As long as there have been games, there have been crackers breaking their copy protections. “Digital Rights Management” or DRM, is a phrase for copy protection coined near the end …read more

August's games include Thief: Definitive Edition and Civilization III: Complete, via DRM-free GOG codes The post Amazon Prime Gaming’s Latest Batch Of Freebies Can Be Grabbed Now appeared first on Kotaku.

We may never get another Deus Ex game featuring Elias Toufexis’ lovely voice as Adam Jensen again, but right now you can snag Human Revolution, the debut of our sunglass-wearing badass cyborg, for less than five bucks and, since it’s on GOG, there’s

In technical fields like information technology, definitions are fundamental. They are the building blocks for constructing useful applications and systems. Yet, despite this, it’s easy to assume a term’s definition and wield it confidently before discovering its true meaning. The two closely related cases that stand out to me are “security” and “privacy.” I say this with full awareness that, in my many writings on information security, I never adequately distinguished these two concepts. It was only after observing enough conflation of these terms that I resolved to examine my own casual treatment of them. So, with the aim of solidifying my own understanding, let’s properly differentiate “information security” and “information privacy.” Security vs. Privacy: Definitions That Matter In the context of information technology, what exactly are security and privacy? Security is the property of denying unauthorized parties from accessing or altering your data. Privacy is the property of preventing the observation of your activities by any third parties to whom you do not expressly consent to observe those activities. As you can see, these principles are related, which is one reason why they’re commonly interchanged. This distinction becomes comprehensible with examples. Let’s start with an instance where security applies, but privacy does not. Spotify uses digital rights management (DRM) software to keep its media secure but not private. DRM is a whole topic of its own, but it essentially uses cryptography to enforce copyright. In Spotify’s case, it’s what constitutes streaming rather than just downloading: the song’s file is present on your device (at least temporarily) just as if you’d downloaded it, but Spotify’s DRM cryptography prevents you from opening the file without the Spotify application. The data on Spotify (audio files) are secure because only users of the application can stream audio, and streamed content can’t be retained, opened, or transmitted to non-users. However, Spotify’s data is not private because nearly anyone with an email address can be a user. Thus, in practice, the company cannot control who exactly can access its data. A more complex example of security without privacy is social media. When you sign up for a social media platform, you accept an end-user license agreement (EULA) authorizing the platform to share your data with its partners and affiliates. Your data stored with “authorized parties” on servers controlled by the platform and its affiliates would be considered secure, provided all these entities successfully defend your data against theft by unauthorized parties. In other words, if everyone who is allowed (by agreement) to have your data encrypts it in transit and at rest, insulates and segments their networks, etc., then your data is secure no matter how many affiliates receive it. In practice, the more parties that have your data, the more likely it is that any one of them is breached, but in theory, they could all defend your data. On the other hand, any data you fork over to the social network is not private because you can’t control who uses your data and how. As soon as your data lands on the platform’s servers, you can’t restrict what they do with it, including sharing your data with other entities, which you also can’t control. Both examples illustrate security without privacy. That’s because privacy entails security, but not the reverse. All squares are rectangles, but not all rectangles are squares. If you have privacy, meaning you can completely enforce how any party uses your data (or doesn’t), it is secure by definition because only authorized parties can access your data. Mobile Devices: Secure but Not Private Casually mixing security and privacy can lead people to misunderstand the information security properties that apply to their data in any given scenario. By reevaluating for ourselves whether a given technology affords us security and privacy, we can have a more accurate understanding of how accessible our data really is. One significant misconception I’ve noticed concerns mobile devices. I get the impression that the digital privacy content sphere regards mobile devices as not secure because they aren’t private. But while mobile is designed not to be private, it is specifically designed to be secure. Why is that? Because the value of data is in keeping it in your hands and out of your competitor’s. If you collect data but anyone else can grab your copy, you are not only at no advantage but also at a disadvantage since you’re the only party that spent time and money to collect it from the source. With modest scrutiny, we’ll find that every element of a mobile OS that might be marketed as a privacy feature is, in fact, strictly a security feature. Cybersecurity professionals have hailed application permissions as a major stride in privacy. But whom are they designed to help? These menus apply to applications that request access to certain hardware, from microphones and cameras to flash memory storage and wireless radios. This access restriction feature serves the OS developer by letting users lock out as much of their competition as possible from taking their data. The mobile OS developer controls the OS with un-auditable compiled code. For all you know, permission controls on all the OS’s native apps could be ignored. However, even if we assume that the OS developer doesn’t thwart your restrictions on their own apps, the first-party apps