer in TrustZone. [29]

Input → output overview

Widevine uses multiple standards and specifications, including MPEG Common Encryption (CENC), Encrypted Media Extensions (EME), Media Source Extensions (MSE), and Dynamic Adaptive Streaming over HTTP (DASH). [30] In addition, Widevine supports the HTTP Live Streaming (HLS) protocol, developed by Apple Inc. in 2009. [31]

In one implementation of Widevine, a browser receives encrypted content from a content delivery network (CDN). The content is then sent to the Content Decryption Module (CDM), which creates a license request to send to the license server. The player then receives a license from the license server and passes it to the CDM. To decrypt the stream, the CDM sends the media and the license to the OEMCrypto module, required to decrypt the content. [32] OEMCrypto is an interface to the TEE; most implementations ensure that session keys, decrypted content keys, and the decrypted content stream are not accessible to other running applications. This is usually accomplished through a secondary processor with separate memory. [33] The content is then sent to the video stack and displayed to the end user in chunks. [34] License request and license response messages are sent and received using Protocol Buffers. [35]

Vendors may implement their own proxy server within the license server, in cases where user authorization is managed by the vendor's preexisting proxy server. [36] This setup requires the use of the proxy server as a middleman. [37] Widevine requires the use of service certificates beginning in Chrome 59, along with iOS and some configurations of ChromeOS. [38] [note 1] A proxy server may choose to refuse to issue licenses for browsers that do not implement a "verifiable" framework, otherwise known as Verified Media Path (VMP). Notably, browsers running on Linux are not included in VMP. [40] Similarly, the High-bandwidth Digital Content Protection (HDCP) version used on the client device may be enforced by the proxy server. [41]

In Widevine L1 devices, certificate provisioning is usually performed once. During provisioning, the CDM creates a nonce and derives keys for certificate decryption and integrity checks, as well as dynamically generated buffers. The device key is treated as the Root of Trust (RoT). The RoT-derived client key protects the request using HMAC. [42] The RoT is established through a factory-provisioned component called the "keybox". The keybox is 128 bytes long with two special fields. The integrity of the keybox is checked by verifying the last eight bytes match a magic number ("kbox") followed by a cyclic redundancy check (CRC-32). [43] The other 120 bytes comprise an internal device ID (32 bytes), an Advanced Encryption Standard key (16 bytes), and a provisioning token (72 bytes). [44]

Summary of Widevine keybox fields
FieldDescriptionSize (bytes)
Device IDObtained in the OEMCrypto module using OEMCrypto_GetDeviceID32
Device key128-bit AES key. Derived into multiple keys in the OEMCrypto module using OEMCrypto_GenerateDerivedKeys16
Provisioning tokenAlso known as "key data". Used to provision requests. Obtained in the OEMCrypto module using OEMCrypto_GetKeyData72
Magic numberReferred to as "kbox"4
CRC-32Validates the integrity of the keybox4

Each content key is associated with a 128-bit key control block, specifying security constraints. The key control block ensures data path security requirements on clients such as Android, where video and audio are encrypted separately, and to provide a timeout value to the TEE. The block is AES-128-CBC encrypted with a random initialization vector (IV), and the fields are defined in big-endian byte order. The values of the block comprise a verification field, a duration field (expressed in seconds), a nonce, and control bits, all 32 bits each. [45] The control bits are a series of bit fields controlling the HDCP version that can be used, the data path type, whether or not a nonce should be used, and the Copy General Management System (CGMS) used. [46] Despite this, vendors may still choose to encrypt audio and video with the same key or may not even encrypt the audio at all. [47]

Client support

Widevine is included in most major web browsers, including Google Chrome. Derivatives of Chromium, including Microsoft Edge, Vivaldi, [48] and Opera, also implement Widevine. [49] Since June 2016, Firefox has supported Widevine directly in an effort to remove NPAPI support. [50] In addition, Widevine is supported on Android and iOS. [30] Streaming services utilizing Widevine include Netflix, Disney+, [51] Amazon Prime Video, Max, Hulu, Paramount+, and Discovery+. [52] Since Android 5, the version of Google Chrome used in Android supports Widevine. [53] In February 2021, Firefox for Android added Widevine. [54]

