Slashdot Mirror
W3C Erects DRM As Web Standard (theregister.co.uk)
The World Wide Web Consortium (W3C) has formally put forward highly controversial digital rights management as a new web standard. "Dubbed Encrypted Media Extensions (EME), this anti-piracy mechanism was crafted by engineers from Google, Microsoft, and Netflix, and has been in development for some time," reports The Register. "The DRM is supposed to thwart copyright infringement by stopping people from ripping video and other content from encrypted high-quality streams." From the report: The latest draft was published last week and formally put forward as a proposed standard soon after. Under W3C rules, a decision over whether to officially adopt EME will depend on a poll of its members. That survey was sent out yesterday and member organizations, who pay an annual fee that varies from $2,250 for the smallest non-profits to $77,000 for larger corporations, will have until April 19 to register their opinions. If EME gets the consortium's rubber stamp of approval, it will lock down the standard for web browsers and video streamers to implement and roll out. The proposed standard is expected to succeed, especially after web founder and W3C director Sir Tim Berners-Lee personally endorsed the measure, arguing that the standard simply reflects modern realities and would allow for greater interoperability and improve online privacy. But EME still faces considerable opposition. One of its most persistent vocal opponents, Cory Doctorow of the Electronic Frontier Foundation, argues that EME "would give corporations the new right to sue people who engaged in legal activity." He is referring to the most recent controversy where the W3C has tried to strike a balance between legitimate security researchers investigating vulnerabilities in digital rights management software, and hackers trying to circumvent content protection. The W3C notes that the EME specification includes sections on security and privacy, but concedes "the lack of consensus to protect security researchers remains an issue." Its proposed solution remains "establishing best practices for responsible vulnerability disclosure." It also notes that issues of accessibility were ruled to be outside the scope of the EME, although there is an entire webpage dedicated to those issues and finding solutions to them.
Good or bad?
Digital rights is an ugly theft of words implying the rights of people, rather than the rights of greed ie digital wrongs. Where is the right to privacy, absent. Where it the right to the truth, absent. Where is the right to freedom from censorship, absent. All that is covered is the digital right to greed and the ability to print money and censor and silence the public, think those digital wrongs tools wont be extended out to mass censorship, how wrong you are.
Chaos - everything, everywhere, everywhen
You said erect...
I will go without Internet if that's what it takes.
Or circumvent, mercilessly.
Are there vendors, browsers or developers who have committed to not adopt this standard?
No DRM has ever been effective in its stated purpose.
Stripping A/V from a stream is trivial.
The best way to circumvent it is to simply make iso files from DVD's and Blurays. It is so trivial APK and Hairyfeet could do it!
LAWL
It doesn't stop shit.
Dumbass
I don't really care if the support is there as long as I'm notified that content is so crippled so I can avoid it.
Can't wait to break this standard.
"Standard" is just a label you give to a proposal. Right now all effort has been focussed on preventing to stick that label on EME. I think that effort could have been spent better.
You can for example make browser vendors adopt only DRM plugins that charge money for each visit, that will drive away all the little websites and makes every website owner think twice before they put their video under EME DRM. Really the worst that can happen now is that every video website on the web starts putting all their video into this EME DRM. This is what the actual war is about.
However, you can't introduce such a payment barrier overnight, as there is still flash. Users must uninstall flash in large numbers, and once browsers don't offer the flash plugin any more, you can make websites pay. So first step, petition people you know to uninstall flash, and all other plugins, maybe uninstall it yourself, and then as second step petition website owners which require flash to drop that requirement. Petitioning while you still have flash enabled may be more comfortable, but it sort of misses the point.
One where sharing is the norm, and restricted content is not allowed in it.
member organizations, who pay an annual fee that varies from $2,250 for the smallest non-profits to $77,000 for larger corporations
Clearly, the W3C created the EME standard to please its "member organizations".
Of course it's proprietary code... that just means we need to make an open project that protects rights on both sides , and just sideline these corrupt bastards
You said 'erect', huhuhuh!