still enjoy pride of place. There are more of them; they are preinstalled on your device, facilitate core mobile device features, require more permissions, and often lose core functions when those permissions are denied. Mobile OSes also sandbox every application, forcing each to run in an isolated software environment, oblivious to other applications and the underlying operating system. This, too, benefits the OS vendor. Like the app permission settings, this functionality makes it harder for third parties to grab the same data the OS effortlessly ingests. The OS relies on its own background processes to obtain the most valuable data and walls off every other app from those processes. Mobile Security Isn’t Designed With You in Mind The most powerful mobile security control is the denial of root privileges to all applications and users (besides, again, the OS itself). While it goes a long way toward keeping the user’s data safe, it is just as effective at subjecting everything and everyone using the device to the dictates of the OS. The security advantage is undeniable: if your user account can’t use root, then any malware that compromises it can’t either. By the same token, because you don’t have complete control over the OS, you are unable to reconfigure your device for privacy from the OS vendor. I’m not disparaging any of these security controls. All of them reinforce the protection of your data. I’m saying that they are not done primarily for the user’s benefit; that is secondary. Those of you familiar with my work might see the scroll bar near the bottom of this page and wonder why I haven’t mentioned Linux yet. The answer is that desktop operating systems, my preferred kind of Linux OS, benefit from their own examination. In a follow-up to this piece, I will discuss the paradox of desktop security and privacy. Please stay tuned.

Why it matters: It's somewhat ironic that arguably the biggest piracy enabler today is a device that comes from Amazon, a $2 trillion tech giant with a streaming service. According to a new report, jailbroken Amazon Fire Sticks are used to watch billions of dollars worth of pirated streams, and Google, Meta and Microsoft are exacerbating the situation. A report from Enders Analysis, titled "Video piracy: Big tech is clearly unwilling to address the problem," looks at the issue of illegal streams. Driving the piracy epidemic, particularly in Europe, is the sports broadcasting industry. The BBC reports that the overall value of media rights for this business passed $60 billion last year, which means fans are paying increasingly higher prices to watch sports on TV, especially if they pay for multiple services. UK soccer fans had to pay around $1,171 in the 23/24 season if they wanted to watch all televised Premier League games. The same is also true for mainstream streamers such as Netflix and Disney Plus, which keep raising their subscription costs and clamping down on account sharing. Paying so much in these economically uncertain times has pushed more people into canceling their legitimate streaming services and turning to pirated alternatives. The report notes that Tom Burrows, head of global rights at the world's largest European soccer streamer, DAZN, called streaming piracy "almost a crisis for the sports rights industry." // Related Stories Comcast-owned European TV giant Sky Group echoed the warnings. It said piracy was costing the company "hundreds of millions of dollars" in revenue. Many high-profile events, such as major games, can draw tens of thousands of viewers away from legal services and toward the many pirated streams showing the same content at a fraction of the price – or free. Most people are familiar with jailbroken Amazon Fire Sticks being used to access illegal streaming services – the report calls the device a "piracy enabler." According to Sky, 59% of people who watched pirated material in the UK over the last year did so using a Fire Stick. The report says that the device enables "billions of dollars in piracy" overall. Would you pirate this pirate show? "People think that because it's a legitimate brand, it must be OK. So they give their credit card details to criminal gangs. Amazon is not engaging with us as much as we'd like," said Sky Group COO Nick Herm. As with all forms of piracy, there are risks associated with this trend. Providing credit card details and email addresses to those behind the services isn't exactly safe, and there have been cases of jailbroken, malware-infested pirate streaming devices – not just Fire Sticks – being sold on eBay, Craigslist, and the dark web. There has been a crackdown on the sale of hacked Fire Sticks in the UK recently. Last year saw a man given a two-year suspended sentence for selling the devices, while another was jailed. Just using these sticks or illegal IPTV subscriptions is breaking the law. It's not just Amazon that is being blamed. The report highlights Facebook's lack of action to stop ads for illegal streams running on the platform. Google and Microsoft are also called out for the "continued deprecation" of their respective DRM systems, Widevine and PlayReady; the report says they "are now compromised across various security levels." Microsoft's last update to PlayReady was December 2022. "Over twenty years since launch, the DRM solutions provided by Google and Microsoft are in steep decline," reads the report. "A complete overhaul of the technology architecture, licensing, and support model is needed. Lack of engagement with content owners indicates this a low priority." Amazon says it is working with industry partners and relevant authorities to combat piracy and protect customers from the risks associated with pirated content. The company has taken (or is about to take) steps to make turning Fire TV-branded devices into piracy boxes more difficult. These include raising the technical bar (ADB over local network disabled, tighter DRM), and adding warning messages about legality. Moreover, Amazon is switching Fire TV devices from Android to the Linux-based Vega OS later this year, which doesn't run Android APKs at all.

