Chrome is a goldmine if you want to pirate movies

If you lot believe in that location'south nothing incorrect with piracy, this might exist a groovy news for you lot. Security researchers have discovered a vulnerability in Google Chrome that could exist exploited to relieve "illegal copies" of movies yous stream on the browser. Netflix, Amazon Prime? Stream and download.

Chrome makes information technology really easy to pirate movies

David Livshits of the Cyber Security Inquiry Heart at Ben-Gurion Academy, Israel and Alexandra Mikityuk of Telekom Innovation Laboratories in Berlin, Germany accept discovered a bug in Chrome that allows users to download video from streaming services similar Amazon Prime number and Netflix. While the details of this "very uncomplicated" vulnerability aren't available publicly - much to the dismay of pirates - Google is given 90 days by the experts to fix the outcome.

The vulnerability lies in Chrome'south implementation of the digital management system (Widevine EME/CDM engineering science) that is used to communicate with streaming services like Netflix and others to stream encrypted video. When users request to stream a video, Widevine sends and receives a license request to decrypt the video which is and then sent to the browser to stream. DRM system is supposed to allow content to stream directly to the browser. However, researchers uncovered that Google's arrangement was allowing third parties to copy the stream as it was being sent to the browser. "The point at which you tin hijack the decrypted moving picture is right after the CDM decrypts the film and is passing information technology to the player for streaming," researchers toldWired.

Google didn't create this technology, but information technology does own it. The tech giant acquired Widewine in 2022 to secure streams and the flaw has existed in the system since and so. Firefox and Opera too utilise the aforementioned technology, while Safari and Internet Explorer have their own DRM systems.

Security researchers have shared a proof-of-concept video demonstrating the vulnerability. They informed Google about this flaw on May 24, which means Google gets 90 days to patch the exploit before researchers disembalm the details publicly.