How Firefox Will Handle DRM In HTML

An anonymous reader writes "Last year the W3C approved the inclusion of DRM in future HTML revisions. It's called Encrypted Media Extensions, and it was not well received by the web community. Nevertheless, it had the support of several major browser makers, and now Mozilla CTO Andreas Gal has a post explaining how Firefox will be implementing EME. He says, 'This is a difficult and uncomfortable step for us given our vision of a completely open Web, but it also gives us the opportunity to actually shape the DRM space and be an advocate for our users and their rights in this debate. ... From the security perspective, for Mozilla it is essential that all code in the browser is open so that users and security researchers can see and audit the code. DRM systems explicitly rely on the source code not being available. In addition, DRM systems also often have unfavorable privacy properties. ... Firefox does not load this module directly. Instead, we wrap it into an open-source sandbox. In our implementation, the CDM will have no access to the user's hard drive or the network. Instead, the sandbox will provide the CDM only with communication mechanism with Firefox for receiving encrypted data and for displaying the results.'"

Isn't hard drive access desirable?

[CRCulver]

In our implementation, the CDM will have no access to the user's hard drive or the network

As with all DRM schemes, it's only a matter of time before this is broken. However, to save the decrypted content to the hard drive, one has to, well, have access to the hard drive. Does Firefox's architecture actually get in the way of users eventually pirating the content? Might have to switch browsers if that's the case.

Re:Isn't hard drive access desirable?

[Microlith]

Does Firefox's architecture actually get in the way of users eventually pirating the content?

I doubt it, but it's likely that the CDM will attempt to check the Firefox binary and assert that the one loading it is signed by Mozilla and refuse to operate otherwise.

It's the CDM's job to fight off attack attempts against itself, not Firefox's. All Firefox will do is attempt to isolate the (undoubtedly security hole riddled) CDM and protect the end user from it - but given the closed source nature of the CDM this may not be possible.

Re:Isn't hard drive access desirable?

[Microlith]

It's important that a browser protect me and my rights on my system, not the business model of other DRM-happy corporations.

Re:Isn't hard drive access desirable?

[Ash+Vince]

As with all DRM schemes, it's only a matter of time before this is broken.

DRM being crackable is not actually that important, what matters is how difficult it is for the average user. You only have to make it slightly tricky or add some slight perceived risk to downloading pirated stuff and they will choose to pay for it instead. For most people with a bit of cash the hassle factor of DRM is what keeps them on the straight and narrow, for the people without cash who cares, they probably would not have paid for it anyway.

Some people who pirate lots of stuff eventually grow into big paid consumers of stuff when they get a bit money, but when they do they often end up forgetting about their strict stance on DRM and just sign up with Netflix or Lovefilm or whatever based on how convenient it is for them. Who cares about keeping a copy of the latest crap to come out of content permanently, just give us lots of stuff to watch on demand and most of the time as consumers those of us with money are happy.

Does Firefox's architecture actually get in the way of users eventually pirating the content?

It's not really the job of browser vendors to make sure you can be a freeloading shithead is it? Their job is to make a product that as many people find useful as possible and that means a certain amount of mass appeal. Refusing to support this part of the standard would have robbed Firefox of more users than they will lose by supporting it.

The reality is that people who view piracy as some sort of moral duty and right like you do are in the minority, that is why most of the public quite happily go along with more stringent copyright laws being drafted by the politicians they elect. That means that creating a browser that will be unusable for certain sites that want to protect their content will just drive users away.

BTW, I actually also think DRM is a joke and a complete waste of space and that more companies should trust us to buy their content if we like it. I spend a fortune on services like netflix and cable TV. I also think though that people who refuse to pay should do without, pure and simple. Anything other than that is freeloading off those of us who pay.

Re:Isn't hard drive access desirable?

[Blue+Stone]

>Does Firefox's architecture actually get in the way of users eventually pirating the content? Might have to switch browsers if that's the case.

