Tim Berners-Lee Approves Web DRM, But W3C Members Have Two Weeks To Appeal

Reader Atticus Rex writes: A high controversial Web standard has received a seal of approval from Tim Berners-Lee, the inventor of the Web and its chief technical decision-maker. Opponents like the Free Software Foundation and Electronic Frontier Foundation say that the standard, Encrypted Media Extensions, is a step backwards for freedom, privacy, and a host of other rights on the Web.

There's still a two-week window in which members of the W3C can appeal the decision, and the Free Software Foundation is asking people to email and encourage them to do so. Update: The W3C has announced that it would publish its DRM standard with no protections and no compromises at all.

Who died and appointed TBL God?

[mellon]

Why is it just up to Tim Berners-Lee to decide yes or no on this?

Re: Who died and appointed TBL God?

Take a look at the "members", the fees it takes to gain "membership" and the complete lack of input from the community. Only corporations get a seat at W3C. Those that aren't corps are funded by one of the existing members, so the distinction is meaningless. Standards bodies can be, and are, corrupted by the profit motive.

This is the time to start pushing a better, more secure technology that corps cannot twist to squeeze money out of.

Gopher is a legitimate contender, but lacks a security layer. If we put together an RFC to add TLS or OpenPGP or some other security to gopher, it can completely replace the Web for everything except Javascript, which was never part of HTTP to begin with.

Gopher servers and clients are both simple to make and simple to debug. They just require more thought to be put into file organization.

Everything else should be native code instead of pushing the complexity into the browser.

Created the Web and yet still blind

This will destroy the openness of the Web if allowed to stay. The last hope will be with browser makers: no standard gets supported if code isn't written. This is corporate capture of the Web. Personally, I'm done with the Web. The layers of JS, security vulnerabilities out the wazoo, malvertising, and endless seas of "you must register (so we can track you) to proceed" walls make the Web a joke.

Smart people will move to other protocols that aren't so profit-driven or privacy-destroying.

Re:Easy

Good or bad, all DRM is still technically broken since you receive the encrypted data along with the decryption keys. Sending encrypted data to a browser without the keys is just as ridicules.
The whole standard is based around the browser promising to the server that it will decrypt the data and show it to the user, without making the decrypted data or the (encrypted data with the keys) available to the user in any other way.
- The browser is code that runs on the hardware owned by the user, and can't be trusted to tell the truth. Advertising has made users switch to browsers that can ignore what the webserver wants, and do what the user wants instead. Once this new DRM is used for advertising (and you know it will) browsers have a legitimate reason to ignore what the webserver or the standard tell it to do.
- The browser has no control over the encrypted data and keys, and the decryption code must run on the hardware that is owned by the client, so the user can copy and decrypt the data without the browser even knowing about this.
- The browser has no way of knowing that the decrypted data send to the OS video or audio drivers isn't copied by the operating system or its drivers. It only takes one person with an open source OS, and that in a world where almost everything runs on Linux.
- Analogue hole: putting a camera in front of the screen and feeding the audio into a tapedeck will result in a quality that is way better than a recording made in a cinema, and most people are only interested in an 800 MB video and youtube audio-quality. Many devices also have digital outputs for audio and video, so a digital copy can be made too with the right equipment.
- once a copy has been made, it can be shared with everyone, modified browsers can be shared with everyone and modified drivers can be shared with everyone running an open source operating system. Maybe we will see a lot more dual-booting in the future.