Tim Berners-Lee, W3C Approve Work On DRM For HTML 5.1

← Back to Stories (view on slashdot.org)

Tim Berners-Lee, W3C Approve Work On DRM For HTML 5.1

Posted by timothy on Thursday October 3, 2013 @04:12AM from the concentrated-benefit-diffuse-harm dept.

An anonymous reader writes "Danny O'Brien from the EFF has a weblog post about how the Encrypted Media Extension (EME) proposal will continue to be part of HTML Work Group's bailiwick and may make it into a future HTML revision." From O'Brien's post: "A Web where you cannot cut and paste text; where your browser can't 'Save As...' an image; where the 'allowed' uses of saved files are monitored beyond the browser; where JavaScript is sealed away in opaque tombs; and maybe even where we can no longer effectively 'View Source' on some sites, is a very different Web from the one we have today. It's a Web where user agents—browsers—must navigate a nest of enforced duties every time they visit a page. It's a place where the next Tim Berners-Lee or Mozilla, if they were building a new browser from scratch, couldn't just look up the details of all the 'Web' technologies. They'd have to negotiate and sign compliance agreements with a raft of DRM providers just to be fully standards-compliant and interoperable."

36 of 307 comments (clear)

Min score:

Reason:

Sort:

Open source browsers? by ZorinLynx · 2013-10-03 04:14 · Score: 4, Insightful

How does this affect open source browsers like Firefox? If something is open source you surely can't enforce any sort of DRM restrictions; someone can just build a hacked version of the browser.
Is this possibly the beginning of the end for open source browsers?
Why in the hell are they even THINKING of approving this bullshit?
1. Re:Open source browsers? by Jeremiah+Cornelius · 2013-10-03 04:21 · Score: 4, Insightful
  
  Maybe approving something doom to fail, is a way to get it off your agenda, and cease endless persistent lobbying by media companies.
  "Yes. Why don't you start work on the perpetual motion machine - here we've provided you a framework."
  Or maybe Tim Berners-Lee is Hitler.
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
2. Re:Open source browsers? by Wootery · 2013-10-03 04:22 · Score: 3, Interesting
  
  How does this affect open source browsers like Firefox? If something is open source you surely can't enforce any sort of DRM restrictions; someone can just build a hacked version of the browser.
  As I understand it the thing they've just approved is some sort of 'standard' API with which Netflix etc. can tie their necessarily-proprietary, platform-specific, native-code, obfuscated-media-player plugin (DRM), into the browser (which may or may not itself be Open Source).
  How this thing works technically, I don't know. I don't think it's just a C API.
  
  Is this possibly the beginning of the end for open source browsers?
  Why in the hell are they even THINKING of approving this bullshit?
  Amen. 'They' (Netflix and co) need the web, not the other way round.
3. Re:Open source browsers? by ZorinLynx · 2013-10-03 04:25 · Score: 5, Insightful
  
  Why does this need to be made part of HTML, though? The existing plugin infrastructure works just fine. You can implement whatever the fuck you want in a plugin. Just use that and leave HTML alone. Things are complicated enough already without introducing new artificial complexity that is purposely designed to break things.
  (All DRM is purposely designed to break content. It provides absolutely no benefit to the user)
4. Re:Open source browsers? by non0score · 2013-10-03 04:27 · Score: 4, Insightful
  
  If it's so laughable, then isn't it better to just have it? So instead of a world where content owners won't publish jack on HTML5 (you read that right, content owners of the content you're willing to pay for will never publish on HTML5 unless they have some sort of DRM), you get a world where content owners would and you can somehow mine the keys. I don't see how this is any worse.
5. Re:Open source browsers? by Anonymous Coward · 2013-10-03 04:31 · Score: 3, Insightful
  
  Probably, but it's a dangerous move in the current political climate.
  They will enforce this and make it a horrible crime to distribute a browser that "circumvents" the brave new web. This is the world we live in now.
6. Re:Open source browsers? by MightyYar · 2013-10-03 04:37 · Score: 5, Insightful
  
  I don't really care whether they publish or not - if there is one thing the internet does not lack it is content.
  
  --
  W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
7. Re:Open source browsers? by fustakrakich · 2013-10-03 04:39 · Score: 5, Insightful
  
  ...content owners of the content you're willing to pay for will never publish on HTML5 unless they have some sort of DRM
  Who cares? Fuck 'em. There are plenty of people who will publish without all that crap, and we can just stick with them. Besides, DRM is easy to crack, a snake oil sold by scammers. I have no sympathy for those stupid enough to buy it.
  