Remember, DRM doesn't just stop 'piracy', it stops fair use of copyright content too.

Re:Isn't hard drive access desirable?

[wagnerrp]

How are you going to check the binary if you've explicitly isolated the CDM from any access to the system? Either you allow the CDM direct access to the OS so it can perform the check on its own, or you can provide an interface that can be trivially spoofed. If the CDM access the OS directly, aside from the security implications that causes, now your open source OS can attack it in the same exact manner, returning whatever information the CDM wants to see, rather than the reality.

The simple truth is that you cannot have open source anything anywhere within the code chain from the point the content exits the CDM to the point the content is sent along with wire to your display device. If you are breached anywhere, then your system is insecure, and if your system is insecure, your content will be stolen and freely distributed on the internet. All you've prevented with all this DRM is the typical honest customer from being able to flexibly access the content in the manner they chose. The typical honest customer needs to be taught this, that DRM has nothing to do with stopping piracy, and everything to do with artificially restricting their abilities. Education is the key to fighting all forms of oppression.

Re:Isn't hard drive access desirable?

[CRCulver]

The reality is that people who view piracy as some sort of moral duty and right like you do are in the minority, that is why most of the public quite happily go along with more stringent copyright laws being drafted by the politicians they elect.

Come visit us in Eastern Europe sometime. Furthermore, even in more affluent countries, it seems to me that an enormous proportion of the youth are getting their music from YouTube, not from buying CDs or purchasing legal downloads. You can find nearly any album from any era on there. Yes, Google might send a little bit of advertising revenue to whoever complains, but most of those songs were uploaded by a third party, not the copyright holders or artists.

Re:Isn't hard drive access desirable?

[MozeeToby]

Even if you had the most 100% rock solid DRM, mathematically proven to be unbreakable and cryptographically secured, you cannot stop pirated content. If absolutely nothing else, people will use screen capture software and grab it that way. If things really go to shit and there's watchdog software on every PC preventing screen capture from happening while DRM content is playing, they'll pipe it over to a separate PC and capture it there. If you manage to block that they'll take apart a monitor and grab the data stream from the internals of the monitor itself. If you somehow find a way to block that, they'll point a camera at the damned things and capture it that way. The analog hole cannot be plugged and once it's broken and posted the DRM is effectively broken for everyone.

Re:Isn't hard drive access desirable?

[Microlith]

That's why they are only permitting the DRM module the bare minimum it requires to do it's job. Thus protecting your system from unauthorised access by the DRM module.

And I don't believe for a moment this is possible. Not by fault of Mozilla, but by what is necessary for the CDM to function and enforce the DRM protections.

The moment a browser (or OS) tries to put in technological measures to defend against the owner, your computer is not yours.

Re:Isn't hard drive access desirable?

[CRCulver]

You can think negatively of pirating all you want, but my point was that, in spite of the OP's claim that pirating is some kind of fringe behaviour, getting whatever music and films one wants from pirate sites instead of purchasing a CD or DVD, is normal for a majority of people in many countries now. There are few shops in Eastern Europe to legally purchase the breadth of content people want, and the prices of what CDs and DVDs are available are considered prohibitively expensive against local salaries, so watching films or getting one's music* from pirate sites has been the usual way of consuming content since broadband first became available here in the early millennium.

(* As I mentioned above, it may be that YouTube has now become the standard venue for listening to music. While some copyright holders may be getting paid for this, whether the upload is authorized or not, is not something that troubles the average person.)

Re:Isn't hard drive access desirable?

[NotDrWho]

you cannot stop pirated content

The goal isn't to stop it, it's to make it complicated or risky enough that the average person will pay for it instead of pirating.

Re:Isn't hard drive access desirable?

You only have to make it slightly tricky or add some slight perceived risk to downloading pirated stuff and they will choose to pay for it instead. For most people with a bit of cash the hassle factor of DRM is what keeps them on the straight and narrow, for the people without cash who cares, they probably would not have paid for it anyway.

