A bug in Chrome makes video stream piracy way too easy

By Jon Martindale June 27, 2016

Acer Chromebook 14 CB3-431-C5FM — Bill Roberson/Digital Trends

Although there is some acceptance around the world that once you put something online, someone is probably going to try to pirate it, most media companies and website owners like to add a degree of difficulty — so at least not everyone can do it. Chrome, it seems, is a notable exception, as a bug in the Google-designed browser is making it a piece of cake to rip just about any stream online.

This isn’t something Google meant to happen, of course. It uses a digital rights management (DRM) system called Widevine to protect online streams, but this latest bug just skips right by it. We’d love to tell you how it all works — for the intellectually curious only, of course — but the people who figured it out aren’t telling anyone, for obvious reasons.

They do say, though, that the bug has likely been present since Google implemented Widevine protection within Chrome several years ago. The concern is that the bug could be used to easily rip streams from the likes of Netflix or Amazon video, which could seriously threaten those businesses if the practice became widespread.

Of course they have reached out to Google which is now aware of the issue. While the presumption is that the search giant is fixing up the flaw, the researchers have said they will disclose the bug 90 days after reporting it to Google (according to Wired), so if no action is taken, an incentive exists nonetheless.

It seems unlikely that Google would ignore such a report — especially now it’s been so widely reported — but it may need to do more than just shore up this hole. The issue exists due to the way Chrome’s DRM system works, so it may need to revamp it entirely so decrypted video streams are stored within a secure space, rather than openly as they are now.

Perhaps more worryingly, though: Google isn’t necessarily the only one that may have to update its browser. When pressed for a statement on the matter, Google said that this issue could exist in every browser using Chromium foundations.

What will be interesting to learn is whether Firefox and Opera also have a similar bug present. While not based on the Chromium system, they do both utilize the Google-owned Widevine DRM. Other browsers, like Safari and Internet Explorer, do not.

Editors' Recommendations

Topics

Computing Coordinator

Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…

Computing

Google Chrome’s latest update solves the browser’s biggest problem

Google Chrome icon in mac dock.

Google Chrome is one of the best browsers around, but it's always had a big problem with memory usage. It's finally addressing the issue in a new Chrome 110 update that promises to reduce RAM usage by up to 30% and make the browser for efficient.

Chrome has a reputation for its speed, security, and feature drops, as well as a penchant for hanging on to your precious RAM like an episode of Hoarders. Granted, Google has made strides in improving Chrome's memory efficiency by hibernating tabs in the background, but it still struggles with it compared to Microsoft Edge or Mozilla Firefox.

Computing

Google may have just fixed Chrome’s most annoying problem

A Macbook with Google Chrome opened to a Gmail inbox.

While Google Chrome is one of the best web browsers, over the years it has gained a reputation for being something of a resource hog, gobbling up your PC’s memory like it’s going out of style. That can be a problem if you’re running other resource-heavy tasks and don’t want things to slow down. Now, Chrome has been updated with two new features that cut down on memory usage and extend your laptop’s battery life, according to Google. The changes are set to roll out today with the latest release of Chrome on desktop (version m108).The first new feature, dubbed Memory Saver, is designed to reduce the amount of memory Chrome’s tabs use. It does this by freeing up memory from inactive tabs, and putting them to sleep so they can’t monopolize your system’s resources. When you need to access the tabs again, they will be reloaded and become active. The goal of Energy Saver, meanwhile, is fairly self-explanatory -- helping your laptop battery last longer -- but it does so in a somewhat interesting way. When your battery drops to 20%, Chrome will try to prolong your battery life by “limiting background activity and visual effects for websites with animations and videos.”Presumably, this means Chrome will limit the kind of flashy effects that have made a comeback in web design in recent years. Google says that when these new features launch, users will still be able to customize them to their liking. You can disable either Memory Saver or Energy Saver (or both), and mark certain websites as exempt in Chrome’s settings. The changes could turn out to be important. While Chrome has managed to become the dominant Windows web browser and one of the best browsers for Mac, it has been plagued by poor memory management for years. If Memory Saver and Energy Saver are able to help ameliorate that -- and make your battery last longer too -- then Google might have gone some way to fixing Chrome’s biggest problem. Both Memory Saver and Energy Saver will be launched globally over the next few weeks. The features are coming to Chrome on Windows, macOS, and ChromeOS.

Computing

Half of Google Chrome extensions may be collecting your personal data

Google Chrome icon in mac dock.

Data risk management company Incogni has found that half of every installed Google Chrome extension has a high to very high risk of collecting personal data, showing a strong correlation to the number of permissions given.

After analyzing 1,237 Chrome extensions found in the Chrome Web Store, a study by Incogni has uncovered some troubling findings. Nearly half (48.7%) of the extensions were found to potentially expose users' personally identifiable information (PII), distribute malware and adware, and record passwords and financial information.