Slashdot Mirror
Defend the Open Web: Keep DRM Out of W3C Standards
jrepin writes "There's a new front in the battle against digital restrictions management (DRM)technologies. These technologies, which supposedly exist to enforce copyright, have never done anything to get creative people paid. Instead, by design or by accident, their real effect is to interfere with innovation, fair use, competition, interoperability, and our right to own things. That's why we were appalled to learn that there is a proposal currently before the World Wide Web Consortium's HTML5 Working Group to build DRM into the next generation of core Web standards. The proposal is called Encrypted Media Extensions, or EME. Its adoption would be a calamitous development, and must be stopped."
It's not going to knock DRM off the web.
So why not put in a way for it to be done in a standard fashion?
Putting the ability to serve DRM content into HTML is not going to close the web.
http://lkml.org/lkml/2005/8/20/95
It will just be another technology that ends up falling on it's face while sucking money out of the corporations while they try to get it adopted as the mainstream or most adopted technology. If they are good for all, they will get used. If they aren't, why on earth would a developer use them? Every W3C set of standards has a bunch of tags that no-one in their right mind uses - or they come up with great new ways to get what they want out of them. I mean as an example (though it never made it into W3C) but look at Silverlight, Microsoft tried to take the market away from Flash, invested heavily into Silverlight, no doubt paid a LOT of developers to use their stuff, I found for a while a bunch of free downloads that "asked" to install Silverlight along with their code.
Look at these stats:
According to statowl.com, Microsoft Silverlight has a penetration of 64.16% on May 2011. Usage on July 2010 was 53.54%, whereas Adobe Flash is installed on 95.26% of browsers, and Java support is available on 76.51% of browsers (May 2011); these statistics makes Adobe Flash the market leader in terms of penetration.[20] As of 26 August 2011, 0.3% sites are using Silverlight,[21] whereas site usage of Adobe Flash is around 27%.
Taken from http://en.wikipedia.org/wiki/Microsoft_Silverlight#Adoption
Moved to http://soylentnews.org/. You are invited to join us too!
Stuff like this wouldn't be so bad if we didn't know how much an asshole these companies have always shown themselves to be in the past. Media stored on the cloud or a computer became fantastic for me because I didn't have to worry about a DVD working in the USA but then not working in another country. That means if you ever move to another country that you will have to re-buy every DVD in your collection. Fuck that. Now, I bet they'll add the same type of control here. You must buy a DRM for your specific country or even more ridiculous restrictions than this (like fast forwarding as mentioned in the article, etc.).
The rich get richer, and the poor get poorer. The free get freer, and the shackled get deader.
The G
How about all these new fangled things FUCKING WORKING AS WELL AS FLASH DOES? Wouldn't that make it better?
The reality is that some apps (like Netflix) require DRM. Why not offer a standard way to do it?
1 standard is better than 1000 crappy implementations - if you don't like it just disable it like you do any other browser option and you'll never be burdened with DRM'd content.
a standard s bad. We don't want DRM to take off on the web. Let it stay on Flash.
Thankfully, I doubt Apple is interested in implementing this if it's anything like Blu-ray's DRM.
Yeah, it would allow people to view sites like Netflix and Hulu without a plugin. Oh, the horror!
Here's the thing. DRM exists. It's not going to go away because a bunch of reactionaries leave it out of some web standard. That's because it already doesn't exist in that web standard! And DRM is doing quite fine without it.
What this will do, instead, is hasten the demise of Flash and Silverlight. Video that is currently DRM'd will now be available without a plugin, right from the browser. This gives the consumer more choice.
What it will not do is all of a sudden turn every web video into a DRM'd stream. It means more video, not less.
Look, I don't care if YOU don't want to use DRM'd services like Netflix, but some of us DO, and we'd like to be able to use these sorts of services without proprietary plugins like Silverlight dictating what operating systems we can use it on.
I'm a realist. DRM is idiotic and useless, but the people holding the cards are too dumb to realize that. If that means that I have to accept unobtrusive and transparent DRM to view content because of that, so be it. DRM done right doesn't get in the user's way, and a standardized form of DRM will help keep it from getting in the way. This needs to happen.
....has been drawn my fellow geeks.
