Talk:Widevine

Widevine has been listed as one of the Engineering and technology good articles under the good article criteria. If you can improve it further, please do so. If it no longer meets these criteria, you can reassess it. Review: August 7, 2023. (Reviewed version).

This article is rated GA-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Computing: Networking / Software Low‑importance This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles Low This article has been rated as Low-importance on the project's importance scale. This article is supported by Networking task force (assessed as Low-importance). This article is supported by WikiProject Software (assessed as Low-importance). This article is supported by WikiProject Computer Security (assessed as Low-importance). Things you can help WikiProject Computer Security with: edit history watch purge Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Answer question about Same-origin_policy Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here. Google Low‑importance This article is within the scope of WikiProject Google, a collaborative effort to improve the coverage of Google and related topics on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.GoogleWikipedia:WikiProject GoogleTemplate:WikiProject GoogleGoogle articles Low This article has been rated as Low-importance on the project's importance scale. WikiProject Google To-do: edit history watch purge Here are some tasks awaiting attention: Article requests : Articles for most of the other products listed here and here. Assess : All articles in the Category:Unknown-importance Google articles and Category:Unassessed Google articles using the project's assessment scale Expand : Google Mapathon, Google Talkback Maintain : This WikiProject Merge : Google mobile services into List of Google products Stubs : Category:Stub-Class Google articles and Category:Google stubs Update : List of features in Android and Gmail interface#Product integration. Update logos of Google Marketing Platform products Other : Add more stuff to this to do list if you like! (click here...) create: Help the Google article for a good article status Improve the Outline of Google Get more members using : {{subst:Wikipedia:WikiProject Google/Invite Members}} Infobox Images with transparent areas needing a different background color

I just added the Ad tag to this page. Some extracts that are pretty blatant:

• "Content creators, MSOs, and other enterprise media companies can use Widevine to ensure the monetization of content across every device."
• "Widevine is used by top Content Providers including Amazon Video, BBC, Hulu, Netflix and Spotify whom [sic] secure premium content using Widevine DRM."
• The bullet points in the Certification Program section

I'm not experienced enough to trust myself to overhaul a page, but I've added the tag to the page in the hopes that someone more skilled might. — Preceding unsigned comment added by 76.68.140.81 (talk • contribs) 2018-08-17 (UTC)

+1, I like "my" old version better, anything remotely critical or LINUXish is now gone, including the recipe how to disable Widevine on Firefox. Today I only wanted to check that Spotify is mentioned, and suggest a link to their simple help page explaining the Widevine issue for different browsers. I was unable to find the English help page after creating an account (immediately deleted after stumbling over the Widevine requirement) from Germany, and maybe their community pages are anyway more relevant.^[1] –84.46.52.175 (talk) 00:23, 16 December 2018 (UTC)[reply]

I've invited Ryancl01 to this discussion. –84.46.52.175 (talk) 01:09, 16 December 2018 (UTC)[reply]

I've now blanked the spammy "certification program" section based only on two self-published sources, and killed some "many" etc. weasels in another section. –84.46.52.142 (talk) 00:14, 13 April 2019 (UTC)[reply]

I've also removed the "open source" section about two NN products, i.e., products without wikilink and only obscure Google-sources (counted as primary / self-published.) –84.46.52.142 (talk) 01:56, 13 April 2019 (UTC)[reply]

My English is limited, so I don't want to write that section, but it would be good to mention that Widevine/Google occasionally rejects to get permission to use that mechanism in open source projects, preluded by months of waiting (possibly also in general they can ban selected projects, but I didn't find reliable sources for the later).

In April 2019, the author of a Chromium derived open source browser - Metastream was denied permission to use Widevine in his project with the response "we're not supporting an open source solutions like this". Some sources: https://blog.samuelmaddock.com/posts/google-widevine-blocked-my-browser/ https://www.theregister.co.uk/2019/04/03/googles_widevine_drm/ https://boingboing.net/2019/04/03/i-hate-being-right-2.html https://news.ycombinator.com/item?id=19553941&p=2 — Preceding unsigned comment added by Szpak (talk • contribs)

Thanks, added to section "Open source", which generally looked as if it was written as an ad.  Done --rugk (talk) 13:29, 25 July 2019 (UTC)[reply]

Here is the link https://twitter.com/David3141593/status/1080606827384131590?ref_src=twsrc%5Etfw — Preceding unsigned comment added by 87.8.243.184 (talk) 04:50, 25 July 2019 (UTC)[reply]

@2605:e000:1127:838d:a15d:aa4a:4975:acb:. Can you please elaborate on why you undid my changes (without providing an edit summary)? DRM is in general not a security feature and does not enable «Secure Distribution», it serves the purpose to restrict what can be done with the transmitted data. Secure Distribution technologies would be TLS etc. If you don't provide an explanation, I'll undo your changes tomorrow. -- Dr.üsenfieber (talk) 22:19, 9 December 2020 (UTC)[reply]

The current lead paragraph contains the phrase "...Google Chrome, Brave and Firefox web browsers (including some derivatives)..." and I wonder if the current formulation might be redundant, given the fact that Brave is already a "derivative" of one of the other browsers in the list. If we were to include Brave, then I think it would be reasonable to also include other Chromium-based browsers such as Edge and Opera, both of which have a larger market share than Brave and also have options (either integrated or downloadable on-demand) to play Widevine content. I think it'd be better to just list the two upstream browsers (Chrome and Firefox) and also include the "some derivatives" note. 142.162.184.35 (talk) 21:25, 23 April 2022 (UTC)[reply]

@ElijahPepe some Harv warnings here, may want to fix them before someone starts reviewing. DFlhb (talk) 06:48, 1 June 2023 (UTC)[reply]

Done. elijahpepe@wikipedia (he/him) 13:54, 1 June 2023 (UTC)[reply]

Passed. Sammi Brie (she/her • t • c) 03:36, 7 August 2023 (UTC)[reply]

The following discussion is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

---

GA toolbox
Copyvio detector Authorship External links
Reviewing
Templates Criteria Instructions

This review is transcluded from Talk:Widevine/GA1. The edit link for this section can be used to add comments to the review.

