Slashdot Mirror

← Back to Stories (view on slashdot.org)

Firefox 33 Integrates Cisco's OpenH264

Posted by Unknown on from the monty-does-it-better dept.

NotInHere (3654617) writes As promised, version 33 of the Firefox browser will fetch the OpenH264 module from Cisco, which enables Firefox to decode and encode H.264 video, for both the <video> tag and WebRTC, which has a codec war on this matter. The module won't be a traditional NPAPI plugin, but a so-called Gecko Media Plugin (GMP), Mozilla's answer to the disliked Pepper API. Firefox had no cross-platform support for H.264 before. Note that only the particular copy of the implementation built and blessed by Cisco is licensed to use the h.264 patents.

38 of 194 comments (clear)

  1. Trusting a binary from Cisco by Anonymous Coward · · Score: 2, Interesting

    Even though the codec source code is available, it is compiled by Cisco and provided to Mozilla. Something in me doesn't 100% trust that Cisco won't use this as an opportunity to put hidden spyware on everyone's computers. The US gov't can force American companies to secretly implement spyware, right?

    1. Re:Trusting a binary from Cisco by ledow · · Score: 5, Insightful

      But with access to the source code, it's easily possible to verify that the binary supplied corresponds to the source.

      That's how we know that TrueCrypt has no "binary" backdoors - we just try different combinations of compiling, noting the differences, until we find the one that Cisco used. If we never find the exact combination, the differences between a "known good" compile of the original source and the final binary make the amount of code to blind-check almost negligible in comparison.

      It's when people DON'T provide source that you should be suspicious, or when you can't get close to their source providing their binary.

    2. Re:Trusting a binary from Cisco by Actually,+I+do+RTFA · · Score: 5, Informative

      Cisco heard your concerns and has responded: Development and maintenance will be overseen by a board from industry and the open source community.

      --
      Your ad here. Ask me how!
    3. Re:Trusting a binary from Cisco by ArcadeMan · · Score: 5, Funny

      That's why I know I'm safe. I use OS X, which is a closed-source OS. And since it's closed, the government doesn't have access to it.

      I love the smell of bad logic in the morning.

      --
      Get free satoshi (Bitcoin) and Dogecoins
    4. Re:Trusting a binary from Cisco by wonkey_monkey · · Score: 3, Insightful

      But with access to the source code, it's easily possible to verify that the binary supplied corresponds to the source.

      Is it that easy? My understanding was that you'd at least have to have identical versions of the compilation tools to have any hope of coming close to a bit-for-bit match on the binary.

      --
      systemd is Roko's Basilisk.
    5. Re:Trusting a binary from Cisco by Kardos · · Score: 4, Insightful

      Seems like a problem with a simple solution: Cisco needs to publish their build procedure.

    6. Re:Trusting a binary from Cisco by Anonymous Coward · · Score: 2

      Are the NSA operatives getting in quick these days ?

      Operation Frist Post

    7. Re:Trusting a binary from Cisco by Wrath0fb0b · · Score: 5, Informative

      No. In fact it's absurdly difficult to reliably create reproducible builds. Debian has been working on this since at least 2009 (afaict) and has been plowing through issues but you still can't get an identical Kernel as the .deb. Heck, it was 8 weeks just for the Tor browser.

      It's not just the compilation tools, it's the entire build environment that needs to be homogenized. All kinds of components will insert uname/hostname and paths into the binary, filesystems list the contents of a directory in undefined order, timestamps and permissions are embedded into tarballs and documentation, different locale produces other weirdness.

      tl;dr: it's much harder than just installing an identical version of clang and hitting make.

      [ And, as an aside, this goes back decades. The infrastructure around builds was never designed with reproducibility as a design goal. We are basically retrofitting this new requirement on decades of legacy code that never even considered that we would want such a thing ... ]

    8. Re:Trusting a binary from Cisco by Anonymous Coward · · Score: 5, Interesting

      Not only will it be your choice to accept the binary, but Mozilla also shares those concerns. Hence why they're sandboxing the CDM plugins to limit their access and ability to do anything except what they advertise. We'll have the choice to trust Mozilla's work, disable it, or partake in an effort to confirm that it's as legit as we want, so I honestly fail to see any major issue here.

    9. Re:Trusting a binary from Cisco by smash · · Score: 3, Insightful

      Why the fuck would they bother, when they can just do that to all of the backbone routers you use?

      --
      I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
    10. Re:Trusting a binary from Cisco by Randle_Revar · · Score: 3, Insightful

      how about "-1 whoosh"?

