Mozilla had to be dragged into this acceptance kicking and screaming (metaphorically).
They were faced with a hard choice, Not implement EME (HTML5 DRM) and risk users moving to other browsers (user loss) or implement EME and risk looking like they are contradicting their core mission (trust loss).
They figured a little loss of trust is worth keeping most of the users on the Mozilla platform - which in my view is the correct decision. If users start to abandon Mozilla (FireFox) in droves then they lose their power to influence the development of the open web.
Don't bend here and Mozilla itself could be under threat.
DRM exists, many major content providers have shown little interest in releasing their material without a mechanism for preventing casual copying (and you can hardly blame them), and accessing multimedia downloads is an increasingly important function of the Web. Denying that reality isn't going to achieve anything useful.
As much as Mozilla might like to take a principled stand, the fact is that they aren't important enough to force this issue. If someone can't access content in Firefox, they don't not access the content, they just use another browser. The content provider still served their content, the user still watched it, and it was still DRM'd. The only practical difference is that Mozilla lost a user.
You fight the battles you can win. There is no way Mozilla could win this one.
What's more important Mozilla or the web? This is a case where Mozilla thinks that by sticking around they can do more good than by killing this particular attack on the free web. Can we justify this completely? IMHO, no. Perhaps the whole existence of Mozilla was leading up to this point where it could commit ritualistic suicide and take this DRM proposal with it. Of course nobody at Mozilla will see it that way. Organizations are made of people and whatever the organization's mission is, the people are foremost concerned with one thing: self-preservation through preservation of the organization.
> Perhaps the whole existence of Mozilla was leading up to this point where it could commit ritualistic suicide and take this DRM proposal with it.
Except, if Mozilla had committed "ritualistic suicide" over EME, it wouldn't have taken EME with it. Users would move to every other browser with HTML5 DRM implemented, Mozilla would die accomplishing nothing.
A world with entrenched HTML5 DRM & Mozilla strikes me as strictly preferable to a world without Mozilla in which HTML5 DRM is just as entrenched.
EFF is basically Walter Sobchack in this scenario to Mozilla's dude.
EFF: Has the whole world gone crazy? Am I the only one around here who gives a shit about the open web? Dude. This is it. Let's take that hill!
Mozilla: what's the point, man? why should I die on this hill?
EFF: it's a fucking important hill dude. Unchecked DRM aggression.
Mozilla: what about my browser market share?
EFF: What the fuck are you talking about? Browser share is not the issue here, Dude. I'm talking about drawing a line in the sand, Dude. Across this line, you DO NOT...
Mozilla: Well, the problem is... They're gonna kill my browser share! Man!
Donny is the open web I guess. His death was predestined by circumstances and certainly not the Dude's fault. Also, I think it would be best if no one tells the EFF how DNS works.
I wouldn't switch to another browser just because Mozilla doesn't implement DRM. In fact that strikes me as completely the wrong reason to switch to another browser. Continuing to use Mozilla and boycotting services that use DRM is a more reasonable approach. The good news is there will likely be an extension and/or custom build of Firefox that removes the DRM. Of course this means we won't be able to watch the DRMed videos until someone cracks the encryption, but if we're boycotting them then that means we weren't going to watch them anyway.
The content providers start blocking firefox from accessing their content. It will eventually be easier to use chrome, IE, or whatever instead of using a work around to keep on firefox. It will lose a large portion of its user base and then its funding as it won't bring in as much from default search provider contracts etc
There is no simple answer. The only thing I can suggest is to just stop using Netflix until someone cracks it, or they decide to stop using DRM. This isn't your fault, it's Netflix and Hollywood's fault, their use of DRM is blackmail on their entire customer base. As in the case of any blackmail, the best option is to stand your ground and not give in.
Or, by forcing developers to provide a DRM-free alternative Mozilla would bring about a competing technology that would at a later date come to dominate and kill the DRM proposal.
The problem is not that there's no DRM-free alternative, it's that major content owners would prefer no HTML5 solution to a DRM-free HTML5 solution. There is literally nothing Mozilla can do about that. People who want to do DRM-free HTML5 video already can, but that's not the problem.
> This is a case where Mozilla thinks that by sticking around they can do more good than by killing this particular attack on the free web.
How can Mozilla kill it? It simply doesn't have the power, faced with Google, Microsoft and Apple implementing EME.
Yes, Mozilla could have taken a pure, principled stance and avoided EME. Perhaps some thoughtful people would use Firefox for that reason. But those same thoughtful people would have boycotted Chrome and Internet Explorer when they started to ship EME.
There has been no such boycott. If we - the people on the web - wanted to stop EME, that would have been the only way. Mozilla can't do it if the people don't want to.
This is the truth. There has been no effective movement against DRM. The EFF is more guilty than Mozilla in this case because fighting DRM is a core function of the EFF's, while adapting to established web standards is Mozilla's primary function.
I don't even know how you arrived at this conclusion. The EFF was fighting this with education of the public, procedural maneuverings within the W3C itself, and with invited commentary to the relevant standards groups. Mozilla was also doing these things, and, contrary to what you might assume living in our tech bubble, has a pulpit with far greater reach than the EFF.
But then they implemented the damn thing--which, by the way, is not a standard yet--in their browser.
But, please, tell me exactly what the EFF is guilty of. They might have failed, but that's a very different thing.
The only way to have stopped EME would have been to get Google and Microsoft, it's creators and promoters, to stop pushing it.
The only way to do that would be to affect their bottom line, such as people refusing to use their browsers if they ship EME.
That would have been the only campaign with a chance of stopping EME. Mozilla couldn't lead it - it would look self-serving ("how convenient, a browser vendor wants us to boycott its rivals"). The EFF as a respected third party could have.
Mozilla is still against DRM, but it is secondary to their mission to provide access to web standards. The EFF's lack of effectiveness is not a defense. They do good work, but more is needed. In this case, it's not fair to point the finger for a joint loss.
> Perhaps the whole existence of Mozilla was leading up to this point where it could commit ritualistic suicide and take this DRM proposal with it.
The only reason Mozilla taking a "we will not do it" approach to EME would be suicide (ritual or otherwise) would be if doing so would fail to derail the adoption of EME. If users would abandon Mozilla over not supporting EME (well, not supporting the sites that require it), then, sure, it would be suicide -- but it would be suicide because the sites demanding EME would be important enough to users that they would abandon Mozilla and Mozilla's usage-dependent revenue stream would dry up.
If Mozilla could derail EME by refusing to implement, that would also mean it wouldn't be suicide.
many major content providers have shown little interest in releasing their material without a mechanism for preventing casual copying (and you can hardly blame them)
I can and do blame them and I say: let them die like the dinosaurs they are. The world will be better off without them. Mozilla refusing to implement DRM would have been one nail in the dinosaur's coffin.
What would the web gain if Mozilla could just be pushed into chasing whatever Apple, Microsoft, and Google decide to do for fear of some users jumping ship?
edit: Mozilla needs to cultivate its brand, and set itself apart from the other browsers through actual differences in philosophy. Maybe they need a John Legere...
Mozilla has been different in philosophy. It's the only browser created by a nonprofit, and it fights for open web causes all the time. I think people that care about that are aware of it.
But the facts remain that the vast majority of users don't care about the philosophical differences. When Chrome and Internet Explorer started shipping EME, almost no one switched browser. When Snowden's revelations came out, almost no one switched browser. Etc. etc.
> Mozilla has been different in philosophy. It's the only browser created by a nonprofit, and it fights for open web causes all the time.
Just not, you know, this one.
I understand why Mozilla is making this choice, but it's still the wrong one. I mean, seriously, DRM in the HTML spec, endorsed by Mozilla. I can't think of a bigger WTF.
I'm very much in agreement with Cory Doctorow that all these assertions that Mozilla will lose all its users if it doesn't implement EME have had no evidence to back them up. Almost no one is delivering EME-supported content, and all the cries of "IE and Chrome will leave us behind" fail to mention that's only IE11 and ChromeOS, so any company delivering only EME content would leave many more customers behind than just Firefox users.
At the very least doing this now instead of years from now when it might start mattering (like what happened with h.264) does not exactly demonstrate sticking to their guns.
> I'm very much in agreement with Cory Doctorow that all these assertions that Mozilla will lose all its users if it doesn't implement EME have had no evidence to back them up.
The reasoning is actually very sound in my opinion. It is true that EME is not a major force on desktop yet. But, Netflix - the most popular streaming video service - has written an EME player. It is moving towards that, and the hollywood studios as well. Those studios will not support anything but EME.
Currently Flash is supported by the studios, to some extent. But even that is problematic - Flash has dropped Linux support and is not present on mobile. Not only is EME being pushed by Netflix, Hollywood, Google and Microsoft, but also Flash is no fallback.
The result is that soon you will need EME to view Netflix. People will not use a browser that does not support Netflix. It's a simple as that. Yes, there are some principled people that refuse to use DRMed content, and those people are already not using EME-supporting browsers like Chrome and Internet Explorer, but look at their market share. The principled people are a tiny minority. That is the problem.
1. This isn't a Netflix module. It's for anyone who views DRM'd video content.
2. This is a growing area - we don't need to care just about current numbers but the trend. The trend is clear: Hollywood wants EME DRM on all content.
3. 44 million out of 2.5 billion sounds like a little, but is not the best way to calculate things. Netflix doesn't even sell a service in most of the countries those 2.5 billion are in. In countries like the US, Netflix is large and growing, and especially heavily represented among younger internet-savvy people (who are the heaviest browser users). So your calculation is very much an underestimate.
Who gives a crap what Hollywood wants. Bending to Hollywood's will has brought us our current endless copyright renewal and the Digital Millennium copyright Act.
How have those worked out for us?
Not to well...
Mozilla should do some A/B testing; release a browser with the module and without. See which gets the most traction.
> People will not use a browser that does not support Netflix.
As a flat out statement, that is false. Some people will use a browser that doesn't support netflix, namely those people that don't subscribe to netflix.
The question becomes HOW MANY People will not use a browser that does not support Netflix.
The point is, there was no data provided to use to answer that question.
Does it matter if it's 30% or 50% or 80%? Ignoring any of those numbers of users is not a viable strategy. People want to watch their Game of Thrones or Breaking Bad or the next high-quality show that comes out, and Hollywood is going to put that show on EME only. That's going to be a lot of people.
We can't predict the specific number but we don't need to - we can very reasonably expect it to be large.
Netflix has 44 million subscibers which is ~2% of the web and many Netflix subscribers such as myself don't use the web client so it's at best a rounding issue.
> At the very least doing this now instead of years from now when it might start mattering (like what happened with h.264) does not exactly demonstrate sticking to their guns.
Ah, but the flipside:
Doing this now, as opposed to years from now when the technology is established, gives Mozilla more influence over the form that this DRM takes, the protections that are available to consumers and the marketplace in general.
This doesn't need to be hypothetical. We can look at that trade directly. We traded hardware fingerprints that aren't trackable across services for DRM in HTML. That's what we got.
So glad they got in on the ground floor instead of continuing to work to never have it enter the spec at all.
DRM is in HTML. That happened already. Mozilla refusing to implement it is not especially likely to make W3C change their minds. It might slow down the rate of adoption among content providers, but it's not gonna change the spec.
I hope we get more from Mozilla than hardware fingerprints that aren't trackable across services. I hope we get a lot more.
Philosophy isn't just speech, it's deed. This, right now, is a deed.
