Block MediaRecorder from recording a MediaStream

[Anton Venema]

For content distributed over WebRTC that would normally be protected by Widevine or some other DRM provider if HLS or DASH were used, is there a way to signal to the browser that the MediaRecorder API should not be allowed?

Has anyone successfully and effectively protected copyrighted material that is distributed to the player using WebRTC?

--

Anton Venema
Frozen Mountain Software
888-379-6686 (FRZN-MTN)
www.frozenmountain.com

[guest271314]

What are you trying to achieve?

AFAIK, there is no way to prevent a user from capturing audio or video that they are capable of playing back locally.

[Anton Venema]

My goal is to identify a way to prevent real-time content delivered by WebRTC from being recorded and saved locally.

My understanding is that content delivered by HLS or MPEG-DASH can do this using DRM technology built into popular web browsers like Chrome, Firefox, and Safari.

It would not prevent someone from pointing a camera at their screen, but would, in the ideal case, limit local software from being used to record and save the real-time content to disk.

There is a business case here for live broadcasts that want to deliver copyrighted content in true real-time (i.e. using WebRTC) to an interactive audience where even a small delay jeopardizes the experience.

--

---
You received this message because you are subscribed to a topic in the Google Groups "discuss-webrtc" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/discuss-webrtc/TVY-q0NYyss/unsubscribe.
To unsubscribe from this group and all its topics, send an email to discuss-webrt...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/discuss-webrtc/b764b853-d07f-44a0-8fa3-6f770150a150n%40googlegroups.com.

[guest271314]

Again, AFAIK the requirement 

> prevent real-time content delivered by WebRTC from being recorded and saved locally

is not possible. 

> My understanding is that content delivered by HLS or MPEG-DASH can do this using DRM technology built into popular web browsers like Chrome, Firefox, and Safari.

I am not sure about what HLS or MPEG-DASH advertise. I am rather certain I can capture, record, and further manipulate any media that I am able to playback on my machine using a variety of different approaches, including local applications and/or the browser itself.

[Anton Venema]

Just found this: https://github.com/w3c/mediacapture-fromelement/issues/20

... which basically describes what we are trying to do.

Netflix seems to take advantage of this feature. On macOS, if I load up a Netflix video in Chrome and then attempt to get a MediaStream reference from the <video> element, I get an error:

$('video')

    <video src="blob:https://www.netflix.com/afbd6631-14fc-45f8-bf91-70ee5724d89b" style="height: 112.5%;"></video>

$('video').captureStream()

    VM1155:1 Uncaught DOMException: Failed to execute 'captureStream' on 'HTMLMediaElement': Stream capture not supported with EME

This is perfect. Chrome knows somehow that the content is protected/encrypted. Because of this, it refuses to allow the JavaScript context to get a reference to the underlying MediaStream (which MediaRecorder requires).

So I suppose my question is this...

Is there a way to do this when playing back a WebRTC stream? Can we somehow inform the <video> element that the underlying WebRTC stream is protected?

To view this discussion on the web visit https://groups.google.com/d/msgid/discuss-webrtc/24161304-4432-4aba-b5d4-0b681d3fce1fn%40googlegroups.com.

--

Anton Venema

CTO

Frozen Mountain Software
888-379-6686 (FRZN-MTN)

www.frozenmountain.com

[guest271314]

Why do not use EME, the same approach that Netflix uses?

What happens when you attempt to capture the Window the video is being played on using native applications; i.e., using screenshots, and capturing audio output to your speakers or headphones?

HTMLMediaElement already does not allow capture of audio or video when the src is set to cross-origin URL.

We can still capture the entire screen using the browser itself with getDisplayMedia() or series of screenshots, or without using the browser using native applications, e.g., https://itsfoss.com/best-linux-screen-recorders/.

For audio, given the sound is output through speakers or headphones we can capture entire system audio output or specific sink-inputs, e.g., https://github.com/guest271314/captureSystemAudio.

For WebRTC, we can read the raw data of a MediaStreamTrack itself using MediaStreamTrackProcessor.

If you believe that you can use a single approach or multiple approaches, including encrypted media (https://www.giacomovacca.com/2017/01/analysing-opus-media-from-network-traces.html "This only works if the opus payload in the RTP is not encrypted"), to reliably prevent users from capturing and recording media being played on their machine kindly advise me of that approach so that I can proceed to experiment with approaches to circumvent such restrictions. 

For the above reasons, while specifications might advertise such capability as your requirement, the technology exists to thwart such limitations or restrictions, thus you cannot guarantee that the user cannot record the media they decide to playback on their machine. I suppose you could make such a guarantee, however, there is no way for you to verify that is true and correct for all cases.

[Someone]

Hey,

How do I go around that EME block that Netflix uses?

[PhistucK]

I am pretty sure you cannot get around encrypted media extensions. The whole point is that this is a protected stream. I doubt the browser even receives the stream to play. Widevine probably renders it itself or something like that.

☆PhistucK

You received this message because you are subscribed to the Google Groups "discuss-webrtc" group.
To unsubscribe from this group and stop receiving emails from it, send an email to discuss-webrt...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/discuss-webrtc/1cc248a1-8a20-4492-9753-9c7123a27921n%40googlegroups.com.

[guest271314]

navigator.mediaDevices.getDisplayMedia() provides a means to record windows, tabs, screens.