I reserved my criticism of the problem when it crept, I have a basic understanding of the complexity of the whole situation. Someday (maybe it's already been done) someone will get an epiphany and open it wide open with a bulletproof method, regardless of cdm updates. Without showing my age, I remember the first DVD rippers like it was yesterday, and the method to extract the key was genius. 4K discs? Yup, a 'different' approach is what prevailed, not the actual brute force decipher.
At some point every company could use the system Vudu uses, seeing as no commercial solutions have figured that one out.



Long time Easynews member right here! Still $60 a year. The issues I often see though on newsfeeds are recodes and such.​

Correct. I was using SABnzbd with SickBeard and CouchPotato before i discovered NZBget. Before all the automation introduced by SickBeard and CouchPotato, i was using Forté Agent Newsreader

There are plenty of good NZB Indexers still around but nothing beats the old NZBs(dot)ORG

​

I personally just use the scene since they provide H265 with proper audio.

And since i use Newsgroups, i get ultrafast speeds and no rights owners can track what i am doing like with torrents.

​

I will try my best to explain the differences.

There are three major DRM protection schemes in the world. (There are many, but only these three are considered Hollywood-grade encryption methods.)

1. Widevine - The DRM system created by Google. This is present in almost all types of devices.
2. PlayReady - The DRM system created by Microsoft. This is present only in some devices, such as PCs/Laptops (Edge browser), some Android phones and Android TVs, and devices like Xbox and PlayStation. Some of these devices have both Widevine and PlayReady integrated, but some devices like PlayStation have only PlayReady as a DRM system.
3. FairPlay - The DRM system created by Apple. This can only be found in Apple devices. Apple devices usually do not have support for Widevine or PlayReady.

As you can see, some devices support multiple DRM systems, but others support only one. Therefore, streaming sites typically add support for all three DRM systems so their videos can be played on a wider range of devices.

Let's talk about Widevine first.

Widevine has three security levels: L1, L2, and L3. The L2 level is almost non-existent. On Android devices (mobiles, TVs, etc.), we typically find L1 and L3 levels. The security level depends on the device: if a device lacks a trust zone, it will not support L1. On PC browsers, the ChromeCDM is used, which technically falls under L3. In browsers, the ChromeCDM functions solely through a DLL and does not rely on any hardware components for security. For reference, in Widevine, a CDM refers to the Content Decryption Module of the device, which includes the Widevine RSA private key and the client ID of the device. Widevine has been privately cracked from 2016 or earlier.

First, let's talk about L3. This is the lowest protection level of Widevine. The method for extracting a normal Android L3 CDM is well-known and public to the point where many people on the internet know how to do it. Typically, with an Android L3, you can obtain keys from most services. However, many services now restrict the maximum quality allowed for Android L3 to SD (standard definition) because of this widespread knowledge.

Next, let's discuss L1. This is the highest protection level of Widevine. Normally, L1 CDMs are extracted through hardware exploits on mobile devices or smart TVs. L1 has no restrictions, and services allow up to 4K quality on them. The challenge is that they are quite difficult to extract, and even if you obtain one, Google will quickly blacklist and revoke it if you make incorrect license requests. Nowadays, a single incorrect license request to services like Apple TV or Netflix can result in immediate revocation of the L1. There is no public method available for extracting L1 CDMs. The general method involves finding a vulnerable device with TEE (Trusted Execution Environment) exploits and using that vulnerability to extract the device's keybox through the TEE. After that, you can provision the keybox to get an L1 CDM. Although this method is not public, some people have obtained L1 CDMs, often through sellers who get leaked L1s from scene/p2p groups. However, the number of people who know how to extract L1s themselves has increased compared to a few years ago.

Now, the ChromeCDM, which StreamFab uses, is somewhat in the middle of these levels. Some services allow HD/FHD and even UHD qualities to it, even though it is technically an L3. This varies by service. For example, services like Netflix, Amazon, and Canal+ allow 720p/1080p qualities (with all the profiles) for the ChromeCDM, unlike Android L3s, which are limited to SD on those services. Typically, the ChromeCDM supports up to 1080p on most sites and even 4K on sites without strict restrictions. However, some sites limit ChromeCDM to 480p or 720p, similar to Android L3s. For example, on Disney+ and HBO Max (Max), all L3s, including ChromeCDM, are limited to 720p, and on Apple TV, all L3s, including ChromeCDM, are limited to 540p. Note that individual services cannot blacklist or revoke the ChromeCDM, regardless of how many incorrect requests you make, unlike Android L1s. This is because the ChromeCDM is the same for every browser, with the same private key, and will not be revoked until Google issues a new stable version and gradually revokes the old version. Extracting the private key of the ChromeCDM is significantly more difficult than extracting L1s, according to my honest opinion. I have explained the process behind what StreamFab does for cracking the ChromeCDM here.
​

Now let's talk about PlayReady.