Then there are people like me. I have a bit of cash but have no desire to trade any of it for a product that will be actively hostile to me, or to reward a company who continues to lump me, the paying customer, in with the same group as pirates.

If the company wants to give the pirates a better product than their paying customers, where the paid version limits me in stupid ways (aka forcing me to have/connect/power an optical drive for their installer media while the software runs 100% from internal storage - or forcing me to waste hardware resources on a dongle/key) then I will do without their product while they do without my money.

If the company wants to load their DVD or whatever with unskippable ads for other equally unscrupulous companies, pop up a 60 second long unskippable picture telling me how much prison time I will get for obtaining this video in any other way, despite the fact I already have the preferred medium and paid to get it - then I will do without that product while they do without my money too.

Give me a product that doesn't slander me personally, and isn't limited more than the version the pirates would get, and I have no problems sharing that bit of cash in return. I do so frequently, and "a bit" is a surprisingly large value in this case compared to how I would normally use that phrase.

Additionally for software at least (not so much movies/tv in this case), I am one who many other people solicit recommendations from.
Sure, there are "only" around 300ish people who will make purchasing decisions on my recommendations, but if I dispise your product or your company, I will not be mentioning either unless it is to sway one against it.
When I do like the product or company I tend to ramble on and on about how much I like it and exactly why (perhaps ramble more than non-geeks would prefer, but that gets balanced out by the excitement in my speech that tends to get picked up on)

You can only burn the ignorant once before those people are no longer ignorant and share the same hatred of how they are treated. Even after "changing your ways", many won't bother to give a second chance and will continue to repeat their original bad experience.

This simply can't be a good long term business approach. Yes the pool of ignorance is pretty large, but it is shrinking every moment.
It's only a matter of time until such practices are universally hated by the majority, and those companies practicing them plus all future ones who plan to do so will fail.

I also think though that people who refuse to pay should do without, pure and simple. Anything other than that is freeloading off those of us who pay.

I agree completely, although for different reasons.
People who don't want the product as-is SHOULD refuse to pay and do without. They should also take a moment to inform the company that their product was considered and ultimately rejected as even an option, and be specific about exactly WHY.

I do not feel the pirates are freeloading off of me, or anyone else who pays for that matter.
In fact I don't feel personally or directly harmed by the actions of pirates, with exception of occasionally being jealous that better options are given to them than are even available to me.

But I DO blame the pirates for basically indirectly rewarding companies that clearly do not deserve reward. The companies must know it isn't always about price. They need to learn somehow, and piracy only sends the wrong signals and causes confusion that gets interpreted (purposfully for evil, or honestly out of ignorance) as their actions are acceptable if perhaps it was only a little cheaper.

Re:Isn't hard drive access desirable?

[ultranova]

For most people with a bit of cash the hassle factor of DRM is what keeps them on the straight and narrow, for the people without cash who cares, they probably would not have paid for it anyway.

The problem is, the Pirate Bay Edition typically has far less hassle than the official "disable CD burners and phone home" version. DRM creates a constant hassle, installing a no-DRM patch is a one time thing.

Re:Isn't hard drive access desirable?

[MozeeToby]

You missed the last point of my post. All it takes is a single dedicated person to crack the DRM and it will be available on streaming, downloading, and torrenting sites all around the web in a matter of days. Anything even moderately popular (and therefore able to be monetized) can be found. DRM at the stream level is like going after people recording radio onto cassette tapes; even if we agree that pirating is a real problem, those particular pirates are not part of it.

Re:Isn't hard drive access desirable?

[N.+Criss]

If I steal your boat then you have no boat. If I "steal" your information then we both have the information. Copying is not theft: https://www.youtube.com/watch?...

Re:Isn't hard drive access desirable?

