[costco]

It's a part of the browser. It's not doing it with Javascript if that's what you're asking. Chrome includes a file with the name widevinecdm.dll or something like that on Windows. No one knows exactly what this file does because it is incredibly obfuscated https://github.com/tomer8007/widevine-l3-decryptor/wiki/Reve.... But presumably that implements this functionality.

As for what Widevine actually does, it just uses a protobuf based protocol to request a decryption key from a license server. License request messages from the client have to be signed with a valid device private key, which are made difficult to extract but some occasionally leak.

[gtirloni]

Does it mean the OS is volunteering the information that something is tapping into the framebuffer? Can that be disabled to render the browser clueless?

Same can happen with Chrome + Google Meet + OBS Studio btw.

[dr_kiszonka]

AFAIK, the OS provides this information and, at least on Windows, you can't circumvent it easily. I was told it is one of these things that large content providers demand.

I am curious how it works on Linux.

[ath3nd]

I just tried it out on Ubuntu using Google Meet web app via Chrome, and tried streaming Netflix to my friend.

Nothing weird happened and all content could easily be streamed.

[dr_kiszonka]

Thanks!