There is a trick to record Netflix from Chrome. Just inspect the element and add this style: `filter: blur(0px)`. Now use any screen recorder. Video stream will get recorded.
DRMs cannot protect from virtualization and screen recording. Create a Virtual Machine, add your streaming service in it, record your screen from the main machine.
Are you sure? The DRM video cant be played inside VM. it stucks indefinitely. Even if it plays, recorded video wont show the DRM video, and the frame where video was playing will be shown as black box(similar to the example in this video). PS: I tried this with primevideo on windows10 vm hosted by Ubuntu.
There’s some hardcore engineering going on in the world, and folks here in India are chatting about DSA vs. dev! 🤦♂ Edit: Quite a few people in the replies clearly lack basic common sense and are getting triggered just because I mentioned DSA. They seem to think I’m saying DSA is useless, which I never said. By that logic, you could also infer that I’m saying dev is useless. What I’m really addressing is this absurd, baseless debate of 'either DSA or Dev.' If you’re pursuing computer science, DSA is a must-it's not optional. There shouldn't even be a debate about this.
That's I want to also say, thse Yt wala bhiaiya, didi, bhabhi have runied the engineering ecosystem of India. And stupid students are blindly following the DSA cheatsheets only.
Am a senior developer, and your completely wrong here , you need mind and logic building to do these kinds of things , for those we need DSA , DSA is not just about solving problems it's how you approach them.
You can't record screen record , its a browser feature not Netflix. You have to disable some settings in browser to stop Netflix applying such security
So basically it doesn't actually protect from piracy, but requires you to install proprietary stuff and leak a bunch of info to Google. Neat. Thanks for the explanation!
This video literally put my brains on fire 🔥🔥 Though I am a dev myself, sometimes I go crazy when I think how much energy and hard work tech companies put into a project just to keep some thieves at bay
This is some crazy good content! appreciate the knowledge and effort. keep this going and you wont need any clickbait thumbnails anymore. honestly, I avoid watching catchy thumbnail videos.. but i watched and loved this one because of the content. its great execution.
It's very easy if you're experienced enough. No matter how securely the file was encrypted, to play it back it must be decrypted. So the decrypted content and the key must be somewhere in the system memory. Software might not be able to access it, but if you tap into the data line of the memory chip, the key will eventually appear so you can grab it and decrypt the video yourself. Or the decrypted video will also appear. It's a time consuming progress to put it together from the pieces, but it's not impossible.
Hey , can you do it for me please , i have purchased 1 batch's course but due to internet issues i can't stream it at my home , and it doesn't allow download , like it has in app downloads but has some glitch in it.. so it saves the file in a bin or maybe it's an encrypted format , so i want it in a video format . Can you?please!
@ronikagrwal Unless it's a Netflix like thing it might not be as secure so you can do it in an easier way. You can check if you can catch the delivery of the key by pressing F12 on the page that plays back the video and reload. You'll see a bunch of things but one is the video link that should end in either m3u8, mp4 or ts extension and most probably will have a bunch of URL parameters. Or it could be an xml, manifest or something like that. If you inspect this you'll either find the key in there or a link to the license server that will serve the key. Don't try to open the link, it won't work! Instead, start the video and you should see the file in the link appear. Inspect it and it should contain the key. Use this key with a decryption tool like OpenSSL to decrypt the video file. The bin file might not the video you're looking for but the manifest file you've inspected earlier should contain the name of the video files or pieces of it. You can download these and use the key to decrypt them. Each video will have its own key but if one video is in pieces, the same key will work with all of them. I use this method to decrypt sport content from the government broadcaster (which is free so I'm not sure why they encrypted the video, but they did).
That's really good explanation! Though it's funny that all of this is evaded with just Virtualbox 😅 and I think there are devices that can capture the monitor's HDMI output doing it on a hardware level. I know there are harder solutions like fingerprinting could be a good idea to add to your solution too.
Hey Mehul, the video is very very Impressive, but I am genuinely impressed with the marketing of fermeon as a platform. It's really great that you are genuinely and organically marketing a platform of your own and not by any shady ads or anything. Hats off man!
Nah it's scummy he should disclose that he has vested interest in fermon. People who are just watching his video as a one off will not have any idea that what he is talking about is owned by him or gives him a financial gain if used by his viewers.
thank you for the great content! I've come across this and I've hypothesised that "true" encryption is not possible and feel humbled by the great engineering that has gone into this.
How to bypass drm protection very very easily : grab a firestick or any device with hdmi output, use a cheap hdmi to usb capture card 10 to 15 usd, plug into pc, open obs and record whatever you want
If i am not mistaken... You can record/use virtual cam on drm videos using for example Obs. Just turn off hardware acceleration on your browser and you should be all set up
You can disable hardware acceleration in your browser to fix black screens when sharing or recording streams. However, this might result in receiving the stream at a lower quality.
You explained the Crux of it. Thanks. I work on an OTT company. Will share it across. If you could make a video on how you have these videos on CDN like Akamai that would complete the flow of video distribution
Personally, I don't watch movies or series much but I do like to play games and tbh DRM actually hurts the performance and its highly invasive to the Kernel level.