Actually, these days DRM encourages piracy because it gets in the way of legally purchased media.
Let's shoot ourself in the face, before someone else does it. /s
See, logic is simple, that level might even qualify you for a "sir".
It will start for media.
But those pesky users? Right now they can block tracking elements from web pages. They can avoid loading web bugs and advertisements.
We all know that eventually, this DRM will be used against user control of his or her browsing experience.
In this case, because of the method of application, this DRM is bad.
It hijacks YOUR computer because THEY want to control what you do with "their" data. The context that could make DRM fine is if it were in control of the two people on either end of the conversation (so that Alice and Bob can stop Charlie from listening in), but this one has Alice cutting Bob out too because they're "afraid" that Bob might record the conversation.
That just does not work.
But the context of in the HTML standard, when the "DRM" bit isn't actually part of the standard? Fuck no. A train wreck of an idea.
DRM requires you hold more power over my computer or TV or whatever to "enforce" your "rights". You have the right to protect your stuff, but fuck off, you don't get to hold control of my sfuff to do it. Given me a computer that you own, not use mine.
So does this stop simple screen capture software that people have been using for years?
The only thing I pirate any more are PC games, because the DRM on the "legit" versions is unacceptably intrusive and dangerous to system health. SecuROM can die in a fire.
Actually, that's not quite true. I also download rips of films I legally own, because I'll be damned if I'm going to sit through unskippable bullshit when I want to watch a movie - including dire warnings not to pirate the thing I paid for!
I really don't mind paying for stuff, and like supporting creators of cool things, but I don't see why I should be treated like a criminal for doing so when the pirated option is safer and a better customer experience.
it doesn't work.
but makes the ecosystem for browsers a pay-to-play ecosystem.
it's basically just geared towards monopolization for the players that made this standard.
and microsoft has had it's hands in a bunch of drm solutions all of which it has promptly dropped or just decided to ignore on their products. like... you know... if ms made a video+audio drm solution.. ....and didnt use it on their phones while licensing it out with stupid, stupid licensing restrictions say to nokia say something like 12 years ago.. (the stupid licensing restrictions were that to make a multimedia plugin on symbian 7.0s nokias onwards, you had to have developer permissions granted by nokia. one of the excuses nokia used in this pay to play ecosystem of theirs was that you could break drm on shitty ringtones with it that nobody gave a shit about - also you could break the drm on shitty video clips that had already broken drm and had much better quality rips in the wild.
it doesn't work and it can't be open source for the obvious reasons so whats the fucking point - and by it doesn't work I mean it doesnt keep it off the internets - or seriously are they gonig to stop people from hooking up to hdmi ? I SERIOUSLY doubt the viability of any streaming service that does that.
world was created 5 seconds before this post as it is.
This does nothing to keep me from pointing a high-speed, high-resolution camera at my screen.
It also does nothing to stop me from doing a "tear-down" of my high-resolution, HDMI, DRM-compliant monitor and monitoring the electrical signals that make the pixels light up.
Sure, this is awkward and expensive, but I, er, I mean people like me in other countries, only have to do this once (per video) then put the results up on the Interwebs for everyone to download.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
So, it looks like the open Web has a new enemy, and its name is EnEME.
Ask me about repetitive DNA
...Get the EME free version from their FTP site.
A standard is only as good as it is implemented in the wild. W3C can recommend all it wants but if web masters refuse to implement it or adopt it, it is just so much wasted documentation. This will likely result in a huge fragmentation of the web not seen since the AOL, Prodigy days of the past.
errr....umm...*whooosh* *whoosh* Is this thing on ?
Outrageous! There. I said it. Now I'll go back to watch "Suits" on Netflix.
now we need to stop people from recording there desktop.
Quite true; Digital Restrictions Management (contrary to what another poster said, smart people do realize and don't allow the reframing of the language away from how most people experience DRM) doesn't affect those who get their copies stripped of the restrictions as is commonplace amongst those who share. DRM chiefly adversely affects those who participate in the process (whether they spend their own money to do it or are given it gratis).