They should put as much energy into propagating their ideas as into redesigning the interface to look like a Chrome knockoff. Cultivate some dial-a-pundits that TV people can count on for an opinion about the Internet. Have a thinktank. Aggressively fundraise. Expanding the userbase is the answer, not chasing corporate behemoths.
Well, that movement is about not shrinking the userbase, so surely we agree?
More generally, Mozilla's ability to influence the web away from DRM, as well as privacy invasions, stems entirely from the ability of Mozilla to deliver a product that users want. Making sure that users can't watch $YourFavoriteShow would be a pretty dumb move when all other major browsers have taken the necessary steps to make sure that their users have no such limitation.
Cultivating "dial-a-pundits", as you call them, would be nice, and we certainly take every opportunity we can to express our views on just about everything web-related. And this specific battler (DRM in web browsers) has been fought and lost. We need to regroup, cut the losses and reorder to fight the next battle.
If you wish to help fight DRMs, please make as many people as you can aware of the dangers of DRMs. Also, justa s importantly, we need to convince Hollywood that DRMs are costly and unsatisfying. For this, we need to develop and showcase alternatives, that users will use. This is the only way.
Because we can't fight Google + Apple + Microsoft + Netflix + Hulu + Hollywood on the lobbying front. We just don't have the means.
Anybody taking Snowden's revelations seriously would switch to Chrome or another Chromium build. The leaks contained information on exploited vulnerabilities in Firefox. Chrome's sandboxing makes it a safer browser than Firefox.
This is opposite the choice somebody would make if they were philosophically opposed to DRM.
Ok, let's say I agree with you - how many users switched to Chrome or Chromium following those allegations? Practically none. That proves the point, users don't seem to care about this.
(But I don't agree, that was just to make the larger point.)
Sure, but if the only thing to weigh is "will we lose users if we don't implement this feature?" and the only reason given why it's different this time is the assertion that this time it's different, I think you can understand the sentiment.
Besides, I think the argument is more "Either Mozilla doesn't compromise where it's important not to, or they might as well go away", which is a true statement. Mozilla does need to continue to exist, and compromise is fundamental to the web (it's right there in their manifesto), but this was something that should have been fought tooth and nail. The protest of this mostly involved sternly written emails to W3C lists, when it should have been simply not implementing it and holding that ground until it was clear no alternatives were viable and imminent harm was actually demonstrated.
That's true, but note that Mozilla's proposed EME implementation is quite different from the ones that have shipped so far in terms of how much power it grants the CDM, for example.
The development of web browsers has pretty much always been about chasing what everyone else is doing. You can introduce your own technologies, but unless you want your entire user-base to leave, you had better make sure the content they want to view works on your browser.
P.S. John Legere is full of shit. He's just rebranding a terrible company in an industry where all of the companies are terrible. Its a matter of survival, not ideology.
So you're saying that keeping their userbase and losing their principles is better than losing their userbase and keeping their principles? Why do we care if users go to Apple/Google/etc. if Mozilla is no better than those companies anyway?
Mozilla has not abandoned their principles, they have compromised them.
The have compromised them because they feel they need to do this to maintain relevancy. Principles are of little use without power.
To those that say: Mozilla changed the web once, they can do it again.
I say: Mozilla didn't change the web by resisting change, but by embracing it and finding better solutions.
I think we should be spending less time condemning Mozilla for compromising, and more time finding ways that Mozilla can use their power to solve the huge problems that are created by DRM.
Just because Mozilla says they will lose users if they don't do this, doesn't make it true. They've shown no evidence of trends that this is happening. They are simply adopting DRM out of fear.
Also chasing popularity is like chasing money. It shouldn't be the goal. Those things follow after doing the right thing, and I believe for an organization with the kind of community and userbase Firefox has around it, not implementing DRM would've been the "right" thing to do.
Indeed... this is just throwing in the towel completely without putting up a fight. Here are various other ways:
- do the work to implement the DRM thing but keep it disabled ready to hot patch in once evidence shows that they'll be fucked without it
- display "this is bullshit DRM content you shouldn't support, read more HERE, and click HERE if you really don't care and will use another browser to view this anyway" in place of the DRM content initially
etc.
Immediately giving in is hardly "dragged kicking and screaming".
Er... We have been fighting this proposal for several years, thank you very much.
Also:
> - do the work to implement the DRM thing but keep it disabled ready to hot patch in once evidence shows that they'll be fucked without it
So when do we decide that? After we have lost our user base? Or when it becomes evident that just almost everybody is already watching movies on the web using proprietary blackboxes that may or may not use DRM, may or may not identify you and may or may not leak your info? Because that has been the case for quite a few years already.
> - display "this is bullshit DRM content you shouldn't support, read more HERE, and click HERE if you really don't care and will use another browser to view this anyway" in place of the DRM content initially
So, lecture users and invite them to change browser? That doesn't sound like a good strategy.
While I appreciate the sentiment, I have to disagree. Mozilla has real power because they have a real revenue stream, which is (unfortunately, but realistically) almost entirely from Google.
The thing about money (and in turn, power and influence) is that it doesn't have to come from one source.
Diversify your sources and wean yourself off the Google teat. Even if Google does outbid everyone, profit shouldn't be the primary motivator at the Mozilla Foundation.
Wikipedia might not be the most glamorous of sites but they are a shining example of what it means to not compromise on your values. Those people are starving while Mozilla employees go to the bank - that is true courage and power. The power to not let profit be the absolute driver of your ambitions and values.
Where do you think the phrase "sold down the river" came from - from slaves being sold to be sent down the Mississippi River to the slave markets in New Orleans.
I do hope you never use the word 'sinister', which of course comes from the old belief that left-handed people are somehow the spawn of the devil. Or refer to someone getting "their pound of flesh", which is Shakespeare's quaint variant on the blood libel. Etc, etc.
Mozilla has no real power over the web. Google, Microsoft, and Apple have the power (look at the names associated with EME DRM - what a surprise). Mozilla has an illusion of power, which is tolerated by the other actors because it makes everyone happy. But no one should mistake it for real leverage.
Exactly, Mozilla had power right up until the tech community sold out the future of the web in favor of sparkly things given to us by our benevolent corporate masters. Every time we installed Chrome for our parents because it was so minimal, every time we fired up safari because zomg the user interface was "lickable", we were working towards this point. We gave Google and Apple this power because we decided that smooth animations and per process tabs were a fair trade for the future of a global information network not controlled by corporate interests. Mozilla could have had real leverage if the tech community wasn't populated by a fashion driven divas with just enough foresight to see the tip of their own nose, but that isn't the world we live in.
> We gave Google and Apple this power because we decided that smooth animations and per process tabs were a fair trade for the future of a global information network not controlled by corporate interests.
Actually, I decided that hellacious startup times weren't worth it.
All of your hyperbole is a spin-master's way of saying that Chome and Safari beat out Mozilla because, for a significant amount of time, Firefox sucked compared to them.
Perhaps, but how important is DRM, with Chrome shipping it and even promoting it, to you, personally? Less important than having a nice startup time? Whatever floats your boat, but that seems to be a significant reason why we're here today.
Mozilla has had real power for a brief period, when both MS and Google had their eyes off the ball. Once Chrome matured, the game was up. It didn't help that it took them ages to fix widespread performance problems in FF...
This said, if they go back to their roots as "ayatollah of open web and open source", I might consider them again; but until they're just another ad-backed bureaucracy, I might as well stick to a better one.
Mozilla was never "ayatollah of open web and open source". If it has been, firefox would have never been available on Windows, like some people at the time argued.
Google did well technically on Chrome, but investing a huge amount of marketing dollars (like bundling chrome with other nice things like toolbars) didn't hurt them.
Mozilla still has some power, but they don't think they have enough to mount a lone assault on video DRM. I'm inclined to agree with them.
But I'd rather they saved that power for the next fight rather than going kamikaze on this. I'm sure there will be a next fight, and there's a good chance that it will be something smaller, or they'll have another major browser on their side.
> Mozilla has no real power over the web. Google, Microsoft, and Apple have the power (look at the names associated with EME DRM - what a surprise).
That's not right either. It's the users that have the power. Users can pick which browsers they use and which sites they visit.
There was essentially no boycott of EME-shipping browsers (Chrome and Internet Explorer). That shows that we, the people on the internet, did not care enough to fight EME.
EME isn't fought by talking about it and hoping someone like Mozilla will kill it. We would have had to actually do something ourselves, and a successful boycott of Chrome and Internet Explorer would have killed EME very effectively.
> There was essentially no boycott of EME-shipping browsers (Chrome and Internet Explorer).
Or most users weren't aware of their choices. Mozilla could have campaigned to make users aware of it and go back to Firefox. Instead they chose the other direction. :-(
It's hard to mobilize people. There were top stories here on HN about EME when Chrome and Internet Explorer started to ship it, it did get a lot of attention, and HN is a pretty good place for internet activism. But even here, basically nothing happened.
I've talked about this for a long time and tried to convince people about it. People just don't seem to care. I'm surprised at how much attention this is getting now, all of a sudden!
Given that most Chrome users installed it because of the deal with flash or advertising on the Google home page, and updates are silent, it's safe to assume very few of them have any idea what is being introduced or when or what the implications are.
That's pretty much Google's business model, as it was for Microsoft before them: get more market share by making it just a little bit harder to use your competitors.
Er, you claim Google has power. What if Mozilla, Microsoft and Apple implemented EME but Google didn't want to, and then everyone stopped using Chrome for all of the reasons mentioned in this thread? Then, Google doesn't have power. Contradiction!
No. Google has power because it has influence outside of web browsers. Mozilla have basically no leverage - their product is at best highly competitive with a number of other choices. If Firefox becomes irrelevant, Mozilla as an organisation dies - no money to pay the bills. If Chrome becomes irrelevant, Google's still very much a functioning company.
The organization dying or not is off topic. We're talking about which company has the clout to stop the DRM via not implementing it in their browser. Surely Chrome would die out just like Firefox would if Google decided to Do No Evil here. Chrome/Google would fail to stop the DRM, so Chrome/Google didn't have power.
Or do you think that because of Android or something, Google would be able to stop the DRM when every other browser/device supported it?
That's very true. And as more and more people move away from Firefox due to Mozilla's bad design decisions as of late, their limited influence diminishes even further. Their 15% to 20% share of the browser market just can't compare to IE's 20% or more, never mind Chrome's 40% or more.
It was just a few years ago that Mozilla though so highly of themselves that they thought they could use their market position to force the world to change from h.264 to VP3 (with hopes that Google would gift the world VP8 later on).
They failed at reading the situation then, and are failing again now.
Mozilla's whole argument for using their products rests on trust. They have consistently lost out in terms of performance, usability, and other things users care about. I no longer trust Mozilla, so why should I use their software? How does this not result in loss of trust and users?
They still have my trust, but I feel like I just heard by girlfriend cheated. And yes--I have no life. I never thought I would care about stuff like this, but I do.
I'm not sure that thats quite fair— Firefox won't run the CDM without user consent. You can still say no.
Having a choice doesn't magically resolve the issues, it doesn't prevent content providers from making things formerly available unavailable, it doesn't help us (as users) make better more considered decisions rather than clicking yes a lot to get things done, etc. But it does retain the choice to not run this stuff, choice which is not retained in the current closed source alternatives.