So does it mean that if I am watching a video on Google Chrome on Android or Windows, I am watching in 720p, but Netflix is charging me saying that they are providing HD content?
I was looking for this kind of video, because I always get fascinated about how this thing works. Got the basic idea will do my own research to get more clear understanding of this
Thank you for explaining the whole encryption part and how exactly media streams played using the security built on top of the servers. That was insightful. Hope next time you may get something similar like screen share enabling the same for some of the application.
Thanks for this video. This is basically sandboxing the client browser layer which is playing the video. There is still some client detection part which I guess may be important in this context so that people know how the recording trigger is detected etc.
with this, you can also get an undesired bug on macs running the m chips, and which make use of docking stations with displaylink technologies. since mac treats the extensions of screens on displaylink technology as "your screen is being observed", meaning the flag is triggered, if you wan to play netflix on your secondary screen, it will play it blank. pull out the docking station and the video will play as expected... so this thing is tricky altogether.
@@samzam7243 TH-cam introduced it recently. Their AI basically detects keywords which are difficult to understand and if you click on them it'll show you the Google results
Back in 2014, I once downloaded a movie using Showbox on my Android device. While going through the files, I noticed that it had downloaded all the frames, each as a tiny file of just a few kilobytes. had to stitch them all together, but there were thousands of files, and I eventually gave up halfway. not sure if Netflix on Android still does that.
Hey, Mehul thanks a lot man for making such videos. Though I'm a beginner in this journey but such videos can give us some new goal or we can use all these technologies in our projects etc. Your such videos are like introduction to new tech for people like me. : )
this can easily be circumvented by using a capture card on the display port and recording the audio as well, sure you might need to recompile the audio and video with a very slight quality hit but yeah it can definitely be done.
there i a simple workaround to record netflix. SStep 1 - download an secondary browser (edge , chrome ). Step 2 - dissable Hardware/GPU acceleration ijn that browser. Step 3 start recording using OBS studio. This work flawlessly on edge for me.
Unfortunately, yes. They simply don't care about users. This is just a distraction to the investors. So the platforms tells them they are safe... But safe only to the average Joe recording themselves, like in the past that you could record a TV transmission or a tape in your home VCR.
The reason they can keep doing it is because most people have no idea how it's done. Even if netflix knows how it happens, they might not patch it because the knowledge is not available to most of their actual customers who would have real benefit from it
Hdcp splitters, they can remove protection from between the fire tv/ roku tv and the hdmi monitor... and some lab setup receiving the hdmi ... idk how the captions are captured tho, if not manual (unless captions aren't drm protected)
there's probably like 20 different workarounds, so Netflix movies/series will always get pirated, but you as a legitimate user still can't make a stupid screenshot
You said how it manages to play, but WHY it gets BLANK WHEN WE RECORD IT?? And You're correct that Chrome's DRM (Digital Rights Management) typically limits Netflix playback to 720p. However, Netflix uses additional technologies to enable higher resolutions: Netflix's 4K playback requirements: 1. Widevine DRM L1: Required for 4K playback. Widevine L1 is a more secure DRM level. 2. HTML5 Premium: Netflix uses HTML5 Premium to deliver 4K content. 3. Google's Encrypted Media Extensions (EME): Enables DRM-protected content playback.
If I get what you asked, TEE see some traces of video recording software through metadata it consumes and returns grey picture frame instead of decrypted one. But as far as I've got, you are better with this kind stuff, so you already know the answer.
Only 480p playback is visible to user processes which is decrypted by L3 as software plugins. L2 and L1 which is 720p and above are decrypted in OEMCrypto module in TEE which makes the rendered stream invisible to all user processes which includes recorders, L1 goes one step further makes it invisible to OS itself.
DRM protected content can be screen recorded on PC, because it's still on software level. The reason you're seeing a blackscreen in the browser is because hardware acceleration is enabled so the video is sent to the graphics card directly. It is not caused because of the DRM. Thats why PCs only have L3. Android devices have L1 because the user has not full access to the OS. The user can't record the app because of the secure flags and the user can't change that, so the device is eligible for L1. But getting the privileges to disable secure flags by rooting the device will give you a L1 certified device on which the DRM protected apps can be recorded (in theory, because most devices lose L1 when unlocking, but there are devices where this is not the case).
Correct me if I am wrong but doesn't this become redundant if you have a capture card connected to your display driver. So you let the DRM do the decryption and just consume the audio and video streams directly.
Yea even I thought this was a work around . You could also read from a HDMI port like on a tv and reconstruct the video , I think this is called webrip format in the torrent world. Atleast this method helps that video is not torrentable before a legitimate user is able to watch it, just saves some time. I still think some people still able bypass it
This doesn't work because the TV manufacturers also implement DRM. Look up HDCP. HDCP prevent other devices from copying the video stream. Of course workarounds exist, but most people are not aware of them.
people have already figured out a way to decrypt widevine L1 protected content. couple years ago someone dropped a github repo named "Widevine Dump". this repo included some highly sophisticated code that can download and decrypt content from amazon prime, netflix, hulu, etc. now, we have software like StreamFab which are publicly available for anyone to use to download content from many OTT platforms including netflix,amazon prime,etc
All this effort they go to, but at the end of the day the content is playing on the screen - you just need a way to screen capture without being seen by the TEE. Kernel or hardware level interventions, VMs, physical cameras, it's impossible to block.
