Adobe Systems has disputed reports that bugs in its Flash server software let people pirate movies and television shows streamed from Amazon.com's new Video On Demand service. Instead, Adobe hinted that Amazon had not switched on encryption.
Adobe was reacting to a story last Friday by the Reuters news service that claimed Flash Media Server -- the software many Web sites, including Amazon.com, use to deliver video to customers -- was not encrypting all content. The result, said Reuters, was that users could capture streaming video from Amazon's service with software like Applian Technologies's Replay Media Catcher.
"An article published by Reuters on September 19 has incorrectly stated that a security 'flaw' exists in Adobe Flash Media Server software," said Kevin Towes, the Adobe product manager in charge of Flash Media Server, in a post to a company blog Sunday.
Instead, Towes hinted, it was Amazon's fault for not encrypting the video stream using Adobe's Real Time Messaging Protocol Encrypted, or RTMPe.
"To protect content, we recommend customers using Adobe Flash Media Server software utilize RTMPe or RTMPte (tunneled version) combined with SWF verification to provide maximum content protection and also disable RTMP access," said Towes. "Adobe provides these content protection technologies, but it is the choice of the developer, the content owner and the delivery network manager to implement."
Elsewhere in that same entry, Towes noted that Amazon plugged the hole Reuters had found the previous week. "Amazon has enabled the protection mechanisms provided by Adobe software and movies cannot be recorded," he said.
On Tuesday, an Amazon spokesman declined to comment, citing company policy when its security practices are concerned.
More than a month ago, Adobe had warned content providers that they needed to use RTMPe to protect video from capture software, which Adobe called "rippers."
"Some stream capture software providers appear to circumvent RTMPe by using an RTMP connection and spoofing the [URL] used to connect to [Flash Media Server], to appear as if it has made an RTMPe connection," the technical advisory read. "This solution does not break RTMPe, and there are ways to prevent such software from accessing your content."
Adobe also recommended that companies providing video from Flash Media Server use SWF verification to block rippers from grabbing content.
Amazon.com launched its on-demand service earlier this month. The new service, the online retailer's second attempt at competing with Apple's iTunes, offers about 40,000 movies and TV shows for streaming to a Windows or Mac browser, or for downloading to a PC running Windows XP or Vista.