If content providers knew that there was a large chunk of users they'd be excluding by choosing the DRM option, they would be less likely to choose it. Firefox may be only 20% of web users, but that's still a lot of revenue to leave on the table if we can rely on firefox users to stick with firefox. I don't know whether or not we can - apparently, Mozilla is worried about it.
The best option might be to sink this development energy into something that will draw users from other browsers, if they can figure out what...
"Content is king!" Have you never heard that before?
You say Mozilla should figure out what will draw users from other browsers, but you've outlined what will draw users from Mozilla to other browsers. In the end, people want content. The content providers have more control. If 70-80% of the browsers already support the DRM they want to use, the other 20-30% will follow or be left out. Which is exactly what happened here.
There is tons of content on the web that has nothing to do with video. There is tons of video on the web that has nothing to do with DRM. If there is 20% of web surfers excluded by Netflix and Youtube, and DRM in fact doesn't matter for securing sales, then that's a huge edge for any new content provider that wants to compete with the incumbents.
All of that said, yes, of course this is something that will serve as a draw for users away from Mozilla. And yes, of course Mozilla might not be able to find something else that can serve as a better (or even comparable) draw that will not compromise their principles at least as much. I'm not casting aspersions at Mozilla and saying "Gee, they're dumb, why don't they just...". I'm saying "It would be better if they had found X" where I'm not at all sure such an X exists.
Oh, I don't know that they made the wrong decision - I have every expectation that they thought about this as well and decided it was too likely they did not have the clout. I said as much.
It probably will be once DRM/EME is available in every browser. At least the chances are increasing, and that's exactly why making DRM ubiquituous and easily accessible is such a bad idea.
The problem is not that Mozilla implementing EME removes leverage to force Netflix into abandoning DRM (this won't happen anyway anytime soon), the problem is that once DRM is readily available without a large technological investment and without losing too many users, virtually everyone will use it for virtually everything, simply because there is little to none incentive not to do it, from a publisher's perspective.
The problem is that no one can guarantee that the "opt-out" choice will continue to be there in the foreseeable future. What will happen when, suddenly Mozilla starts "feeling the pressure" to remove that option? What then? The problem is the building's foundations, not the decoration.
This seems unlikely, and in fact, Firefox has been moving in the opposite direction with other binary components (Flash, Java, Silverlight). Newer builds of Firefox require you to explicitly confirm that you'd like to allow <site> to execute plugin code. I doubt this will change any time soon.
I'd rather have a (albeit stupid) DRM executable that only performs encryption/decryption than Flash, Java, or Silverlight, which are the current solutions for this. All three of these offer APIs for doing things other than decrypting DRM content, and these APIs have been proven time and time again to be vulnerable to attack, no matter how much time is spent trying to sandbox them properly.
It's open source - actually open source. If they make the CDM on by default, you change a bool in the .cpp file and recompile it.
Really, come on. You should understand this. Firefox isn't like Chromium, where the 'blessed' Google version, Chrome, has dozens of important features sitting behind proprietary black boxes - the Firefox you download off Mozilla's website is something you could literally compile yourself. I've compiled Firefox dozens of times, sometimes with in-development patches for things like gamepad support added in.
In other implementations you can't tell if its using the DRM or not.
In the land of PDF you can find things like random federal agencies slapping the protection bits on complete inexplicable things, even though the content is public domain by law. ... just because the knob is there.
The 'you can not use it' opt-out ignores the cost of actually discovering that you should. The Mozilla proposal is better than that because it will tell you. This still doesn't solve all the issues, but its better than you'll find in other popular browsers.
Who pressured Mozilla to remove the option to turn off Javascript? To have tabs on bottom? Nobody complained about these options, they decided to remove them themselves.
People don't want DRM, people want content. That content is demanding DRM (via Youtube, Netflix). If Mozilla denied the DRM, Firefox users would be denied Youtube.
In response to this, some of you might say 'well then people would go elsewhere for their content', to which I would ask: did people leave Netflix because of Silverlight?
They did, actually. If not by their own doing then by the fact that Netflix is just not available on certain devices and operating systems. As long as Netflix is a DRM platform, this trend will likely continue.
The irony here is that Mozilla is apparently being badgered into supporting DRM for "compatibility reasons" when the whole point of DRM is to strictly limit compatibility with whatever arbitrary restrictions the publisher wants.
Apple has for political reasons disabled the possibility to install a Flash plugin on Safari/iOS. Why doesn't Firefox do the same with a CDM component for political reasons?
Apple disabled Flash for "security reasons." You can certainly read in politics, but the reason they gave was that it was the #1 attack vector on Macs and they had no way of securing it. And more importantly, nearly everybody else was on Apple's side in this fight. Other browser makers had problems with Flash too. Mac users largely hated Flash because it had terrible performance on that platform. Even Adobe was cooling off toward Flash as it became more and more clear that it wouldn't work on mobile platforms.
Mozilla's position here is not at all similar to Apple's position then, so their options are not the same.
A few years ago there was a cost involved for switching to the iPhone. The only reason why you see this the other way round is that "no Flash" is now established (at least for mobile). On the other hand: no DRM in browser cannot be considered as established - so we are at the same point where the iPhone was some years ago.
Apple also did this for performance and usability reasons. And when Apple did it, there were no smartphone alternatives that provided a sufficiently good Flash experience.
And before you say Android had Flash, I had an Android device that could run Flash in 2011. It was a pretty useless feature.
Saying that Apple "disabled the possibility to install a Flash plugin" implies that that possibility existed at some point. Support for installable browser plugins has never existed on iOS, so there was never anything for Apple to "disable".
Adobe offered Apple an iOS port of Flash and Apple had Access to beta versions of ports. Thus Apple could have enabled the option to install it by default or as option. But for political reasons Steve Jobs/Apple decided differently.
Is there a way to disable all related code in Firefox itself? Just for the sake of it. May be Mozilla can produce clean and tainted builds for that purpose.
The code is 100% open source, so even if there isn't a GUI option for it, it would be easy for people to make builds without it. There are already many forked builds of firefox like iceweasel, etc.
Yes, I expect such thing to surface, but it would be nice if Mozilla could provide such options on their own too. That would be some small positive gesture towards those who don't appreciate their move and see it as a betrayal of Mozilla's core values. It would as well make this issue more apparent. Doesn't Mozilla care about educating the public on such matters? It surely would be a positive thing for the Open Web.
As the blog post mentioned, the EME stuff will be an option that the Firefox user would need to agree to install. That would be an opportunity to educate users on the topic, I think.
I meant it a bit further. Not just disabling the EME external module, but disabling all related code in Firefox itself on the build stage. While functionally it won't make much difference, it would have more of a symbolic nature of making a point. Plus such builds would guarantee that it can't even be enabled at all (without user's knowledge for example).
If there would be build switches to disable that, I'm sure Linux distros with similar to Debian policies will ship versions where it will be disabled altogether.
> no. drm will still be an add-on, just like it is today.
Flash is not an add-on, but a plugin. And there is a good reason why plugins have a bad image and browser developers and users prefer to get rid of them.
Right, the evergreen of explanations by those that betray their principles and users (or, you know, voters).
They exercised a freedom of choice they had, and this is the decision they made. This is what we judge them on. No backsies, no "but I didn't want to", just pure "go fuck yourself Mozilla".
What real alternative did they have? Unlike RMS, Mozilla have always played with a more pragmatic strategy. If you want to win this war, you need to educate users. Being that only a handful of people out there actively care about privacy issues and platform openness, you need to produce a compelling product first and foremost, and then push your agenda on top of that. If Mozilla were to not implement EME, they'd cripple their own capacity to reach those users, and the war would be as good as lost.
A browser 1% of the internet uses is a browser nobody can use. We already have extensive problems with mobile sites being tuned to only work against webkit - or even worse, only work against safari - if Firefox's share drops into the single percentage points because things like Netflix, Farmville and Youtube don't work, due to the exclusion of proprietary web features like plugins and H264, it will become so insigificant that web developers don't even consider it during development.
They haven't just lost this one battle though - they've set themselves up to lose a thousand further battles in the future. This puts Mozilla in a very bad strategic position; once DRM in the form of EME is relied on by a large chunk of the web, they have no way of resisting demands from content providers and their EME module provider to make it more invasive in an attempt to make it more robust. If sites like Youtube start relying on EME, something they will not do without widespread browser support initially, Mozilla will hardly be able to risk losing support for them.
They've taken the proposed 'uncompromised moral stand' before, with H264. And it was an utter failure: Google promised to support them, then quietly stabbed them behind the back and helped advance the cause of proprietary video on the web. Eventually it was impossible to do any good and they had to cave and support H264 - their users would have literally been better off to begin with had they merely implemented H264 in the first place, because some of them would have been able to remain on Firefox instead of having to switch to Chrome to use H264-only websites.
Once Google+Microsoft or Google+Apple or god forbid Google+Microsoft+Apple have decided to do something, there is literally nothing Mozilla can do to stop it. It's too late. If Mozilla manages to slowly build up a larger market share, at that point they may have leverage in those situations. Right now they don't, and pretending to have leverage only further erodes their marketshare.
The war isn't lost because at the end of the day customers and distributors like Apple or Amazon despise it. I just bought this movie and it says my beamer isn't HDCP ready? Nobody wants to deal with that.
Today, we just lost a battle. In it, the Google funded Mozilla mercenaries were slaughtered, their forces diminished. We could award them a medal for their valiant effort, but you know they are dead. The war in the future isn't won or lost on their actions.
Bullshit. Sometimes you're forced to either do something shitty or be competitively displaced by actors that will do it anyway. Do you really want Mozilla to fall on their sword and leave us with worse alternatives? I don't understand how you could be upset with Mozilla about this. The decision is basically being made for them.
Give me one site whose videos you can't watch on Firefox for Windows or Mac currently.
The only real contender is Netflix but only once the Silverlight plugins reaches EOL. At that point Netflix will have to choose if they want to risk loosing 16% (est.) of their Firefox customers. Of course if Mozilla decides to implement DRM right now it won't be an issue for them.
That's only if in the toss up between losing Netflix and changing browser, they pick changing browser every single time. Which they won't.
One thing you might not have thought about, is that at the moment, we have Flash, Java, Silverlight, etc which all periodically are found to have mahoosive security flaws - because they can do general purpose things. If Firefox moves to supporting a plugin which is used for exactly the same thing, but that can only do decryption, then suddenly the browser becomes much more secure. If anything, it's an advantage.
What is the proportion of Firefox users using Netflix. Most of Firefox users are in other countries than the US which typically don't have access to Netflix anyways. As soon as DRM becomes accepted by all major browser vendors nothing prevents other site from adopting the same thing which then spreads the usage of DRM. I don't think this is desirable.
For DRM to work it needs to have direct access to the hardware. Otherwise it's too easy to run the plugin in isolation and capture the output. So while the API surface is smaller it's still problematic because DRM bypasses all the sandboxes. Issues like cross-platform support still aren't resolved because DRM providers don't typically provide linux runtimes. I really don't see where this is an advantage versus no DRM.
What's the reason to prefer Mozilla if they're just going to implement all the crap too? Might as well try to figure out the combination of plugins that will make Chrome comfortable. It'll sync with my Android phone easier anyway.
hink the average customer watches Netflix et al through an app on their shitty Samsung smart TV, not through their Firefox browser. So I think this impression that users will suddenly all abandon Firefox is overblown and false.