DRM is the excuse publishers use to justify the ongoing control over one's computer, spying regime modern-day DRM schemes make possible and use, and thus pose genuine risks to everyday computer users. This is not about "balancing" rights as another poster said, this is about copyright holders and their business partners using a mechanism to get more control over your devices, your privacy, and your life than they ought to have. To publishers who claim they wouldn't engage in the process without DRM, I say that's fine but I want to see proof and lots of it; please don't publish without DRM controls you couldn't have a few short years ago (remember that DRM schemes always become more onerous over time and publishers always try to convince the public they can't get by without the higher degree of control). Let your competition distribute their work at whatever price they think they can get DRM-free and do with the reduced competition. The publisher's threat is (taken on the whole) an empty threat and everyone knows it.
Digital Citizen
We just have to fight it by *writing unhappy letters* that don't contain cheques for millions in them to our representatives, they'll totally take care of it!
NOW can we finally accept that none of this is going to get any better until we start burning some of these monsters to the ground?
If you wish to cause the current system of DRM to implode it's actually really easy, you just need to know how to play by their rules. All you need to do is simulate the CDM plugin environment of Microsoft's Edge browser and package it as a single program that can write the output to an unprotected file. It doesn't even have to output an optimized video file, a raw capture will do. They will be contractually obligated to stop using CDMs because they can no longer meet the standard of the "robustness rules".
With any other browser, it would mean only that specific browser would be unable to use CDMs but Microsoft isn't about to be left out of the game they helped fix.
Anons need not reply. Questions end with a question mark.
The only question remaining is whether protected content will be accessible through a general purpose web browser. If not, subscribers will abandon the browser for the app.
The app that has already been integrated into their smartphone, tablet, HDTV, video game console, set top box, etc.
The streaming music service I use has 30 million tracks to explore. It would be very tempting to settle in there to stay. If you want me to have a look at what can be found elsewhere, don't make it anymore difficult than it needs to be.
Why not classify security research as self defense with the best practice procedures as an implication of non-malicious intent? There is the need for a neutral, third party "notification escrow" that would act as a witness, of course, but the established parties like CERTs, MITRE and others might fill that hole.
This mostly seems to be a combination of paranoia and slippery slope fallacies, and for someone who wants to see "proof and lots of it", your own argument is remarkably devoid of any supporting evidence.
I suggest to you that the existence of services like Netflix is beneficial to a great many people, who now get to enjoy more content at lower cost than they otherwise would have. I also suggest that services like Netflix would be much less practical without DRM, since obviously anyone could just sign up for whatever the minimum period is these days, download huge amounts of unprotected content to keep them going for a while, and then immediately cancel their subscription so they don't have to keep paying even though they're still enjoying the content. And finally, I suggest that the average Netflix user doesn't even know what DRM is or "experience" it at all.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Ye'll nevarrrrr stop me ye scurvy dogs!
Is if your endpoint audio/video devices support HDCP and negotiate a connect with the remote server.
Anything less that that (notably relying on the Intel ME, AMD PSP, Arm Trustzone, or other TPM module implementation) allows the possibility of the stream being intercepted while still in digital form.
Even excluding all of those, all that is required *WITH* all this DRM in place to copy it is analog output of the audio to a capture device, and capture of the video stream from a monitor via a camera of sufficient resolution to capture the detail you want in the ripped video. Basically 'camming' like in the movie theater but off your local device.
The irony is all this shit can be ripped right now because of exploitable 'dedicated' devices, such as the TV sticks and roku boxes and such, which are how all the high quality rips ending up on the internet are getting there.
If they were serious about protecting their own intellectual property they would skip these web standards for about 3-5 years and revisit them with the lessons learned from making all those other devices airtight.