[znrt]

but that really is an issue you should be taking up with the content provider. If you don't like it, just avoid all DRM'd content.

true. but this is only true the moment a major browser indulges in suporting this drm crap. this is not a feature the user demand, but the copyright lobby. and doing so is in total contradiction with any form of advocacy for an open web. it is clear that mozilla, under present management, has more important priorities than an open web, so all this ceo-talk is just the usual bullshit you'd expect from ... well, a ceo. oh wonder.

Re:Isn't hard drive access desirable?

[bzipitidoo]

Much of this conversation is beside the point. You talk like DRM is an acceptable tool for a desirable motive. It is neither.

Not only is DRM an unsound idea that simply does not work, it and the idea of intellectual property it's meant to protect are immoral. That's right, immoral. Our very ability to communicate with each other, and share valuable ideas and information, is at the core of our intelligence, and is what put us on top of the animal kingdom. Sharing is a natural right. To give that up, voluntarily give that up, is to embrace a new status making us no better than sheep, fit only to be fleeced repeatedly. These scumbags in the content industries have misunderstood, perhaps deliberately, the differences between ownership and authorship, and the material and scarce vs the immaterial. Authorship does not mean the power to deny all usage and derivate work, until they get around to individually approving each proposal and only if they please. They are out to control all communications, stifling that which they can't manage, which by necessity would be the bulk of all communication as they haven't the means to handle the sheer quantity, by asserting that they should be compensated every time people share anything they were in any way involved in, and that the only fair way to accomplish this is by controlling all copying so every single occurrence of it can be taxed. And of course to do that requires extreme control of the sort necessary to make DRM actually function somewhat.

If there are risks in fighting DRM, it is our civic duty to take those risks, to preserve the freedoms our ancestors fought so hard to win for us. The risks are in any case little enough. The control freaks who want to monopolize and monetize all content do not have the power to go after everyone. There are other ways to compensate artists. Big Media still doesn't want to be bothered trying them, and admitting that they might work. Instead they have the gall to ask the rest of us to make the truly insane sacrifices it would take to really make their horrible vision work, and act as if they aren't asking much, putting on this hurt and baffled attitude and crying that artists will surely starve. We are NOT going to give up the Internet, flash drives, cell phones, home movie theaters, or even public libraries and used book stores. We are not going to turn the clock back to the 1980s, and artists will not starve and art will still be created.

This ramming of DRM down our collective throats and into the HTML standard is at best a waste of effort that will have no effect. At worst, it will harm the Internet, slowing it down and blocking some things. If, somehow, it kills the Internet, Big Media would celebrate. That's the kind of trolls they are. But it won't accomplish the destruction of the Internet or the elimination of piracy. I think the only reason the DRM was allowed is that we knew it would be ineffective and only slightly damaging if that, and so we could afford to humor them in this matter. And they problably bribed key people, maybe tried some threats too.

Re: Isn't hard drive access desirable?

[BilI_the_Engineer]

That sentence right there pretty much proves you don't even know why you hate it, you've been told it's bad, believed that an propagated that idea.

I despise DRM because it tries to restrict me. I despise DRM because it often harms actual customers. I despise DRM because it treats me as some sort of criminal.

With that said, that sentence you typed pretty much proves that your a child molester. Hey, while we're just making shit up and pretending we know what the other person thinks, why not go all out?

Even if you were at the height of conspiracy theories and actually believed that it could take unprivileged control of my VM what's it going to do?

It is about control over your computing. As long as you have software that maliciously treats you as a hostility and unjustly restricts your actions, you do not have control, even if you fully own the machine.

For similar reasons, I do not use proprietary software.

Re:Isn't hard drive access desirable?

[mysidia]

How are you going to check the binary if you've explicitly isolated the CDM from any access to the system?

By requiring the sandbox to prove that it passes a validation with an attestation using credentials that are not available to the user.

Intel Trusted Execution Technology (TXT) / TPM come to mind. The TPM allows for secure storage and secure reporting of some security related metrics.