As I noted above, this decision doesn't make or break DRM. I think we should just take note that Mozilla would betray their principles for some .5% of market share.
It might be the right choice, but it would be nice if somehow they displayed that the content displayed is protected by DRM (like for encryption, http/https). It might help people choose different sources for information/entertainment/etc..
What makes you think Mozilla does not pay taxes? It most certainly pays taxes. I'll save you the web searching: https://static.mozilla.com/moco/en-US/pdf/Mozilla_Audited_Fi... is the latest set of financials that are public; see pages 4 and 5. For 2012, the Mozilla Corporation had $311 million in revenue, $208.5 million in expenses, and paid $37.6 million in income taxes. The federal corporate income tax rate in the US is 35%, fwiw, and California's is 8.84%, so it's not like Mozilla is trying particularly hard to evade that tax liability (0.4384 * (311 - 208.5 - depreciation) likely comes out pretty close to 37.6).
> then I could simply compile a Mozilla browser without DRM.
Sure. And you can and will be able to.
> How does one achieve "trust" through closed source (e.g., the binary blob from Adobe)?
Don't install it? The blob won't be shipped with the browser by default and will require explicit user action to install.
"What makes you think Mozilla does not pay taxes?"
Corporate structure. (Mozilla Corp. is wholly owned subsidiary of Mozilla Foundation. Only Mozilla Corporation pays taxes.)
2008 IRS audit.
2012 settlement with IRS.
Perhaps a better statement would have been that Mozilla tries to avoid paying taxes.
Anyway, if what you say is true regarding compilation and exclusion of the DRM code then I'm not sure what everyone in thie thread is complaining about.
Now, how easy is it to compile Firefox these days?
I have not done it in years.
I gave up on X. (Following your exact advice, even with open source: "Don't install it.")
I use UNIX with no graphics layer and simpler text only browsers and even simpler TCP clients to retrieve content. Then if necessary I view it on graphical devices running closed source software.
The interesting thing is when I want to watch video, the last thing I need is a "browser". The core of the video player software I use is the ffmpeg libraries which have nothing to do with web browsers.
I only use HTTP (and other protocols) to transfer content (i.e., to request it), not to watch it.
I see no reason why a single application has to support both (request/transfer and playback).
Why video players have to support "streaming" or why "web browsers" have to play video are still open questions in my mind.
But that's just me. Stuck in the UNIX "one utility, one job" mindset.
> Perhaps a better statement would have been that Mozilla tries to avoid paying taxes.
That flies in the face of what I'm seeing in the Mozilla Corporation financial statements.
> Now, how easy is it to compile Firefox these days?
It depends on which OS you're doing it on, but there are pretty detailed step by step instructions at https://developer.mozilla.org/en-US/docs/Simple_Firefox_buil... and the things it links to. The biggest hassle is making sure that the various prerequisites (a compiler, some development libraries, autoconf 2.13, etc) are installed. On most modern Linux distros or Mac this is not a big deal. On Windows it's a slight bit more annoying.
There are so many people here claiming this is the wrong choice, and yet I wonder what percentage of the commenters here are using chrome? By most sources I've seen, Chrome has 2x the marketshare, and actively pushed FOR EME. Perhaps if FF had Chrome's current marketshare, they would have been in a position to say no, but its the users who made that impossible. Mozilla should be commended for fighting as far as they did. And if you don't like this decision, make sure you switch off chrome before commenting.
Thank you. Watching people on this site verbally fellate Chrome and Safari on the basis of incredibly trivial things like look and feel and "minimal UI", while ignoring the incredibly important things like the company building the products and it's positions is frustrating, even more so now that they are all crawling out of the woodwork crying alligator tears.
The tech community brought this upon itself when it switched over to browsers provided by two enormous corporations fully beholden to their shareholders, instead of sticking with a browser developed by goddamn public benefit corporation.
The tech community brought this on itself when it couldn't be bothered to test sites in anything other than Chrome and maybe Safari on their iphone.
The tech community brought this on itself when it started making websites webkit only, without a thought for what vendor prefixing would do to web compatibility.
The tech community brought this on itself when it decided that per-process tabs were more important than preventing the future of the web from being controlled by 3 enormous corporations.
So I say that we stop complaining and start getting used to it. This is what we all wanted, and now we can reap what we have sown, while the gentle glow of the chrome url box lights up our screen.
Mozilla brought this on itself when they took the epic lead they had with Firebug and utterly squandered it by thinking real dev tools were not something a browser should include out of the box, in favour of an utterly useless "3D" DOM view that is a made up diagram conveying no useful information about compositing or layering.
Mozilla brought this on itself when they treated memory leaks and extension crashes as performance issues to be papered over rather than fundamental flaws in an architecture unprepared for how people wanted to use it.
Mozilla brought this on itself when they treated OS X like the idiot stepchild instead of delivering the native experience users clearly loved in Chrome and Safari, thus alienating the Mac-dominated cutting edge of web tech.
Mozilla brought this on itself when they provided incomplete implementations of CSS transforms, Web Audio and WebGL (an idea they originated!), and a bunch of other specs people actually wanted. Parts of WebGL are broken in the current stable release of Firefox, and yet Mozilla wants to go around claiming the high ground with Unreal and asm.js?
If they'd spend less money on having their 'evangelists' show off trivial toys around the world, and more on actually solving real daily problems (like the Chrome developer tools team did), we wouldn't be in this mess, and they wouldn't think moves of desperation like asm.js are a good idea.
Are those problems so bad, that even you stooped as low as using a proprietary browser? Was that a sufficient price for your freedom?
Mozilla made mistakes, but it doesn't excuse the blindness of its users. Reminds me of GNU/Linux vs OSX. Apple made a shiny new OS that "just works" on their own hardware, and a good chunk of the tech community went drooling over this, instead of getting its act together and fixing the Linux desktop. Again, I guess this is the price of freedom.
Are you for real? Mozilla gets $300 million per year from Google to maintain the pretense of freedom. Meanwhile I have to pay my own bills and deliver projects that my clients will pay for. To bring money into this argument and somehow blame "the users" for this string of epic mess ups is fucking rich.
Was I supposed to not diagnose jank using Chrome's frame analysis tools? Not profile memory allocations in its timeline? Develop my WebGL against an incomplete, broken and slow implementation to spare Mozilla's feelings? Firefox is a buggy and slow hunk of code whose maintainers are high on their own supply, and are only now starting to eat the humble pie now it's far too late. Simple as that.
Oh and the reasons why people switched to OS X are more related to connecting to wifi in under 1 second and implementing sleep/hibernate in a way that makes sense. Elegant solutions to real problems, not hack piled upon hack. Not that the hardcore free software nerds will ever get any of that, because it's too nice and shiny for them to even consider.
First thought: wow, you have a hostile attitude, contrary to the site guidelines.
Second thought: if you're happy using Apple products because the WiFi works better and you don't care about freedom, then where's your stake in this thread? AFAICT, you don't care (much) about DRM, so ep103's exhortation for people to be consistent is not criticizing you. You, AFAICT, are ethically consistent; you suckle the teat of convenience, and you like how it tastes. Power to you! So what's your problem?
Unless you DO care about DRM.
Again, ep103's point is: if Alice complains about Mozilla's philosphical weakness, but Alice is already using a browser (and/or OS!) that is twice as bad as Mozilla, then Alice is a hypocrite and should look in the mirror, because she's part of the problem.
Go open a theatre, you're great at projecting. The problem is exactly that I'm supposed to love Linux and Mozilla, because these are the approved choices of the Free Software World. As a result, both suck, and none of the people involved want to hear it, because how could you not love freedom and puppies and doing good?
I've seen up close and personal how Mozilla spends its oodles of cash, I've spoken to folks from all the browser vendors at conferences. The only thing different about Mozilla is the sanctimonious attitude and the utter shock when you dare suggest their actions do not necessarily match words. Everyone else already knows how the game is being played.
Do I need a source? AFAIK main Encrypted Media Extension advocates were Netflix and Google. See https://www.eff.org/deeplinks/2013/10/lowering-your-standard... and such. Google has a dominant user share of browsers, so just by supporting DRM Google already creates pressure on all browser developers to support DRM as well. But aside from that, Google is also a major (90%) funding source of Mozilla/Firefox.
>Perhaps if FF had Chrome's current marketshare, they would have been in a position to say no
It still would have accomplished nothing, because websites would just have a "this site doesn't work in Firefox, try switching to Chrome or IE or Safari" block page. And no amount of Firefox marketshare could make them not have that block page, because if they let Firefox access the content DRM-free the sites would lose their licenses on the content.
Oh, so the web has given up and is now genuflecting at the altar of video DRM. Next up: picture DRM, because since we're protecting videos we should naturally protect still pictures too. You know what? We also have all this professional writing on the web, and anyone can just copy & paste that! That clearly shouldn't fly in our brand new DRM-protected world - authors should be able to control exactly who can view and read their texts, and copying is strictly forbidden. Screenshots should be blocked too. Browser devtools will naturally have to be disabled on the World Wide Web, as they are capable of hurting our benevolent protector, the almighty DRM. Eventually, we'll arrive at The Right To Read[1].
Or we could just not give the devil our little finger.
Also, a reminder about the nature of this beast that everyone should be aware of:
HTML DRM will not give you plugin-free or standardized playback. It will simply replace Flash/Silverlight with multiple custom and proprietary DRM black boxes that will likely have even worse cross-platform compatibility than the existing solutions. In other words, giving in to HTML DRM will only make the situation worse than it currently is. Especially since it paves the way to an even more closed web.
>>Giving in to HTML DRM will only make the situation worse than it currently is
Except if you use the new Firefox you may have better privacy and security than you currently do with flash and silverlight.
I haven't seen anybody on here argue for DRM, so I don't see the point in this FUD.
Instead, lets find more ways for Firefox to fight DRM and reduce it's negative impact. I particularly support one of Doctorow's suggestions:
>Mozilla has demonstrated that it has some negotiating leverage with Adobe – after all, it was able to fend off the demand for details of users’ systems to be leaked to video companies.
>It should demand that Adobe give it a covenant not to sue or threaten developers who report vulnerabilities in the Adobe decoder. Adobe does not need to give up the right to sue people who release cracks for their DRM or competing products in order to do this.
>In an era in which vulnerabilities are leveraged to expose users to identity theft, sexual exploitation and government surveillance, no one should fear legal reprisal for warning people about flaws in the software they use.
Additionally, we need to focus on ways to educate users about the risks of DRM and disincentive web sites from using DRM wherever possible.
Ways for Firefox to fight DRM: don't implement DRM.
Doing this has put Firefox in a really awful strategic position for fighting DRM on the Web in future. Once large swathes of content starts being DRMed - which is only feasible if all major web browsers support it - Mozilla will not be in a position to fight future encroachment, such as demands from their DRM provider for access outside the sandbox to verify the decrypted data isn't being siphoned off. They won't be able to do anything to stop being pictures being DRMed either, should their DRM provider decide to support it. It's not clear they'd even be able to fight DRM on entire HTML pages since doing so may risk losing video DRM support and access to vast swathes of the Web.
To be honest, Apple are more likely to pose an obstacle to web DRM than Mozilla at this point. While they plan to support EME too I suspect their financial terms for using it may well go beyond what content providers are willing to pay.
>Except if you use the new Firefox you may have better privacy and security than you currently do with flash and silverlight.
