This is different, and doesn’t address screen recording.
HDCP uses three systems:[5]
Authentication prevents non-licensed devices from receiving content.
Encryption of the data sent over DisplayPort, DVI, HDMI, GVIF, or UDI interfaces prevents eavesdropping of information and man-in-the-middle attacks.
Key revocation prevents devices that have been compromised and cloned from receiving data.
It would stop someone from playing DRM content to an unauthorized TV, but does not mention anything about screen recording your own device. There are some built in protections for preventing an application from being recorded but I have no doubt there are bypasses
Maybe I’m not following but this seems to be talking about applications communicating with hardware designed to be authorized to play.
How would a video playing on a browser like YouTube on my existing, old hardware be able to parse what’s authorized? Short of making YouTube a program on my computer, how does it on a browser know what else I’m running?
For example: Netflix run on a browser, but it only sends you encrypted data, you need to enable your browser’s DRM setting to decrypt this data. For HD content, it uses L1 Widevine that only works on Secure Boot enabled and TPM enabled Windows installation. So the decryption runs in the secure element, then data displayed on your screen. I’m no expert but its designed in a way that makes screen recorders unable to capture the video, resulting in a blackscreen.
If you try to play it on Linux, it reverts back to L3 Widevine which only for netflix they only allow SD content to run with L3 Widevine
Of course you can use an actual camera to record the screen, but then its a degraded image.
So Youtube could theoretically enforce L1 Widewine on every video, if they wanted to.
I guess I’m still not following how if I’m using say the nvidia geforce screen recording software which is capturing the display of my screen how the browser knows. Since the browsers has already gotten the image and displayed it and the recorder is recording the display instead of, intercepting (I suppose is the best word) the data before it is displayed.
Yes: https://en.wikipedia.org/wiki/High-bandwidth_Digital_Content_Protection
This is different, and doesn’t address screen recording.
It would stop someone from playing DRM content to an unauthorized TV, but does not mention anything about screen recording your own device. There are some built in protections for preventing an application from being recorded but I have no doubt there are bypasses
Maybe I’m not following but this seems to be talking about applications communicating with hardware designed to be authorized to play.
How would a video playing on a browser like YouTube on my existing, old hardware be able to parse what’s authorized? Short of making YouTube a program on my computer, how does it on a browser know what else I’m running?
For example: Netflix run on a browser, but it only sends you encrypted data, you need to enable your browser’s DRM setting to decrypt this data. For HD content, it uses L1 Widevine that only works on Secure Boot enabled and TPM enabled Windows installation. So the decryption runs in the secure element, then data displayed on your screen. I’m no expert but its designed in a way that makes screen recorders unable to capture the video, resulting in a blackscreen.
If you try to play it on Linux, it reverts back to L3 Widevine which only for netflix they only allow SD content to run with L3 Widevine
Of course you can use an actual camera to record the screen, but then its a degraded image.
So Youtube could theoretically enforce L1 Widewine on every video, if they wanted to.
I guess I’m still not following how if I’m using say the nvidia geforce screen recording software which is capturing the display of my screen how the browser knows. Since the browsers has already gotten the image and displayed it and the recorder is recording the display instead of, intercepting (I suppose is the best word) the data before it is displayed.