body { -ms-overflow-style: scrollbar; overflow-y: scroll; overscroll-behavior-y: none; } .errorContainer { background-color: #FFF; color: #0F1419; max-width: 600px; margin: 0 auto; padding: 10%; font-family: Helvetica, sans-serif; font-size: 16px; } .errorButton { margin: 3em 0; } .errorButton a { background: #1DA1F2; border-radius: 2.5em; color: white; padding: 1em 2em; text-decoration: none; } .errorButton a:hover, .errorButton a:focus { background: rgb(26, 145, 218); } .errorFooter { color: #657786; font-size: 80%; line-height: 1.5; padding: 1em 0; } .errorFooter a, .errorFooter a:visited { color: #657786; text-decoration: none; padding-right: 1em; } .errorFooter a:hover, .errorFooter a:active { text-decoration: underline; } #placeholder, #react-root { display: none !important; } body { background-color: #FFF !important; }

JavaScript is not available.

We’ve detected that JavaScript is disabled in this browser. Please enable JavaScript or switch to a supported browser to continue using twitter.com. You can see a list of supported browsers in our Help Center.

Terms of Service Privacy Policy Cookie Policy Imprint Ads info © 2023 X Corp.

Conversation

Soooo, after a few evenings of work, I've 100% broken Widevine L3 DRM. Their Whitebox AES-128 implementation is vulnerable to the well-studied DFA attack, which can be used to recover the original key. Then you can decrypt the MPEG-CENC streams with plain old ffmpeg...

38

805

2,127

#fulldisclosure

2

2

89

plz no lawsuit

1

14

269

Huge thanks to

and the Side-Channel Marvels project for making this attack scarily trivial to pull off.

1

5

103

12:05 AM · Jan 3, 2019

13

Bookmarks

Steven Ketelsen, Rapid Unscheduled Disassembler

Flippy Bois omg

9

@Blips_and_Chitz

Did you also try to apply DCA?

CryptoMiniSat involved? Drop me a line, I'm the author :) I'd be happy to check if I can make it faster for your use case. Plus the CNF would be great for the SAT competition this year!

2

that dang walrus

@realWalrusAcct

how are you able to inject faults?

1

I still don't get why companies still bother with DRM, it still gets cracked apart pretty quickly, and all it ever does is make it almost impossible to watch things legitimately...

1

1

6