The Sandbox can't spoof a validation of the trusted status of the Sandbox program, because the digital signature needs to be made by the hardware

Re:Isn't hard drive access desirable?

[exomondo]

It's important that a browser protect me and my rights on my system, not the business model of other DRM-happy corporations.

And you can have that because this is open source software. Mozilla doesn't have to do what you feel is important. The whole advocacy of free software is such that the user can change/remove things he/she does not want and even to fork it if they don't like the developers' ideology.

The solution is there, it's the solution you have been advocating for so stop bitching that Mozilla isn't catering to your specific needs in every way you demand them to and use it, it's Free Software!

Re:Isn't hard drive access desirable?

[znrt]

Given that plenty of people use DRMed media every day, then I think it is safe to say that users are demanding it. Maybe not all users but enough of them to matter.

Have you heard the saying that generalizations tend to over-generalize? "this is not a feature the user demand" is pretty much a fulfillment of that saying.

and yours is a good example of rethorical tautology. people also pay bank bailouts and it doesn't mean they demand them.

i see nobody demanding drm support here: https://input.mozilla.org/en-U... nor here https://bugzilla.mozilla.org/b...
do you?

interestingly, if you read through the thread for this bug, you will have a clue about who is actually requesting this crap:
https://bugzilla.mozilla.org/s...

Re:Isn't hard drive access desirable?

[david_thornley]

The typical user doesn't specifically want DRM, but a whole lot of them would like to be able to watch current movies on something like YouTube. Those will come with DRM, despite what Mozilla and typical users want. If a user wants something that only comes with DRM, the user is likely to want DRM available to enjoy that.

Re:Isn't hard drive access desirable?

[CRCulver]

The average person doesn't use pirate and torrent sites.

As I posted in response to another user, you really ought to visit the world outside North America or the UK. I know from my day-in, day-out experience here in Eastern Europe that the vast majority of people do use pirate and torrent sites. That has been the usual way of getting the content we want since broadband first came here in the early millennium. Paying for authorized downloads is not at all popular, and people only buy the physical media (which is prohibitively priced considering local salaries) if they particularly treasure the film/album in question or want to give it as a special gift to someone else.

"one letter from their ISP"? ISPs here just don't care. Me and my friends torrent hundreds of gigabytes a month and no one at the ISP bats an eye. In fact, when I first signed up for broadband over a decade ago, my ISP gave me the address of a huge filesharing server where I could trade pirated content with other people in my town at lightning speeds.

Having travelled widely all over the world and see the same internet culture in Russia, China and India, I feel pretty safe claiming that, globally, the average internet-connected person does use these sites. Those that don't are still buying physical media from a bootleg seller who likely did use those sites to burn the DVDs he sells.

SubjectsInCommentsAreStupid

[lesincompetent]

THIS is a good reason to oust a Mozilla CEO.

Re:SubjectsInCommentsAreStupid

[Mateo_LeFou]

This, or inventing javascript. Ick.

Re:SubjectsInCommentsAreStupid

[marcello_dl]

Exactly, this is a bad move no matter what. Because FF should have let third parties write a plugin and waited until it was inevitable before including it, if ever. With this move they threw their weight IN SUPPORT of it, from a practical point of view. Because now people will say: see this scheme is supported by all major vendors, let's go for it.

That it's a w3c standard, it is not relevant. In fact "we implement only the sane things out of w3c" would have been a marketing bullet point. No, not now: when remote wipings of DRM protected stuff start happening.

Re:SubjectsInCommentsAreStupid

Funnily, YouTube DOES NOT use this DRM. Thus, the majority of video on the Web does not currently need DRM. And yet Mozilla made this stupid decision....

Re:SubjectsInCommentsAreStupid

[BZ]

1) A third party is writing the plugin.
2) We did wait until it was inevitable. Every single other browser is already shipping it, Netflix is using it, and other sites are starting to use it. The only alternative to shipping this was to make sure Netflix and other video sites continued to work with Flash or Silverlight _and_ that Flash and Silverlight continue to work indefinitely.

