Amendment #5

Download 27.54 Kb.
Date conversion18.04.2016
Size27.54 Kb.

This AMENDMENT #5 (“Amendment #5”) is entered into as of January ___, 2012 by and between Hulu, LLC (“Licensee”) and Sony Pictures Television Inc. (“Licensor”), and amends that Deal Memorandum, dated as of October 25, 2007, as amended by that Amendment #1, dated as of October 15, 2008, Amendment #2, dated as of January 25, 2010, Amendment #3, dated as of January 28, 2011 and Amendment #4, dated as of February 28, 2011 (as so amended, the “Original Deal Memorandum”). For good and valuable consideration, the receipt and sufficiency of which is hereby acknowledged, Licensee and Licensor hereby agree as follows:

  1. The Original Deal Memorandum as amended by this Amendment #5 may be referred to herein as the “Deal Memorandum”. Capitalized terms used and not defined herein have the meanings ascribed to them in the Original Deal Memorandum.

  1. The parties hereby mutually agree to extend the Term (as defined in Section 3 of the Original Deal Memorandum) through and until January 31, 2013.

  1. Exhibit C attached to the Original Deal Memorandum shall be deleted and replaced in its entirety with the Exhibit C attached hereto.

  1. Notwithstanding anything to the contrary in the Deal Memorandum, Licensee must use commercially reasonable efforts to migrate from using RTMP-E DRM to another DRM approved by Licensor by no later June 30, 2012; provided, however, that if at any time during the Term Licensee permanently migrates from using RTMP-E to a more robust DRM in connection with Licensee’s distribution of any other provider’s content, Licensee shall migrate to using such more robust DRM in connection with the distribution of FOD Content on the Licensed Service effective immediately. For purposes of this Amendment #5, Widevine Cypher ®, Microsoft Windows Media DRM 10, Marlin Broadband, CMLA Open Mobile Alliance (OMA) DRM Version 2 or 2.1, Microsoft PlayReady, Adobe Flash Access 2.0 and any other DRM approved under the UltraViolet digital rights authentication licensing system will be pre-approved by Licensor. For clarity, after any such DRM migration, Hulu may continue using RTMP-E as the content delivery protocol in connection with any such DRM.

  1. Except as specifically amended by this Amendment #5, the Original Deal Memorandum shall continue to be, and shall remain, in full force and effect in accordance with its terms. Sections or other headings contained in this Amendment #5 are for reference purposes only and shall not affect in any way the meaning or interpretation of this Amendment #5; and no provision of this Amendment #5 shall be interpreted for or against any party because that party or its legal representative drafted the provision.

IN WITNESS WHEREOF, the parties hereto have caused this Amendment #5 to be duly executed as of the date first set forth above.


By: By:
_________________________________ _________________________________

Name: Name:

Title: Title:



  1. Core Content Protection Guiding Principles

Hulu shall employ robust, industry-accepted content security and protection technologies for streaming online video, governed by the following principles:

  1. Secure video delivery

  2. Secure video on clients

  3. Protection against hacking

  4. Maintenance of content integrity

  5. Geofiltering

  6. Network service protection

  7. Ongoing maintenance

Hulu shall at all times ensure a primary technical contact is available for questions and comments. The primary technical contact is currently: Richard Tom,, (310) 571-4802.

  1. Secure Video Delivery

  1. General

  1. Video content shall be securely delivered from Hulu servers (or the servers of Hulu partners such as Content Delivery Networks) to clients, including via:

    1. cryptographic algorithms during transport for encryption, decryption, signatures, hashing, random number generation and key generation utilizing cryptographic protocols and algorithms

    2. use of AES 128-bit (or comparable) protocol

    3. encrypted transmission of critical security parameters (“CSPs”) such as keys, tokens, passwords and other information critical to cryptographic strength

    4. expiring CSPs so they cannot be cached

    5. no exposed media on the server, i.e. streaming source URLs are not exposed to end users and expire shortly after being accessed

  2. Video content and CSPs are never transmitted to unauthenticated clients

  3. Streaming source URLs are short-lived and individualized

  1. Flash Streaming

Video content shall be streamed to PCs using Adobe Flash Media Server 3.5 and Hulu shall use each of the following content protection features:

  1. Unique transfer protocol: video content is wrapped inside an unpublished, proprietary Adobe protocol called RTMP (or Real Time Messaging Protocol), minimizing the ability of unauthorized programs to capture video content