In the meantime it is just a violation of my security and my liberty for a bunch of assholes who haven't ever created anything, and who are still rehashing actual creators 'bought' ideas for the nth time (Matrix, Star Wars, etc all) Much like the discussion about patent law, it is about time to revisit copyright law and see about severely curtaining its money and power so it can return to being limited time private property for the good of the *CREATOR* (and not simply producer, publisher overpaid actors and other leechs, as it often is today) and after a sufficient time to recoup their expenses and a tidy profit towards producing a slightly more grandoise venture next time, returning it to the public where it can be built upon like so many other folk tales, tall tales, legends and other cultural works and respun into creations that would either reinspire their own creators or mollify them at how their work was reinterpreted. The more fluid culture is the faster it can grow, expand and refine itself. The current constrictive nature of copyright is only holding back the full potential, especially in regards to helping original creators shake off their own presumptions about what their own works mean.
Could somebody please explain to me how any DRM thingy can ever hope to prevent a dedicated individual from simply recording what is on his screen with another device? Just stick your HDMI cable into a recorder, no? What is this trying to achieve, exactly?
Might makes right irrelevant.
Fun Fact: Everything Netflix streams can be had for free with no effort. With the same or better quality.
Moron
... For the moment.
If I create some original digital content should I not have the right to set the terms of use and distribution?
Nope. You should not.
In the grand scheme of things, what you should have the right to, is to be paid for the act of creation of the content.
(you should get remuneration for your work. not be entitled to use it as a rent)
But for historical reasons, the point at which money got collected was traditionally at the distribution, because back at the time when copyright laws were emerging, duplicating and distributing content was hard (if not the hardest part of the pipeline). And thus it was a happy chance that it could also help finance upstream creation.
But nowadays, once we're out of the dark ages and into the information age, with everything going digital, duplication and distribution is boringly trivial and can't be justified any more. Artists still need to get paid to create (They need to eat, after all), but the point at which the money is collected doesn't make a fucking sense anymore in the modern setting.
(Also note that a few small indie artists are moving out of this business model, and going back to older concepts of patronage. See platforms like Patreon, Tipee, etc.)
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
It's about time we stopped expanding DRM to "Digital Rights Management". I don't need anything to manage my rights, digital or otherwise. I pay for content so I consume it. DRM is all about restrictions - it is Digital Restrictions Management.
So the pirates will need to spend $20 on one of these:
https://smile.amazon.com/ViewH...
The security community strongly objected to the W3C terms when they were proposed, but their concerns have explicitkly beeen discarded. Vendors can now criminalize bug reporting and whistle-blowing. See also http://boingboing.net/2017/03/...
davecb@spamcop.net
[...] so they don't have to keep paying even though they're still enjoying the content.
You lost me. Why should I "keep paying" to "keep enjoying" something?
I buy a book once and re-read it from time to time. If it is any good, that is.
I buy a CD with the expectation I will listen to it over and over, without paying more. Same for music in any other format.
One of my very most favorite old-timey sins! Hubris.
"The DRM is supposed to thwart copyright infringement by stopping people from ripping video and other content from encrypted high-quality streams."
Sounds an awful lot like "The Titanic is Unsinkable" doesn't it?
Weaselmancer
rediculous.
You lost me. Why should I "keep paying" to "keep enjoying" something?
Because that was the deal you agreed to when you signed up. Why did you have to return a video to the rental store instead of keeping it? After all, you paid for it.
Not all commercial agreements involve a permanent sale, and sometimes a different model involving temporary access at a lower price might benefit everyone involved.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
The straight jacket icon is here to remind all of us that as part of the slashdot EULA we are each expected to view all news through the lens of aggressive Marxism.
Preventing theft is just a kind of oppression these bourgeouse impose on us. We have nothing to lose but our chains, comrades!
This is about more than just mooching off movie studios and the people they pay to do their work. It's the principle of not protecting anything you or anyone else cares about.
DRM is the excuse publishers use to justify the ongoing control over one's computer, spying regime modern-day DRM schemes make possible and use, and thus pose genuine risks to everyday computer users. This is not about "balancing" rights as another poster said, this is about copyright holders and their business partners using a mechanism to get more control over your devices, your privacy, and your life than they ought to have.