"May". We're still changing a closed plugin to an even more closed black box (or actually multiple black boxes), which could be doing god knows when you're not looking (and even when you are looking). And even if Mozilla manages to negotiate some promises of privacy for Firefox users, what about other browsers - will their users get it just as good when they switch from Flash/Silverlight to some DRM black box? You might say that "it'll happen anyway" since other browser vendors are already in bed with Hollywood on this but Firefox hopping in surely doesn't help the situation any.
> May". We're still changing a closed plugin to an even more closed black box (or actually multiple black boxes), which could be doing god knows when you're not looking (and even when you are looking).
It's more scary than a black box, it's a black box where it is illegal to discuss any vulernabilities or bugs due to the DMCA. At least this black box will be inside of an opensource sandbox that is publicly auditable and testable.
> And even if Mozilla manages to negotiate some promises of privacy for Firefox users,
Mozilla already has commited to providing privacy protections that are superior to the current DRM implementations.
> what about other browsers - will their users get it just as good when they switch from Flash/Silverlight to some DRM black box?
That depends on how good a job Mozilla does at shaping the marketplace and consumer expectations. It also depends on how good a job we do about educating the public about the risks (security and otherwise)
>but Firefox hopping in surely doesn't help the situation any.
Why can't it? Why is that sure?
"please install our browser extension or iOS/Android app to read the article"
"become a pro user today and for just $4.99 read up to 30 articles a day without intrusive video ads every 10 minutes!"
I feel like we've opened Pandora's box and are on our way to turn our web browsers into an equivalent of smartphone operating systems and the internet into apps.
DRM is a fantasy that uninformed media executives cling onto with a dream that it will put the genie back in the bottle. It's sad to see this stuff but totally understandable considering the divide between the technology people who understand the reality and the people in charge of dreaming of a fantasy that gets them back to the '80s..
Yes I know.. I was an executive as a major record label, trust me it's hard to be on both sides of this argument and it's not as simple as everyone makes it out to be...
I can't explain how many times I tried to help executives understand that the path between the media to the human eye or ear was vulnerable to so many attacks it clearly was a fruitless goal to protect media in that way. They hear some bright young person tell them they can protect their media like it was in the good 'ole days and they have the need to believe because without that belief they are out of a job..
And artists are on their own to figure out how to make money on their work...
It really is that simple, though. Arrested Development was ripped from Netflix immediately after availability. There's nothing complicated about showing that it does not work.
There would be zero impact if Netflix didn't have DRM. People would still have to search and install third party software to download streams. At that point, it doesn't matter if it comes from Netflix or from some random torrent.
Most artist, according to my understanding, have never really made money on record sales even before the advent of Napster (for example, google "The Problem with Music" by Steve Albini). Most musicians are going to make money off of concerts tickets and T-Shirts, etc sold at concerts.
It won't stop it altogether, but it will make more people pay for convenience. Plucking numbers from the air, if only 30% of viewers pay for content and this DRM only increases it to 35%, it's still a (commercial) win despite not being a total lock. On these (purely conjectural) numbers, that's a 16% increase in revenue.
Cut out the middle men, rely on donations. Or still sell your stuff for a price, those who want it for free can reach for the Pirate Bay anyway —it's about the same. You won't be rich, but you may live off your craft.
---
Other schemes such as global licence may also help.
We also need easy, anonymous micro payment. Like, click a button to give 10 to 50 cents every time you feel like it when using something (song, e-book, software…).
Oh, and, like, universal basic income. It's hard to get paid when we contribute to the commons, so basic income can help a great deal. (Seriously, if we had sustainable basic income —dunno if it's possible right now— we could probably abolish copyright and patent laws right away —and not worry about the massive lawyer lay-offs that will ensue.)
Check out Bandcamp. I'm a follower of a number of "post-rock" review accounts on Facebook and occasionally check 4chan for news of interesting releases. I actually buy 2-5 albums a month; often very good ones too.
Not having to hire Alicia Silverman or whomever the cute-blonde-equivalent-in-2014 is for video clips does cut costs.
if you buy a CD from a artists that is on a major label how much do you think the artist gets?
If he wrote the music/lyrics and produced it he will maybe get 2 $ if your not a big star you will get 1 $ or less!
Can some one explain to me why having, say, an HTML 5 based video player with DRM would be worse than one implemented in a closed platform like Silverlight or Flash? I'm genuinely curious, and not trying to make an argument here.
The whole point of replacing Flash with HTML5 video is to get rid of buggy third party plugins that crash all the time and have shitty cross-platform support.
If HTML5 video is going to rely on buggy third party DRM plugins, we lose the benefit that was the whole point of HTML5 video.
> If HTML5 video is going to rely on buggy third party DRM plugins, we lose the benefit that was the whole point of HTML5 video
Only HTML5 video that has DRM will rely on EME plugins. We've lost nothing. In fact we've gained. HTML5 video now has a strict superset of the capabilities it had before.
Without EME:
Flash HTML5
+------+--------+
non-DRM video | yes | yes |
+------+--------+
DRM video | yes | no |
+------+--------+
With EME:
Flash HTML5
+------+--------+
non-DRM video | yes | yes |
+------+--------+
DRM video | yes | yes |
+------+--------+
All video will now have DRM. We have lost video that did not have DRM.
It will now be almost as easy to implement video with DRM in production as it is to implement HTML5 video without DRM. Every provider will now use DRM. Netflix will use fancy DRM, which mostly works. Everyone else will pay $19.95 for theirs.
Never thought we were going to bring back the age of Realplayer (and the million others.)
We may lose some because it may get easier to implement DRM and that may tip the balance for some content source.
> It will now be almost as easy to implement video with DRM in production as it is to implement HTML5 video without DRM.
But plenty of sources will still choose not to use DRM, as is the case even with other formats where DRM is well-estbalished as an option with simple toolchains.
Before this change, being DRM free was at least somewhat pragmatic. Now it's only principles and consumer rights, and we live in a capitalist society, who the fuck cares about those?
I run my browsers without Flash in order to avoid Adobe's exploit-du-jour crapware. This means, for example, that I don't run Chrome.
If this binary blob from Adobe isn't presented with a similar UI as regular "plugins" (that the user can disable or uninstall), then I will look into writing an extension to disable it, or perhaps rely on a Firefox fork to give me a Flash-lite(tm) free browser.
You might want to reconsider. Chrome sandboxes the Flash runtime [1], meaning a 0-day exploit in Flash alone doesn't get an attacker access to your machine.
That, of course, does not save you from other problems with Flash and the way developers have (ab)used it. Crappy/useless widgets on screen that serve only to eat your CPU and batteries, including banner ads and the like.
You can search for "Click to play" in the settings and disable plugins until you click on them. This helps a little security-wise, too, in case an attacker is resourceful enough to have both a 0-day for Flash and the Chrome sandbox. Not sure how likely that is, but it's also trivial to white-list sites you trust not to send you exploits from the icon in the URL box.
> If this binary blob from Adobe isn't presented with a similar UI as regular "plugins" (that the user can disable or uninstall), then I will look into writing an extension to disable it, or perhaps rely on a Firefox fork to give me a Flash-lite(tm) free browser.
Again, it's been stated that you will be clearly given the choice to disable the CDM entirely.
You could use Chromium, the open-source version of Chrome. It comes without flash, which needs to be explicitly installed to make flash work. Not sure what OS you use, but this is what I do on Linux.
Chrome now has a built-in 'flashblock', like the Firefox plugin of that name. Enable the setting and you'll not see flash unless you click a placeholder icon.
I believe the issue is not about the video player per se, but the specifications that are going to be (or are already there) added to HTML as a standard.
As I see it, it kind of looks like it help DRM, first by legitimizing it, i.e. it doesn't carry the same weight if it's something proposed by only one corporation ("these guys are crazy and don't know what they are doing") vs the weight it carries by virtue of being part of the HTML standard ("if it's a standard it must be already accepted by everyone so it must be good!")
And second, by preventing fragmentation among DRM solutions, i.e. it will be easier for DRM users (not end-users) to interact with one another and even innovate and pass on that innovation (licensing, etc) instead of fightning among them like it happens nowadays (i.e. SecuROM vs their competition, etc).
Again, that's what it seems to me, but maybe someone else can provide a different explanation?
Because Adobe will be writing a closed-source module distributed in a binary form, you'll end up with the exact same situation as with plugins IMHO.
Only a subset of the available OS and processor architectures will be supported.
Flash was designed years ago and even though everyone wants it to die, we're still feeling its pain.
Designing a similar solution in 2014 is just asking for trouble for the next 10-20 years IMO.
Oh, and you're giving up the opportunity/right to audit the code that runs on your devices.
Flash attempted to do everything - what we're seeing from it now is just the last few use cases for which it has not been replaced with HTML5 - and the solution is for the single use case for which HTML5 is a bad fit - reducing the bloat, enabling performance improvements and massively reducing the size of the TCB. Ultimately it's about as good as can be got out of html5 video.
I have the same feeling. Few people I know even use a browser to watch that type of content anymore. Frankly I think native apps on the TV, Nexus 7, iPad, etc won already and this isn't going to be used much.
I guess it depends on the implementation. At least we can put limits around the current flash plugin. Can we do the same thing for the new plugin architecture, so a media codec exploit doesn't take over your browser?
Or in a darker version - can we make sure the new plugins don't scan your drive for "incompatible content". Game anti-cheat systems already do that. At least flash / silverlight was playing nice so far, unlike some of the more interesting DRM systems in the past.
The various content providers have used HTML5 EME to demand stricter DRM than they could generally achieve before with closed source plugins, and they've got their wish. In particular, the EME implementations they're currently willing to license content for are Microsoft's (locked to Windows, unlike Silverlight/Flash) and Google's (locked to Chromebook hardware with its full protections against unauthorised software enabled).
Okay, let's assume that, in the former case, the functionality required is built into the browser and enabled by default.
The problem with the former case, then, is that I get a browser that ostensibly supports my freedom, and this code that runs things secretly, without letting me intervene or analyze, comes in with it, under the radar.
In the latter case, I have to take a deliberate action, explicitly agree to a license, and install a product I know to be freedom-denying. So I have something icky on my computer if/when I specifically choose to, and I know exactly what the icky stuff is, why it is there, and how to get rid of it if I decide to.
I think it would be much better if Mozilla were to present the DRM stuff as an optional, not-installed-by-default plug-in with clearly restricted scope, access, and capabilities. If they do this, then they probably ought to spin off the group that makes the plug-in as a separate organization.
" * Each person will be able to decide whether to activate the DRM implementation or to leave it off and not watch DRM-controlled content.
* We have surrounded the closed-source portion with an open-source wrapper. This allows us to monitor and better understand the scope of activities of the closed-source code."
So your hypothetical built-into-the-browser and on-by-default implementation does not describe the same thing that has been announced for Firefox. Indeed the actual plan is quite close to what you suggest in your final paragraph.
Seriously, who is building this DRM software/hardware? If you are a software developer you have no excuse but ignorance, and as someone who makes a living on a computer (where the Internet resides) that excuse is waning extremely thin. I harbor a hairs breadth more grace for the hardware engineers designing locked down chips, but that's no more than a rhetorical nicety due to the fact that I'm am not very familiar with the intricacies of their work.
I honestly don't get it, you could make just as much, if not more, money doing something that's not 100% ethically wrong... especially in this job market! It's easy to work remotely, so you can't claim geographic entrapment. I'm sure if those who were especially financially encumbered could make a kickstarter page people would literally pay them to quit their job!