Reviewer: Sammi Brie (talk · contribs) 03:08, 7 August 2023 (UTC)[reply]

GA review (see here for what the criteria are, and here for what they are not)
It is reasonably well written. a (prose, spelling, and grammar): b (MoS for lead, layout, word choice, fiction, and lists): It is factually accurate and verifiable. a (references): b (citations to reliable sources): c (OR): d (copyvio and plagiarism): It is broad in its coverage. a (major aspects): b (focused): It follows the neutral point of view policy. Fair representation without bias: It is stable. No edit wars, etc.: It is illustrated by images, where possible and appropriate. a (images are tagged and non-free images have fair use rationales): b (appropriate use with suitable captions):
Overall: Pass/Fail:
· · ·

Looking good for the most part. Give it a fresh once-over as it's been a while. Sammi Brie (she/her • t • c) 03:08, 7 August 2023 (UTC)[reply]

• Nominator replied on WP:DISCORD. Pointed out coverage decreased when Google bought Widevine, which does make some sense as it would no longer have been a standalone public company. The other issues were all fixed, and I will pass. Sammi Brie (she/her • t • c) 03:35, 7 August 2023 (UTC)[reply]

Copy changes[edit]

• Yes, that should be Telus's (MOS:'S)
• There is a {{relevant?}} tag on the sentence The acquisition occurred on the same day Viacom filed an appeal in Viacom v. YouTube, a case regarding Google's role in users uploading content owned by Viacom onto YouTube. that must be addressed.
• Is there anything further about Google development/uptake of Widevine in the 2010s? I see material in the Client support section, too... Would any of that belong in that area?
• Consider linking proxy server
• The block is AES-128-CBC encrypted with a random initialization vector (IV) and the fields are defined in big-endian byte order. Add a comma after (IV). User:Sammi Brie/Commas in sentences (CinS)
• Despite this, vendors may still choose to encrypt audio and video with the same key, or may not even encrypt the audio at all. Remove this comma: "vendors" is the subject in both halves of the sentence. (CinS)
• Also remove this comma in a footnote: remote_attestation_verified requires the use of a Trusted Platform Module (TPM), and is enabled at boot for devices with a TPM. (CinS)
• I would change HBO Max to Max to remain current.
• In 2021, the Android version of Widevine L3 has been reverse engineered and broken by security researchers. The same year, Qi Zhao presented the first attack breaking Widevine L1 in Android by recovering the L1 keybox.
  • Tense error in first sentence.
  • Second sentence does not end in an inline citation, though it contains one.

Sourcing and spot checks[edit]

The Forbes article was staff-written, and the TechCrunch article is fine as not being used to demonstrate notability.

• 4: Article in Streaming Media. This seems to somewhat follow a press release and actually introduces a typo (DEX-X instead of DES-X). The source release seems to be ProQuest 444197649. I doubt there's anything better myself. Y
• 14: 2007 Advanced Television article on Widevine suing Verimatrix on patent infringement. Y
• 19: 2009 funding round. Y
• 25: 2022 Android Police article on Widevine. To meet security Level 1, all content processing, cryptography, and control must be performed within the Trusted Execution Environment (TEE) of the device’s processor. This is to prevent external tampering and copying of the media file. All ARM Cortex-A processors implement TrustZone technology, creating a hardware separation that allows a trusted OS (such as Android) to create a TEE for DRM, and other secure applications. Y
• 43: Patat et al 2022a p.43. I cannot seem to access this citation including in Wikipedia Library (doi:10.1109/SPW54247.2022.9833867).
• 53: Google 2017 p.23. I found the reference elsewhere: Android 5+ includes a version of Chrome that supports HTML5. You can implement an HTML5 DASH and CENC video application using Encrypted Media Extensions (EME) and Media Source Extensions (MSE). Shaka Player supports Chrome on Android. See Shaka Player section for more information on HTML5 playback. This, I believe, would suggest Widevine support. Y

Earwig finds a handful of technical terms and banal phrases that aren't concerning.

Images[edit]

The only image is a PD-text/below TOO logo. Encouragement: Add alt text.

The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

I think the section Client Support is currently misleading, as it mentions browsers only. Given that Widevine is a binary operating system as well as CPU architecture play a major role. I also don't think "support" is a great term here, as it gives the impression that Clients need to add support, when in fact many would like to, but cannot. I'd consider rewriting and renaming the section to clarify that the people behind Widevine choose which Browser, OS and Architecture they are willing to support. This might even make a criticism section somewhat redundant. I do not know if that is the best way, but given that there are many systems running Firefox or Chromium out there which are not able to run Widevine I think it is worth clarifying this bit and not boldly claim that for example Firefox and Chromly simply support it. Actually not even Chromium derivatives (Brave, Electron based applications, etc.) support it, so the statement is wrong. Athaba (talk) 11:19, 1 January 2024 (UTC)[reply]