With Widevine L3, it does send your OS unencrypted data. You're free to screen record videos or audio record e.g. PulseAudio Monitor channels of your speakers. You just can't easily convert it to a DRM-free format at speeds faster than realtime.

HDCP is one method, as are the “safeguards” built in to the audio and video APIs on macOS (to protect them from losing revenue by recording iTunes Music (before they removed DRM) or screen capturing new movies (thus threatening the contracts with Hollywood).

The OS prevents you from screen recording when a new movie is playing? You can still use a third party tool to screen record right?

>The OS prevents you from screen recording when a new movie is playing?

Yes.

>You can still use a third party tool to screen record right?

The third-party tool is as stymied by the OS / video driver's API for screen capture as the first-party tool.

I have no words. Wow.

Right. This is not just Mac OS, same thing can happen on Windows. Modern media DRMing sometimes involves bypassing your OS entirely[0]. Audio/video streams have special hardware paths through the CPU and GPU. HDCP uses encryption to create a safe pipe between the incoming stream and your monitor, so the data can't be snooped on or modified mid-flight. Etc.

--

[0] - Or at least almost entirely, I suspect at least the kernel must get involved somehow. Otherwise Widevine support wouldn't be an issue on Linux the way it is (or was).

You can access it just fine. It’s just processed by very obfuscated code that constantly changes.

One way is x86. Intel’s chips have SGX (software guard extensions) that allows code to run in “enclaves” that outside code can’t access. You can send data into the enclave and read what it spits out, but you can’t inspect (debug) it.