This isn’t something Google meant to happen, of course. It uses a digital rights management (DRM) system called Widevine to protect online streams, but this latest bug just skips right by it. We’d love to tell you how it all works — for the intellectually curious only, of course — but the people who figured it out aren’t telling anyone, for obvious reasons.
They do say, though, that the bug has likely been present since Google implemented Widevine protection within Chrome several years ago. The concern is that the bug could be used to easily rip streams from the likes of Netflix or Amazon video, which could seriously threaten those businesses if the practice became widespread.
Of course they have reached out to Google which is now aware of the issue. While the presumption is that the search giant is fixing up the flaw, the researchers have said they will disclose the bug 90 days after reporting it to Google (according to Wired), so if no action is taken, an incentive exists nonetheless.
It seems unlikely that Google would ignore such a report — especially now it’s been so widely reported — but it may need to do more than just shore up this hole. The issue exists due to the way Chrome’s DRM system works, so it may need to revamp it entirely so decrypted video streams are stored within a secure space, rather than openly as they are now.
Perhaps more worryingly, though: Google isn’t necessarily the only one that may have to update its browser. When pressed for a statement on the matter, Google said that this issue could exist in every browser using Chromium foundations.
What will be interesting to learn is whether Firefox and Opera also have a similar bug present. While not based on the Chromium system, they do both utilize the Google-owned Widevine DRM. Other browsers, like Safari and Internet Explorer, do not.
Editors' Recommendations
- These 2 new Edge features are making Chrome look outdated
- Google may have just fixed Chrome’s most annoying problem
- This Chrome extension lets hackers remotely seize your PC
- Why Google Chrome Incognito Mode isn’t what it claims to be
- Google Chrome tops this list of most vulnerable browsers