  --
  “He’s not deformed, he’s just drunk!”
8. Re:Open source browsers? by Twylite · 2013-10-03 04:42 · Score: 4, Insightful
  
  Indeed. Encrypted Media Extensions, W3C First Public Working Draft 10 May 2013:
  
  This proposal extends HTMLMediaElement providing APIs to control playback of protected content.
  The API supports use cases ranging from simple clear key decryption to high value video (given an appropriate user agent implementation). License/key exchange is controlled by the application, facilitating the development of robust playback applications supporting a range of content decryption and protection technologies.
  This specification does not define a content protection or Digital Rights Management system. Rather, it defines a common API that may be used to discover, select and interact with such systems as well as with simpler content encryption systems. Implementation of Digital Rights Management is not required for compliance with this specification: only the simple clear key system is required to be implemented as a common baseline.
  That rationale (as I've heard it explained) is that media (video/audio) content distributors are going to implement DRM, so the Hobson's choice is between giving them a standard interface (HTML EME) or having every distributor create their own proprietary media player (probably platform-specific with embedded rootkit).
  If you believe that all media should be gratis, or you believe that all media should be open and consumers should be trusted to pay for non-gratis media absent any technological protection, then you will view EME as a bad thing.
  If you believe that Copyright should be able to exist on media and that authors and/or distributors should be able to charge for the video/audio, and you believe that technological protection measures may have some impact to reduce non-paid use of such media, and you believe that it is in the interest of consumers to have standards for these sort of things, then you may view EME as a good thing.
  
  --
  i-name =twylite [http://public.xdi.org/=twylite], see idcommons.net
9. Re:Open source browsers? by ralphaostrander · 2013-10-03 04:44 · Score: 5, Interesting
  
  I want an internet for me not them, If they dont like it here dont come. live by the open rules or stay home. I am happy with that. The net was here and was better before it became a giant for sale god damn sign.
10. Re:Open source browsers? by non0score · 2013-10-03 04:45 · Score: 3
  
  That's a fine way to think about it. But if you don't want it, doesn't mean others don't want it. And if you think it's so easy to crack, then why do you care? Just let the content owners have that false sense of security if you think it's so easy to crack.
11. Re:Open source browsers? by serviscope_minor · 2013-10-03 04:49 · Score: 3, Informative
  
  Breaking content in a standard way, which can then be unbroken in a standard way (likely to be cross platform and supported by your browser); as opposed to only being unbroken by a dodgy Windows-only rootkit supplied by the content distributor.
  Please go back and look at the standard. The "standard way" you talk about is merely a standard API to a non standard blob of binary crap. It will still require the windows only rootkit to decode.
  
  --
  SJW n. One who posts facts.
12. Re:Open source browsers? by Anonymous Coward · 2013-10-03 04:50 · Score: 4, Funny
  
  Then why do I keep ending up here on Slashdot out of boredom?
13. Re:Open source browsers? by jedidiah · 2013-10-03 04:51 · Score: 5, Insightful
  
  This is the exact opposite of "getting rid of Flash".
  
  --
  A Pirate and a Puritan look the same on a balance sheet.
14. Re:Open source browsers? by Kielistic · 2013-10-03 04:55 · Score: 5, Insightful
  
  No. Once their foot is in the door they will start demanding signed binary for browsers since anything else is useless to their wants.
15. Re:Open source browsers? by lgw · 2013-10-03 04:56 · Score: 4, Insightful
  
  The reason to care is that they will publish, just not using HTML5, making yet another "if only people followed it" web standard.
  I swear, every time DRM gets mentioned in HTML5 it's like IE6 never happened! Do we have to repeat that sad mistake? The point of a standard is to describe a specific way to do what everyone is going to do anyway. A standard that petulantly refuses to describe what the big players are doing anyway is worse than useless. The W3C finally learned this lesson, but apparently /. has a shorter memory.
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
16. Re:Open source browsers? by NatasRevol · 2013-10-03 05:02 · Score: 3, Funny
  
  Because you don't know the latest address of ThePirateBay?
  
  --
  There are two types of people in the world: Those who crave closure
17. Re:Open source browsers? by NickFortune · 2013-10-03 05:06 · Score: 5, Interesting
  
  If it's so laughable, then isn't it better to just have it?
  