As much as this stings, it stings even more that it's "our own" selling us out, that it's the people who should know better that are killing everything so many of us have worked so hard for.
Is it? I get a pretty steady stream of offers from recruiters and LinkedIn, and I can't recall a single one that offered remote work from day 1. Care to share all of these opportunities you know about?
I don't think it's necessarily unethical to write such DRM software, and I'd be interested in hearing your argument as to why this is the case.
It's not as if the software causes harm; indeed it probably reduces the potential of economic harm to the content providers. Assuming it does exactly what it claims to do, i.e. decoding of video and audio content dependent on a provided decryption key - then what is the ethical problem with programming an algorithm for that?
It's amazing how offended people get at other people for not martyring themselves. Especially in cases like the NSA scandal where they are demanding that people literally risk jail time for the ideals of the demander.
If all major browsers support eme, every website will use it. Say goodbye to youtube-dl. Maybe next year eme will be updated to "protect" html. Soon the entire web may be a closed system. It doesn't matter what the FCC decides on Friday, today is the day the web dies, at mozilla's hands.
There is always a choice mozilla, please make the right one.
Mozilla doesn't have a choice. Let's say Firefox has 30% of users. The argument is that sites will not use DRM, because they'll be losing revenue from 30% of their users, and therefore Mozilla saves the day.
But, what happens if Google says they'll accept that challenge, and they're willing to lose 30% of revenue from something like YouTube in the short term. They implement DRM on YouTube, and Firefox users can no longer watch videos. What happens? Firefox users start converting over. Where to? Chrome, which falls into Google's best interest. Now, that 30% loss keeps getting smaller and smaller, and Chrome users start increasing. Fast forward a year, and Firefox only has 10% of the users. This continues to shrink until Firefox dies.
Sadly, this is what happens when we give Google and Facebook too much power, and the ability to run the internet. It's our fault for giving them that position, and not developing or supporting alternatives. If you want to fight back, you need to give Mozilla a better position to stand. Sites like Wikipedia, Imgur, etc, need to run banners for browsers that support DRM, and block users, or encourage them to switch to a DRM free browser, like Firefox. Take the wind out of their sails, before they try to do the same to us.
I like what you are saying and I too think this way.
My solution has always been that we need to teach people and make it easy for them to hop onto the darknets and any decentralized networks while also helping smaller companies and indie devs establish their business outside the boundaries of the commercial internet and onto the Deep Web.
This will allow us to reboot back to the early 90s and rip power away from all these present-day corporations who've turned the commercial internet into a money-grubbing mess.
The bright side is that information wants to be free. If one day we have a closed web on a two-tier Internet, there will always be a group of people wanting to make it work like the old way. Unless they somehow made it illegal, the libre internet with an open ecosystem will always be available.
That's bullshit. In what extremist world do you live? How on Earth did you manage to correlate DRM and "protected HTML"? This is like saying: "maybe next year my security system will be updated to hide my furniture from me!"
I don't think there's anything wrong with trying to protect content. Frankly (I'm a hypocrite, becsus the I have used it, myself), isn't the YouTube downloading plugins some type of breaking copyright or TOS anyway? If you were an artist, and everyone was downloading your work for free, I bet you'd be pissed as fuck.
Or, if you're a publishing company, I bet you'd be pissed if everyone was downloading the shit you published for free. Just because the company is "big" does not mean they don't have the right to protect their content or service. This is utter hypocrisy!
To draw a paralle: I can eat the pie on the table, but you can't. Why? Fuck you, because human rights and shit, dude; this side of the table is the only one with rights.
While it wasn't stated in the article, I believe this system will lead to fully "protected" websites. Things you and me take for granted such as copying text, downloading an image, or modifying a URL to navigate a site easier may become a thing of the past. It's dark waters ahead, and with Hollywood at the helm I'm absolutely terrified at what tommorow's internet will look like.
From a comment by a Mozilla employee on another thread, it seems that the UI for this has not yet been determined[0]. It's possible that this may be presented to the user in a way similar to a plugin installation, except that the plugin happens to be provided by Mozilla (not a third-party).
This isn't great, but to the end user, it looks the same as Flash and Silverlight.
Especially if Mozilla were to add click-to-play for all such plugins, along with an explanation of what they are (think of the warnings that are currently shown for self-signed certs), they may still have an opportunity to do good with this yet.
I'd really love for Mozilla to remain as true to its mission as possible. On the other hand, Mozilla's power to do good in the world is intrinsically linked to its marketshare[1]. If Mozilla ends up being the lone holdout, it's possible that they will just lose marketshare as DRM content becomes more widespread - that would be quite a Pyrrhic victory[2].
I share in the EFF's disappointment at the situation, though (saldy) this has been inevitable for some time.
I understand that - I'm saying that Mozilla has an opportunity to go even further now than they were with Flash and Silverlight (users always had control over whether those were included as well).
As explained in the comment I linked:
> I could imagine [Mozilla] using the opportunity to display a message to educate users as to what DRM is and whose phone number to call if they don't like it. ;-)
Obviously not including DRM at all is ideal, but at least would be a way to remain true to one's values (supporting freedom and the open web) and educating users in the process, while still providing support for these features.
Careful. Thats a somewhat empty response. It's technically true, but its an enormous barrier— even if someone else compiles it for you, how do you know their binary is trustworthy?
It's like saying that humans don't need oxygen to survive, because you can extract oxygen from the electrolysis of water. :)
You have to consider the tradeoffs users are presented with, and the _practical_ freedom to choose is lost far before the cost of the choice becomes infinite.
Fortunately in this case participation will be opt in, though perhaps market forces will make it hard to opt out— but if so the belief is that the same forces would just force you to use Chrome and miss out on the other choices that Firefox leaves open to you.
Careful. Thats a somewhat empty response. It's technically true, but its an enormous barrier— even if someone else compiles it for you, how do you know their binary is trustworthy?
Your claim is incoherent... if you don't currently compile firefox yourself, then you're in exactly the same situation, how do you know the binary is trustworthy?
If you do currently compile it yourself, what's the big deal?
What really worries me is the fact that now it's going to be way easier to implement something with DRM. A lot of users nowadays are not willing to install some third party plugin. The fact that it comes with the browser means that it's extremely easy to implement something with that DRM. I might be wrong, since I haven't read much about it.
I doubt netflix looses much business because they require silverlight to watch.
On the contrary, making DRM tech more accessible to developers will only help young startups build platforms that are "content provider friendly". This will promote competition in the online entertainment space and ultimately drive prices down.
I'm no fan of DRM but I see the value it serves. Just like advertising. I don't see why everybody is making such a fuss about this when we already have a wide proliferation of plugin-based DRM. Why are people complaining that it is moving towards an even more open layer?
>... will only help young startups build platforms that are "content provider friendly". This will promote competition...
That is anathema to their business model dynamic; licenses are stringently kept to stretch exclusivity. Platforms!? (plural?), the DRM tech debate is about monopolizing/standardizing THE platform.
>I'm no fan of DRM but I see the value it serves. Just like advertising.
You must have never had a VCR... smh...
With this DRM, and Sisyphean-esque copyright term-limit laws... I'm wary of how much influence the content industry will have on tech.
Reading between the lines here, I have a strong suspicion this and the smear campaign directed against Eich are related events. Only a few short months ago Mozilla was staunchly opposed to this. Then Eich gets forcefully removed, and Mozilla's stance turns a 180. In retrospect the "outrage" against Eich felt very artificial. It could have been a deliberate attempt at character assassination in order to further someone's goals of destroying our internet freedoms. The motive of course being heavy financial incentives. This likely had nothing to do with LGBT* rights (which I'm a proponent of, FYI). Instead it was all about someone lining their greedy pockets, at the personal expense of Eich and us to a much lesser extent. Keep in mind the same people who have a vested interest in strengthening DRM, are the same people who own the media outlets which propagated this story.
I must be missing something. I read the article and clicked the attached link to Mozilla's blog, and nothing seems radically to change for users other than a move sideways. Though I'm a little disappointed that there isn't a move forward, it certainly doesn't feel like a step backwards. Even Mozilla writes, "At Mozilla we think this new implementation contains the same deep flaws as the old system. " (emphasis mine)
Right now if you want to lock something down, like watching Netflix on your browser, you install Silverlight. In the future, Silverlight is replaced and Netflix uses XYZ technology but maybe with DRM-in-HTML or whatever. And as a user, it doesn't matter because most people I know today use a tablet with the native app, a streaming device such as the Roku player, or a SmartTV.
If I want to watch Netflix I use a different browser. I don't need to use the same browser for everything online, and I especially don't enable Silverlight in my primary browser.
Despite his failings at leadership I will admit, Eich was pretty damn adamant against EME. If he was still at Mozilla he could have had led a lot of pushback at the W3C.
I doubt it. The media outlets who led the smear campaign against Eich, benefit financially from stronger DRM. If you follow the money and influence there are many suspicious coincidences.
This is most certainly the wrong choice, but people need to understand they essentially had no choice. Their options were rather limited:
Option 1) Stick to your laurels and refuse to implement DRM. Other browser vendors implement DRM, certain parts of the web become inaccessible via Firefox as DRM is implemented into more and more web services (think Youtube, Vimeo, Netflix, Hulu). Firefox's lack of DRM means its users are being disadvantaged.
Option 2) Implement DRM. Accept temporary defeat, don't lose browser share to Chrome and continue fighting from within against DRM.
Which option do you think sounds more appealing to Mozilla? Die on your sword, keep the trust of your dwindling user base or implement DRM and retain most of your user base (minus the people that will leave because of this decision). I think someone needs to create a fork and build a DRM-less browser, that's the beautiful thing about open source, don't like something, change it.
Option 3) Stick to your laurels and refuse to implement DRM in the browser, but let people install a third-party plugin that adds the DRM capability. Keep your own hands clean, let Adobe do the dirty work (the DRM blob was written by Adobe after all), and keep all your users too!
The greatest thing about Firefox is the add-on/plugin ecosystem. Why not take advantage of it to give users a real choice? Firefox already does the same thing with Flash, a proprietary but easily installable plugin.
> Firefox's lack of DRM means its users are being disadvantaged.
Firefox's lack of DRM would mean that users are being encouraged to used the services not encumbered with this nonsense, instead of all gravitating to whichever DRM service is most popular.
Mozilla supporting DRM is a failure because of Metcalfe's Law[1]. By giving access to the network of people using DRM to their n users, they support that network by O(n^2) and make it that much harder to dislodge in the future.
I don't think Metcalfe's law applies here - people don't use encrypted HTML video as a communication network, it's mostly a channel from content producers to users. So its value only grows linearly with the number of users that can receive it.
More importantly, though, content is more compelling than browsers, and browsers are easier to switch. If Firefox blocks its n users from receiving some content, some fraction of those will leave Firefox and get the content anyway, leaving Firefox with less strength to fight the next battle. In this case, it looks like that fraction would be pretty significant, and the impact on DRM not that great.
How about just ignore the websites that implement DRM and let the free market decide if those websites will survive? People treat DRM as if it was going to turn us into North Korea when it comes to internet access.
If you could make the choice of what content to watch and what to watch it with independently, this could be said to be a free market decision. As is, my decision to support or not support DRM dictates the content I can watch. That for most people the content is more important gives the false signal that people are choosing DRM (which, in reality, pretty much nobody would).
