India’s largest video streaming service, owned by Disney, breaks Safari compatibility to fix security flaw
Hotstar, India’s largest video streaming service with more than 300 million users, disabled support for Apple’s Safari web browser on Friday to mitigate a security flaw that allowed unauthorized usage of its platform, two sources familiar with the matter told TechCrunch.
The incident comes at a time when the streaming service — operated by Star India, part of 20th Century Fox that Disney acquired — enjoys peak attention as millions of people watch the ongoing ICC World Cup cricket tournament on its platform.
As users began to complain about not being able to use Hotstar on Safari, the company’s official support account asserted that “technical limitations” on Apple’s part were the bottleneck. “These limitations have been from Safari; there is very little we can do on this,” the account tweeted Friday evening.
Sources at Hotstar told TechCrunch that this was not an accurate description of the event. Instead, company’s engineers had identified a security hole that was being exploited by unauthorized users to access Hotstar’s content, they said.
Hotstar intends to work on patching the flaw soon and then reinstate support for Safari, the sources said.
The security flaw can only be exploited through Safari’s desktop and mobile browsers. On its website, the company recommends users to try Chrome and Firefox, or its mobile apps, to access the service. Hotstar declined to comment.
Hotstar, which rivals Netflix and Amazon Prime Video in India, maintains a strong lead in the local video streaming market (based on number of users and engagement). Last month, it claimed to set a new global record by drawing more than 18 million viewers to a live cricket match.