Kodi's official DRM stance

  Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Post Reply
RockerC Offline
Posting Freak
Posts: 1,431
Joined: May 2011
Reputation: 27
Post: #61
(2017-05-09 15:07)natethomas Wrote:  
(2017-05-09 14:25)bam80 Wrote:  Thanks jjd-uk.
(2017-04-30 09:45)jjd-uk Wrote:  That's pretty much what we already do where the addon Inputstream Adaptive is the sandbox that hooks into the installed CDM which at the moment comes via Chrome Widevine.
Can Inputstream Adaptive really act as the sandbox which protects us from tracking, etc. from CDM side? Don't we need to make some sort of such sandbox additionally?
If you use an addon like Netflix, I'm fairly certain Netflix is going to track your usage of their content. No sandboxing will stop that. Or are you asking something different?
The EME implementation in Chrome/Firefox is sandboxed so that the CDM Netflix uses does get a unique ID for the sandbox, but the sandbox ID is anonomized so that Netflix can not dig deeper than the sandbox to figure out who owns the computer that Chrome/Firefox is running on, or exactly which hardware you have.

The sandbox is only there for privacy in the practical sence that Netflix will for example not be able to access your web browser cookies or search history. Netflix will not be able to see what content you watch on HBO and vice versa, and nither Netflix or HBO will be able to check if you have any illegally (or legally) downloaded movies on your computer as they can not see anything outsiode their own sandbox.

Netflix as a service will still off-source force you to login so they know which user account is used and on the server-side they can see how many active sessions that user currently have. And as the EME sandbox is not a VPN service the IP-adress thay they stream to will tell Netflix roughly where you are located as long as your internet provider does not provide any location-anonymization service on its own.

Because of the sandbox Netflix will only be able to track what content you watch on Netflix, but that is because you are logged in to Netflix service with your Netflix user-account and stream the content from Netflix servers.

Due to F.U.D. (Fear, Uncertainty & Doubt ) I think most people against DRM fear that Netflix and other content providers can somehow spy on what other content users consume on the same computer which you watch Netflix on with DRM and then worse that Netflix could somehow even activly through DRM stop you from playing non-DRM content if they find something copyrighted on your computer.

I believe that the sandbox that EME implements was partially invented to relieve those types of fears.
(This post was last modified: 2017-05-09 15:44 by RockerC.)
find quote
jjd-uk Offline
Team-Kodi Member
Posts: 6,110
Joined: Oct 2011
Reputation: 146
Post: #62
In that case using Widevine via Inputstream Adaptive would be exactly the same as via Chrome.
find quote
bam80 Offline
Posts: 97
Joined: Dec 2011
Reputation: 1
Location: Russia
Post: #63
Thanks RockerC, this is what I meant by "sandbox" term.
Now I'm pretty sure that Inputstream Adaptive addon alone can't guarantee that - it was designed for other purposes. So, at least in the future, I think we will need a real sandbox to protect ourselves. I just don't know how it's technically hard to implement. For example, can we borrow sandbox implementation from Chrome/Firefox, or we will need to implement it from scratch..
(This post was last modified: 2017-05-09 16:34 by bam80.)
find quote
Post Reply