news.buyenne.com

Sony hat Klage gegen den chinesischen Technologiekonzern Tencent eingereicht. Grund ist das Spiel Light of Motiram, das stark an die Horizon-Reihe erinnert. (Spiele, Sony)

Die Regierung macht den Weg für ferngesteuertes Fahren auf deutschen Straßen frei. Auch auf Autobahnen dürfen die Autos unterwegs sein. Ein Bericht von Friedhelm Greis (Autonomes Fahren, Auto)

With more ways to stream online video than ever before, protecting content continues to be a key issue for copyright holders.

This is often achieved through Digital Rights Management (DRM) anti-piracy tools that dictate where and when digital content can be accessed.

PlayReady DRM is one of the leading players in the field. The Microsoft-owned technology is used by many of the largest streaming services including Disney+, Netflix, Prime Video, and others. As such, keeping it secure is vital.

Unfortunately for rightsholders, most protection measures have their weak spots. That also applies to PlayReady, as pirates have repeatedly shown that not all implementations are perfectly watertight.

Certificates Leaked on GitHub

A few weeks ago, an account named ‘Widevineleak‘ published a list of both SL2000 and SL3000 certificates on GitHub. The SL2000 variant is commonly referred to as software DRM while the higher SL3000 provides more advanced hardware-based security.

The leak of SL3000 certificates is particularly problematic because SL3000 is intended to protect the highest quality content, including 4K and UHD releases. With these certificates, pirates could potentially decrypt and re-distribute high-resolution video streams, effectively bypassing the protections.

The prospect of mass piracy is clearly problematic for rightsholders, streaming platforms, and PlayReady itself, which relies on trust and security. It therefore comes as no surprise that Microsoft took immediate action.

Microsoft Issues Takedown Notice

Microsoft’s response included a takedown notice sent to its subsidiary, GitHub, asking it to remove the leaked SL3000 certificates. This confirms that the leaked information was the real deal and at risk of being exploited.

“The hosted materials are part of our PlayReady product and allow bad actors to pirate PlayReady protected content,” the notice reads, adding that “the entire repository is infringing” so should be completely removed.

Takedown notice

GitHub complied with the takedown notice and removed the content in question, as well as two forks of the repository. Visitors who check out the link today will see a removal notice instead.

Curiously, the leaked SL2000 certificates were not mentioned in the takedown notice and remain online at the time of writing. While the immediate focus was on the higher-security SL3000 certificates, the omission raises questions about Microsoft’s broader strategy for addressing such leaks across different security tiers.

Leaked SL-2000 certificates

Microsoft did not immediately respond to a request for comment on the leak and the takedown notice. That said, it doesn’t appear to be the only company to notice the leak.

Amazon Bans Users over Leaked Certificates

Amazon Prime, which uses PlayReady DRM among other protections, takes action against accounts that use these leaked certificates. An email seen by TF indicates an account suspension due to a violation of Prime Video’s terms of use.

“We have indefinitely suspended this account pursuant to Section 6.a. of the Prime Video Terms of Use because we have found you to be in violation of the said Terms,” the email reads.

Amazon’s suspension email (partial)

The email adds that Section 4.k of the terms specifically prohibits attempts to disable, bypass, modify, defeat, or otherwise circumvent any DRM or other content protection systems. That would apply to those who use leaked credentials.

Account suspensions are not isolated to these leaked certificates. Users of other DRM circumvention tools, including VineTrimmer PlayReady, also had their accounts banned recently.

Amazon did not respond to our request for comment, but it is clear that these types of DRM circumvention efforts can be monitored and are taken seriously.

Ultimately, the integrity of DRM systems like PlayReady hinges on the trust placed in them by content owners. These leaks not only undermine trust but also serve as a stark reminder that the fight for content protection is an ongoing, adaptive battle, with pirates constantly looking for the next exploit.

From: TF, for the latest news on copyright battles, piracy and more.

Mobilfunktarife sind am besten flexibel und günstig. Mit der CallYa Allnet Flat S zahlen Nutzer anfangs umgerechnet nur 6,66 Euro pro Monat. (Vodafone, Mobilfunk)

Immer mehr Firmen suchen nach nachweisbarer Kompetenz statt formaler Abschlüsse. Zertifikate von AWS und Co. boomen - doch nicht jedes hält, was es verspricht. Ein Ratgebertext von Oliver Jessner (Arbeit, AWS)

Ist eine Person volljährig? Mittels KI-Systemen will Youtube das Verhalten von Accounts analysieren und sie in Altersgruppen einstufen. (Youtube, Video-Community)

In den USA diskutieren Militärexperten darüber, wie sich KI in die nukleare Befehlskette einfügen lasse. Das kann Angst machen - und Hoffnung. Eine Analyse von Friedrich List (Militär, KI)

In dem KI-Aktionsplan wählt China inklusive Worte und richtet sich an alle Länder, die von US-Präsident Donald Trump ausgeschlossen werden. (KI, Politik)

US-Präsident Donald Trump fordert mehr Investitionen in den USA. Samsung plant ein altes Projekt wiederzubeleben, um Südkoreas Zollverhandlungen zu unterstützen. (Halbleiterfertigung, TSMC)

Researchers needed less than 48 hours with Google’s new Gemini CLI coding agent to devise an exploit that made a default configuration of the tool surreptitiously exfiltrate sensitive data to an attacker-controlled server.

Gemini CLI is a free, open-source AI tool that works in the terminal environment to help developers write code. It plugs into Gemini 2.5 Pro, Google’s most advanced model for coding and simulated reasoning. Gemini CLI is similar to Gemini Code Assist except that it creates or modifies code inside a terminal window instead of a text editor. As Ars Senior Technology Reporter Ryan Whitwam put it last month, “It's essentially vibe coding from the command line.”

Gemini, silently nuke my hard drive

Our report was published on June 25, the day Google debuted the tool. By June 27, researchers at security firm Tracebit had devised an attack that overrode built-in security controls that are designed to prevent the execution of harmful commands. The exploit required only that the user (1) instruct Gemini CLI to describe a package of code created by the attacker and (2) add a benign command to an allow list.

Read full article

Comments