If you really need the latest rehashed, "reimaged" Hollywood trash then run it in a VM, problem solved.
I want to see proof and lots of it
What proof do you have to back up your statements of them getting control of your life? That sounds like a pretty ominous statement so how about you strip away the hyperbole and give a concrete example of what you mean.
I mean do you really think anybody is going to take you seriously when you say things like that in reference to a piece of software that just enforces end-to-end encryption? Yes I do understand that in theory it could do many things, but that's no different to any piece of proprietary hardware or software, this has been the case for as long as computers have existed and the solution is still the same: If you're worried about it then don't use it or seek out, fund, promote an alternative.
Nonsense. My less-technically-knowledgeable relatives may not be familiar with the acronym, but they certainly notice and complain about...
- not being able to skip ads
- streaming video players freezing, if the network connection is less than perfect
- not being able to watch X video on Y device
That's funny, because we don't seem to see any of those things here. Maybe we're just lucky and Netflix serves our videos without DRM. Or maybe you're just making stuff up. Who knows?
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
From me in 2001 posted to gnu.misc.discuss: https://groups.google.com/d/ms...
I definitely do not want to see a future world of only proprietary ...
intellectual property where basically everything I want to do requires
agreeing to endless licenses and royalty payments, such as described in
"right-to-read". My wife and I released a six person-year effort under
the GPL (a garden simulator application) around 1997
so I am obviously sympathetic to encouraging free sharing of some
information and allowing derived works of some things.
However, on a practical basis, living in our society as it is right now,
any software developer is going to handle lots of packets of information
from emails to applications to program modules under a variety of
explicit or implied licenses. If a developer is going to do this in a
way that makes his or her work most useful to the community (under the
terms he or she so chooses), proper attention must be given to the
licensing status of all works received and distributed, especially those
that form the basis for new derived works to be distributed. Note that
even in the case of purely GPL'd works, one still needs to know that a
user contributing an extension to a GPL'd work was the original author
and/or he or she has permission to distribute the patch (if say an
employer owns all the contributor's work).
My question is: should software tools, protocols, and standards play a ... ... Usually license management tools (e.g. for music or DVDs) are thought of
role in easing this required "due diligence"
license management work (at least as far as copyright alone is
concerned)?
as keeping the end user from doing something they might wish to with
content they have paid for. Does it make sense as well to look at
license management tools from the perspective of allowing
(non-technical, non-lawyer) casual users to do things they otherwise
might not be legally sure they can do? Similarly, would such tools help
someone filter out proprietary content with licenses he or she does not
approve of (and would this provide incentives for artists to release
free versions if they want to reach people through those filters)? And
most of all, would such tools allow creative people to be more certain
that they could legally use certain freely licensed materials found on
the internet in making derived works? Would this provide a legitimate
defense of due diligence to minimize copyright infringement suit costs
(or reduce related liability insurance costs)?
For example, when you get an email it could come with a machine-readable
license (e.g. "redistribution OK in entirety", "for your eyes only",
"open content", "GPL"). Likewise, what if every file or zip archive came
with a specific machine-readable license? In effect, this would make the
license a fundamental part of the work.
In part, you may think, perhaps correctly, this it the "right-to-read" ...
nightmare. Such information could be used to prevent you from making
copies of things you might want to copy (legally or not) under some
notion of "fair use"
if the system enforced the license by preventing say you forwarding or
quoting an email that comes in with a license of "for your eyes only" or
with no explicit license at all. Perhaps the feeling that copy
protection systems will prevent fair use underlies much of the
resistance to such automation. It is not my point in this note to
advocate either for or against the enforcement of licenses by the end
user's system. Obviously though, enforcement would certainly be made
easier by machine-readable licenses, and this is a problematical issue
as far as "fair use" is concerned.
On the other hand, license management tools might force everyone to be
explicit about licenses for thing
A 21st century issue: the irony of technologies of abundance in the hands of those still thinking in terms of scarcity.
It doesn't stop anything except for the poor fools that paid money. It often stops them from watching it.