      --
      Climate Progress - Hell and High Water
  2. Great by Burz · · Score: 3, Insightful

    I always wanted a backdoor in my browser.

  3. Is anyone left to care? by Anonymous Coward · · Score: 4, Insightful

    They've already destroyed FF and changed it from a browser with its own identity into Chrome's obsessed former friend who mimics her every move and style and is planning to kill her and assume her identity some day.

    Honestly, there's nothing left to call Firefox now. If I want a browser like Chrome, I'll run Chrome. If I want a browser like Firefox, then I have to use an old one or a fork.

    Stop punching your users in the face, and give them back the control they had over their browser.

    1. Re:Is anyone left to care? by stoploss · · Score: 2

      I may have control over this plugin, but I don't have control over my whole browsing experience the way that I did 8 versions ago.

      AKA "last month". Mozilla really lost the community's goodwill with that move. There was no compelling rationale to support FF after that. Their insistence on using a single-process model really destabilizes their browser, for example. Every release seems to remove functionality or force you to change the way you use the browser in ways you don't want. It's like they hired Gnome 3/Unity/Windows Metro program managers and asked them how best to fuck up their main product.

      Thanks to this change to their support model I relegated FF to rare use when I need to check to confirm if another browser is being flaky or if the site itself is to blame.

    2. Re:Is anyone left to care? by stoploss · · Score: 3

      "Living 4 years ago" is a claim that's incompatible with you referencing features that aren't officially released yet. Thanks to your flame I actually googled again about it, and like the past 7 years I have checked, there are "plans" to multiprocess Firefox.

      However, multiple process Firefox doesn't actually exist in practice yet. Go ahead and enable your multiprocess flags in about:config. Spawn a bunch of tabs and windows and admire the "pretty underlining" on the tab titles. Now check your task manager and count the number of Firefox instances. What's that, you say? There's only one?

      Now kill the single Firefox process that's there and see how many FF windows stay open. Zero is the answer.

      Fail.

      Instead of astroturfing for FF, perhaps you should sit down at your desk at Mozilla and get back to coding your has-been product.

    3. Re:Is anyone left to care? by Pentium100 · · Score: 2

      Unlike Chrome, you can get the normal UI of Firefox. I have customized it such that My Firefox 31 looks almost exactly like Firefox 3.6.

  4. Re:So Kind of open? by Actually,+I+do+RTFA · · Score: 5, Informative

    The source is open: you can read it, you can compile it and compare binaries, etc.

    In fact, it is BSD licensed.

    But that only covers the copyright. The patent is not opened (nor owned by Cisco), and seem to prevent derivative works.

    Cisco paid the fees to use the patent in this one application, and open-sourced it to the world. Seems like a great solution, security-wise, and clever legally.

    And, it becomes just more BSD code when the patent expires in... what, a decade? Or if the new Supreme Court ruling is found to invalidate the patent.

    --
    Your ad here. Ask me how!
  5. Version number confusion by Anonymous Coward · · Score: 4, Informative

    (reads summary)

    Hum, Interesting...firefox 33 integrates, mumble, mumble...wait, something's not right with this picture.

    (Scrolls back a few lines on the RSS feed)

    Firefox 31 Released

    Aha! I knew it. Latest version is 31! Must be a typo...

    (One angry RTFA later)

    Oh, hang on...They are referring to the yet unreleased, possibly future version of Firefox. With no indication whatsoever of that fact in the summary, even though a (stable?) version of Firefox was just recently released, as highlighted on this very same website less than 24 hours ago.

    ...

    Would it have killed anyone to point this out somewhere? You know, for those of us at home who don't keep up with Firefox's versioning madness?

  6. bad for standards by l2718 · · Score: 5, Insightful

    Mozilla capitulating on the tag has serious implications for web standards. By including patent-encumbered code in the browser they take the rug from under those in the www foundation that argue for free web standards. Yes, some websites wanted to use H.264 for video encoding, but Mozilla shouldn't have abetted them.

    1. Re:bad for standards by emblemparade · · Score: 2

      This has nothing to do with the "tag" itself, which does not specify codecs. Yes, this is still a compromise, but many of us have been compromising for years on various aspects of freedom and openness. Choose your battles carefully and you can win the war: Mozilla has already achieved so much for the open web, and I'm confident the upward slope will continue.

    2. Re:bad for standards by ArcadeMan · · Score: 2, Interesting

      I'm all for open standards and less patents, but H.264 videos and H.264 decoding hardware has been used everywhere for almost a decade now. Even if something free and open-source had been able to replace it, we're on the verge of switching to H.265 which is about twice as good as H.264.