Asus' routers and popular and well-reviewed. As such, there's a good chance you have one of its devices powering your home wifi. If you do, you should probably check on it, since thousands of Asus' routers are now compromised. What happened?Cybersecurity company GreyNoise published a blog post about this router attack on Wednesday. GreyNoise says attackers used brute-force login attempts (running millions of login attempts until the right match is found) and authentication bypasses (forcing your way in around traditional authentication protocols) to break into these routers. Notably, hackers used authentication bypass techniques that aren't assigned CVEs (common vulnerabilities and exposures). CVEs are labels used to track publicly disclosed security vulnerabilities, which means the security vulnerabilities were either unknown or known only to a limited circle.Once in, hackers exploited the Asus router's CVE-2023-39780 vulnerability to run whatever commands they wanted. Hackers enabled SSH (secure shell) access through Asus' settings, which let them connect to and control the devices. They then stored the configuration—or backdoor—in NVRAM, rather than the disk of the router. The hackers did not leave malware behind, and even disabled logging, which makes their attacks difficult to detect. It's not clear who is behind these attacks, but GreyNoise did say the following: "The tactics used in this campaign—stealthy initial access, use of built-in system features for persistence, and careful avoidance of detection—are consistent with those seen in advanced, long-term operations, including activity associated with advanced persistent threat (APT) actors and operational relay box (ORB) networks. While GreyNoise has made no attribution, the level of tradecraft suggests a well-resourced and highly capable adversary."How did GreyNoise find out?Sift, GreyNoise’s AI technology, first detected an issue on March 17, noticing unusual traffic. GreyNoise uses fully emulated Asus profiles running factory firmware to test for issues like these, which let researchers observe the attackers' full behavior, reproduce the attack, and discover how the backdoor was installed. Researchers at the company received Sift’s report the following day, and began researching, coordinating with “government and industry partners.” GreyNoise reported that, as of May 27, nearly 9,000 routers were confirmed compromised. The company is pulling that data from Censys, which keeps tabs on internet-facing devices throughout the world. To make matters worse, the affected devices only continue to increase: As of this piece, there were 9,022 impacted routers listed on Censys' site. Luckily, GreyNoise reports that Asus patched the security vulnerability in a recent firmware update. However, if the router was compromised before the patch was installed, the backdoor hackers put into the router will not be removed. Even if this is the case, you can take action to protect your router.If you have an Asus router, do thisFirst, confirm your router is actually made by Asus. If it is, log in to your router via your internet browser. Logging into your router varies by device, but according to Asus, you can head to www.asusrouter.com, or enter your router's IP address into your address bar, then log in with your Asus router username and password. Asus says if this is the first time you've logged into the router, you'll need to set up your account.From here, identify the "Enable SSD" settings option. (You may find this under "Service" or "Administration," according to PCMag.) You'll know the router is compromised if you see that someone can log in via SSH over port 53828 with the following key: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAo41nBoVFfj4HlVMGV+YPsxMDrMlbdDZ (the rest of the key has been cut for length).Now, disable the SSH entry and block these IP addresses: 101.99.91.151101.99.94.17379.141.163.179111.90.146.237From here, factory reset your router. Unfortunately, the patch alone won't be enough, since the attack survives any update. A total reset is the only way to be sure your router is protected. However, if you see your router was not affected here, install the latest firmware update ASAP. Unaffected routers that install the latest patch will be protected from this type of attack going forward.