In Android, Widevine is implemented through a hardware abstraction layer (HAL) module plugin. The Widevine library on Android translates Android DRM API calls to Widevine CDM ones, and its role varies depending on the security level implemented; in Widevine L1, the Widevine library acts as a proxy for the TEE, while in L3, the library contains the obfuscated CDM. Additionally, the library liboemcrypto.so marshals and unmarshals requests to the Widevine trustlet for Widevine L1 through a specialized TEE driver, such as QSEEComAPI.so for Qualcomm Secure Execution Environment (QSEE). [55]

iOS does not natively support DASH or CENC. To work around this limitation, Widevine transmuxes DASH to HLS; the Universal DASH Transmuxer (UDT) parses the DASH manifest using an XML parser, such as libxml2. The UDT then creates an HLS playlist. [56]

Security

Widevine has been exploited multiple times. Researchers at Ben-Gurion University of the Negev discovered a vulnerability in Widevine in June 2016; the vulnerability allowed users to obtain a decrypted version of protected content in cache. [57]

In January 2019, security researcher David Buchanan claimed to have broken Widevine L3 through a differential fault analysis attack in Widevine's white-box implementation of AES-128, allowing Buchanan to retrieve the original key used to encrypt a stream. The MPEG-CENC stream could then be decrypted using ffmpeg. [58] [59] A similar vulnerability was exploited in October 2020. [60]

In 2021, the Android version of Widevine L3 was reverse engineered and broken by security researchers. [61] The same year, Qi Zhao presented the first attack breaking Widevine L1 in Android by recovering the L1 keybox. [62]

See also

Notes

  1. In ChromeOS, service certificates are required when remote_attestation_verified is enabled. remote_attestation_verified requires the use of a Trusted Platform Module (TPM) and is enabled at boot for devices with a TPM. [39]

Related Research Articles

<span class="mw-page-title-main">Firefox</span> Free and open-source web browser by Mozilla

Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements current and anticipated web standards. Firefox is available for Windows 10 or later versions, macOS, and Linux. Its unofficial ports are available for various Unix and Unix-like operating systems, including FreeBSD, OpenBSD, NetBSD, illumos, and Solaris Unix. It is also available for Android and iOS. However, as with all other iOS web browsers, the iOS version uses the WebKit layout engine instead of Gecko due to platform requirements. An optimized version is also available on the Amazon Fire TV as one of the two main browsers available with Amazon's Silk Browser.

Ad blocking or ad filtering is a software capability for blocking or altering online advertising in a web browser, an application or a network. This may be done using browser extensions or other methods.

A Rich Internet Application is a web application that has many of the characteristics of desktop application software. The concept is closely related to a single-page application, and may allow the user interactive features such as drag and drop, background menu, WYSIWYG editing, etc. The concept was first introduced in 2002 by Macromedia to describe Macromedia Flash MX product. Throughout the 2000-s, the term was generalized to describe browser-based applications developed with other competing browser plugin technologies including Java applets, Microsoft Silverlight.

Android is a mobile operating system based on a modified version of the Linux kernel and other open-source software, designed primarily for touchscreen mobile devices such as smartphones and tablets. Android is developed by a consortium of developers known as the Open Handset Alliance, though its most widely used version is primarily developed by Google. It was unveiled in November 2007, with the first commercial Android device, the HTC Dream, being launched in September 2008.

PlayReady is a media file copy prevention technology from Microsoft that includes encryption, output prevention and digital rights management (DRM). It was announced in February 2007.

<span class="mw-page-title-main">Google Chrome</span> Web browser developed by Google

Google Chrome is a web browser developed by Google. It was first released in 2008 for Microsoft Windows, built with free software components from Apple WebKit and Mozilla Firefox. Versions were later released for Linux, macOS, iOS, and also for Android, where it is the default browser. The browser is also the main component of ChromeOS, where it serves as the platform for web applications.

In mobile-telephone technology, the UniPro protocol stack follows the architecture of the classical OSI Reference Model. In UniPro, the OSI Physical Layer is split into two sublayers: Layer 1 and Layer 1.5 which abstracts from differences between alternative Layer 1 technologies. The actual physical layer is a separate specification as the various PHY options are reused in other MIPI Alliance specifications.

