As the vulnerability affects Widevine more precisely, a DRM (digital rights management or digital rights manager) supposed to protect the videos shown in a browser. This technology verifies that a user is entitled to view content. In such cases, the security flaw gives the user a license key to decrypt it. On a PC with Windows 7 and the 50 version of Google Chrome, David Livshits and the Alexandra Mikityuk has shown a video of the site “demo.castlabs.com” which intercepted during the playback. Hence, this video is then saved on the hard disk in two versions, one compressed and one uncompressed, and to read it, just open the file in a media player.
According to the reports, EME is responsible for the key exchange or license between the protection systems of content providers and browser HOM module. When users select a movie to watch, CDM request a license from the supplier via the EMS interface. When it receive the license, the CDM is able to decrypt the video and send it to the web player to stream the decrypted content. The media site “Wired” said that “The simplicity of stealing content protected with this approach poses a serious risk to the Hollywood studios that rely on these technologies to protect their works”. Both the experts warned that Google on May 24, but the search giant Google has yet to patch the security bug. Hence, they will wait at least 90 days before revealing to the public how the flaw actually works, since they are against movie piracy. According to them, the good news is that this should be easily fixed via a software update, but that does not really solve the underlying problem.