Seriously, everyone raves about it, but it's already poisoned candy. Adding DRM to it would just be adding a razor blade.
The HTML5 spec as it stands now is a mess. The semantics are laughable. Sectioning is a mess. The expanded set of characters allowed in identifiers means lots of ugly escape sequences in CSS and Javascript when those new characters are used (seriously, try writing a selector for <div id="foo.bar[baz]"></div>). And there's still no grouping element for dt and dd elements in dictionary lists.
Right now HTML5 is little more than a buzzword that means canvas, just like DHTML was a buzzword that meant DOM manipulation with Javascript. There is a lot of other promising stuff in there (the new form inputs are long overdue), but much of it is defined unbelievably poorly. It's a trainwreck waiting to happen.
What if there were a recognized correlation between the technical and legal limits of copyright law. As soon as "the" standard DRM scheme is broken, public domain for all intellectual goods published before that event. Will align incentives and lead to future hedging. Create a sense of fairness and open competition as well.
This extension is really just a API to communicate with DRM plugins. Whilst it would be good to standardise on a single API, it still requires having closed source plugins to do the actual decoding.
Kinda like what Flash does now.
If EME is built into web standards, it will be an easy matter to build EME content blocking into web browsers. I, and millions of others who are opposed to this bullshit, would embrace a direct method of being able to boycott DRM without even having to think about it.
When I see comments on the inclusion of Digital Restriction Management in Web standards couched in approving tones, I know that I must be getting old. To me the only valid use of DRM in the long term is as an answer to a trivia question on screwy 'net practices of the late 20th and early 21st centuries.
If in the interim DRM is deemed necessary for some things by some people then incorporate it in a desktop or browser widget as is currently done, say, for Netflix.
And no, I haven't any wonderful answers to all kinds 'good' questions on this, or any deep thoughts on this and the related larger issues; it's just my old fart reaction.
When I bought a book, it was mine. When I used a camera it wasn't locked in to one film manufacturer. Anything with an engine would happily use any brand of gasoline of the correct octane range. When I found that a DVD player/burner I had bought was region-locked, I half flipped. Ditto, when terms of 'sale' for a program I bought on CD forbade making an archive copy.
But then, when I went to see a movie at the theater the thought to bring a movie camera never crossed my mind.
Oh, yeah, just for grins: take Netflix for an example - it uses some kind of DRM, right? (Yeah, I know it does, 'cuz I had to fire up an vm of XP to install Silverlight - until an enterprising duo came up with a wonderful change to Wine that lets me use Netflix from my Ubuntu desktop.) So then, just how many of the protected movies on Netflix don't have torrent or magnet links somewhere? If the answer is few to none, then WTF is the use of having the DRM?
What is the W3C 'Working' Group doing on this anyway?
HTML5 wouldn't exist if it wasn't for the WHATWG going around the W3C (who was busy fucking up CSS standards at the time)...
W3C needs to go away...
DRM has no place in codebase
Thank you Dave Raggett
Just make it good and obvious so we can blacklist crippled crap.
Instead of dealing with all kinds of stupid proprietary bullshit as paying customers, it might be nice to try something different.
Digital archaeologists are only able to browse the ancient web on their emulators until the day in history W3C introduced DRM.
That is one of MY biggest cons against DRM in HTML.
KERNEL PANIC -SIGFAULT AT ADDRESS #51A54D07
Administering DRM is a hassle for the provider as well as the user. Companies aren't going to throw on DRM just for the heck of it.
Other content simply won't be provided on the web without DRM. It'll either come through your browser, a browser extension or a separate app. Adding DRM to the standard will give the best possible situation for this too.
http://lkml.org/lkml/2005/8/20/95
EME is proposed as an API, allowing "binary blobs" to execute. That's ***EXACTLY*** what Active-X does in Internet Explorer. Just like Active-X, the binary blobs won't be a complete stand-alone OS. Instead, they'll hook into your operating system, with high privileges. That means that the binary blobs will be OS-specific.
I can see compromised websites popping up with requests to load codec-XXX to "See Sexy Suzy Stripping". And there'll be a lot of idiots who'll fall for it.
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
It's complete BS that DRM inhibits innovation.. People just want everything for free but want to get paid themselves as much as possible.. A contentcreator has enough problems with getting their investment back these days with all the illegal ripping of their work..