<span class="mw-page-title-main">Chromium (web browser)</span> Open-source web browser project

Chromium is a free and open-source web browser project, primarily developed and maintained by Google. It is a widely-used codebase, providing the vast majority of code for Google Chrome and many other browsers, including Microsoft Edge, Samsung Internet, and Opera. The code is also used by several app frameworks.

<span class="mw-page-title-main">ChromeOS</span> Linux-based operating system developed by Google

ChromeOS, sometimes styled as chromeOS and formerly styled as Chrome OS, is a Linux-based operating system developed and designed by Google. It is derived from the open-source ChromiumOS and uses the Google Chrome web browser as its principal user interface.

<span class="mw-page-title-main">WebSocket</span> Computer network protocol

WebSocket is a computer communications protocol, providing simultaneous two-way communication channels over a single Transmission Control Protocol (TCP) connection. The WebSocket protocol was standardized by the IETF as RFC 6455 in 2011. The current specification allowing web applications to use this protocol is known as WebSockets. It is a living standard maintained by the WHATWG and a successor to The WebSocket API from the W3C.

Modern HTML5 has feature-parity with the now-obsolete Adobe Flash. Both include features for playing audio and video within web pages. Flash was specifically built to integrate vector graphics and light games in a web page, features that HTML5 also supports.

Lektz is an eBook business platform developed by AEL Data, operating in the UK and India. The platform has DRM, ebook reader applications, virtual book store, ebook conversion, elending, consumer analytics, and digital marketing solutions for small, medium-sized publishers and independent authors. M.S. Mohammed Sadiq, Sr. Vice President of AEL Data, is the chief architect of the Lektz platform and it draws support from AEL Data's ePublishing, digitization, accessibility solutions, and application development services.

<span class="mw-page-title-main">VP9</span> Open and royalty-free video coding format released by Google in 2013

VP9 is an open and royalty-free video coding format developed by Google.

A trusted execution environment (TEE) is a secure area of a main processor. It helps code and data loaded inside it to be protected with respect to confidentiality and integrity. Data integrity prevents unauthorized entities from outside the TEE from altering data, while code integrity prevents code in the TEE from being replaced or modified by unauthorized entities, which may also be the computer owner itself as in certain DRM schemes described in SGX. This is done by implementing unique, immutable, and confidential architectural security such as Intel Software Guard Extensions which offers hardware-based memory encryption that isolates specific application code and data in memory. Intel SGX allows user-level code to allocate private regions of memory, called enclaves, which are designed to be protected from processes running at higher privilege levels. A TEE as an isolated execution environment provides security features such as isolated execution, integrity of applications executing with the TEE, along with confidentiality of their assets. In general terms, the TEE offers an execution space that provides a higher level of security for trusted applications running on the device than a rich operating system (OS) and more functionality than a 'secure element' (SE).

<span class="mw-page-title-main">Chromecast</span> Line of digital media players developed by Google

Chromecast is a line of digital media players developed by Google. The devices, designed as small dongles, can play Internet-streamed audio-visual content on a high-definition television or home audio system. The user can control playback with a mobile device or personal computer through mobile and web apps that can use the Google Cast protocol, or by issuing commands via Google Assistant; later models introduced an interactive user interface and remote control. Content can be mirrored to video models from the Google Chrome web browser on a personal computer or from the screen of some Android devices.

Encrypted Media Extensions (EME) is a W3C specification for providing a communication channel between web browsers and the Content Decryption Module (CDM) software which implements digital rights management (DRM). This allows the use of HTML5 video to play back DRM-wrapped content such as streaming video services without the use of heavy third-party media plugins like Adobe Flash or Microsoft Silverlight. The use of a third-party key management system may be required, depending on whether the publisher chooses to scramble the keys.

<span class="mw-page-title-main">Google App Runtime for Chrome</span> Compatibility layer and sandboxing technology

Android Runtime for Chrome (ARC) is a compatibility layer and sandboxing technology for running Android applications on desktop and laptop computers in an isolated environment. It allows applications to be safely run from a web browser, independent of user operating system, at near-native speeds.