An anonymous reader quotes a report from the BBC: A lack of action by big tech firms is enabling the "industrial scale theft" of premium video services, especially live sport, a new report says. The research by Enders Analysis accuses Amazon, Google, Meta and Microsoft of "ambivalence and inertia" over a problem it says costs broadcasters revenue and puts users at an increased risk of cyber-crime. Gareth Sutcliffe and Ollie Meir, who authored the research, described the Amazon Fire Stick -- which they argue is the device many people use to access illegal streams -- as "a piracy enabler." [...] The device plugs into TVs and gives the viewer thousands of options to watch programs from legitimate services including the BBC iPlayer and Netflix. They are also being used to access illegal streams, particularly of live sport. In November last year, a Liverpool man who sold Fire Stick devices he reconfigured to allow people to illegally stream Premier League football matches was jailed. After uploading the unauthorized services on the Amazon product, he advertised them on Facebook. Another man from Liverpool was given a two-year suspended sentence last year after modifying fire sticks and selling them on Facebook and WhatsApp. According to data for the first quarter of this year, provided to Enders by Sky, 59% of people in UK who said they had watched pirated material in the last year while using a physical device said they had used a Amazon fire product. The Enders report says the fire stick enables "billions of dollars in piracy" overall. [...] The researchers also pointed to the role played by the "continued depreciation" of Digital Rights Management (DRM) systems, particularly those from Google and Microsoft. This technology enables high quality streaming of premium content to devices. Two of the big players are Microsoft's PlayReady and Google's Widevine. The authors argue the architecture of the DRM is largely unchanged, and due to a lack of maintenance by the big tech companies, PlayReady and Widevine "are now compromised across various security levels." Mr Sutcliffe and Mr Meir said this has had "a seismic impact across the industry, and ultimately given piracy the upper hand by enabling theft of the highest quality content." They added: "Over twenty years since launch, the DRM solutions provided by Google and Microsoft are in steep decline. A complete overhaul of the technology architecture, licensing, and support model is needed. Lack of engagement with content owners indicates this a low priority." Read more of this story at Slashdot.

Weekend PC Game Deals is where the hottest gaming deals from all over the internet are gathered into one place every week for your consumption. So kick back, relax, and hold on to your wallets. The Humble Store's latest bundle is for fighting game fans. The Badass Brawlers bundle begins with Final Vendetta, Full Metal Furies, and Double Dragon Neon for $6. Going up a tier gets you River City Girls and Young Souls, with the price jumping up to $10. The complete bundle costs $16, and it adds River City Girls 2 and Dawn of the Monsters to all the previous games. The bundle has a three-week counter before it goes away. The Epic Games Store's mystery freebies promotion continued this week. The double giveaway was revealed earlier this week to be Tiny Tina's Wonderlands and Limbo. From the duo, Tiny Tina's Wonderlands comes from Gearbox Software. The title is a spin-off from the Borderlands franchise, adding in RPG elements, magic, and a fantasy storyline into the mix. Next, the award-winning puzzle platformer Limbo puts you into the shoes of a nameless boy looking to find his missing sister, with plenty of env Limbo and Tiny Tina's Wonderlands giveaways are slated to run until Thursday, June 5, which is when the next round of mystery freebies will be revealed. Free Events A single free event is running this weekend for any PC gamer to jump into, and it's coming from Ubisoft's coffers. The cooperative third-person shooter The Division 2 is currently available to try out from the Ubisoft Connect client, letting you jump