This is the talk page for discussing improvements to the Widevine article. This is not a forum for general discussion of the article's subject. |
Article policies
|
Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
Widevine has been listed as one of the Engineering and technology good articles under the good article criteria. If you can improve it further, please do so. If it no longer meets these criteria, you can reassess it. Review: August 7, 2023. (Reviewed version). |
This article is rated GA-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||||||||||||||||||
|
Added Ad tag
editI just added the Ad tag to this page. Some extracts that are pretty blatant:
- "Content creators, MSOs, and other enterprise media companies can use Widevine to ensure the monetization of content across every device."
- "Widevine is used by top Content Providers including Amazon Video, BBC, Hulu, Netflix and Spotify whom [sic] secure premium content using Widevine DRM."
- The bullet points in the Certification Program section
I'm not experienced enough to trust myself to overhaul a page, but I've added the tag to the page in the hopes that someone more skilled might. — Preceding unsigned comment added by 76.68.140.81 (talk • contribs) 2018-08-17 (UTC)
- +1, I like "my" old version better, anything remotely critical or LINUXish is now gone, including the recipe how to disable Widevine on Firefox. Today I only wanted to check that Spotify is mentioned, and suggest a link to their simple help page explaining the Widevine issue for different browsers. I was unable to find the English help page after creating an account (immediately deleted after stumbling over the Widevine requirement) from Germany, and maybe their community pages are anyway more relevant.[1] –84.46.52.175 (talk) 00:23, 16 December 2018 (UTC)
- I've invited Ryancl01 to this discussion. –84.46.52.175 (talk) 01:09, 16 December 2018 (UTC)
- I've now blanked the spammy "certification program" section based only on two self-published sources, and killed some "many" etc. weasels in another section. –84.46.52.142 (talk) 00:14, 13 April 2019 (UTC)
- I've also removed the "open source" section about two NN products, i.e., products without wikilink and only obscure Google-sources (counted as primary / self-published.) –84.46.52.142 (talk) 01:56, 13 April 2019 (UTC)
Add section about discrimination of open source projects
editMy English is limited, so I don't want to write that section, but it would be good to mention that Widevine/Google occasionally rejects to get permission to use that mechanism in open source projects, preluded by months of waiting (possibly also in general they can ban selected projects, but I didn't find reliable sources for the later).
In April 2019, the author of a Chromium derived open source browser - Metastream was denied permission to use Widevine in his project with the response "we're not supporting an open source solutions like this". Some sources: https://blog.samuelmaddock.com/posts/google-widevine-blocked-my-browser/ https://www.theregister.co.uk/2019/04/03/googles_widevine_drm/ https://boingboing.net/2019/04/03/i-hate-being-right-2.html https://news.ycombinator.com/item?id=19553941&p=2 — Preceding unsigned comment added by Szpak (talk • contribs)
- Thanks, added to section "Open source", which generally looked as if it was written as an ad. Done --rugk (talk) 13:29, 25 July 2019 (UTC)
L3 Broken in JAN 2019 by David Buchanan
editHere is the link https://twitter.com/David3141593/status/1080606827384131590?ref_src=twsrc%5Etfw — Preceding unsigned comment added by 87.8.243.184 (talk) 04:50, 25 July 2019 (UTC)
Security vs Restriction.
edit@2605:e000:1127:838d:a15d:aa4a:4975:acb:. Can you please elaborate on why you undid my changes (without providing an edit summary)? DRM is in general not a security feature and does not enable «Secure Distribution», it serves the purpose to restrict what can be done with the transmitted data. Secure Distribution technologies would be TLS etc. If you don't provide an explanation, I'll undo your changes tomorrow. -- Dr.üsenfieber (talk) 22:19, 9 December 2020 (UTC)
Use in web browsers
editThe current lead paragraph contains the phrase "...Google Chrome, Brave and Firefox web browsers (including some derivatives)..." and I wonder if the current formulation might be redundant, given the fact that Brave is already a "derivative" of one of the other browsers in the list. If we were to include Brave, then I think it would be reasonable to also include other Chromium-based browsers such as Edge and Opera, both of which have a larger market share than Brave and also have options (either integrated or downloadable on-demand) to play Widevine content. I think it'd be better to just list the two upstream browsers (Chrome and Firefox) and also include the "some derivatives" note. 142.162.184.35 (talk) 21:25, 23 April 2022 (UTC)
Harv warnings
edit@ElijahPepe some Harv warnings here, may want to fix them before someone starts reviewing. DFlhb (talk) 06:48, 1 June 2023 (UTC)
- Done. elijahpepe@wikipedia (he/him) 13:54, 1 June 2023 (UTC)
GA Review
editThe following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.