  Well, the security aspects are laughable. The potential legal follow ons are not. For instance, the next logical step is to insist on digitally signed browsers and declare non-complying browsers illegal as "circumvention tools" under the DMCA or somesuch. You might not be able to detect hack browsers, but you could sure as hell sue anyone distributing binaries or patches. You might have a hard time claiming non-infringing uses as well.
  That would pretty much make any new browser impossible to distribute, and potentially puts enough regulatory red-tape on people like mozilla that they'd have difficulty continuing in their current open source form.
  Then there's the possibility to pressure ISPs to only allow encrypted content (call it an anti-terrorism measure - that works for most things) and eventually to start chaging for access on a per web-page basis for all content.
  From the point of view of some media and content cartels, that's a very desirable outcome. The genie would be back in the bottle.
  On the other hand, if we don't have EME then the problems don't arise, so on balance I'd say better not to have it.
  
  So instead of a world where content owners won't publish jack on HTML5
  
  I don't see why that's a problem. There are DRM formats that work with PDFs so it's not as if your content dudes can't publish under DRM. They just can't try and make it apply to the whole web. Nothing of value is being lost here.
  
  you get a world where content owners would and you can somehow mine the keys
  
  Mine the keys illegally I think you mean. Possibly with disproportionate penalties as used by the recording industry in their anti p2p lawsuits.
  Let's just not go there. Less effort + less risk == Win
  
  --
  Don't let THEM immanentize the Eschaton!
18. Re:Open source browsers? by DriveDog · 2013-10-03 05:30 · Score: 3, Interesting
  
  >>Amen. 'They' (Netflix and co) need the web, not the other way round.
  >(All DRM is purposely designed to break content. It provides absolutely no benefit to the user)
  These are the two most relevant comments I've seen, and excellent short'n'sweet arguments against having DRM in an otherwise open standard.
19. Re:Open source browsers? by calzones · 2013-10-03 05:42 · Score: 5, Insightful
  
  Some of us simply believe that if someone is going to try to impose DRM on us that it should be an inconvenient onus on them and the consuming public to do so. A fragmented non-API solution would mean that content providers choosing to implement DRM would face greater costs and suppressed demand due to the extra hurdles imposed by DRM.
  If both any given content provider AND their audience agreed it was worthwhile to install Flash or Silverlight in order to view the content, then that's what they would do.
  On the flip side, any content providers that attempt to impose DRM on an audience unwilling to install Flash or Silverlight would find their subscriber base evaporating, forcing them to release the content without DRM and find a different way to earn money. Once it's standardized and part of the browser, any moron on the web will suddenly feel like they can and should protect their content and all users will be forced to comply or stay out of the web.
  Bottom line: DRM as a hassle means the onus is on content providers to provide users with a suitable value proposition and it leaves greedy or misguided or trend-following content providers who cannot meet that standard out of the web (or else on the web, but free). DRM as an integrated seamless solution flips that around and leaves consumers who seek free content out of the web.
  
  --
  Asking people to think is like asking them to buy you a new car
20. Re:Open source browsers? by Arker · 2013-10-03 05:55 · Score: 4, Insightful
  
  "If you believe that Copyright should be able to exist on media and that authors and/or distributors should be able to charge for the video/audio, and you believe that technological protection measures may have some impact to reduce non-paid use of such media, and you believe that it is in the interest of consumers to have standards for these sort of things, then you may view EME as a good thing."
  Sorry that's a horrible strawman. Lots of people believe in copyright without condoning DRM in any way shape or form.
  
  --
  =-=-=-=-=-=-=-=-=-=-=-=-=-=-
  Friends don't let friends enable ecmascript.
21. Re:Open source browsers? by lgw · 2013-10-03 06:25 · Score: 3, Insightful
  
  A technical standard is in no way, shape, or form a law. That's probably where your thinking went off. A technical standard is just a piece of paper, making some recommendations. There's no enforcement or compulsion here, no requirement to comply.
  Standards are useful precisely to the extent they describe what the big players actually do, so that you can code against the standard and be content. When standards fail, and the big players just ignore them, then they're only of academic interest - maybe you can learn something from them, but they're not directly useful.
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
22. Re:Open source browsers? by wile_e8 · 2013-10-03 06:33 · Score: 4, Informative
  
  Except this change still doesn't describe what the big players are doing. All it does is standardize a call to DRM binaries without any standardization of what those binaries do. It in no way describes what the big players are doing in these binaries, meaning we are still going to be left downloading closed proprietary plugins that are only available for supported platforms. Since one of the main goals of HTML5 was to get rid of the plugin mess that was necessary to play media on the web, this is a backwards step that solves nothing.
23. Re:Open source browsers? by fustakrakich · 2013-10-03 12:08 · Score: 3, Interesting
  
  And if you think it's so easy to crack, then why do you care?
  Because it gives the cops probable cause to bust down your door, shoot the dog, and steal your equipment under the mere suspicion there's something illegal going on. Then you are declared an unfit parent for child endangerment because the kids were there during the bust and could have been gravely injured, so the DFS comes and takes them away, and puts them into a foster home...
  That's why I care...
  And you?
  