  2. No exposed media on server: content delivered by Flash Media Server is not exposed to HTTP, FTP, or other transfer mechanisms, so media cannot be copied directly from server

  3. Referrer URL checks: the video player requesting the content must reside on or an approved domain

  4. Encrypted streams: streaming via a 128-bit encrypted version of RTMP called RTMPE

  1. HTTP Live Streaming

Each of the following content protection features shall be used by Hulu when streaming video content over HTTP Live Streaming:

  1. Video content streaming is encrypted using AES 128 encryption, i.e. the METHOD for EXT-X-KEY is ‘AES-128’

  2. The m3u8 manifest file is only delivered to requesting, authenticated clients

  3. The content encryption key is delivered via SSL, i.e. the URI for EXT-X-KEY is a https URL

  4. The content encryption key is stored securely within the application using obfuscation

  5. The URL from which the m3u8 manifest file is requested is short-lived and unique to each requesting client

  1. Streaming over SSL

Each of the following content protection features shall be used by Hulu when streaming video content over SSL:

  1. Video content streaming is encrypted using AES 128 encryption or SSL cipher of similar strength and industry acceptance

  2. The content encryption key is delivered encrypted

  3. The content encryption key is stored securely within the application using obfuscation or hardware security mechanisms

  1. Secure Video on Clients

  1. General

  1. Video content

    1. Video content cannot be recorded, copied, stored, re-broadcast or retransmitted by clients

    2. Video content shall never stored permanently at a client in its entirety

    3. Video content shall be decrypted into buffer memory temporarily and only in limited portions for the purpose of decoding and rendering uninterrupted playback of content

    4. Buffered memory shall be maintained in secure system memory

    5. Recording of video content onto recordable or removable media shall be prohibited

  2. CSPs

    1. Server-side CSPs shall always be encrypted, stored in secure locations and rotated so they cannot be cached

  3. Client authentication

    1. Unique CSPs are associated with each client, preventing unauthenticated clients from requesting video files

    2. Valid device identifiers are required, allowing audits on the number of video file requests made from a specific device

    3. Ability to revoke client and device access to video content, including via class-level device parameters providing server-side ability to revoke access from entire classes of devices

  1. PC Video Protection

Video content is protected on PCs using Adobe Flash Media Server 3.5 and Hulu shall use each of the following content protection features:

  1. No client cache: video content delivered through Flash Media Server is not stored locally on client computers in their web browser cache

  2. SWF Verification: verifies the client Flash file (i.e. SWF File) before allowing this file to connect to the Flash server and receive streaming content

  1. Connected Device, Mobile and Tablet Video Protection

  1. Secure video output protection

    1. Video output shall be protected using content protection mechanisms on devices to disable copying and unauthorized retransmission

    2. Analog output shall be protected by CGMS-A content protection (set to “Copy Never”) or comparable protection

    3. Digital output shall be protected by HDCP or comparable protection (e.g. Digital Transmission Copy Protection)

  2. Secure application runtime environment

    1. All applications, including video playback components, are to be securely distributed to devices using AES 128-bit (or comparable) encryption and stored in secure, protected memory on devices

    2. Encryption and security prevents applications from being decompiled, reverse engineered, run in emulation or used in any unauthorized manner

  3. Local encryption CSPs

    1. In addition to server-side rotating CSPs, a secondary local encryption key is stored in device applications that can be invalidated on the server to force end users to upgrade their application and obtain a new, valid local encryption key

  4. Resident device operating systems

    1. Content is displayed on clients using APIs provided by resident device operating systems to the greatest possible extent

    2. Video playback is performed using each device’s native video player component in order to leverage hardware acceleration and other native performance tuning for playback

    3. Applications follow all relevant resident device operating system best practices, specifications and guidelines to ensure security and robustness to the greatest possible extent

  1. Android Video Protection

  1. Application distribution

    1. Android applications are securely distributed onto devices using RSA 2048 encryption and stored in secure, protected memory on device.