DRM should be a part of the W3C standards, and it's up to the websitecreators to use it or not.. As long as DRM isn't part of the W3C standards you'll keep external plugins like Flash or Silverlight, and that's something you really don't want.. so better to have standard and being able to NOT use it than not having a standard when you need to use it..
Noone is forcing you to use the DRM standard when available (except your client)..
Sadly DRM is a necessity these days, so better have one standard than having to resort to some vague external plugin..
Then make some movies of your own and release them to the world DRM-free. That's the FOSS way. RMS couldn't find an OS he could trust so he started working on his own. Linus came along and tied it all together and now we've got Linux. The point is they didn't just bitch about things they didn't like on message boards, they solved a problem they were having and made the world a better and wealthier place for it.
The content that's getting DRM protection - that's other people's stuff. What they do with their stuff is their business. There's nothing wrong with them asking for web standards (that no-one's forcing you to use) to implement their protection. It's also their problem if they implement a DRM solution that prevents them from selling content to you. That's sales they'll never make and an audience they'll never reach.
I think DRM is self-defeating - content companies will prevent more sales than they'll gain - but there's a world of content out there that's never been protected by DRM. You could spend your whole life being entertained and enthralled by it and never once wonder what the fuck is going on on Game of Thrones or Piranha 4DDD. Or maybe you could add to that trove of free wealth for humanity. You know, contribute on your terms. Just sayin'...
One of the penalties for refusing to participate in politics is that you end up being governed by your inferiors - Plato
Don't be evil.
and that is exactly the reason why i believe it must be standardized. When i get a program or a file i want to answer the question "does it use DRM" easily.
I had recently a very bad experience with an deployment tool, which did not mention DRM at all but actually used DRM methods to protect code from being changed without telling so. I got a little suspicious and after drilling the support for 1h they admitted that the real purpose of the "encryption" was not to "protect the code on the way to the customer" (as the advertisements loosely suggested), but to prevent modification without their deployment tool, in order to protect their freely distributed (powerful) runtime from being used by people not in possession of the deployment tool. Was not so funny since we needed to exclude this part from the builds in order to fulfill GPLv3 requirements.
So: yes, ok, if you like to DRM, please use it. But at least give me the option to systematically see/avoid these parts. Dont fuck me with "you have to buy device x because its technologically so brilliant" if you really mean "to push our own media store, we used a lot of engineering to hide the keys for decryption deep in the device". I would like to see a warning label on things which use DRM which say "this content can not be used anywhere. You dont posess it.".
A small side remark: Are HTML5 files with DRM as documentation GPL3 compliant? I think not....
First of all, every DRM has been and will be cracked. If my computer will somehow be able to decode a video for playback, then it's already cracked. And there's no way open source browsers will somehow lack the ability to play back these encrypted files. So, to that end, let them do it. We will have our content.
I understand there may be some GPL issues, but Firefox isn't GPL is it? What browser(s) are?
DRM is a devil. The ignorant and greedy believe things about it which are not true. This isn't a "lock which keeps honest people honest." These "honest" are most likely rather unsophisticated and wouldn't have a clue how to fix a situation when things go wrong... and they will go wrong. Someone will crack a something resulting in an authentication server or certificate server or something 'key' being taken offline which will harm those who paid for the service. And the real problem of DRM is how it harms the "honest" which are their REAL customers.
How do we prevent it?
Next thing they'll add will be DRM for web pages, so you won't be able to view the HTML code.
I mean, WTF? Millions of $$$ were invested in the web page, and now some greasy nerd can view it freely? Protect! Protect! Intellectual property!
+1 to the open source part. The code may be opn source, but the builds need trusted clients you cannot put in the public domain.
That is my main objection. Only trusted (big) players will get the decryption keys. And DRM has the feature is starts to spread. It starts with dycrypting the stream, then the renderer needs to be trusted. Next the HDCP link to the screeen, and if there was an option to encrypt the screen to eyes link, someone will build it.
Open sourcing, and freely building, any of the components in the path will result in a leak of the content. the end result is that the entire environment gets getting more closed.
If it is part of the standard, OSS can't implement it. Therefore Firefox won't be HTML compliant.