Bro who says it comes without downtime, technically the data u see is almost 3-5 sec late, for 0 latency or delay you have to buy a connection from SEBI, and if you are talking about downtime on apps like upstox, dhan and all sometime these are also down for few hours or mins, use grow their service is always down😂
Assume, he can't, because of it's physically impossible to deliver information instantly, so it's ALWAYS time lag between computation and data delivery.
I liked your style of explaining. Mehul can you please tell me which program did you use to explain the concepts, where you write and draw lines, arrows, etc?
While others are posting low effort stuff making half hour videos reading 2 min blogs, you sir are making high quality technical content. Great respect 🫡🫡
None of what you said explained why the screen is black when recording - that's probably just JS or CSS that can be easily disabled lol After TEE has done the decryption, they can't stop you from capturing it - it's there in your memory registers.
This is was very informative. I'd like to add just one more thing. Microsoft has their own implementation using this Microsoft Edge on Windows has Netflix at 4K.
Nice content quick question, how does this prevent recording via external software? I mean is there some web api which can detect that the screen is being recorded or shared and blackens out the video?
But, you still didn't tell the reason why we can't record the video through video recording/capture software. Its fine that the vudeo is playing in a drm protected video player. But, what is stopping the screen capture utility to record that? Why aren't we able to make the drm software beleive that there is no screen recording software? What about passthrough HDMI capture devices? Is netflix able to block that too?
There must be some countries where Netflix is not allowed to do it like this because I’ve been downloading Netflix shows from bots for a long long time and the quality of file is the original media with subtitles and everything embedded in the media.
I once read on some OpenGL topic a feature where a buffer gets displayed so fast that it makes it "exclusive" to the main hardware display and there is no way a software can intercept the data and it said it was the feature perfectly fits for DRM technology to utilize, is this the hardware acceleration feature? i cant pinpoint the site but this is what I recall please enlight me if im wrong
There's no way to prevent a streaming video from being recorded. All this encryption does is try to prevent a perfect copy of the sent video data from being recorded. Recording a screen can be done at an operating system level that is outside of what the browser has control over.
This is super interesting, I always wondered how this works. How does it detect if there’s a screen recorder running? I assume that’s some feature of the TEE being able to detect certain applications? I would expect that to need some kernel level code thought (that’s just a guess)
It doesn't detect screen recording. content processing, cryptography, and control happens within the Trusted Execution Environment (TEE) of the processor which makes the media playback invisible to all the other processes including OS, That's why screen recorder sees it as black box
I love your videos mainly because no-nonsense pure technical architectural and real-world problems..... I wish you explained this in more depth no matter of the length of video I understand this takes lot of effort and editing time, but kindly don't skip important concepts. Even I was wondering about this for a long time Udemy also doing the same thing now....
DRM is powerless against me recording the HDMI output of a media player ☺️ OK, so it's a real-time process, but as someone who grew up in the 70s/80s, that's how recording video always was, so it doesn't bother me!! FWIW, this isn't something I do very often, but once in a while there's something I need/want to record 🤷♂️ HDCP strippers are easy to find. Most HDMI splitters deal with the handshake and send out two "clean" HDMI signals.
@@lavishjaat Most, if not all, HDMI splitters deal with the HDCP handshake and leave the outputs completely unencumbered and free to capture. Easy when you know how.
Although a pirate with video card can just capture the DP/HDMI output. But it's not a moral question, rather if someone's willing to spend the initial money because they hate netflix, because video card is actually very common.
Although a normal day-to-day user might not bother to crack HDCP (which is not so special BTW), It is technically not impossible to do so, given that pirates go to extreme extents to copy "copyrighted" media, a home made solution can easily be made. Although you can't sell it due to legal issues.
Great video. Can you also please explain as to why some android devices that come with Widevine L1 support lose L1 and get downgraded to L3? What usually breaks L1? Especially if the particular device hasn't been rooted or the bootloader hasn't been messed with? Would be great if you're able to share the reason behind this phenomenon. Thanks!
Other than browser limitations - we all know - there's nothing we could do with 100% efficiency to protect things in frontEnd of the code. But, I don't know for real and even can't test this thing out due to my hardware limitations but I wonder if you could capture the content inside the Virtual machine from the host machine? Anyone out there tried this?
uhmm, the whole video goes in drain because, i played netflix yesterday on CHROME, recorded with OBS to get some Drive to Survive clips, and i have them, i did nothing as mentioned in comments
how does firefox play drm video then, does it ask some OS layer software to do this ( is this the reason firefox does not play netflix in linux) because firefox is opensource right? also you did not cover the video recording part, how does the browser knows when the screen is getting recorded ?
If this were true, then we wouldn't have full HD movies on day one as soon as they arrive in streaming services. Maybe people record a VM screen? Idk. But I know that apps like Stremio always have streaming services content pretty quickly.