PlayReady mainly has two security levels: SL2000 and SL3000. SL2000 is equivalent to Widevine L3 security level, and SL3000 is equivalent to Widevine L1 security level (based on depending on a TEE for content key decryption). On PCs and laptops, PlayReady can only be found in Edge browsers (Edge browsers also support Widevine). Keep in mind that Edge browsers on some Windows versions, such as Windows Server, do not support PlayReady. Depending on whether a PC supports TPM, the Edge browser can contain both SL2000 and SL3000 security levels. For reference, in PlayReady, a "cert" refers to the PlayReady certificate of a device. To the best of my knowledge, PlayReady has been privately cracked since 2021/2022. However, as I mentioned earlier, PlayReady API sellers have only recently emerged. Sellers sell API access to both SL2000 and SL3000 levels. Also, services do not blacklist PlayReady certs very often, and Microsoft does not revoke them frequently, unlike Widevine L1, which can get instantly blacklisted or revoked.

I am not going to talk about PlayReady in-depth here for various reasons. Think of it as being more or less the same as Widevine in terms of its protection levels and restrictions. The method for extracting PlayReady certs is not public yet, and the only way someone can access PlayReady is through API sellers.
​
There isn't much to say about FairPlay. Forget about it. Don't get me wrong, though. It has also been cracked, but only a very, very small number of people—countable on one hand—have access to it. Additionally, we can't use FairPlay with all services even if we crack it, unlike how we can use a Widevine CDM or a PlayReady cert with all services.
​​
So let's go to your question now.

After the revocation, since AnyStream does not have a way of cracking the ChromeCDM, they had two other options: Widevine L1 or PlayReady. If you read the above descriptions of Widevine and PlayReady, you can understand that AnyStream's next best option is to move on to PlayReady because a) Widevine L1 can get revoked/blacklisted very often, making it really hard to find a new L1 CDM each time, and b) there were many PlayReady sellers emerging at the same time with not-so-unreasonable prices. Also, since license requests of AnyStream supported services already happened server-side in AnyStream, unlike in StreamFab where they occur client-side, it was easy for them to implement PlayReady. I explained the reason here about why they couldn't add support for Netflix with PlayReady. Adding support for Amazon is really easy with PlayReady as all you have to do is swapping some header and payload parameters of the license request and sending the PlayReady challenge which was obtained through the API.

As for StreamFab, adding support for PlayReady will be a little complex, especially because of the DRM MPD module. The way StreamFab works generally is, when we go to the DRM video in StreamFab's browser, it captures the license request and re-does it directly through the browser and captures the license response of it. Then it simply decrypts the license request and response values directly through their API which I have described in a previous post. Also with PlayReady since we can not add support for Netfix without a special required code, it is best for StreamFab for sticking with what they know - cracking the ChromeCDM.

AnyStream never developed their own backend solution for cracking DRM. They didn't reverse-engineer something new. They always relied on previously reverse-engineered solutions and third parties in all their AnyStream software versions. On the other hand, StreamFab initiated this entire process with a DRM solution they reverse-engineered on their own. So, for them, the best approach would be to stick to what they know and try to reverse the new ChromeCDM version, just like they already did. Even though it takes time, they have the ability to crack it. So, rather than reverse-engineering a completely new solution, they stuck to their own method.

​

This thread serves no purpose. I don't believe they are returning at all. I am pretty sure it was not a money grab, and it's too much of a coincidence that Redfox left the earth, and 8 hours later, Fab, after months of putting together a screen recorder, somehow comes up with a fix for Amazon and Netflix. Redfox worked on a fix for Netflix for almost eight months, and I am sure they finally fixed it. They were getting a lot of horrible news about CC providers. Paypal Master Card Visa refused to do business with them—worldwide, most probably due to an order from the Motion Picture Association. They were somewhere in the European Union and were allies with America. On the other hand, China is not a friend of the USA and doesn't have to adhere to rules set in the West. I believe (you don't have to) that they liquated everything of value, including months of work cracking the Netflix DRM, and Fab paid the price due to all the backlash in the forum when they implemented screen recording. I have given this much thought, and this is my conclusion. Yes, it's all speculation, but it makes more sense than any other answer.

What is this?

.. https://www.xreveal.com/
.. https://www.xreveal.com/pro.html

The key files look almost exactly like AnyDVD's.

First release April 30 2024 - https://www.xreveal.com/news.html

Anyone know any more about this or who the developer is?

see here - https://www.videohelp.com/software/Xreveal

First release April 30 2024 - https://www.xreveal.com/news.html

Now you sound like another Fab advertisement. You seem to have a lot of inside information about all the competitors. Is this what you think or what you know?

All of this. I'd be willing to bet serious money it wasn't a money grab where they didn't care if they left everyone high and dry, because you can't fake it and hide that sort of screw-them attitude for more than eight years. Your earlier comment that Interpol or some other agency shut them down was probably accurate, since they were outside of China, with servers in the EU, so essentially they were vulnerable, with no protection other than that they were a group that had to rely on bitcoin, not an established company with a conventional bank account. They made that very clear, but maybe it wasn't enough to keep them under the radar.

There is an issue with the Update History on the official website!

Someone fell with their head on the keyboard!

Now it's back to normal！