That fucking snitch. You’re supposed to keep it private and let Microsoft figure it out themselves.
On the other hand, Gowdiak has not provided the technical details of his findings to Microsoft. The researcher is displeased with the way the tech giant handled his previous PlayReady vulnerability report, saying that his work was mostly ignored. Gowdiak claims Microsoft has now requested additional information on the findings, informing him that the research may be eligible for a bug bounty reward, but the researcher says at this point he is only willing to share the information with the vendor through a commercial agreement.
They deserve this slap on the face.
It’s hard not to laugh when “Microsoft Windows” and “secure” are in the same sentence.
The guy contacting the streaming services hoping to hit the jackpot with a bug bounty: they literally don’t care until it’s public, and when it’s public it’s a Microsoft problem.
The only reason they’re using playready it’s to make happy the copyright trolls and being compliant with the content license. The streaming services they just choose a solution that does the job with the minimum amount of work and money.
Seems like he wasted months for nothing. Next time try to do bug hunting on WordPress, it’s easier and more remunerative.
An exception might be nowTV from sky. Being copyright trolls themselves they would spend years in development to reinvent the wheel if there was a 0.1% to block pirates.
In 2018 I was given a 6 months coupon for their service. I wasn’t able to watch a single minute:
- For Android, at the time it was available on just 5 whitelisted Samsung Galaxy S devices (of course with strong root checks)
- For windows it required to install Microsoft silverlight even if it was discontinued years before by Microsoft itself, giving users a big security issue (using a discontinued web plugin that has direct access to the os is not a good idea)
- Linux support was completely missing
Oh damn I forgot about silverlight. Only thing I used that was for some random Twitter client.
The streamers are the content owners.
That’s why the market is so shit now. Because everyone who owns anything split into their own streaming service with 2 shows and 200 pieces of shit.
deleted by creator
Microsoft: Am I a joke?
My guy you are an entire circus.
“The new research embeds some potentially valuable IP / know-how, which we need to protect too,” Gowdiak said. “Finally, disclosure of our know-how / toolset to Microsoft might jeopardize our future projects targeting the Windows OS platform.”
Amazing. He wants to protect hacking IP from Microsoft in order to continue hacking them. Suck it M$!
DRM is defective by design anyway. Once the master keys are out, either a new one is used and all devices with old key baked in are useless, or they have to suck it and be pwned.
This is what happens when all the “ethical hacking” bullshit is trending…