That's not a functional free market. There is no market for non-DRMed content that's on an even footing with the market for DRMed content.
I feel like this is a rationalization. The fact that a market is free doesn't mean that producers can't sell on the terms they want. There is DRM-free content, just not the content you want. Content creators choose to use DRM because very few users object to it, and I bet with modern DRM most don't even know it exists. That's a perfectly functional free market.
Its like saying that there isn't a functional free market for social networks because you want a subscription-supported site while Facebook, etc, are ad supported. The fact that a seller won't sell on the terms I want doesn't mean its not a free market.
Agreed. People whining about the loss of a "free market" are, in reality, whining about their loss of control over the producers' options. It doesn't make a bit of sense.
In fact, one indication of a "free market" at work is when they're selling things you don't like.
We're talking about a government-created monopoly though.
If there is competition over distribution, rather than content, better delivery mechanisms eventually win.
We had this when FM displaced AM radio. There was a compulsory licensing regime, which means that anyone can distribute any content they want for a reasonable fixed fee. FM was a better distribution technology, so it won, but only because it was allowed to compete on the same terms, with the same content.
All property rights are government created monopolies. Imagine applying compulsory licensing to other things. They government forces you to sell your widgets at a "reasonable fixed fee." Imagine the government forcing Google or Facebook to share their databases to potential competitors for a "reasonable fixed fee."
Compulsory licensing was a tactic used to shift profits from content creators to middlemen.
> All property rights are government created monopolies.
It's true that governments attempt to ensure property rights in other things. But tangible goods have a natural scarcity, while scarcity is imposed on digitial copies. My use of a plow excludes your simultaneously use of the plow. My use of an mp3 does not.
Government steps in and limits the technology artificially, creating an artificial scarcity, not unlike a "club good":
https://en.wikipedia.org/wiki/Club_good
The fact that widgets are "rivalrous" is exactly why they're poor candidates for such schemes. But the way we sell "widgets" isn't the ideal way to provide all things. The way we sell widgets wouldn't be a good way to sell street lighting or national defense, however, because those goods are "non-excludable," meaning you get free rider problems.
So we have different systems for different goods based on the properties of those goods. Ocean going vessels don't shop for lighthouses at a corner store, and we don't have a municipal fund set aside to supply every child with popsicles.
My humble suggestion is that we treat digital content more like other non-rivalrous goods, and less like popsicles.
> Compulsory licensing was a tactic...
Compulsory licensing arose in many different domains for different reasons. Radio, live performances, cover bands all have somewhat unique histories that defy one simple damning motive. Regardless of past motives, I'm happy to agree that compulsory licensing wouldn't be a good scheme if its only benefit was to move profits from one group to another.
It improves efficiency more broadly though. There are several reasons, but for one, consider the transaction costs to any negotiation with any content holder. If society can just have that negotiation once, publicly, it will save everyone a lot of hassle.
It also cleanly addresses the holdout problem, I find that a major perk.
It's not just a question. It's also an implication that the people you're replying to have claimed there is "something inherently wrong with content creators controlling how their content is consumed". Such a loaded question is unfair and downvote-worthy.
> The fact that a market is free doesn't mean that producers can't sell on the terms they want.
Copyright laws stand in the way of a free market. If there was a free market anybody could make a copy of some content and sell it (perhaps they would have to pay parts of the profit to the original owners, but nevertheless anybody would basically allowed to sell what they want: that's what a free market is about).
Free market != anarchy. Copyright doesn't stand in the way of a free market any more than the property rights that keep me from hacking into Facebook and creating a competitor with its database.
The social network example is extremely poor. In the case of a social network, Facebook has no means to prevent its users from using other social networks. The value proposition of a social network is in its users, and any network that can attract users can attract other users on that basis. There is no exclusive relationship between the content (users) and content providers (facebook et. al.).
In the case of television and film content there are basically no non-exclusive relationships between content creators and their distributors. I cannot buy only the content, I must buy their distribution restrictions as well.
> There is no exclusive relationship between the content (users) and content providers (facebook et. al.).
Really? You can export all your Facebook data and switch to another social network that will import it all? Please tell us all how you do this.
You're ignoring the huge effect of lock-in for a site like Facebook: they have all your data, and there's no way for you to get it back in a non-proprietary format. Functionally this is basically the same as DRM: you don't control how you can access your social network data, Facebook does.
I once worked for a social network (dominant demographically and regionally) that was destroyed in a matter of a few months by Facebook coming into the open market. I have a pretty intimate knowledge of how weak these bonds can be. It took a catalyzing event (a major change the users didn't like) to make them truly gone, but in the end they slowly left their (often very creative and interesting) data behind and moved to the better thing.
You still exist as an independent entity. There's no data you have on facebook that you can't possibly do without. And you almost certainly concurrently exist on several social networks.
I'm not really sure how you can try to argue that this is a similar kind of 'lock-in' to the fact that there is only one distributor for any piece of content and they control that distribution online pretty much right to my TV. Social networks are nothing like that.
> There's no data you have on facebook that you can't possibly do without.
There's also no "content" (movies, music, etc.) that you can't possibly do without. (I, personally, do do without, in the case of both Facebook and movies, music, etc. with DRM.) Just as you can pick a different social network provider if you don't like Facebook (or, in the extreme, give up social networks altogether if none of them will give you what you want, as I do), you can pick a different content provider if you don't like the ones that try to control distribution (or, in the extreme, give up online "content" altogether if no providers will give you what you want, as I do).
But if you want to interact with particular people online, and they're all on Facebook, you have to use Facebook, just as if you want to watch a particular movie, and it's only available from one provider, you have to use that provider. And in both cases, the incumbent can make it very, very difficult to switch if they control enough of the market. (In the social network case you describe, you say the original provider was "dominant demographically and regionally", but that basically translates to "not as dominant as Facebook". Did people really switch because Facebook gave a better experience, or because it connected them to a larger network?) The lock-in dynamics work the same either way.
I don't think you're actually arguing with any points I'm making. I agree with everything in your second paragraph.
But you started this conversation talking about the data facebook holds that locks you in. Relationship data is trivially rebuildable (and often benefits from periodic culling anyways), so that leaves the more concrete data like pictures and posts. Those are important, but most people seem to treat them pretty much as ephemeral in practice.
So at this point I don't really know what you're arguing or why you're arguing with me. Yes, the people are the important thing in a social network. Where they go you go. If your friends all go somewhere else, you will follow them. Where this differs from films or television is that, unlike films and televisions, your friends can two-time another network that offers a different value proposition until the network effects catch up. I've seen this happen personally, and that was my original point.
And just to clarify on this:
> ou say the original provider was "dominant demographically and regionally", but that basically translates to "not as dominant as Facebook"
When I talk about facebook coming on to the open market, I mean literally in the 6 months or so after people who didn't go to an accredited university could use it. At the beginning of that we were, within that region, absolutely more dominant than facebook (obviously). We were much more dominant than myspace (less obvious, and we were very proud of it) even. We were the #1 social network in that region hands down.
At the end of that 6 month period the network effect had completely shifted to them and people were visiting our site once a month who previously visited several times a day. When we changed things up, they just stopped coming rather than bother learning how to use the new stuff.
> you started this conversation talking about the data facebook holds that locks you in
Yes, in response to you saying that the analogy with social networks was weak. I was pointing out that, while the specific mechanism of lock-in may differ, the underlying logic appears to me to be the same in both cases.
> Relationship data is trivially rebuildable (and often benefits from periodic culling anyways)
I think this depends on the person.
> that leaves the more concrete data like pictures and posts. Those are important, but most people seem to treat them pretty much as ephemeral in practice.
Do they? Or do they just, without thinking about it, assume that the content will always be there on Facebook (or wherever), so they don't have to worry about managing it themselves, backing it up, etc.? My money is on the latter.
This, btw, is another way in which the analogy between movies, music, etc. and social networks is a good one: in both cases, people seek short-term satisfaction without stopping to think of the longer-term effects of their actions, on both them and society. The result is that people end up locked into a walled garden that gets more and more difficult to escape without giving up the activity altogether.
> Where this differs from films or television is that, unlike films and televisions, your friends can two-time another network that offers a different value proposition until the network effects catch up.
But that means they haven't really switched networks; they're just using two instead of one. Similarly, people can get content from more than one provider.
> At the end of that 6 month period the network effect had completely shifted to them
Why was that? That's the key question I was asking. Was it because FB actually delivered a better user experience, or just because FB gave them access to a larger network?
This is absolutely still a free market. You want the content, you're going to make a choice in what you're willing to do for that content. If it requires you to pay for it or it requires you to install a plugin or it requires you to use a browser that supports the streaming of it, those are all choices you can make. That's the idea behind a free market.
Maybe you should look up the definition of "free market economy". If DRM is part of the price of viewing the content, that's part of the economy. Non-DRM protected content is still available, in the same market, but is generally less sought after in the same way that people are usually much less interested (if at all) in content that does not have a price or is completely free. If something has value, the creator usually wants to receive that value for their work.
TL;DR: This is exactly a free market economy. Anybody can provide content. There is no price fixing. Access to the content is not government controlled. Etc. Etc. The only thing standing between you and the content you want is what the creator/owner of that content wishes to receive from you in exchange for the content, be it money, DRM embedded in the delivery tools, etc.
Do you have a native and supported way to watch Netflix on Linux? No. So it does make the experience worse (it's one of the biggest missing components, not implying the only one).
You might want to try popcorn time. I have found the UI to actually exceed Netflix's while giving me pure piracy unencumbered by any DRM. I just read that they have added TV shows to the new version.
If the content industry is going to keep doing this shit, they don't deserve our money. Don't worry about the artists, if these are the people they have chosen to sign their lives away to.
I liked Ubuntu's approach where they asked you on startup if you want to install/enable proprietary packages like Flash or some graphics drivers.
Is it tough for Mozilla to prompt the user to do something similar with DRM stuff on first run? i.e. Telling them these are the features not supported by Mozilla in principle but are a) implemented to be in compliance with standards and b) required if you choose to use services like Netflix.
That way I would still have the option to run a DRM free browser (and voluntarily not use websites that require DRM).
As plugins today, the CDM itself will be distributed by
Adobe and will not be included in Firefox. The browser
will download the CDM from Adobe and activate it based on
user consent.
The point being that you will be asked whether to download this thing, and if you say no it won't be downloaded.
When the plugin fails (and it will fail ... anything which is default deny will have lots of mysterious fails), more and more people who paid for the content will switch to pirated versions.
Personally, I can't wait. Piracy was roughly at a balance point recently with all the mobile consumption. Now, the lazy-ass social media generation is going to discover the need for it.
I would hope that rebranded versions of Firefox such as Iceweasel will strip the DRM support, so I guess it is not like it will be forced on people who don't want it.
Of course, this is still bad news, because it means there is no more pressure on content owners against this DRM, which can eventually become painful for people who want to avoid the DRM.
This is true. I'd like to see a case in Court where the law about fair use is in conflict with the law that allows something that has been DRMed to be completely protected, legally. I assume fair use would win, but I'd still like to see that case, because then it could become a lot easier to break DRM in order to "excercise your fair use right", and circumventing DRM might become legal again, in effect killing DRM for good. Then even companies like Mozilla could implement DRM unlockers in their browsers and so on, since it would be perfectly legal to do so.