<span class="mw-page-title-main">Xiaomi Pocophone F1</span> 2018 smartphone by Xiaomi

The Xiaomi Pocophone F1 is a smartphone developed by Xiaomi Inc, a Chinese electronics company based in Beijing. It was announced on 22 August 2018 in New Delhi, India. Though part of Xiaomi's line of mid-range devices, it is equipped with high-end specifications. The device is available globally in limited numbers, except for India where it enjoys wide availability. The Pocophone was often considered to be a flagship model of the Redmi line of 2019, although officially marketed as a separate and distinct model.

<span class="mw-page-title-main">Nearby Share</span> Data transfer program by Google

Nearby Share was a functionality developed by Google that allows data to be transferred between devices via Bluetooth, Wi-FI Direct or Internet. In 2024, it was merged into Samsung's Quick Share. It was available for Android, ChromeOS and Microsoft's Windows. It was first released on August 4, 2020.

<span class="mw-page-title-main">Privacy Sandbox</span> Google initiative to create web standards for advertising without the use of third-party cookies

The Privacy Sandbox is an initiative led by Google to create web standards for websites to access user information without compromising privacy. Its core purpose is to facilitate online advertising by sharing a subset of user private information without the use of third-party cookies. The initiative includes a number of proposals, many of these proposals have bird-themed names which are changed once the corresponding feature reaches general availability. The technology include Topics API, Protected Audience, Attribution Reporting, Private Aggregation, Shared Storage and Fenced Frames as well as other proposed technologies. The project was announced in August 2019.

