Kodi (formerly XBMC) is a free and open source media player application developed by XBMC/Kodi Foundation. Available for multiple operating systems and hardware platforms, Kodi is an amazing piece of software that lets you stream apps and on-demand services onto your TV. Users get to play and view videos, music, podcasts and other digital media files from local and network storage media and the internet. Over the past few years, Kodi has been gaining popularity mainly because of the ecosystem built around add-ons. However, now the very ecosystem that makes Kodi so popular is likely to pose serious security risks to users. Read on to find out more!

The Federation Against Copyright Theft (FACT), an anti-piracy outfit in the United Kingdom, seems to be hell bent on scaring off anyone who sets their eyes on a pirate Kodi add-on. After the stand off with sellers of pirate boxes and add-on dev teams, now the trade organization is putting streaming users on notices as well. Admittedly it is a scary proposition regardless of the intention behind the move. But then, we all know that turning threatening talks into reality is a different ball game altoghether. For the uninitiated, Kodi has been at the center of the controversy for awhile now. While Kodi, in itself, is perfectly legal, a signficant proportion of users use it in conjunction with third-party add-ons that fetch copyright infringing content. FACT’s goal is to stop this trend by initiating legal actions. The organization has already waged the war against selliers of Kodi devices with pre-loaded piracy-promoting add-ons, as well as, those who develop illegal add-ons. Having achieved partial success in those crackdown missions, FACT now aims to target users of pirate add-ons as well. “And then we’ll also be looking at, at some point, the end user. The reason for end users to come into this is that they are committing criminal offences,” FACT’s chief executive Kieron Sharp told the Independent. “When we’re working with the police against a company that’s selling IPTV boxes or illicit streaming devices on a large scale, they have records of who they’ve sold them to,” Sharp noted. To what extent FACT succeeds in convicting violators remains interesting to see. Note that users buy a device that can access both legal and illegal content. Because a reciept doesn’t include any proof of intent, it is extremely difficult to go legal on buyers of Kodi devices with pirate add-ons. Even if there was a proof of intent, it would still be nearly impossible to prove that a user streamed specific copyright infringing content.

Kodi users stare at security risks after TVAddOns shutdown

TVAddOns, the unofficial library for piracy-friendly add-ons unexpectedly went offline about a month ago. TVAddOns featured around 1,500 unofficial Kodi add-ons allowing users to stream unauthorised TV shows, movies, sports, live TV and other content for free. In March alone, about 40 million users accessed their extensive library, as several Kodi Pirates relied on their regularly updated content for crucial add-on updates.

However, amidst strict measures being taken the world over to counter piracy, US satellite broadcaster Dish Network targeted TVAddons as well as Kodi add-on ZemTV in a copyright infringement lawsuit. Ever since the lawsuit was filed, TVAddOns has gone silent and remains inaccessible. And now, three domains previously operated by TVAddOns have been transferred to a law firm in Canada. While this looks seemingly unimportant, it may have far reaching security concerns.

According to reports, TVAddon’s domains are now under the control of a law firm. While there’s nothing to worry about as of now since the domains are currently inactive, Kodi Project Manager Nathan Betzen is concerned about security threats the current move will bring in. Technically, the person in-charge of the repos can do whatever they want to do and this raises serious security concerns.

“These are unsandboxed Python addons. The person [in control of] the repo could do whatever they wanted. You guys wrote about the addon that created a DDoS event. If some malware author wanted, he could easily install a watcher that reports back the user’s IP address and everything they were doing in Kodi. If the law firm is actually an anti-piracy group, that seems like the likeliest thing I can think of”, says Nathan Betzen.

It could also be that the law firm is holding the domains so as to prevent them from going live again. But the firm’s refusal to answer questions has everybody speculating about security threats. TVAddOns’ social media accounts have gone mute. Their Twitter feed hasn’t been updated for over a week and Facebook page has disappeared. In the backdrop of these events, it remains to be seen if TVAddOns is considering making a comeback.

More Kodi Topics
How to Install Fusion on Kodi
How to Install Exodus on Kodi
How to Install Kodi on Raspberry Pi 3


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.