But that means it cannot be put into the Public Domain.
Therefore they have the right to either DRM it or copyright. Not both.
And even if you ignore this and decide you DO NOT WANT to be fair to all sides, only want to big up the content copyright owners at the expense of everyone else, you can argue they have the right to DRM their stuff, but they DO NOT have the right to demand that their DRM scheme must be part of an internet standard.
Now tell me; since Flash and Silverlight will exist, anyway... How are we going to keep the web open, exactly?
Here be signatures
Why re-defining the R to mean restrictions? Rights management is the correct term, where "to manage X" means "to lessen X/to lessen the effects of X". Like weight management, crisis management, anger management...
So it will not stop the pirates. But it will annoy the consumers.
I am an indie developer selling a game for ios, android, pc and mac.
I am not a fan of DRM myself, and I did not put it in the game. That said, ios sort of has one built in since the user cannot side load apps (unless the device is jailbroken which only a fraction of users do).
The result is that I am making more money on ios than on android, and piracy of my game on android is rampant. Trying to shut down pirates is futile, even if I take 1 down, 10 more pop up in 10 minutes.
For us content creators, there really is no way to make everyone happy:
* If I do DRM, people like yourself hate me. Also, all DRM schemes can be broken, it is just a matter of time. However, the numbers are speaking for themselves.
* Ok, lets do in app purchase then. Nope, people hate me even more for that.
* Well subscription could work right?. Sure, if I want to die burning at the stake.
* How about ads? It annoys my customer base, plus: where is the money?
Honestly the only way to make people happy seems to be making the app fully free, but then I would not make enough money to develop the game and it would die right there and then.
I think this is a very bad idea. This has nothing to do with authors getting paid for content, they'll get the same few pennies that big media allows to dribble over the slop trough that the executives all feed from. This whole idea is being "suggested" by big media who wants to put all websites behind paywalls. Remember how cable started? It was "you pay a subscription and get content without all the commercials that over the air has". How long did that last before commercials were added back in, I know it wasn't long. So how would you like a WWW where every site you have to pay to access each page, and those pages are 90% covered with ads, splitting single page articles across twenty pages in order to maximize profits? It's not a WWW that would be useable, especially for the poor. This would destroy the entire idea of the world wide web, which was originally used to collaborate between universities long before greedy commercial interests came along.
I don't want to powerlessly follow the news of this stupid thing going on while completely unable to stop it, as with UEFI secure boot.
"When information is power, privacy is freedom" - Jah-Wren Ryel
so here we are three years down the line since 'thoughts on flash' and what's the situation...
well steve jobs is in his grave, and youtube still runs on flash.
people are slowly starting to realize that html5 is not going to displace flash. not for video, not for animation, and certainly not for games.
as such, can some tell me why arguing about drm isn't a pointless and futile activity?
No. I am 100% there. HTML is about separating the content from the presentation, and has nothing to do with delivery protocols. When you speak of "delivery protocols" you are thinking of HTTP and HTTPS, which have nothing to do with HTML. I do find the irony of your stressing the importance of recognizing the difference while simultaneously not grasping it yourself is a kind of beautiful irony.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
I think it is time to not only fork the standards, but to fork browsers that force this shit upon us.
DRM requires a trusted path to the final renderer. That can't be implemented in a standard.
If I wanted to screen-scrape Netflix on Android, I'd need to replace the Kernel, which Netflix detects is unsigned & refuses to run.
Standardizing wouldn't block screen-scrapes. Therefore there is no point in a standard except legitimacy.
Science & open-source build trust from peer review. Learn systems you can trust.
DRM does not increase the quality of content, and in many cases reduces it. There is ZERO benefit to the customer AND the market at large.
I just do it because of the hole s#$t legislation I know it comes with it. I started to not buy anymore games that comes with DRM although I would have so loved to play some of them. Actually right now when I consider a new game purchase I have to do some extra research to make sure there is no DRM included before buy it. This is slowing down the moment of purchase and puts more stress on me as a consumer. If HTML5 will ever permit a DRM based plugin I will surely not install it regardless of how tempting the content offered through it might be. DRM is more evil than common addware/viruses/worms and me for one I will avoid touch it. I just hope people will have the chance to get educated enough to share a similar perspective like myself.