Amazing video man. I'll check for the paper you mentioned in the video. Could you make a video on Dynamic Watermarking? I have read about DRMs & Widevine. I'm not able to find many things on Dynamic Watermarking. All I know About Dynamic Watermarking is that it is very much resource heavy to implement, takes time & just has a hidden layer of name/user_id or something which helps us in catching the person in general. Mehul as you mentioned that some devices like Linux or something can record or get the video out, have you thought about better solutions? We have a constraint that we can't get as good hardware as Apple has. So do we have any better options to implement? I was thinking of looking up languages like Zig or Rust or something which is close to hardware but I'm not sure if it works. Probably I'm in the wrong direction I don't know but as an Engineer I'm searching for better solutions where we don't have any control on hardware & the result to achieve is, a person is not able to download or record irrespective of the hardware they have.
Information that you have shared is quite deep, but I don't get it drm comes in the part of encryption and decryption for content protection but who detects there's which type of screen recording happening? obs studio or other screen recording software, as in new intel series chip in windows there's whole work memorisation features which is capturing whole screen when you are using your pc. waiting for your more information.❤
It doesn't detect screen recording. content processing, cryptography, and control happens within the Trusted Execution Environment (TEE) of the processor which makes the media playback invisible to all the other processes including OS, That's why screen recorders sees it as black box
There is a trick to record Netflix from Chrome. Just inspect the element and add this style: `filter: blur(0px)`. Now use any screen recorder. Video stream will get recorded.
bhai sabko nahi batana hai, chilla chilla ke
@@maverick_8707 Go s your d
😮😮
Does this work only on netflix or on every drm protected site
this might be really really cool thing you have just told me
and does this work only on chrome , what about firefox?
what if we change our useragent to chrome windows but we are using firefox linux for example
DRMs cannot protect from virtualization and screen recording.
Create a Virtual Machine, add your streaming service in it, record your screen from the main machine.
but playing the video on virtual machine itself will be limited to 480p as there is no hardware acceleration available with vm.
I'm confused. What is VMGL?
It can, there is no virtualization for TEE
@@neerajbhale Hardware acceleration is available is many VMs now and its not limited to 480p. You can play upto 4k if you have a powerful system
Are you sure? The DRM video cant be played inside VM. it stucks indefinitely. Even if it plays, recorded video wont show the DRM video, and the frame where video was playing will be shown as black box(similar to the example in this video).
PS: I tried this with primevideo on windows10 vm hosted by Ubuntu.
There’s some hardcore engineering going on in the world, and folks here in India are chatting about DSA vs. dev! 🤦♂
Edit:
Quite a few people in the replies clearly lack basic common sense and are getting triggered just because I mentioned DSA.
They seem to think I’m saying DSA is useless, which I never said. By that logic, you could also infer that I’m saying dev is useless.
What I’m really addressing is this absurd, baseless debate of 'either DSA or Dev.' If you’re pursuing computer science, DSA is a must-it's not optional. There shouldn't even be a debate about this.
Yes bro we fucked up
Fact of the matter is companies are be promoting the DSA demand for filtering out easily.
That's I want to also say, thse Yt wala bhiaiya, didi, bhabhi have runied the engineering ecosystem of India.
And stupid students are blindly following the DSA cheatsheets only.
Have always been like this. It is because we have blinded by the money. Everyone is chasing that.
Am a senior developer, and your completely wrong here , you need mind and logic building to do these kinds of things , for those we need DSA , DSA is not just about solving problems it's how you approach them.
Great Video! Explains why you cannot download DRM protected content but doesn’t really explain why you can’t screen record netflix content
You can't record screen record , its a browser feature not Netflix. You have to disable some settings in browser to stop Netflix applying such security
Hardware or GPU Video acceleration needs to be turned off in browser settings
HDCP.
you can screen on linux with no problem on firefox at least
@@mannumannu9200how to do that??
So basically it doesn't actually protect from piracy, but requires you to install proprietary stuff and leak a bunch of info to Google.
Neat.
Thanks for the explanation!
This video literally put my brains on fire 🔥🔥 Though I am a dev myself, sometimes I go crazy when I think how much energy and hard work tech companies put into a project just to keep some thieves at bay
This is some crazy good content! appreciate the knowledge and effort. keep this going and you wont need any clickbait thumbnails anymore. honestly, I avoid watching catchy thumbnail videos.. but i watched and loved this one because of the content. its great execution.
Yeaa I too avoid those type of videos😊
It's very easy if you're experienced enough. No matter how securely the file was encrypted, to play it back it must be decrypted. So the decrypted content and the key must be somewhere in the system memory. Software might not be able to access it, but if you tap into the data line of the memory chip, the key will eventually appear so you can grab it and decrypt the video yourself. Or the decrypted video will also appear. It's a time consuming progress to put it together from the pieces, but it's not impossible.
Hey , can you do it for me please , i have purchased 1 batch's course but due to internet issues i can't stream it at my home , and it doesn't allow download , like it has in app downloads but has some glitch in it.. so it saves the file in a bin or maybe it's an encrypted format , so i want it in a video format . Can you?please!