      --
      Get free satoshi (Bitcoin) and Dogecoins
    3. Re:bad for standards by Dr.Dubious+DDQ · · Score: 2
      It also still doesn't give anyone permission to generate their own h.264 video files (outside of webrtc "video-chatting" inside the browser) legally without paying someone a patent "poll-tax" for permission, so this is still "consume-only".

      I'm also under the impression that there are,absurdly, potential patent-license issues with the .mp4 file format that h.264 video is most often stored in.

      Finally, of course unless the usual obstructionist Apple and Microsoft ever implement opus codec support, this also doesn't give you the legal ability to include sound (mp3 or aac, typically, for h.264 videos) with the video. Hope everybody likes silent movies...

      --
      Hacker Public Radio is our Friend
    4. Re:bad for standards by Blaskowicz · · Score: 2

      I'm sure the transition to H265 will be at least a decade long (do unreleased AMD and Intel CPUs even support it? I think not). H264 will stay for a long time. Even MP3 has been outdated for like 10+ years but still is massively used.

    5. Re:bad for standards by tlhIngan · · Score: 5, Informative

      It also still doesn't give anyone permission to generate their own h.264 video files (outside of webrtc "video-chatting" inside the browser) legally without paying someone a patent "poll-tax" for permission, so this is still "consume-only".
      I'm also under the impression that there are,absurdly, potential patent-license issues with the .mp4 file format that h.264 video is most often stored in.

      Finally, of course unless the usual obstructionist Apple and Microsoft ever implement opus codec support, this also doesn't give you the legal ability to include sound (mp3 or aac, typically, for h.264 videos) with the video. Hope everybody likes silent movies...

      If you have a camcorder, the license to create h.264 is present as part of the camcorder. This includes phones and everything else people submit to YouTube, for example.

      The only constraint is that if you post content online, you cannot take payment on the content itself - i.e., you can put it online, you can put ads around it, but you cannot force someone to pay to view that content (commercial activity). So those videos on YouTube where you have to pay in order to view them come under a different license.

      As for the Mp4 format being patented - it's RAND by Apple ages ago (MP4 is a subset of the QuickTime MOV format). If Apple's asserting any patents on the format, that is. But since people mass-license the h.264 patents through the MPEG-LA, that means any patents Apple has on MP4 are included in the license fee you pay to create or display the content.

      Sound is licensed under a separate agreement - MP3 or AAC. Again, your typical MPEG-LA license for h.264 will probably include use licenses for AAC (most typical format) so you can have a soundtrack.

      If not, there's always PCM as well - handled by the format just fine.

    6. Re:bad for standards by smash · · Score: 2, Insightful

      If the open source world releases something (unencumbered with the GPL - i.e., BSD licensed) with encoding and decoding tools that actually works as well or better than the closed alternative, in a timely manner then I'm sure people will use it.

      It will never happen. Get used to it. There is far, far less complex stuff in the free desktop that has been broken for the past 20 years and still not fixed.

      --
      I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
  7. So what's the best way to do video on the web? by RogueWarrior65 · · Score: 2

    Serious question: What's the best way to handle video on the web given a few requirements? First, the content needs to be hosted on the same site as the website. Why? Because sites like Youtube and Vimeo have control over it. They can unilaterally decide to take something down. They will also present related video. For someone trying to market product, you shouldn't make it easy for a prospective customer to find your competitors. Second, the video has to work on both Macs and PCs. Third, the video has to work on Internet Explorer as early as v.8 because too many users don't know any better.

  8. Re:At fucking last by 93+Escort+Wagon · · Score: 2

    Always really preview before clicking submit.

    Can we finally use the the <video> tag with H.264 files and just forget about the rest?

    No, since Firefox is currently limiting the use of this plugin to WebRTC - which basically means it's not available for anything actual users want to do, such as watch html5 video.

    --
    #DeleteChrome
  9. Re:So Kind of open? by alci63 · · Score: 3, Interesting

    So, this is a software only patent... so it's not legal in Europe (or is it). Some Linux distro might consider integrating this code directly, and compile it instead of letting FF grab a blob from Cisco. Maybe distribute it in a special repository, that users would activate where it legal... Notice VideoLAN for example does play HEVC (aka H.264), and does not licence anything...

  10. Latest version by rossdee · · Score: 2

    So thats whats gonna be in FF33, which is 2 versions from now.

    FF31 has just been released AFAIK

    So whats new (or broken) in FF31 - should I upgrade from FF30 ?

