Using Flash for video is a trend that goes back nearly two decades. Flash requires greater battery and processing power compared to HTML5 video though and has been plagued with major security vulnerabilities for years. More and more CDNs (Content Delivery Networks) have dropped Flash, meaning it will have all but disappeared in 2017. HTML5 video will take over from Flash, being more lightweight, faster, more secure and compatible. It’s also Open Source, which is a big plus for many users.
Broadcasters across Europe are having to make the switch from legacy systems over to HTML5-EME as browser vendors demand changes to video player formats. 2016 heralded the news that browser makers were going to drop support for Flash and remove plugin updates. Earlier this summer we saw Adobe Primetime closing a deal with Channel 4, a partnership that will see the broadcaster transition from Adobe Flash-based video players to HTML5.
>See also: Why bet365 isn’t going mobile first
The broadcaster had been using Flash player to power its All 4 Internet service for many years and made the switch to HTML5 to reflect browser demand changes for both its Video on Demand (VoD) service and simulcast services.
The transition to HTML5 video players (rather than Flash) will bring about its own set of security challenges and also embraces associated services embedded in video players, such as Video Watermarking, User Behaviour Analytics, Codecs and Account Login protection.
>See also: AI: an untapped technology for UK businesses
So then, what are the challenges for those companies offering streaming services with respect to HTML5?
Precious IP can be stolen by competitors – a loss of competitive advantage
These companies invest a lot in making their HTML5 players the best on the market. This takes a lot of effort, for the following reasons:
• They have to shrink the size of the files as much as they can.
• They need to boost performance to the maximum – especially as they move to higher resolution content such as 4K.
• They have to support a plethora of devices.
• They have thousands of users and they need to make sure that no user is left out of the service – this hurts revenue streams.
>See also: AI is no longer an academic demonstration
If the end result (their player) is good, this will have a huge impact on their businesses, seeing as issues with playback is probably a number one reason for users switching over to other streaming services.
The major broadcasting and streaming players protect their source code because that is an effective deterrent for competitors intent on stealing IP – no competitor would want to build upon heavily obfuscated code, as carrying out the most basic modifications would be extremely painful, if even successful at all. Thus, using the correct protection can mean having a competitive advantage all in itself.
Some of the more advanced users may develop ways to abuse the players by modifying their behaviour without the media streamer consent. Browser extensions or injected scripts can in some cases even remove some of the nags that media streamers put in place to convince users to upgrade. Unauthorized use of the service may consume resources like bandwidth, memory and CPU, ultimately representing a cost to the media streamer. By protecting the code, the ability to extend or modify this code becomes severely hampered or unpractical, thus preventing users from even trying to abuse it.
Protecting the code is also protecting the copyrighted content. Media streamers need to do all that they can to ensure that their players are not leaking content. That might be a losing battle these days, but if they don’t do the bare minimum to fight back, then they might be open to liability issues and ultimately get into trouble with the copyright owners. Protecting the code could be a relatively easy option and certainly this approach can contribute to get them out of trouble.
As a final thought, whilst a typical user of streaming services is not trying to hack the service, by preventing other users from abusing the system and network, resources are saved and therefore streaming becomes faster for legitimate users.
Slower or more unreliable streaming service levels are obvious problems for companies operating in the broadcasting and media environment. These days users are more demanding than ever and expect the very best viewing experience possible. It is clear that HTML5 is here to stay, which makes security a critical factor for all those involved.
Sourced by Pedro Fortuna, CTO of Jscrambler