@ronikagrwal Unless it's a Netflix like thing it might not be as secure so you can do it in an easier way. You can check if you can catch the delivery of the key by pressing F12 on the page that plays back the video and reload. You'll see a bunch of things but one is the video link that should end in either m3u8, mp4 or ts extension and most probably will have a bunch of URL parameters. Or it could be an xml, manifest or something like that. If you inspect this you'll either find the key in there or a link to the license server that will serve the key. Don't try to open the link, it won't work! Instead, start the video and you should see the file in the link appear. Inspect it and it should contain the key. Use this key with a decryption tool like OpenSSL to decrypt the video file. The bin file might not the video you're looking for but the manifest file you've inspected earlier should contain the name of the video files or pieces of it. You can download these and use the key to decrypt them. Each video will have its own key but if one video is in pieces, the same key will work with all of them. I use this method to decrypt sport content from the government broadcaster (which is free so I'm not sure why they encrypted the video, but they did).
Of course, it's very easy to take a DDR stick and inspect every byte while it's still hot (data disappears shortly after it's disconnected from PC)
It’s next level. I tried recording the tv using the camera in my phone and the picture went black just like what he showed.
It's worse for me. I have a photographic memory and the screen goes black as soon as I look at it :(
😂
@@bdawg970💀
What do you mean ? I can perfectly record my tv with my iPhone, I have video and audio
Bruhs got L1 Level of Sarcasm 😂😂😅
That's really good explanation! Though it's funny that all of this is evaded with just Virtualbox 😅 and I think there are devices that can capture the monitor's HDMI output doing it on a hardware level. I know there are harder solutions like fingerprinting could be a good idea to add to your solution too.
Virtualbox cannot talk to the hardware chip based TEE, and for HDMI there is HDCP , for widevine L1 both are required. You can capture only L3 at max
Hey Mehul, the video is very very Impressive, but I am genuinely impressed with the marketing of fermeon as a platform. It's really great that you are genuinely and organically marketing a platform of your own and not by any shady ads or anything. Hats off man!
Nah it's scummy he should disclose that he has vested interest in fermon. People who are just watching his video as a one off will not have any idea that what he is talking about is owned by him or gives him a financial gain if used by his viewers.
@shoraz Your point is great. He should mention that.
thank you for the great content! I've come across this and I've hypothesised that "true" encryption is not possible and feel humbled by the great engineering that has gone into this.
How to bypass drm protection very very easily : grab a firestick or any device with hdmi output, use a cheap hdmi to usb capture card 10 to 15 usd, plug into pc, open obs and record whatever you want
This wont work because TEE knows the HDMI device connected is not trusted.
@@NileshAkhade it will work if you change it from firestick to a chrome based streaming service because its only L3 TEE
If i am not mistaken... You can record/use virtual cam on drm videos using for example Obs. Just turn off hardware acceleration on your browser and you should be all set up
All these hoops and Netflix videos still get pirated 🤣
Isn't that mean they are more intelligent?
How do they do it any idea?
Yeah i am interested how movies website like modlviesmod pirate that
Once the video leaves from the HDMI port its insecure😌. They maybe using some kindoff HDMI recording solutions which can capture both video and audio.
@@kushaalrana Using fapstream
You can disable hardware acceleration in your browser to fix black screens when sharing or recording streams. However, this might result in receiving the stream at a lower quality.
You explained the Crux of it. Thanks. I work on an OTT company. Will share it across.
If you could make a video on how you have these videos on CDN like Akamai that would complete the flow of video distribution
also let them know that if buying isn't owning, piracy isn't stealing :")
@@anupamdash1102 YEAH !! LETS GO !! Break the chain !
Personally, I don't watch movies or series much but I do like to play games and tbh DRM actually hurts the performance and its highly invasive to the Kernel level.
So does it mean that if I am watching a video on Google Chrome on Android or Windows, I am watching in 720p, but Netflix is charging me saying that they are providing HD content?
Y E S
you really gotta be kidding me to pay for movies 😂
Why are you using Chrome? Use the app.
@cannotthinkofanybetterhandle The real question is, why are people still using Netflix?
@@firestormjupiter what is a better alternative?
I was looking for this kind of video, because I always get fascinated about how this thing works. Got the basic idea will do my own research to get more clear understanding of this
Man since i subscribed to your channel today in just few hours i learned alot of things glad youtube recommended this channel to me.
So that explain how netflix ended the piracy issue?! Good job guys, keep it up, you are doing great!
😂 This is the best sarcasm
They didnt end shit. The content is ripped minutes after release for 1080p and every few weeks in bulk for 4k
Thank you for explaining the whole encryption part and how exactly media streams played using the security built on top of the servers. That was insightful. Hope next time you may get something similar like screen share enabling the same for some of the application.
Thanks for this video. This is basically sandboxing the client browser layer which is playing the video. There is still some client detection part which I guess may be important in this context so that people know how the recording trigger is detected etc.
with this, you can also get an undesired bug on macs running the m chips, and which make use of docking stations with displaylink technologies. since mac treats the extensions of screens on displaylink technology as "your screen is being observed", meaning the flag is triggered, if you wan to play netflix on your secondary screen, it will play it blank. pull out the docking station and the video will play as expected... so this thing is tricky altogether.