Re:Not relevant

[interkin3tic]

Given the recent update, I suspect the answer will be the same for both.

(I feel like this joke is nerdy even by slashdot standards.)

Where's the progressive outrage machine when we ne

[Lord+Kano]

Mozilla just ousted their chair over something that screws over far fewer people than this.

LK

Re:What a joyous success

[mwvdlee]

Current number of websites using EME is 0.

Re:Brilliant. Perfect way to kill market share!

[Arker]

PaleMoon is a Firefox fork that appears to be doing very well. I dont know for sure, but I suspect they will correctly sort this into the unwanted features bucket and skip it.

Personal DRM

What we need to do is figure out how to apply DRM to the personal information emanating from our machines. You will then be able to lawfully defend against those who profit from that information. Of course you could work out an arrangement to get a slice of the gross coinage as well ;).

Re:Personal DRM

[ewieling]

Wrap your personal information inside some form of DRM and require acceptance of your EULA before opening it. Sort of a "technical jujitsu", take your opponents strengths and use it against them.

I wish I could do that to the DMV. Within a week of registering my car in FL I started receiving postal junk mail at my new address. I'd love to get involved in a class action lawsuit against them.

Re:What a fscking disaster

[ArcadeMan]

Current number of websites using MEME is over 9000.

Ayn Rand Quote Time

[bmajik]

Oh look. Here's a whole _page_ of Ayn Rand quotes about compromise

In any compromise between good and evil, it is only evil that can profit

or...

Contrary to the fanatical belief of its advocates, compromise [on basic principles] does not satisfy, but dissatisfies everybody; it does not lead to general fulfillment, but to general frustration; those who try to be all things to all men, end up by not being anything to anyone. And more: the partial victory of an unjust claim, encourages the claimant to try further; the partial defeat of a just claim, discourages and paralyzes the victim.

http://aynrandlexicon.com/lexi...

Many folks have a go at the idea that they can somehow tame evil or compromise with it without being tainted too much. I'm not sure this has ever really worked out.

There is a lot to like about the Richard Stallmans of the world. They are clear about the what and the why, and they stick to their guns.

Re:Ayn Rand Quote Time

You don't think quoting a crank is insightful or useful in any way, do you?

 

No, but I just did so anyway.

Re:Ayn Rand Quote Time

[bmajik]

The Hurd isn't a viable alternative because it isn't needed.

Stallman had a vision of a completely free as in speech computer system. When he started, that meant, OS, tools, and application software.

It was a radical strawman against the beginnings of an industry of for-profit software with intellectual property laws.

It turns out that Stallman and his friends created the programmable editor, the compiler suite, the tool chain, the user-space unix tooling..

and them some Finnish guy and his friends came along and made the OS kernel.

The point is that now, not only is there a free OS and development tool chain -- more successful than Stallman could have ever managed -- there is an entire philosophy around free-as-in-speech software.

Stallman has been more influential on how we think about an use computer software than arguably just about anyone. I would at least put him in the same room as a Woz or a Bill Gates.

The market share of Hurd is the wrong metric. The fact that my company -- Microsoft -- is releasing more and more of our stuff as free-as-in-speech software -- that's the metric.

Let's objectively look at what Stallman started.

Let's use this metric: how many Fortune 100 companies have capitulated to _your_ philosophical demands?

Re:Ayn Rand Quote Time

[bmajik]

Obviously, because I think she's neither foolish nor hypocritical.

There's a class of people who respond to Ayn Rand with ad hominem. Which is funny -- She wrote a lot of pages -- more than I care to read in one sitting. In all that, somewhere, you'd think there's be fertile soil for a response more intellectually stimulating than, "she's a crank".

Fault her for whatever reasons you've faulted her, but to me, nobody has more constancy and conviction in their writing in favor of doing the right things for the right reasons. The importance of principle is central to everything she ever wrote.

