The third season of “Stranger Things”, the hugely popular science fiction horror series that is a Netflix original was leaked in various pirate channels yesterday, and the quality of the material indicates that the Netflix 4K platform must have been breached. The pirate group that released season 3 in 2160p quality is “DEFLATE”, and the torrents are marked as “internal releases”. The files seem to be directly decrypted from the original streams, so there’s no loss in the resulting quality whatsoever. The term “internal” could possibly mean that the releases were downloaded directly from the Netflix servers.
TorrentFreak, who made the issue known, tried to contact Netflix for a comment but they have not heard back from them. Netflix 4K is protected by the most robust encryption standard that is available right now, which is the Widevine DRM. This system is a complete content protection, encryption, and safe distribution platform that ensures the security of the decryption. Widevine is trusted not only by Netflix, but also by Disney, Hulu, HBO, Warner Bros, Amazon Prime, Facebook, and more. This DRM system uses media keys to encrypt the feeds, establishes communication between the server and the playback device to ensure the validity of the license, and decrypts the content for consumption.
So far, there has been no proof that this has been broken, although there have been claims of that back in January. If more titles appear in 4K though, this will mean that Widevine should be working on plugging the hole, whatever that security flaw may be. Apart from the quality of the release, DEFLATE was also able to bundle the content with a whole set of subtitles in more than 30 languages, which is another indication that the leak was internal. If we see more releases having the same characteristics, we can assume that the Widevine DRM has been broken.
Soooo, after a few evenings of work, I've 100% broken Widevine L3 DRM. Their Whitebox AES-128 implementation is vulnerable to the well-studied DFA attack, which can be used to recover the original key. Then you can decrypt the MPEG-CENC streams with plain old ffmpeg...
— David Buchanan (@David3141593) January 2, 2019
Back in March, we reported a similar incident concerning Apple’s iTunes service, with pirates releasing decrypted 4K versions of Spider-Man and Aqua-Man movies. The group that offered these releases was again DEFLATE, and how they got their hands on HDCP (High-bandwidth Digital Content Protection) version 2.3 master keys remained unknown. Soon, Apple fixed the issue but not before several titles from iTunes (all 24 available at that time) got leaked in pirating platforms. The same term “internal” was used to characterize those torrents as well.
Have something to comment on the Netflix protection system? Share your thoughts with us in the section down below, or on our socials, on Facebook and Twitter.