The BBC has closed a vulnerability in its iPhone streaming service which allowed Linux, Windows and Mac users to download programmes from the iPlayer website, which were intended for streaming on an iPhone or iPod only.
The unauthorised downloads were made possible by manipulating user agent strings, which iPlayer developers used to authenticate that the new H.264 streams were being delivered to an iPhone or iPod Touch.
The exploit allowed the DRM-protected programmes to be saved to hard disk and shared with others.
The BBC’s contracts with third party production companies allow downloads only if DRM locks the files down after 30 days.
The BBC said: “Like other broadcasters, the security of rights-protected content online is an issue we take very seriously”.