  --
  “He’s not deformed, he’s just drunk!”
The right to read by hazah · 2013-10-03 04:15 · Score: 5, Informative

http://www.gnu.org/philosophy/right-to-read.html
So fucking sad
Say it ain't so! by mark6509 · 2013-10-03 04:25 · Score: 5, Interesting

Please tell me that Tim Berners-Lee is only declaring it as in-scope so that it doesn't get worked on by some other group, so it can be killed as it should be.
Missing the big picture by no_opinion · 2013-10-03 04:40 · Score: 3, Insightful

Yes, I know I will be flamed for this, but I think the thing that is getting lost in the conversation is that we've all be using DRM for years, and the point of this is to increase interoperability. How many of us have netflix or amazon movie streaming? Buy kindle books? Use steam? Even the books downloadable from my library use some form of protection. Most people don't care, because those protections don't impact our typical usage patterns. But all of these services live in their own separate worlds, because they are not interoperable. Adding support for a common protection standard doesn't suddenly make it possible to encrypt movies or harder to download images on the net because that already exists today (and has for years)! The point is to end the balkanization of media players and let everything work in your vanilla browser. That sounds good to me.
1. Re:Missing the big picture by jedidiah · 2013-10-03 04:58 · Score: 4, Insightful
  
  > and the point of this is to increase interoperability.
  This does squat for increasing interoperability. It doesn't really change much of anything actually. The real problem is that it demonstrates a fundemental philosophical shift on the part of those entrusted with looking after web standards.
  The web is no longer an open medium designed to be usable by anyone with any browser.
  No, it's just another content consumption medium now. It's just cable TV.
  The old status quo was fine. The corner case of media consumption was isolated while still being accommodated.
  There was simply no need to "swim in the kool-aid" here.
  This will not make Netflix any more accessible to Linux and will likely only make more of the web INaccessable to Linux and other alternative and non-corporate players.
  
  --
  A Pirate and a Puritan look the same on a balance sheet.
2. Re:Missing the big picture by serviscope_minor · 2013-10-03 04:59 · Score: 4, Informative
  
  That sounds good to me.
  That's because you misunderstand the proposed standard.
  The standard is a standardised API to an external encryption plugin. All this means is that it is marginally easier to communicate with the plugin, though clearly it isn't much of a problem at the moment with flash anyhow.
  It will still require a binary plugin to actually do the decryption, just like flash.
  How many of your devices have flash?
  Do you think $RANDOM_EME_PLUGIN will work on your Windows PC (of course!). Your Windows phone (uh...?) your Mac (perhaps...) your older Mac (probably not) your brand new Andriod phone (could do), your older Android phone (doubtful), your Atom android phone (really unlikely), your Blackberry (ha!), iOS devices (crapshoot), your TV with a built in web browser (not a damn chance).
  If you think "just like the bad old days where you had to worry about who Adobe was supporting today with flash except now any monkey thinks they can make a binary DRM plugin because it's standard" sounds like a good thing, then you have a very different definition of "good thing" to me.
  
  --
  SJW n. One who posts facts.
3. Re:Missing the big picture by mark6509 · 2013-10-03 05:08 · Score: 4, Interesting
  