into the complete edition of the looter shooter RPG until June 2. Big Deals Massive specials from series like The Elder Scrolls and Dragon Quest are currently having discounts, which are joined by zombie festivals, an Activision publisher sale, and more. With highlights from those and more, here's our hand-picked big deals list for this weekend: Call of Duty: Black Ops 6 – $38.49 on Steam Warhammer 40,000: Space Marine 2 – $35.99 on Steam DayZ – $24.99 on Steam DRAGON QUEST BUILDERS 2 – $24.99 on Steam Dying Light 2 Stay Human: Reloaded Edition – $23.09 on Steam They Are Billions – $20.99 on Steam DRAGON QUEST XI S: Echoes of an Elusive Age™ - Definitive Edition – $19.99 on Steam My Time at Sandrock – $19.99 on Steam Call of Duty: Modern Warfare® – $19.79 on Steam Legacy of Kain Soul Reaver 1-2 Remastered – $18.84 on Indiegala Crash Bandicoot N. Sane Trilogy – $15.99 on Steam Tony Hawk's Pro Skater™ 1 + 2 – $15.99 on Steam Warhammer 40,000: Darktide – $15.99 on Steam Football Manager 2024 – $14.99 on Steam The Talos Principle 2 – $14.99 on Steam HUMANITY – $14.99 on Steam The Elder Scrolls V: Skyrim VR – $14.99 on Steam Red Dead Redemption 2 – $14.99 on Steam Spyro Reignited Trilogy – $13.99 on Steam Project Zomboid – $13.39 on Steam Tiny Glade – $12.74 on Steam Ravenswatch – $12.49 on Steam Detroit: Become Human – $11.99 on Steam Escape Simulator – $11.99 on Steam Jurassic World Evolution 2 – $11.39 on Gamebillet Viewfinder – $11.24 on Steam Gas Station Simulator – $10.99 on Steam Boxes: Lost Fragments – $10.49 on Steam Superliminal – $9.99 on Steam The Elder Scrolls V: Skyrim Special Edition – $9.99 on Steam Unpacking – $9.99 on Steam TimeShift – $9.99 on Steam World War Z – $9.89 on Steam Singularity – $9.89 on Steam Dorfromantik – $9.79 on Steam Dying Light – $8.99 on Steam Storyteller – $8.99 on Steam The Evil Within 2 – $7.99 on Steam Tom Clancy's Rainbow Six Siege – $7.99 on Steam The Wolf Among Us – $7.49 on Steam A Little to the Left – $7.49 on Steam The Evil Within Bundle – $6.24 on Steam Back 4 Blood – $5.99 on Steam The Elder Scrolls III: Morrowind Game of the Year Edition – $5.99 on Steam FEAR Complete Pack – $5.49 on Steam Zombie Army 4: Dead War – $4.99 on Steam Beyond: Two Souls – $4.99 on Steam The Pedestrian – $4.99 on Steam The Elder Scrolls Online – $4.99 on Steam The Elder Scrolls IV: Oblivion Game of the Year Edition Deluxe (2009) – $4.99 on Steam Sticky Business – $4.99 on Steam Prototype – $4.99 on Steam Pharaoh + Cleopatra – $4.99 on Steam Gorogoa – $4.94 on Steam Graveyard Keeper – $3.99 on Steam Heavy Rain – $3.99 on Steam Streets of Rogue – $3.99 on Steam FEZ – $3.99 on Steam Arcanum: Of Steamworks and Magick Obscura – $3.89 on Steam Caesar 3 – $3.89 on Steam Plague Inc: Evolved – $3.74 on Steam SUMMERHOUSE – $3.74 on Steam Ryse: Son of Rome – $3.49 on Steam 20 Minutes Till Dawn – $3.49 on Steam Death Road to Canada – $2.99 on Steam Killing Floor 2 – $2.99 on Steam SpeedRunners – $2.99 on Steam Tom Clancy’s The Division 2 – $2.99 on Steam An Elder Scrolls Legend: Battlespire – $2.39 on Steam The Elder Scrolls Adventures: Redguard – $2.39 on Steam Portal – $1.99 on Steam Left 4 Dead 2 – $0.99 on Steam DRM-free Events The GOG store's own DRM-free sales are going strong too, including discounts for big Atari classics. Here are some highlights from its weekend specials: System Shock - $14.79 on GOG Alpha Protocol - $13.39 on GOG Terra Nil - $12.49 on GOG Cold Waters - $9.99 on GOG Streets of Rage 4 - $9.99 on GOG Overcooked! 