Soooo, after a few evenings of work, I've 100% broken Widevine L3 DRM. Their Whitebox AES-128 implementation is vulnerable to the well-studied DFA attack, which can be used to recover the original key. Then you can decrypt the MPEG-CENC streams with plain old ffmpeg...
-
-
-
Huge thanks to
@doegox and the Side-Channel Marvels project for making this attack scarily trivial to pull off.Show this thread -
New conversation -
-
-
I'm generally in favor of full disclosure anyway, but I don't think it should even be a question in cases like this when the exploit isn't something that can harm the owner of the device being exploited. If it's their device, they *should* be able to do what they want with it.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.