  I can see your argument, but on the other hand I look at the example set by digital audio. The same balkanization occurred there, until finally things got so bad that finally the media caved to pressure and now I can finally buy legal audio in formats that really are interoperable. There were several lousy years where I basically gave up buying new music while the industry figured out that the reason I wasn't buying what they were selling was because DRM didn't work for me.
  So there is precedent that delaying adoption of really interoperable DRM has resulted in better media access in the end. On the other hand, I can't think of any precedent saying that having relatively painless DRM has resulted in better media access. Of course it's possible, but I think precedent weighs against you.
  On the other hand, maybe you're right and the battle is already lost; with digital audio it was really Apple's closed distribution model that finally broke the camel's back-- there was no way for anybody except Apple to encrypt music for iPods, and music encrypted for iPods wouldn't work anywhere else. Nobody was able to put together a deal that would bridge that gap, and although Apple's market share was significant it wasn't big enough to standardize the entire market on, and consumers knew that they would be screwed one way or another if they opted for any of the then-available DRM flavors, so enough of them stayed out of the market that eventually the markets were forced to open up. With digital video, that hasn't happened. All of the major media playback manufacturers support the same DRM flavors, so most of the market can be served with relatively little pain.
  On the third hand (ha ha), while I have started buying music, I've stopped buying videos. I bought a lot of DVDs after CSS was cracked so I could actually play them on my other devices; it was essentially an interoperable format in practice if not in law. I stopped when Blu-Ray came out because DVDs became second-class citizens, but Blu-Ray was too locked down. Streaming rentals work for me because the DRM only has to work once, but I'll never actually trust that streaming companies will still be there, supporting "my" content years from now after they've made their buck today.
  So I still think that there's an effectual struggle to be made, that there's a chance that big media can be convinced to accept open standards. I'm not super optimistic, but I think it's possible, and so I'd oppose any attempt to make DRM more seamless and interoperable for the masses (easy for me to say, since they never seem to interoperate with MY devices anyway. Hazards of running Linux I guess).
Re:Good luck with that by Guspaz · 2013-10-03 04:44 · Score: 4, Informative

Huh? EME is already supported in the shipping versions of Chrome and IE, with Safari coming soon, and is already in use in the real world by Netflix to deliver video to users of IE and ChromeOS. Firefox is the only major browser to have not implemented or begun implementing support for it, and with every other major browser supporting it, all that will accomplish is to marginalize Firefox amongst the average user. To them, the problem will be manifested as "Netflix doesn't work in Firefox".
Re:Kind of was expecting this by wagnerrp · 2013-10-03 04:45 · Score: 5, Insightful

If you allow web sites to require DRM, the web is no longer open. That's all there is to it. If you browsers must protect content, then browsers must be certified and signed before they can access the content. Had your desire to prevent the theft of your hard work guided the original protocols of the internet, it never would have become the important communications resource it is today.
MOD PARENT UP by Tailhook · 2013-10-03 05:08 · Score: 5, Insightful

Signed binaries running from a signed kernel, booted on UEFI Secure Boot hardware you can't legally compromise.
Alan Cox explained this 12 years ago.

That is the dream these people have.

--
Maw! Fire up the karma burner!
1. Re:MOD PARENT UP by hairyfeet · 2013-10-03 08:11 · Score: 5, Insightful
  
  Sounds just like Chromebooks to me, the only difference is IF you put in a page and a half of CLI gobbledygook that most can't pull off then and ONLY then can you take what was once a standard X86 laptop and install one of a handful of hacked bootloader Linux versions. Oh and no dual booting for you citizen, can't have that!
  It just amazes the hell out of me that one company can cook up something nasty, like turning an X86 laptop into a locked down corp controlled thin client and get cheers and when another company does the exact same thing get treated as a monster. Would the ones that cheered the Chromebook have had the same reaction to a Winbook? Kinda doubt it.
  As for TFA this is precisely why we must fight tooth and nail not to take HTML V5 in its current form, as its practically a love letter to the big corps who would like nothing more for the future to be similar to Chromebooks, locked down devices that access apps and content "stored in the cloud" that can only be viewed or used with approval.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
Just to Point Out by carrier+lost · 2013-10-03 07:20 · Score: 3, Insightful

It wasn't all that long ago that browsing the internet with Linux was seriously crippled
Many sites in the early days used Active-X, Microsoft's "answer" to Java, which was only readable by IE and IE for Mac.
I remember not being able to use government services and banking sites because of this.
Because of the huge installed base of MS products, many govs and businesses just rolled out MS-centric solutions without any care for Unix, Linux or Mac.
Trust me, you don't want the web to go back to that.
It may not be MS at the helm this time, but it's easy to see that if there is a content-restrictive standard instituted for the web, there will be great pressure for it to be applied (even in places where it may not be needed!) and the collateral damage is inestimable.

--
XKCD:Xeric Knowledge Comically Dispen
WHATWG by zmooc · 2013-10-03 07:23 · Score: 3, Insightful

Due to slowness and creating other "less ideal" conditions, the W3C is quickly becoming an irrelevant marginalized nothing. They've their control over the HTML5 spec long ago; all browser manufacturers follow the HTML5 spec that's maintained by WHATWG (which, coincidentally, was formed by those browser manufacturers out of discontent with the way W3C managed it. Apparently they've learned nothing from that since this DRM stuff will marginalize them even further. Nowadays, W3C approving stuff has just about nothing to do with what browsers will support or what the Internet will look like in the future.

--
0x or or snor perron?!