"This helps protect member privacy, particularly when the network is insecure — ensuring that our members are safe from eavesdropping by anyone who might want to record their viewing habits." from https://netflixtechblog.com/protecting-netflix-viewing-priva...
The parent mentioned "This data is being collected anyway via endpoint technologies like Samsung's Automated Content Recognition (ACR)". If that's true then the encryption isn't really helping.
Samsung was one of the companies caught using their apps to scrape data out of the filesystem (config files and logs from other apps, location from camera roll, etc) and using it to bypass permissions you didn't want to give them.
They are completely terrible on privacy, lol, the answer here is "if you care about privacy don't use a samsung". Or more generally "don't use android".
I'm not really sure what you are getting at. Regardless of what Samsung is doing, I'm confused by the argument that encryption is useless because Samsung might take steps to work around it when not using a Samsung device is a viable option.
Samsung has below-root-level access on their phones, their apps are fundamentally aggressive towards your privacy (as repeatedly demonstrated in practice) and impossible to dig out without a complete image replacement. Maybe not even then.
If you care about privacy, you don't buy Samsung phones (or other products like TVs). They are the tip of the spear on data collection.
They're required to let you choose whether to opt in to ACR in Europe because of the GDPR. While the prompt is terribly vague and designed to encourage "just hit yes" behaviour, I have a q60r and the setup wizard at least presented a prompt I could opt out of.
Also while HN likes to raise the spectre of TVs connecting to open wifi/shipping with 5G radios, at the moment there is no evidence for either so users could always use a trusted device to play back Netflix rather than the TV app and leave the TV without internet
Is this actually in reach for realistic attackers?
Like let's say you're a network admin of a college with conservative religious views, and you want to see if anyone in the dorms is watching "immoral" content. You probably can just intercept an entire unencrypted session and replay it on your machine and see what it was. But you don't really have the funding or access to expertise to develop a side channel attack yourself, and there are no off-the-shelf devices that will do this for you, are there?
Encryption is likely the difference between your management saying "Show me what the kids are watching" and "This isn't worth assigning our network admin to spend half a year on effectively a cryptography research problem."
(Incidentally, encryption may also be what allows a sympathetic network admin to refuse an order from their management, which is also worth considering in your threat model.)
I think it's true that if you had either the resources of one of the richest handful of countries in the world or access to some talented grad students etc., you could do it. But if you're even a non-rich country (like one of the many small countries with moralistic governments that censor the internet) it seems harder, and if the goal is spying on what people watch, it's unlikely that people talented enough to do it will find this a problem they're happy to volunteer their time to solve.
(This is a genuine question - the attack might be much easier than I think!)
Are you attacking him because he's using TLS? Will you ever be satisfied?
TLS fixes a whole lot more than just privacy, it's also authenticating the remote end. Are we really suggesting dumping something that is trivially accelerated in hardware to do some homebrew crypto crap just for the sake of a forum thread?
Netflix solution is fine, and the concentration of interest in TLS means it only gets cheaper over time to build Netflix-like configurations, which is especially great since we've spent the past decade or more trying to convince the entire industry this configuration is also best practice
I'm just pointing out that the privacy justification is nonsense. Protecting the integrity of connections? That's important. Preventing web browsers from throwing a fit about "insecure connections"? That's also important. But privacy isn't the issue here, and I've talked to enough people at Netflix to know that they know that too.
People, before you downvote, check out the username.
But yeah, you’re right. You could glean a lot of information from nothing but a collection of movies’ exact runtimes, as visible from the network stream. Although that wouldn’t tell you much about a single movie, given enough viewings you could make pretty good guesses about which movies someone is watching.
