L2 is iirc when its decrypted within a trusted platform and another method used for video decoding (So you could in theory pluck the video stream out between the TEE after its been decrypted and what ever is being used to decode the stream.)
But as far as I recall you can't (Bloody Typo's) do things like decode a L1 protected stream with an L3 attack.
I would say that L3 is more a fallback for when L1 isn't available.
<edit> The last time I looked into Netflix's use of widewine (Which was about a year ago, so everything could of changed since) L3 is only used to protect their SD streams, L1 is required for HD, but L1 could still protect a SD stream. What I mean is L1 could be used for HD and SD where L3 is only used for SD. But you are free to implement it how ever you like (dependant on the contracts you have with content producers / rights holders). </edit>
Even with a unlocked bootloader with custom BL/Rom L1 streams are decrypted and decoded within a Trusted Execution Environment (Basically the SoC in your Android device) and then send directly to the screen from there. Unlocking the bootloader and running a custom rom shouldn't effect the "trusted" state of the TEE so you should be able to decode L1 content just fine.
4 comments
[ 2.6 ms ] story [ 24.3 ms ] threadI've been running Android with an unlocked bootloader and no verified boot for a while, and none of my usual streaming apps have stopped working.
L2 is iirc when its decrypted within a trusted platform and another method used for video decoding (So you could in theory pluck the video stream out between the TEE after its been decrypted and what ever is being used to decode the stream.)
But as far as I recall you can't (Bloody Typo's) do things like decode a L1 protected stream with an L3 attack.
<edit> The last time I looked into Netflix's use of widewine (Which was about a year ago, so everything could of changed since) L3 is only used to protect their SD streams, L1 is required for HD, but L1 could still protect a SD stream. What I mean is L1 could be used for HD and SD where L3 is only used for SD. But you are free to implement it how ever you like (dependant on the contracts you have with content producers / rights holders). </edit>
Even with a unlocked bootloader with custom BL/Rom L1 streams are decrypted and decoded within a Trusted Execution Environment (Basically the SoC in your Android device) and then send directly to the screen from there. Unlocking the bootloader and running a custom rom shouldn't effect the "trusted" state of the TEE so you should be able to decode L1 content just fine.