How does Netflix detect "suspicious" activity? Does $NFLX allow 4k streaming over GrapheneOS? If so, could you pin a different certificate and do some HTTP proxy traffic manipulation to obfuscate the device (presumably an Android phone) identity or otherwise work around the DRM?
I want to understand more about this but unfortunately the reddit thread is bits and pieces scattered amongst clueless commentary, making it challenging to wade through.
See AWS offering: (and probably what they use for Prime Video, Netflix has their own)
For large-scale per-viewer, implement a content identification strategy that allows you to trace back to specific clients, such as per-user session-based watermarking. With this approach, media is conditioned during transcoding and the origin serves a uniquely identifiable pattern of media segments to the end user. A session to a user-mapping service receives encrypted user ID information in the header or cookies of the request context and uses this information to determine the uniquely identifiable pattern of media segments to serve to the viewer. This approach requires multiple distinctly watermarked copies of content to be transcoded, with a minimum of two sets of content for A/B watermarking. Forensic watermarking also requires YUV decompression, so encoding time for 4K feature length content can take upwards of 20 hours. DRM service providers in the AWS Partner Network (APN) are available to aid in the deployment of per-viewer content forensics.
They also use a traitor tracing scheme (Tardos codes) such that if multiple pirates get together to try and remove the watermark they will fail, you would need an unreasonably large number of pirates to succeed for some length of time.
> They also use a traitor tracing scheme (Tardos codes) such that if multiple pirates get together to try and remove the watermark they will fail, you would need an unreasonably large number of pirates to succeed for some length of time.
Why?
They are designed to survive being recorded by a phone at an angle. The embedding is only 1-bit per segment which can be multiple megabytes.
> Why?
Tardos codes scale as the square of the number of traitors times a constant. For example, a movie would typically have 2000 segments -> 2000 bits of encoding. By my calculation, at around 7 traitors some start to skate by detection. And there are ways to make detection additive across leaked content, so with another 2000 all 7 will get caught. This is because while they may not score highly enough to be reliably accused, they will be under suspicion, and that suspicion can later be enhanced.
To be clear, what the traitors are doing is pooling all the segment versions they have available to them, and adversarially choose a segment at random. This is the best strategy they have, a close second is to choose the segment that the majority have.
Trying to remove the actual 1-bit watermark from the segment isn't typically feasible. Every segment will have a unique adjustment to encode it. The embedding algorithm will take a secret key.
For every segment in a video there will be two versions. Every user will get a unique sequence of segments served to them.
For hardware DRM schemes, the initial key material is typically provisioned during manufacturing.
Since the server-side is able to identify the client device, they can in theory fingerprint the content if they want to. That way if someone cracks and shares the content, they can look at the fingerprint and figure out which device (and which account) leaked it - and then ban them.
I've never seen direct evidence that Netflix fingerprints their 4K content (although I've never properly looked), so I suspect the device-burning thing might be a bit of an urban legend. But it is technically plausible.