2 Gourmet Edition - $9.71 on GOG Weird West: Definitive Edition - $5.99 on GOG The Elder Scrolls III: Morrowind GOTY Edition - $5.99 on GOG The Elder Scrolls IV: Oblivion - Game of the Year Edition Deluxe - $4.99 on GOG Assassin's Creed: Director's Cut - $4.99 on GOG Dragon's Dogma: Dark Arisen - $4.79 on GOG Tomb Raider GOTY - $2.99 on GOG Sleeping Dogs: Definitive Edition - $2.99 on GOG Far Cry - $2.99 on GOG Deus Ex: Human Revolution - Director’s Cut - $2.99 on GOG I Have No Mouth And I Must Scream - $2.69 on GOG Blade Runner - Enhanced Edition - $2.49 on GOG Blood: Fresh Supply - $2.49 on GOG SiN Gold - $1.99 on GOG The Wheel of Time - $1.49 on GOG RollerCoaster Tycoon Deluxe - $1.19 on GOG Pirates! Gold Plus - $1.19 on GOG Sid Meier's Colonization - $1.19 on GOG Keep in mind that availability and pricing for some deals could vary depending on the region. That's it for our pick of this weekend's PC game deals, and hopefully, some of you have enough self-restraint not to keep adding to your ever-growing backlogs. As always, there are an enormous number of other deals ready and waiting all over the interwebs, as well as on services you may already subscribe to if you comb through them, so keep your eyes open for those, and have a great weekend.

Yes - @EngGuidebook as an audiobook available on all platforms, including Audible and a DRM-free purchase as well!Voytek Pituła 💙/💛/🖤: I somehow missed the news that SEG book by @GergelyOrosz is available as an audiobook.I'm 2 chapters deep and seems really promising. Will keep you posted. https://www.audible.com/pd/B0DWYPJ4K3?source_code=ASSORAP0511160007

Enders Analysis Amazon Fire Sticks enable “billions of dollars” worth of streaming piracy Research firm blames outdated DRM tech, Facebook ads, Amazon hardware, and more. Scharon Harding – May 30, 2025 5:18 pm | 114 An Amazon Fire Stick and remote. Credit: Amazon An Amazon Fire Stick and remote. Credit: Amazon Story text Size Small Standard Large Width * Standard Wide Links Standard Orange * Subscribers only   Learn more Amazon Fire Sticks are enabling “billions of dollars” worth of streaming piracy, according to a report today from Enders Analysis, a media, entertainment, and telecommunications research firm. Technologies from other media conglomerates, Microsoft, Google, and Facebook, are also enabling what the report’s authors deem an “industrial scale of theft." The report, "Video piracy: Big tech is clearly unwilling to address the problem," focuses on the European market but highlights the global growth of piracy of streaming services as they increasingly acquire rights to live programs, like sporting events. Per the BBC, the report points to the availability of multiple, simultaneous illegal streams for big events that draw tens of thousands of pirate viewers. Enders' report places some blame on Facebook for showing advertisements for access to illegal streams, as well as Google and Microsoft for the alleged “continued depreciation” of their digital rights management (DRM) systems, Widevine and PlayReady, respectively. Ars Technica reached out to Facebook, Google, and Microsoft for comment but didn’t receive a response before publication. The report echoes complaints shared throughout the industry, including by the world’s largest European soccer streamer, DAZN. Streaming piracy is “almost a crisis for the sports rights industry,” DAZN’s head of global rights, Tom Burrows, said at The Financial Times’ Business of Football Summit in February. At the same event, Nick Herm, COO of Comcast-owned European telecommunication firm Sky Group, estimated that piracy was costing his company “hundreds of millions of dollars” in revenue. At the time, Enders co-founder Claire Enders said that the pirating of sporting events accounts for “about 50 percent of most markets.” Jailbroken Fire Sticks Friday's Enders report named Fire Sticks as a significant contributor to streaming piracy, calling the hardware a “piracy enabler.” Enders’ report pointed to security risks that pirate viewers face, including providing credit card information and email addresses to unknown entities, which can make people vulnerable to phishing and malware. However, reports of phishing and malware stemming from streaming piracy, which occurs through various methods besides a Fire TV Stick, seem to be rather limited. Still, at the February Financial Times event, Herm said that Fire Sticks account “for about half of the piracy in the UK.” “People think that because it’s a legitimate brand, it must be OK. So they give their credit card details to criminal gangs. Amazon is not engaging with us as much as we’d like," he said. In the UK, there has been a push to crack down on illegal usage of