The Mozilla conversation is about principle vs. pragmatism, and I think her quotes on the topic are highly relevant.

Re:Not relevant

[Jeremiah+Cornelius]

Drop the browser. It's no longer a question if web standards are fucked, and that your arse is what's offered for the fucking.

Gopher over TOR.

Open Source Browser

[Drethon]

How long before someone codes a module to bypass the DRM handling?

Making bug reporting illegal?!

From Cory Doctorow's article today...

...the Adobe module is not only closed source, it is also protected by controversial global laws that threaten security researchers who publish information about its security flaws.

These laws â" the US Digital Millennium Copyright Act, the European EUCD, Canadaâ(TM)s C-11 and so on â" prohibit revealing information that can be used to weaken DRM, and previous security researchers who disclosed information about vulnerabilities in DRM have been threatened and prosecuted.

This created a chilling effect on the publication of vulnerabilities in DRM, even where these put users at risk from hackers. For example, when word got out that Sony BMG had infected millions of computers with an illegal rootkit to stop (legal) audio CD ripping, security researchers stepped forward to disclose that theyâ(TM)d known about the rootkit but had been afraid to say anything about it.

This gap between discovery and disclosure allowed the Sony rootkit to become a global pandemic that infected hundreds of thousands of US military and government networks. Virus writers used the Sony rootkit to cloak their own software and attack vulnerable systems.

The inclusion of Adobeâ(TM)s DRM in Firefox means that Mozilla will be putting millions of its users in a position where they are running code whose bugs are illegal to report.

dumb

[Charliemopps]

Rather that deal with it in such a complex way, they should just do what linux did for years with MP3s. Popup box "This is an MP3, we can install the thing you need to listen to it, but it's not open source. Do you want it? Yes/No" Simple as that. Let users chose. I don't see how this is any different.

Then they can let their plugin community quietly subvert the entire mechanism, just like they have everything else, and the industry will abandon it.

Re:I don't like DRM either

But this is an open-source browser we're talking about. If we don't want DRM, we can make a build of it without the DRM piece.

Being open-source has nothing to do with this. The number of people who will use a fork is essentially zero when compared to Firefox's total userbase.

The problem is that Mozilla has thrown away the power that comes from being able to speak for hundreds of millions of users out of fear of losing some of those users. That's a path to irrelevancy, they've traded the vision that made them popular in the first place for the hope of maintaining marketshare. It is a total MBA move, as if Mozilla should be driven by profits instead of advocacy.

So this is what happens when Brendan Eich leaves

[RR]

Brendan Eich may have had some opinions that people don't like, but at least he stuck to his morals. Now that he's gone, the new CTO, this Andreas Gal, seems more likely to compromise. DRM is evil, but Dr. Gal thinks he's clever, and is trying to wrap it in an open-source sandbox. Let the exploits come.

Oh well, now I do have an actual reason to boycott Firefox.

Re:Brilliant. Perfect way to kill market share!

[Arker]

Obviously you are correct. A UI which exposes control interfaces to the user is bad. The future is to expose control interfaces ONLY to remote ad agencies, and keep the dirty users in their place.

Re:Where's the progressive outrage machine when we

[Microlith]

Mozilla did not "oust" him. He stepped down after the wider community spoke up. This is being forced by a bunch of DRM happy corps (MS, Apple, Google) and their media industry buddies (Netflix, MPAA, et. al.)

Re:So this is what happens when Brendan Eich leave

[Derek+Pomery]

http://slashdot.org/comments.p...

Well, here you are standing on principles. :)

You wanted to watch Youtube vids, so you run Google Chrome, which has even more liberal implementation of this DRM.

You didn't boycott Youtube.

So, this is why Firefox is implementing it. They no longer have the leverage. Google Chrome is bundled with Flash, with Adobe Acrobat, with Oracle Java. It is pushed on every google website people interact with - Search, Plus, Docs, Youtube, Translate. There's the google app store, ChromeOS, Android...