🔍 icon ??😮
@@samzam7243 TH-cam introduced it recently. Their AI basically detects keywords which are difficult to understand and if you click on them it'll show you the Google results
Back in 2014, I once downloaded a movie using Showbox on my Android device. While going through the files, I noticed that it had downloaded all the frames, each as a tiny file of just a few kilobytes. had to stitch them all together, but there were thousands of files, and I eventually gave up halfway. not sure if Netflix on Android still does that.
Maybe you recorded HLS file. This format is used for streaming videos.
Hey, Mehul thanks a lot man for making such videos. Though I'm a beginner in this journey but such videos can give us some new goal or we can use all these technologies in our projects etc. Your such videos are like introduction to new tech for people like me. : )
this can easily be circumvented by using a capture card on the display port and recording the audio as well, sure you might need to recompile the audio and video with a very slight quality hit but yeah it can definitely be done.
there i a simple workaround to record netflix. SStep 1 - download an secondary browser (edge ,
chrome ). Step 2 - dissable Hardware/GPU acceleration ijn that browser. Step 3 start recording using OBS studio. This work flawlessly on edge for me.
You are one of my favorite dev channels. The content you put out is such high quality, wishing you more success.
This was so informative. Now I know why Prime Video doesn't play at highest resolution on macOS Chrome, whereas Safari can play it flawlessly.
So I will get better quality videos than what I am getting on firefox on linux, if I just cancel my netflix subscription and hit the high seas?
Unfortunately, yes. They simply don't care about users. This is just a distraction to the investors. So the platforms tells them they are safe... But safe only to the average Joe recording themselves, like in the past that you could record a TV transmission or a tape in your home VCR.
Then explain how websites such as fmovies put these netflix movies on the same day they are released on Netflix?
The reason they can keep doing it is because most people have no idea how it's done. Even if netflix knows how it happens, they might not patch it because the knowledge is not available to most of their actual customers who would have real benefit from it
Hdcp splitters, they can remove protection from between the fire tv/ roku tv and the hdmi monitor... and some lab setup receiving the hdmi ... idk how the captions are captured tho, if not manual (unless captions aren't drm protected)
there's probably like 20 different workarounds, so Netflix movies/series will always get pirated, but you as a legitimate user still can't make a stupid screenshot
This channel is a goldmine!
You said how it manages to play, but WHY it gets BLANK WHEN WE RECORD IT?? And You're correct that Chrome's DRM (Digital Rights Management) typically limits Netflix playback to 720p. However, Netflix uses additional technologies to enable higher resolutions: Netflix's 4K playback requirements: 1. Widevine DRM L1: Required for 4K playback. Widevine L1 is a more secure DRM level. 2. HTML5 Premium: Netflix uses HTML5 Premium to deliver 4K content. 3. Google's Encrypted Media Extensions (EME): Enables DRM-protected content playback.
If I get what you asked, TEE see some traces of video recording software through metadata it consumes and returns grey picture frame instead of decrypted one.
But as far as I've got, you are better with this kind stuff, so you already know the answer.
Only 480p playback is visible to user processes which is decrypted by L3 as software plugins. L2 and L1 which is 720p and above are decrypted in OEMCrypto module in TEE which makes the rendered stream invisible to all user processes which includes recorders, L1 goes one step further makes it invisible to OS itself.
Whats the virtual board in use? Pretty quick to create shapes, drag around & use simple fonts!
tldraw
Its excalidraw
If you turn off hardware acceleration (on settings) in the Chrome browser, you can recording on Netflix and all other platforms.
DRM protected content can be screen recorded on PC, because it's still on software level. The reason you're seeing a blackscreen in the browser is because hardware acceleration is enabled so the video is sent to the graphics card directly. It is not caused because of the DRM. Thats why PCs only have L3.
Android devices have L1 because the user has not full access to the OS. The user can't record the app because of the secure flags and the user can't change that, so the device is eligible for L1. But getting the privileges to disable secure flags by rooting the device will give you a L1 certified device on which the DRM protected apps can be recorded (in theory, because most devices lose L1 when unlocking, but there are devices where this is not the case).
IF BUYING DOESN'T MEAN OWNING, THEN PIRACY ISN'T STEALING
You explained a complex topic very simply. Kudos!
Correct me if I am wrong but doesn't this become redundant if you have a capture card connected to your display driver.
So you let the DRM do the decryption and just consume the audio and video streams directly.
Yea even I thought this was a work around . You could also read from a HDMI port like on a tv and reconstruct the video , I think this is called webrip format in the torrent world. Atleast this method helps that video is not torrentable before a legitimate user is able to watch it, just saves some time. I still think some people still able bypass it
This doesn't work because the TV manufacturers also implement DRM.
Look up HDCP.
HDCP prevent other devices from copying the video stream.
Of course workarounds exist, but most people are not aware of them.
people have already figured out a way to decrypt widevine L1 protected content.
couple years ago someone dropped a github repo named "Widevine Dump".
this repo included some highly sophisticated code that can download and decrypt content from amazon prime, netflix, hulu, etc.
now, we have software like StreamFab which are publicly available for anyone to use to download content from many OTT platforms including netflix,amazon prime,etc
@@cloudstrife9204 Correct.