Fire Sticks. For example, in November 2024, a man received a three-year, four-month sentence for hacking Fire Sticks. In June 2024, another man got a two-year suspended sentence after a police raid found jailbroken Fire Sticks in his home. In the US, however, there aren’t nearly as many publicized efforts to combat illegal streaming on Amazon devices. While Enders’ report accuses Amazon of contributing to the piracy problem, as the owner of its own streaming service, Prime Video, Amazon has an incentive to fight piracy. Amazon’s streaming business includes selling streaming hardware, but the business is more centered on getting people to sign up for Amazon services (like Prime Video), data collection, and ad sales. When reached for comment, an Amazon spokesperson told Ars Technica: Pirated content violates our policies regarding intellectual property rights and compromises the security and privacy of our customers. We work with industry partners and relevant authorities to combat piracy and protect customers from the risks associated with pirated content. Our Appstore prohibits apps that infringe upon the rights of third parties, and we warn customers of the risks associated with installing or using apps from unknown sources. Amazon’s representative also told Ars that Amazon works with industry partners to break up piracy networks and has assisted law enforcement efforts, including the Police Intellectual Property Crime Unit in London and UK IP Crime Group. DRM limitations Enders’ report also blamed poorly updated DRM systems, especially from Google and Microsoft, for contributing to streaming piracy. Google’s Widevine and Microsoft’s PlayReady "are now compromised across various security levels,” the report said, pointing to a lack of upkeep. Microsoft issued its most recent big update to PlayReady, version 4.6, in December 2022. The report authors wrote: Over twenty years since launch, the DRM solutions provided by Google and Microsoft are in steep decline. A complete overhaul of the technology architecture, licensing, and support model is needed. Lack of engagement with content owners indicates this a low priority. Outside of Enders' report, Google was criticized by the Italian government earlier this year for allegedly failing to block pirate websites identified by Italy’s communication regulator, AGCOM. In March, the Court of Milan ordered Google to poison its public DNS servers with the goal of blocking illegal soccer streams. And beyond the aforementioned tech giants, earlier this month, France ordered five VPN providers (NordVPN, ExpressVPN, Surfshark, Proton VPN, and CyberGhost) to block illegal sports streaming sites. Unsurprisingly, the move has been slammed by VPN providers as setting “a dangerous precedent," per i2Coalition, an Internet infrastructure trade association that manages the international VPN Trust Initiative consortium of VPN providers. A growing problem As the Internet solidifies its position as the primary method for watching shows, movies, and, increasingly, live events, it presents new challenges to content distributors and owners seeking to curb online piracy. In the case of sports, especially, the distribution of sports rights across various linear networks and streaming services often means signing up for multiple services in order to watch a single team’s season. For some fans—including NFL players themselves—that's financially and/or logistically impractical. Simultaneously, anti-piracy advocates argue that piracy could lead to higher subscription fees for streaming services. As legislation and rights holders become more stringent about piracy, we can expect more effort from tech providers and law enforcement to block piracy, while hackers also seek new ways to enable illegal streams. Scharon Harding Senior Technology Reporter Scharon Harding Senior Technology Reporter Scharon is a Senior Technology Reporter at Ars Technica writing news, reviews, and analysis on consumer gadgets and services. She's been reporting on technology for over 10 years, with bylines at Tom’s Hardware, Channelnomics, and CRN UK. 114 Comments