I doubt Brendan would have held out against this either. Firefox' choice is to accede to its users, or become even more marginalised.

I'm glad they are using their limited remaining leverage to try and at least ensure user privacy and security and offer something that is cross-platform, with an open source auditable wrapper and actually works under Linux.

Re:Not relevant

[Jeremiah+Cornelius]

There are other options as well.

You have a LOT of Windows and Shareware, in that list. ;-)

I browse from a 1995 era SGI, and a QNX Neutrino RTOS VM. I'm contemplating Acorn RiscOS on a RaspberryPi.

Re:What a fscking disaster

[Phs2501]

Youtube uses EME for 1080p streams, no EME and you only get 720p or lower

Youtube uses Media Source Extensions for 1080p streams. That's completely different; it's a way to source data to a <video> element from Javascript. They use it to implement their dynamic HTTP streaming, where rather than just sucking down a file you suck down individual file segments allowing dynamic quality adjustments based on your available bandwidth. There's no DRM involved.

Re:Not relevant

[Jeremiah+Cornelius]

Ah, that explains it; you're the Clifford Stoll of this place!

Someday, ask me about my connection to Markus Hess. We had a Fortran 77 class together, before his infamy...

Sad seeing this

[sasparillascott]

It's sad seeing this, but its also good to keep in mind - this standard was pushed by Microsoft, Google and others. As such its already "live" in Chrome (as of Release 25 if memory serves, current Chrome release is 29 I believe) as its in WebKit (so ad Safari and Opera as well). Microsoft will add it to IE if they haven't already - leaving Firefox and its slowly dwindling user base. Since 75% of the PC web and nearly all of the mobile web will be making use of this - it'd be a market share death sentence for Mozilla to take a stand and say we just won't implement these "standards" in Firefox - (JMHO, but most general users would notice that what they want using this cgap works with Chrome, IE etc. and not with Firefox and just stop using Firefox making the Firefox user base melt away faster). I don't like Mozilla doing this, but I can easily understand why they are.

Re:Finally no more plugins

[BZ]

The difference is that the CDM will be sandboxed in a low-privilege process with no direct access to the OS and kernel, which is not at all how Flash works.

Re:Pragmatic, makes sense.

[BZ]

We've tried sandboxing the plug-in process Flash runs in. It breaks all sorts of existing Flash-using stuff, unfortunately.

The benefit of having a sandbox from day 1 is that you don't have that problem.

Re:Where's the progressive outrage machine when we

[SuricouRaven]

It's amusing to read the reports on right-leaning news sites. According to them, he was forced out by the 'gay mafia.' They use that phrase quite a lot.

you're giving the crooks a pass

[globaljustin]

this is bigger than an open source project or even one browser

this is about the standards of the internet and openness...no DRM is just as important as Net Neutrality

the W3C are total sell-outs to corporate interests in DRM...complete and total...now it appears firefox has joined them

the WHATWG is the only reason we are stuck with 90s-era spaghetti code on websites now...they developed HTML5 and finalized CSS3...

HTML would be spyware if the W3C had its way...and HTML5 would not exist w/o the WHATWG

Linux version

[Bazman]

Are Adobe going to make a Linux version of the DRM module? Because their record with Linux versions of their PDF DRM tech is VERY POOR. We get research articles from the British Library which are DRM'd, and our Linux users can't read them. One solution is to complain to BL at which point they will often just email you a plain old unDRMd PDF. The mega-facepalm thing is that the British Library came out against DRM-content a few years ago, and have done a massive backtrack because the publishers didn't like it.

Whether DRM is a bad thing or an insanely bad thing (ok, or a good thing, whatever), I don't ever want to see "This Content Cannot Be Viewed On Your Nerdy Linux Operating System" popups ever. But if this is Adobe's shitcreek we're wading through, I think I will.