GA toolbox |
---|
Reviewing |
- This review is transcluded from Talk:Widevine/GA1. The edit link for this section can be used to add comments to the review.
Reviewer: Sammi Brie (talk · contribs) 03:08, 7 August 2023 (UTC)
GA review (see here for what the criteria are, and here for what they are not) |
---|
|
Overall: |
· · · |
Looking good for the most part. Give it a fresh once-over as it's been a while. Sammi Brie (she/her • t • c) 03:08, 7 August 2023 (UTC)
- Nominator replied on WP:DISCORD. Pointed out coverage decreased when Google bought Widevine, which does make some sense as it would no longer have been a standalone public company. The other issues were all fixed, and I will pass. Sammi Brie (she/her • t • c) 03:35, 7 August 2023 (UTC)
Copy changes
edit- Yes, that should be Telus's (MOS:'S)
- There is a {{relevant?}} tag on the sentence
The acquisition occurred on the same day Viacom filed an appeal in Viacom v. YouTube, a case regarding Google's role in users uploading content owned by Viacom onto YouTube.
that must be addressed. - Is there anything further about Google development/uptake of Widevine in the 2010s? I see material in the Client support section, too... Would any of that belong in that area?
- Consider linking proxy server
- The block is AES-128-CBC encrypted with a random initialization vector (IV) and the fields are defined in big-endian byte order. Add a comma after (IV). User:Sammi Brie/Commas in sentences (CinS)
- Despite this, vendors may still choose to encrypt audio and video with the same key, or may not even encrypt the audio at all. Remove this comma: "vendors" is the subject in both halves of the sentence. (CinS)
- Also remove this comma in a footnote:
remote_attestation_verified requires the use of a Trusted Platform Module (TPM), and is enabled at boot for devices with a TPM.
(CinS) - I would change HBO Max to Max to remain current.
- In 2021, the Android version of Widevine L3 has been reverse engineered and broken by security researchers. The same year, Qi Zhao presented the first attack breaking Widevine L1 in Android by recovering the L1 keybox.
- Tense error in first sentence.
- Second sentence does not end in an inline citation, though it contains one.
Sourcing and spot checks
editThe Forbes article was staff-written, and the TechCrunch article is fine as not being used to demonstrate notability.
- 4: Article in Streaming Media. This seems to somewhat follow a press release and actually introduces a typo (DEX-X instead of DES-X). The source release seems to be ProQuest 444197649. I doubt there's anything better myself.
- 14: 2007 Advanced Television article on Widevine suing Verimatrix on patent infringement.
- 19: 2009 funding round.
- 25: 2022 Android Police article on Widevine.
To meet security Level 1, all content processing, cryptography, and control must be performed within the Trusted Execution Environment (TEE) of the device’s processor. This is to prevent external tampering and copying of the media file. All ARM Cortex-A processors implement TrustZone technology, creating a hardware separation that allows a trusted OS (such as Android) to create a TEE for DRM, and other secure applications.
- 43: Patat et al 2022a p.43. I cannot seem to access this citation including in Wikipedia Library (doi:10.1109/SPW54247.2022.9833867).
- 53: Google 2017 p.23. I found the reference elsewhere:
Android 5+ includes a version of Chrome that supports HTML5. You can implement an HTML5 DASH and CENC video application using Encrypted Media Extensions (EME) and Media Source Extensions (MSE). Shaka Player supports Chrome on Android. See Shaka Player section for more information on HTML5 playback.
This, I believe, would suggest Widevine support.
Earwig finds a handful of technical terms and banal phrases that aren't concerning.
Images
editThe only image is a PD-text/below TOO logo. Encouragement: Add alt text.
Client Support misleading
editI think the section Client Support is currently misleading, as it mentions browsers only. Given that Widevine is a binary operating system as well as CPU architecture play a major role. I also don't think "support" is a great term here, as it gives the impression that Clients need to add support, when in fact many would like to, but cannot. I'd consider rewriting and renaming the section to clarify that the people behind Widevine choose which Browser, OS and Architecture they are willing to support. This might even make a criticism section somewhat redundant. I do not know if that is the best way, but given that there are many systems running Firefox or Chromium out there which are not able to run Widevine I think it is worth clarifying this bit and not boldly claim that for example Firefox and Chromly simply support it. Actually not even Chromium derivatives (Brave, Electron based applications, etc.) support it, so the statement is wrong. Athaba (talk) 11:19, 1 January 2024 (UTC)
Critics is missing?
editif I'm looking correctly, I don't see criticism about denying technology to some open source projects and platforms (for projects see de.wiki, for 32 bit linux see this article). Palu (talk) 22:20, 26 May 2024 (UTC)