Hole in Adobe software threatens video security

By Daisuke Wakabayashi and Peter Henderson

NEW YORK/LOS ANGELES (Reuters) - A security hole in Adobe Systems Inc software used to distribute movies and TV shows over the Internet allows viewers to copy movies on some Web sites and avoid commercials on others, threatening the financial success of online video.

The problem exposes online video content to the rampant piracy that plagued the music industry during the Napster era and is undermining efforts by retailers, movie studios and television networks to cash in on a huge Web audience.

Amazon.com Inc by Friday had fixed a flaw that gave free access to record and copy from Amazon.com's video streaming service without paying.

But screen-recording software can still make unauthorized, unprotected copies of Amazon online movie rentals, which could be viewed and copied beyond the rental limits on how and when to view.

Network television shows from Hulu.com can be viewed online without watching the commercials that are meant to pay for the system and copied as well.

"It's a fundamental flaw in the Adobe design. This was designed stupidly," said Bruce Schneier, a security expert who is also the chief security technology officer at British Telecom.

The flaw rests in Adobe's Flash video servers that are connected to the company's players installed on nearly all of the world's Web-connected computers.

The software doesn't encrypt online content, but only orders sent to a video player such as start and stop play.  Continued...