←back to thread

"Widevine Dump":Leaked Code Downloads HD Video from Disney+, Amazon, and Netflix

(torrentfreak.com)
449 points bertman | 2 comments | 27 Dec 21 12:55 UTC | HN request time: 0.002s | source
Show context
garblegarble ◴[27 Dec 21 15:05 UTC] No.29703013[source]
The repo readme is pretty telling - this is being leaked to force this particular key to be blacklisted, I guess one group annoyed with others and wanting to cut off their access (and presumably the leaking group already has other L1 keys so doesn't fear this key being burned...)
replies(3): >>29703084 #>>29703220 #>>29704610 #
charcircuit ◴[27 Dec 21 15:13 UTC] No.29703084[source]
or they had the skills to just dump it again

Edit: nvm I understood which key you were talking about. I would have replied, but I'm rate limited.

replies(1): >>29703102 #
garblegarble ◴[27 Dec 21 15:15 UTC] No.29703102[source]
Ah, I thought L1 keys were burned into hardware, so blacklisting this key was effectively blacklisting a bunch of Lenovo tablets from accessing 4K HDR streaming?

Edit: looks like I'm wrong about this, and the Widevine L1 keys can be changed with a firmware update. There's an interesting breakdown of how it works on Qualcomm chips here: http://bits-please.blogspot.com/2016/04/exploring-qualcomms-...

replies(2): >>29703560 #>>29704941 #
londons_explore ◴[27 Dec 21 16:01 UTC] No.29703560[source]
Does this mean if I have a lenovo tablet that currently streams 4K, that it will lose 4K video support? Could I ask Lenovo for a refund?
replies(3): >>29703624 #>>29703675 #>>29703683 #
1. garblegarble ◴[27 Dec 21 16:14 UTC] No.29703675[source]
I would think so (the repo suggests this is a Lenovo TB-X505X key, I'd imagine they're at least per-product). I could certainly be be wrong about L1 keys being burned-in, that was just my understanding of it (vendor docs say things like "Hardware DRM", but maybe I'm jumping to conclusions from marketing speak)

The Widevine spec doesn't say either, it just says that all processing is within the Trusted Execution Environment, so I suppose the keys could be loaded/updated in firmware. I'm looking for more docs now...

Edit: looks like I was wrong and they can be changed with firmware updates: http://bits-please.blogspot.com/2016/04/exploring-qualcomms-...

replies(1): >>29703804 #
2. alias_neo ◴[27 Dec 21 16:28 UTC] No.29703804[source]
TEE is an environment with hardware backed attestation, you run a piece of software in the "black box" to do things like key generation etc.

My educated guess, having used TEE/TrustZone for keys is that they could update the payload (the "Trusted Executable") with a new one to resolve the issue.