References

Citations

  1. Chiang, Oliver (December 3, 2010). "Google Buys Digital Video Company Widevine, Building Up Video On-Demand Service". Forbes . Retrieved March 13, 2023.
  2. Dudley, Brier (December 3, 2010). "Google acquires Widevine". The Seattle Times . Retrieved March 13, 2023.
  3. "Internet Direct Media rebrands as Widevine Technologies". Ad Age . September 29, 2000. Retrieved March 13, 2023.
  4. Kieskowski, Ellie (February 12, 2001). "Widevine Releases Enterprise Targeted Security Solution". Streaming Media. Retrieved March 13, 2023.
  5. "Midstream Teams with Widevine". InternetNews. April 18, 2001. Retrieved March 13, 2023.
  6. Cook, John (April 18, 2006). "$16 million boost for Seattle's Widevine". Seattle Post-Intelligencer . Retrieved March 13, 2023.
  7. "Widevine raises $7.8 million". Puget Sound Business Journal . June 17, 2003. Retrieved March 13, 2023.
  8. Meisner, Jeff (March 7, 2004). "VCs betting on Widevine's data-encryption software". Puget Sound Business Journal . Retrieved March 13, 2023.
  9. "Widevine raises $13 million". Puget Sound Business Journal . February 10, 2004. Retrieved March 13, 2023.
  10. White, Peter (November 16, 2005). "VCs betting on Widevine's data-encryption software". Rethink Technology Research. Retrieved March 13, 2023.
  11. Rassool, Reza (August 1, 2007). "Widevine's Mensor". TV Technology . Retrieved March 13, 2023.
  12. Reardon, Marguerite (April 19, 2006). "Cisco backs DRM start-up". CNET . Retrieved March 13, 2023.
  13. "TELUS Selects Widevine". Converge Digest. November 12, 2006. Retrieved March 13, 2023.
  14. "Widevine alleges patent breach". Advanced Television. August 3, 2007. Retrieved March 13, 2023.
  15. Spangler, Todd (March 24, 2010). "Widevine, Verimatrix Settle Patent Dispute". Multichannel News . Retrieved March 13, 2023.
  16. Healey, Jon (August 18, 2008). "CinemaNow, Widevine bring movies to more devices". Los Angeles Times . Retrieved March 13, 2023.
  17. "Microsoft, Silverlight and Widevine". Los Angeles Times . April 14, 2008. Retrieved March 13, 2023.
  18. Nicole, Kristen (January 3, 2008). "Sony, Warner Virtual World Cinemas Sign Widevine for DRM Protection". Mashable . Retrieved March 13, 2023.
  19. "Widevine pulls in $15 million from investors". Seattle Times . December 14, 2009. Retrieved March 13, 2023.
  20. Dickson, Glen (June 22, 2010). "Samsung Taps Widevine for Connected Devices". Broadcasting & Cable . Retrieved March 13, 2023.
  21. O'Hear, Steve (July 29, 2010). "Lovefilm, the Netflix-of-Europe, signs deal with Widevine to beef up multi-platform play". TechCrunch . Retrieved March 13, 2023.
  22. Healey, Jon (December 3, 2010). "Google buys anti-piracy firm Widevine". Los Angeles Times . Retrieved March 13, 2023.
  23. Murph, Darren (December 5, 2010). "Google spends a few more million, picks up Widevine DRM software firm". Engadget . Retrieved March 13, 2023.
  24. Konrad, Alex (August 16, 2011). "Google's 10 biggest acquisitions (so far)". CNN . Retrieved March 13, 2023.
  25. Triggs, Robert (November 27, 2022). "What is Widevine digital rights management (DRM) and why does it matter?". Android Police. Retrieved March 13, 2023.
  26. Davenport, Corbin (March 27, 2021). "How to check if your Android device supports Widevine DRM". XDA Developers . Retrieved March 13, 2023.
  27. "Media". Android Open Source Project. Retrieved March 13, 2023.
  28. Zeng, Thomas (February 8, 2012). "The Android ION memory allocator". LWN.net. Retrieved March 13, 2023.
  29. "Protecting your premium HD content with Widevine Digital rights management (DRM) on Inforce platforms". Penguin Solutions. September 10, 2016. Retrieved March 13, 2023.
  30. 1 2 Google 2017, p. 5.
  31. Google 2017, p. 9.
  32. Google 2017, pp. 10–13.
  33. Google 2013, p. 9.
  34. Google 2017, p. 11.
  35. Google 2017, p. 10.
  36. Google 2019, p. 6.
  37. Google 2019, p. 7.
  38. Google 2019, p. 20.
  39. Santos, Gummadi & Rodrigues 2009, p. 3.
  40. Salter, Jim (January 31, 2020). "Linux Star Trek fans, rejoice: CBS All Access now works in your OS". Ars Technica . Retrieved March 15, 2023.
  41. Google 2019, p. 31.
  42. Patat, Sabt & Fouque 2022a, p. 5.
  43. Patat, Sabt & Fouque 2022a, p. 6.
  44. Patat, Sabt & Fouque 2022a, p. 7.
  45. Google 2013, p. 16.
  46. Google 2013, p. 17.
  47. Patat, Sabt & Fouque 2022b, p. 5.
  48. Conway, Adam (October 21, 2022). "Google is deprecating the Widevine CDM for Chrome and Chromium-based browsers". XDA Developers . Retrieved March 15, 2023.
  49. Abrams, Lawrence (April 2, 2019). "Chromium Microsoft Edge Can Play 4K Netflix Video, Unlike Chrome". BleepingComputer . Retrieved March 15, 2023.
  50. "Mozilla To Test Widevine CDM in Firefox Nightly To Facilitate Video Watching Online". Mozilla. April 7, 2016. Retrieved March 13, 2023.
  51. Patat, Sabt & Fouque 2022a, p. 1.
  52. "Overview". Widevine.
  53. Google 2017, p. 23.
  54. Humphries, Matthew (February 2, 2021). "Firefox 85 for Android Allows DRM-Protected Content to Play Again". PCMag . Retrieved March 13, 2023.
  55. Patat, Sabt & Fouque 2022a, p. 3.
  56. Google 2017, p. 24.
  57. Chirgwin, Richard (June 28, 2016). "Google's Widevine DRM doesn't quite manage". The Register . Retrieved March 13, 2023.
  58. Humphries, Matthew (January 3, 2019). "Report: Google's Widevine L3 DRM Cracked". PCMag . Retrieved March 13, 2023.
  59. Hager, Ryne (January 3, 2019). "Google's Widevine L3 DRM, used by Netflix, Hulu, and HBO, has been broken". Android Police. Retrieved March 13, 2023.
  60. Krebs, Brian (March 13, 2023). "Google Mending Another Crack in Widevine". Krebs on Security. Retrieved March 13, 2023.
  61. Patat, Sabt & Fouque 2022a, p. 10.
  62. Zhao, Qi. "Wideshears: Investigating and Breaking Widevine on QTEE" (PDF). Hyrathon's Blog. Retrieved 26 July 2023.

Bibliography

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.