All this effort they go to, but at the end of the day the content is playing on the screen - you just need a way to screen capture without being seen by the TEE. Kernel or hardware level interventions, VMs, physical cameras, it's impossible to block.
Can u teach how stock market data come without downtime
Websockets
What does "without downtime" means?
Bro who says it comes without downtime, technically the data u see is almost 3-5 sec late, for 0 latency or delay you have to buy a connection from SEBI, and if you are talking about downtime on apps like upstox, dhan and all sometime these are also down for few hours or mins, use grow their service is always down😂
Also curious what exactly you're asking
Assume, he can't, because of it's physically impossible to deliver information instantly, so it's ALWAYS time lag between computation and data delivery.
I liked your style of explaining. Mehul can you please tell me which program did you use to explain the concepts, where you write and draw lines, arrows, etc?
it's tldraw
@codedamn thankyou Bhai I'll search for it
Thanks Mehul, Quality Content 🔥. keep them coming more
Such an interesting and clear tutorial. Thanks a lot Mehul!
While others are posting low effort stuff making half hour videos reading 2 min blogs, you sir are making high quality technical content. Great respect 🫡🫡
I see whom you are pointing at😂
I never watch those Theo videos lol
None of what you said explained why the screen is black when recording - that's probably just JS or CSS that can be easily disabled lol
After TEE has done the decryption, they can't stop you from capturing it - it's there in your memory registers.
This is good. Been looking for this content on DRM
I would use something like rust or nodejs that checks if there is a recording process happening and if it is, then make the screen black.
This is awesome content, I always wanted to know, what happen behind the scenes, known somewhat but this is majority of it
what is the tool he uses to draw on screen? any idea. i dont think it is excalidraw
it's tldraw
@@codedamn
Hey, good content.
What's the tool you're using to draw boxes and arrows & write the notes?
Figma photo editor
Very nice explanation in demystifing DRM. Which drawing software do you use in this video?
This is was very informative. I'd like to add just one more thing. Microsoft has their own implementation using this Microsoft Edge on Windows has Netflix at 4K.
Microsoft has their own DRM system called Playready.
This is awesome, never knew just how complex widevine was.
How did you put that comment?
@waqasahmad55202 it's auto generated by Google, like TikTok doing on their comment
@@waqasahmad55202it's TH-cam, they are trying out this gesture where some words have search feature
But after this also any series upload on Netflix it is available on the same day on 3rd party or eg telegram
Then how can we get Netflix series and movies within 5-6 hr after launch cause if it's that difficult than no one can download only
Yes it is hard but there are groups who can extract L1 keys and decrypt videos from source but they don't tell how to prevent it from getting patched
Nice content quick question, how does this prevent recording via external software? I mean is there some web api which can detect that the screen is being recorded or shared and blackens out the video?
Mind blowing explanation, thanks :)
Aapka Knowledge Toh Kamaal Ka Hai Bhai 🤌
You explained the Crux of it. Thanks
If you could make a video on how you have these videos on CDN, that would be great.
Wow..thank you for explaining it in a very simple language.
Amazing Content 🔥 , Thankyou so much for sharing 🙌
But, you still didn't tell the reason why we can't record the video through video recording/capture software.
Its fine that the vudeo is playing in a drm protected video player. But, what is stopping the screen capture utility to record that? Why aren't we able to make the drm software beleive that there is no screen recording software?
What about passthrough HDMI capture devices? Is netflix able to block that too?
There must be some countries where Netflix is not allowed to do it like this because I’ve been downloading Netflix shows from bots for a long long time and the quality of file is the original media with subtitles and everything embedded in the media.
Wdym bots, i just download mine from torrents
@@vanskis7618 bots download the torrents, then I download it from the bots.
@@vanskis7618those are telegram bots
But how do they disable screen recording on laptops and desktop using screen recording applications?
I now have more respect to the WebDL releases on torrents where the scene group somehow dump those keys from the TPM
I once read on some OpenGL topic a feature where a buffer gets displayed so fast that it makes it "exclusive" to the main hardware display and there is no way a software can intercept the data
and it said it was the feature perfectly fits for DRM technology to utilize, is this the hardware acceleration feature?
i cant pinpoint the site but this is what I recall please enlight me if im wrong
There's no way to prevent a streaming video from being recorded. All this encryption does is try to prevent a perfect copy of the sent video data from being recorded. Recording a screen can be done at an operating system level that is outside of what the browser has control over.
A very knowledgeable video.
Can you make a separate video on TEE What is it? How it works etc?
how pirates bay people make a copy of it just after it releases and also release it in different resolution and codec ?
By HDCP encryption bypass hdmi splitter/switcher
brower by design in open sharing platform ... anthing from any webiste netflix or anthing else by design can be download
This is super interesting, I always wondered how this works.
How does it detect if there’s a screen recorder running? I assume that’s some feature of the TEE being able to detect certain applications? I would expect that to need some kernel level code thought (that’s just a guess)
It doesn't detect screen recording.
content processing, cryptography, and control happens within the Trusted Execution Environment (TEE) of the processor which makes the media playback invisible to all the other processes including OS, That's why screen recorder sees it as black box
Wonderful video Mehul
Security by obfuscation, it would be interesting to see if LLMS can decide some of obfuscation
I have not tried it to get the answer, but could a video acquisition device plugged on the HDMI output intercept it after it is decrypted ?
