In network settings, for widevine provisioning, one has to choose between either google servers or gOS proxies.
When a device uses DRM for the first time, a device provisioning occurs, which means that the device will obtain a unique certificate and it will be stored in the DRM service of the device.
https://beltran.work/blog/2018-03-27-device-unique-id-android/
Can someone explain me the benefits of such offered choice in the serving servers ?
- If google generates certificates on behalf of streaming app companies, what is the point of getting it served to gOS proxies first instead of the end device directly ?
- Having gOS proxies of any kind isn't supposed to trigger the decision outcome of google "safetynet"/"play integrity" backend as "the device is rooted so companies should untrust it", resulting in it being not allowed to access streaming backends ? (On some profile using google services)
(
proxy
Collects whether there are proxies configured on the device, what are their IP addresses and if these IPs are local IPs for the device. This tries to establish if there is a traffic-snooping malware on the device (some malware - and ad-blockers - work using proxies) or if the communication is sent to external known-bad locations.
https://koz.io/inside-safetynet/
)