  2. Secured memory

    1. The Android OS guarantees that application code can only be installed and run from secured memory

    2. Android application will not write content to disk/SD card

    3. Any data that is written by an Android application can be “sandboxed” so that only the writing application has access to it, increasing the difficulty associated with reverse engineering the application

  3. Code obfuscation

    1. Application code is obfuscated (using an obfuscator such as ProGuard) prior to deployment to the Android Marketplace to eliminate any class or method names and collapse all package hierarchies, thereby rendering attempts to reverse engineer the application code considerably more difficult

  4. Active monitor

    1. Application logic continuously monitors the user’s environment and will detect attempts to read device memory

    2. Upon detection, the active monitor prevents further video playback

  5. Critical security parameters

    1. Android access to server content is regulated by device-specific keys, allowing for the ability to revoke access to content from a central location without a client update

    2. This ensures that only the most current and valid client application has access to server content

  6. Native Android framework

    1. All video files use the native Android media framework for playback

    2. Native Android media player reads data from an in-memory proxy, which requests encrypted content, decrypts video content, and stores video blocks in a memory buffer, thereby avoiding writing data to user-accessible storage.

    3. Native heuristics limit the amount of data that can be buffered from the server, allowing for a seamless playback experience while simultaneously enforcing restrictions on the amount of content located on the device

  7. Secure data delivery

    1. All communications between client and server related to file paths or encryption keys are conducted over SSL to secure the data from being monitored in transit

    2. Content encryption key and file locations are encrypted based on the device key prior to delivery to the device

  8. Technical requirements

    1. Supported Android devices have the following minimum technical requirements:

      1. Android 2.2, 2.3, 3.0 or above

      2. Snapdragon 1Ghz processor or better

      3. 500MB of RAM or higher

      4. Medium or high density display

  1. Hulu Video Playback Call Stack

  1. An end-to-end Hulu video playback call stack runs as follows:

    1. Hulu device application calls the Hulu site webservice via SSL and retrieves an encryption key, which is then combined with a local encryption key stored securely in the application code

    2. User requests to watch a video from within Hulu device application

    3. Device application contacts Hulu video content management system (“Video CMS”) via SSL to request URL to video file and provides unique device identifier for current device (either a living room device or a mobile device).

    4. If device has not been blocked due to inappropriate access, server responds with encrypted location to video file

    5. Device application uses combined server and local encryption keys to decrypt video file location returned by Video CMS

    6. Device application sends decrypted video file location to native video playback component on device and begins streaming video. Video is encrypted in transport using SSL, AES, or comparable encryption. Secure video playback begins. No significant portion of video content is cached on device, and any small cache is only stored in temporary application memory.

  2. Below is a diagram of the Hulu device application secure video playback call stack:

  1. Protection Against Hacking

  1. Content protection technologies employ industry-standard tamper-resistant technology such as:

    1. Code and data obfuscation: the executable binary dynamically encrypts and decrypts itself in memory so that the algorithm is not unnecessarily exposed to disassembly or reverse engineering

    2. Anti-debugging detection: applications are actively monitored for external debugging tools attempting to access application memory

    3. Red herring code: the security modules use extra software routines that mimic security modules but do not have access to CSPs

  2. Security-critical data is cryptographically protected against tampering, forging and spoofing

  3. Secure internal data channels are used to prevent interception of data transmitted between system processes

  1. Maintenance of Content Integrity

  1. Content protection technology maintains the integrity of all video content and detects modification and tampering of content from its originally encrypted form

  2. Embedded information

    1. Content protection technology does not remove or interfere with embedded watermarks in video content

    2. Video content delivery systems pass through embedded copy control information without intentional alteration, modification or degradation (other than in the ordinary course of distribution)

  1. Geofiltering

  1. Only clients with IPs originating from authorized geographic territories may access video content

  2. Video content stored on content delivery networks (e.g. Akamai, Level, Limelight) is filtered based on IP address and secure CSPs using industry-standard geofiltering technology, including:

    1. look-up tables

    2. screening for web proxy and anonymizing services

    3. roaming prevention (in the case of mobile delivery)

  1. Network Service Protection

  1. All licensed content is protected at operations sites and facilities, including operational controls and procedures for the reception, preparation, management, storage and return of video content

  2. Access to content in unprotected formats is limited to authorized personnel, and auditable records of actual access is maintained

  3. All facilities that process and store content are reasonably available for audits

  1. Ongoing Maintenance

  1. Content protection technology is promptly and securely updated in the event of a security breach

  2. Content protection technology is renewable and securely and remotely updateable

  3. Hulu uses commercially reasonable efforts to keep its content security and protection technology systems up to date to reflect security enhancements available in the marketplace and accepted as industry practice

The database is protected by copyright © 2016
send message

    Main page