  11. Patent upgrade treadmill by tepples · · Score: 4, Insightful

    And, it becomes just more BSD code when the patent expires in... what, a decade?

    A decade from now, most major web video streams will be in H.265 (HEVC), and H.266 will be the Next Big Thing(tm). By the time the patents on one codec have run out, bandwidth constraints cause providers of non-free media to switch to a new freshly patented codec. Users end up stuck on a treadmill, from H.261 to MPEG-1 to MPEG-2 to H.263 family (Sorenson Spark, DivX, Xvid) to H.264 (AVC) and so on.

    1. Re:Patent upgrade treadmill by petermgreen · · Score: 3, Insightful

      Maybe maybe not. Once a format is deemed "good enough" it can stick around for a long time. See mp3, jpeg png etc. Furthermore bandwidth prices have dropped through the floor in recent years,

      --
      note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
    2. Re:Patent upgrade treadmill by tepples · · Score: 3, Insightful

      Once a format is deemed "good enough" it can stick around for a long time.

      True, if it is impractical to deploy a new codec in the field alongside the existing codecs, a first mover will win. This is why U.S. OTA digital television is stuck on DVD/SVCD era codecs, but some countries whose digital transition happened later use H.264.

      Furthermore bandwidth prices have dropped through the floor in recent years

      Long haul yes, last mile no. Satellite and cellular ISPs tend to charge on the order of $10 per GB. Even wired home ISPs such as Comcast and Verizon have been practicing "congestion by choice", refusing to peer with L3.

  12. ActiveX again. by mar.kolya · · Score: 3, Interesting

    So, at least on Linux this 'thing' doesn't come packaged with the browser in a package. Instead browser DOWNLOADS this crap from the net. ActiveX, anyone?

    Very-very-very disappointing. Looks like Mozilla have forgotten what their mission was behind all those gay-rights fights.

  13. Re:At fucking last by Blaskowicz · · Score: 2

    The article mentions Youtube, without giving any specifics. Seems they're shipping the plugin greyed out, disabled etc. and then WebRTC stuff will work (does anyone have either used that?) and then maybe you'll be able to use html5 video in some future version, maybe.

    Setting the politics aside, and even whether they intend or not to provide html5 video support, it feels better to do that staged release. I sure would want that the kinks, bugs, networking and security issues are worked out before it is unleashed on millions of unsuspecting users.
    Well, people will get that h264 support for WebRTC even though they have no idea what the f that means, but as no one uses WebRTC it wouldn't be as drastic as Youtube support.

  14. In an imperfect world... by westlake · · Score: 4, Insightful

    Yes, some websites wanted to use H.264 for video encoding, but Mozilla shouldn't have abetted them.

    H.264 is here.

    HEVC not far down the road.

    The geek sees everything in terms of the "open" web.

    But there is more to digital video than video distribution through the web.

    Which is why the mainstream commercial codecs dominate here.

    Why hardware and software support for these codecs are baked into the smartphone, tablet, PC, graphics card, HDTV, video game console, Blu-ray player. The prosumer HD camcorder, medical and industrial video systems and so on, endlessly.

  15. Re:Blindly trusting Cisco? by smash · · Score: 2

    If you don't trust Cisco you better get off the internet. Seriously, if you're worried about this, a binary blob running in your web browser is the least of your problems. There's a very good chance that the network hardware at your ISP is Cisco. If it's not, it will likely be Juniper.

    --
    I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
  16. Re:At fucking last by evilviper · · Score: 2

    The article mentions Youtube, without giving any specifics. Seems they're shipping the plugin greyed out, disabled etc. and then WebRTC stuff will work (does anyone have either used that?) and then maybe you'll be able to use html5 video in some future version, maybe.

    You don't need H.264 for Youtube. You can watch everything there, and at several other sites using the "Video WithOut Flash" plugin:

    https://addons.mozilla.org/en-...

    It works pretty damn well.

    --
    Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
  17. Re:So Kind of open? by BitZtream · · Score: 3, Informative

    ... all software is implemented on hardware. Even the instructions you send to your processor get translated into other software (microcode) which is what actually gets executed.

    Hardware acceleration still runs software.

    H.264 isn't 'amazing' because of the hardware acceleration built into everything, its extremely convenient. If OGG was built into everything, we'd be using that instead because thats what would allow us to have long battery life and lower heat dissipation.

    H.264 isn't software anyway, its a collection of algorithms and protocols. There are multiple software implementations of H.264, of which cisco's is only one.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager