Threat Center Security News iPlayer Vulnerability Fixed
iPlayer Vulnerability Fixed Print E-mail
Written by Rebecca Mints   
Friday, 14 March 2008 10:58

A vulnerability that allowed users of iPhones and iPods to download programs has been fixed.  Now the programs can only be streamed, which was the original intent.

When the software was developed, iPlayer developers used agent strings to authenticate new H.264 streams were being dispersed to an iPhone or iPod Touch.  With some careful modifications to the user agent strings unauthorized downloads were made possible.  The DRM-protected programs could then be saved and also shared.  The contract the BBC has with third party productions only allows downloads if the DRM locks down the file after 30 days.  The BBC remarked:  "Like other broadcasters, the security of rights-protected content online is an issue we take very seriously."

 

REFERENCES:

IPTV watch

BBC fixes iPlayer vulnerability

 

WTW Threat Level