I love your videos mainly because no-nonsense pure technical architectural and real-world problems..... I wish you explained this in more depth no matter of the length of video I understand this takes lot of effort and editing time, but kindly don't skip important concepts. Even I was wondering about this for a long time Udemy also doing the same thing now....
Mehul sir always talks at engineering level things, not like others ❣
I know people record from netflix and upload torrents. Would be interesting if you let us knowhow that works too.
hat's off to the pirates who pirates things to serve us thank you for your effort and time to steal from gaint money hungry corporations.
chrome and firefox both can play upto 1080p Netflix on their latest versions
What about the browser that is not built on top of chromium will netflix not support that browser
What do you mean i can easily record it through obs and it is showing
Still all the Netflix series are available freely from Day 1 of launch
Hackers also update with them and they use loopholes in this entire process
DRM is powerless against me recording the HDMI output of a media player ☺️ OK, so it's a real-time process, but as someone who grew up in the 70s/80s, that's how recording video always was, so it doesn't bother me!! FWIW, this isn't something I do very often, but once in a while there's something I need/want to record 🤷♂️ HDCP strippers are easy to find. Most HDMI splitters deal with the handshake and send out two "clean" HDMI signals.
HDCP exists
@lavishjaat so do HDCP strippers 🙄
@@lavishjaat Most, if not all, HDMI splitters deal with the HDCP handshake and leave the outputs completely unencumbered and free to capture. Easy when you know how.
Although a pirate with video card can just capture the DP/HDMI output. But it's not a moral question, rather if someone's willing to spend the initial money because they hate netflix, because video card is actually very common.
No it cannot, there's something called HDCP for it
Although a normal day-to-day user might not bother to crack HDCP (which is not so special BTW), It is technically not impossible to do so, given that pirates go to extreme extents to copy "copyrighted" media, a home made solution can easily be made. Although you can't sell it due to legal issues.
@@sudiptapandit4880 chinese hdmi splitters have hdcp bypass feature and few splittters can even bypass latest hdcp 2.2 and record 4k videos
Great video. Can you also please explain as to why some android devices that come with Widevine L1 support lose L1 and get downgraded to L3? What usually breaks L1? Especially if the particular device hasn't been rooted or the bootloader hasn't been messed with? Would be great if you're able to share the reason behind this phenomenon. Thanks!
Other than browser limitations - we all know - there's nothing we could do with 100% efficiency to protect things in frontEnd of the code.
But,
I don't know for real and even can't test this thing out due to my hardware limitations but I wonder if you could capture the content inside the Virtual machine from the host machine?
Anyone out there tried this?
uhmm, the whole video goes in drain because, i played netflix yesterday on CHROME, recorded with OBS to get some Drive to Survive clips, and i have them, i did nothing as mentioned in comments
Please keep making such engineering videos
how does firefox play drm video then, does it ask some OS layer software to do this ( is this the reason firefox does not play netflix in linux) because firefox is opensource right? also you did not cover the video recording part, how does the browser knows when the screen is getting recorded ?
Firefox also supports Google Widevine, but you have to enable it IIRC.
Encrypting the video is useless because eventually it will still pass the unencrypted movie back to the user else it cant play.
so if i pay i cant play fhd but i can play fhd by downloading from some sites. + this site have collection from all other sites 😔
If this were true, then we wouldn't have full HD movies on day one as soon as they arrive in streaming services. Maybe people record a VM screen? Idk. But I know that apps like Stremio always have streaming services content pretty quickly.
Amazing video man. I'll check for the paper you mentioned in the video. Could you make a video on Dynamic Watermarking? I have read about DRMs & Widevine. I'm not able to find many things on Dynamic Watermarking. All I know About Dynamic Watermarking is that it is very much resource heavy to implement, takes time & just has a hidden layer of name/user_id or something which helps us in catching the person in general.
Mehul as you mentioned that some devices like Linux or something can record or get the video out, have you thought about better solutions? We have a constraint that we can't get as good hardware as Apple has. So do we have any better options to implement? I was thinking of looking up languages like Zig or Rust or something which is close to hardware but I'm not sure if it works. Probably I'm in the wrong direction I don't know but as an Engineer I'm searching for better solutions where we don't have any control on hardware & the result to achieve is, a person is not able to download or record irrespective of the hardware they have.
No DRM or security can protect your content fully. Muti-DRM with widevine is the best we can do
Information that you have shared is quite deep, but I don't get it drm comes in the part of encryption and decryption for content protection but who detects there's which type of screen recording happening? obs studio or other screen recording software, as in new intel series chip in windows there's whole work memorisation features which is capturing whole screen when you are using your pc.
waiting for your more information.❤
It doesn't detect screen recording.
content processing, cryptography, and control happens within the Trusted Execution Environment (TEE) of the processor which makes the media playback invisible to all the other processes including OS, That's why screen recorders sees it as black box
Superb Content🔥🔥🔥🔥🔥
can you please tell what software he uses for drawing those boxes and arrows???
tldraw