Technology should never force it's users (the sites creators) to use one technology or another. Not implementing DRM is idiotic for couple of reasons:
1. The decision of whether or not to use DRM should be of the site creators. That's as "free" as it gets. forcing them otherwise by not letting them the option is bad.
2. Even without implementing it, DRM is available through flash or silverlight or any other third party plugin. The only result not implementing DRM gets is that of hurting the HTML5 video component.
Because it's a need of the market, using third-party plugin is no harder, maybe even easier to implement. So it's not an overhead for the site implementing it.
But rather it's an overhead for the user. you'll have to install a third-party plugin on your computer. Making it to your job now to make sure this plugin is not security vulnerable, that it is updated etc' etc'. And, it's probably closed. the web is open.
you are right, I haven't stated my point correctly.
The missing point is that of the market demand. DRM is out there, it's too late. It will be used anyway, with flash\silverlight or what have you.
So, this demand should be answered, using flash is no overhead for the site, but rather a bad thing for the end user. not implementing DRM isn't hurting the sites wants it, at that point, it only hurts the end users. so implementing it is the right decision.
> The missing point is that of the market demand. DRM is out there, it's too late. It will be used anyway, with flash\silverlight or what have you.
Flash is out there and will be used anyway. Luckily since mobile devices didn't (iPhone) support is or supported it badly (Android) it became out of favor. This was eased a lot by the situation that many people already disliked Flash in their browser.
May DRM become out of favor, too. Thus as a first step, you - as a customer - should never accept websites that use any DRM mechanism. Write to their customer support and if they don't offer a DRM-free version cancel subscriptions. Closing your purse is a powerful tool.
So I've seen this reaction in a few places, and I'm genuinely interested in what people think that it would achieve. You take the code of a browser that allows, but does not require, you to use a DRM system* and change it so that you are no longer able to install a DRM system. What's the value proposition of the new browser? You won't be tempted to install the DRM component when you find yourself wanting to view media that requires it? That seems pretty weak compared to the difficulty of maintaining a browser fork.
It seems to me that refusing to ship DRM makes sense if it gives leverage against the content companies, such that could be used to make them adopt DRM-free solutions. To get such leverage it would be necessary both that the reach of the unencumbered web was compelling and that requiring DRM would significantly limit that reach. Unfortunately plugins have historically provided a DRM-enabled way of distributing content via the web, so there was no compelling reason for content makers to forgo DRM in the past. This makes it significantly more difficult to change the industry today.
It is possible that there was a chance to win back some ground with the decline of plugins on mobile. However, it's also possible that the prevalence of native apps on those platforms made the web itself a less appealing medium for distributing content to mobile users. In any case, the eagerness of Microsoft and Google to deploy in-browser DRM means that we didn't get to run that experiment. Instead we are in a situation where some high percentage of web users can get DRM encumbered video content in their current browser. For those who can't the barrier to switching browsers is typically rather small. Not shipping the capability to view DRMed video in this situation is, tragically, trying to hold a non-equilibrium position; it might be principled but it is going to end in a significantly sub-optimal outcome.
I suppose the optimistic view is that video will follow the iTunes model and DRM will be a short term burden that we have to bear until technology and attitudes in the industry make it clear that there's a better way. I'm confident that Mozilla will continue to push to find that better way.
* Assuming one that exists that is compatible with your OS + hardware + etc.; all the usual problems of binary blobs in general and DRM in particular still apply, of course.
>change it so that you are no longer able to install a DRM system.
No, you change it into one that doesn't have code that caters to a particular DRM system (the EME system, not the blobs themselves.) If they want to have DRM, they can write a plugin with their blob. Putting in the calls for DRM to use is the same as putting in DRM.
Yeah, I am baffled by the reaction to this. Don't want to use DRM, don't install the plugin, no DRM, done.
Long-term I can't see how video would end up being any different than audio (and I can buy non-DRM-encumbered mp3/flac/etc from any number of sources).
The first version of Firefox took the internet by storm because it was a 300kb download while Netscape was at a "massive" 4.5Mb. It was also way faster than any other existing browser.
I believe Firefox started by a group of Netscape developers who just stripped all the junk out of the sources. Since then, its size as balloned to a monstrous 34Mb download.
I personally would love a fork of firefox back to the basics of before v1.0: html, js, tabs and plugins.
Just an idea that came to my mind: What about the idea to refuse support to any Firefox user that has installed a CDM component (for the same reason the Linux kernel developers don't give any support to users of "tainted" Linux kernels (i. e. kernels that have loaded non-open-source modules)).
The article is written as if Mozilla is making a mistake. I think Mozilla's stand is perfectly reasonable and pragmatic. Mozilla must adhere to all the web standards.
I think the war for an open web was lost when EME became W3C standard. We should have fought it at that time.
I dislike DRM as much as the next person, but what do you suggest as an alternative way that content creators can protect their work? Movies cost tens of millions of dollars to make; I expect that you would not spend $10 million of your money to make something that everyone could just freely download. Would you invest a year writing a great novel if everyone could read it for free without paying you? Some people will, of course, say "yes" but I think most of us would not, and we would end up with less art.
I think the tech community needs to come up with a better alternative, rather than just complaining.
The EFF stance is a little shrill. Remember how FairPlay and Zune were going to create proprietary music forever? Didn't quite work out that way.
End of the day, content is a commodity, and like any other commodity, prices are falling as the supply expands. Unless it's a Pixar movie, most films in DVD/Blueray are in the $10 range within weeks. Digital rights for new releases are as little as $3 when you buy with physicial media. Access to Netflix's catalog costs less than basic cable.
So I don't care about this, I do care about the trolls under the bridge (ISPs) who want to extract a toll for transit.
So I'm guessing that this will backfire. Mozilla say that Adobe will create the software, which will presumably be bundled with the browser. This means that if Adobe's DRM gets cracked, suddenly every site using that DRM is vulnerable. At the moment, one just updates the client to obfuscate a bit better, which is then downloaded on next launch of the software. If it's all client side, surely then the DRM will have to be updated every few days - which would be a nightmare for sysadmins etc.
I'm not sure why they even bother trying, it'll be broken within a week. They're pointlessly adding to a spec which has enough bloat and hacked-together features.
Fascinating how people accept handcuffs so easily.Because it' better than flash...not,you'll still need a plugin for the DRM and you're going to have to download a few different plugins because of course different vendors will have different DRM schemes,so back to 1999,realplayer,windows media plugin,ect...
I don't get the hand-wringing over this. Don't install the plugin and only view non-DRM-encumbered video content. Seems simple enough. Just like you don't install flash because you don't want to support flash-based DRM, right?
DRM just won't be that useful in a web browser. I can share a link with you, but it won't work for you. If Mozilla omitted this feature, users would just fire up the Netflix app. I honestly doubt it would cause users to switch away.
They should keep their browser open. Most people that use Mozilla know why they're using it. They would also understand how to install an official Firefox plugin to get crappy EME websites to work.
I think you're overestimating 'Most' people. If Firefox has a ~20% market share, that's saying that there are hundreds of millions of Firefox users who use it for the freedom (as opposed to the competitive performance and the fact that it's not IE) - and that simply cannot be correct.
So what you do is you use the DRM API to negotiate a way to transfer a decryption key to a secure hardware module in the consumer's device. Having the source code to the Firefox component doesn't give you access to the firmware or keys stored in the module. (Yes, you can hack hardware. But it's way more expensive.)
It's still your computer... Capture the firmware when loading, and decompile it.
The problem starts only when "they" decide to mandate in our hardware. (And yep, "they" are already doing it, for several values of "they". We are fighting the wrong war here.)
I have some insider knowledge of how these chips work. First, you get the chips with crypto keys already installed, so having a copy of the firmware source code won't help. Second, the keys are unique to the device, so getting it won't give you much. Third, the firmware is authenticated so modifying the firmware won't help. Fourth, the chip is designed to be resistant to physical attack.
You don't need to compromise every chip. You just need to compromise one. That's not particularly hard. You can use some fancy equipment to extract the private key, and then you can decode any video the chip could decode.
Or, if you want to be lazy, just hook a VGA cable up to a transcoder.
But a particular chip will only have the keys for a small number of videos. When you buy a movie, you download that movie encrypted with a unique key, and the unique key is encrypted with your device key. So compromising one chip won't give you any kind of "master key" or anything especially valuable. The movie can be stored anywhere, when you need to play it you will pass the encrypted key to the device and the device will use it to decrypt, decode, and then send the movie directly to video output (possibly re-encrypted with something like HDCP, although that's a broken scheme).
The chip will also not send high-definition output to VGA, so you will need to do better. Basically, you have to hack the hardware.
I'd like to clarify that I'm not defending DRM, just that circumventing DRM is not as easy as people in this thread intimate. I think the reason why DRM will fail is because of economic pressures: the cost of deploying millions of devices designed to protect ubiquitous data against a small number of highly intelligent and motivated cryptography experts and hardware hackers.
This is a neat summary of an idea that always turns up on every DRM thread. If the best way to copy a movie is to buy some extra hardware to plug into your VGA port, and then play the movie back at regular speed while you record it, then DRM is working. Joe Bloggs isn't going to do that to give his mates copies of a movie he enjoyed.
Of course, someone out there will go through that and put it on the internet. But Joe's mate is worried that the government will track his downloads, or his computer will get a virus from these dodgy downloads. And every few weeks, the source he's using shuts down and he has to find a new one. Before long, he'll just decide it's worth giving Netflix a few dollars a month to get movies the easy way.
Most piracy isn't about Joe Bloggs giving the video to his friends. It's established institutions uploading videos to popular torrent sites, where they get millions of downloads. There is simply no way to prevent that.
Piracy isn't about Joe giving the video to his friends precisely because of DRM. If it was trivial to click 'save as' and copy the movie to a memory stick, I think people would be swapping movies routinely.
I already outlined precisely how they limit the influence of illegal download sites: ensure that the effort to find them and the perceived risk of prosecution and malware exceeds the cost of getting the movie legally. Once people start working and appreciate the value of their time, it's not actually very hard to tip that equation in their favour.
Capturing, decompiling the code will give you the routes / hardware key access points which you can then manipulate by pretending to be whatever they expect, et voila assuming you can decompile the transcoded information being passed along.
Maybe I'm missing something, but what's so bad about EME? I think it's a great idea that copyrighted material will be protected. I understand that it becomes "closed web" in a way, but it's not a big deal for me. Frankly, I can think of a few places where it could be useful, even.
Remember, the closed-source component is there because there has to be a place for the deliberately inserted NSA vulnerabilities (note the proposed use of Adobe). It's likely that this bizarre and unpopular decision is the result of some behind-the-scenes arm-twisting.
> We have come to the point where Mozilla not implementing the W3C EME specification means that Firefox users have to switch to other browsers to watch content restricted by DRM.
Mozilla gets most of their money from Google. When Google says "jump", Baker says "how high?". They've become so addicted to the funds from Google, that they can't live without it.
I'm done with Mozilla but I think the problem is not just the browser we choose anymore. The whole thing is compromised. We need a new internet, "new" ways to share and consume information. There are many people who think so as well.
They were faced with a hard choice, Not implement EME (HTML5 DRM) and risk users moving to other browsers (user loss) or implement EME and risk looking like they are contradicting their core mission (trust loss).
They figured a little loss of trust is worth keeping most of the users on the Mozilla platform - which in my view is the correct decision. If users start to abandon Mozilla (FireFox) in droves then they lose their power to influence the development of the open web.