The EME spec isn't that long, and the introduction has a nice diagram. Go check it out.
The W3C spec does not put "DRM in browsers." It allows browsers to use "decryption modules" that already exist elsewhere, like in the OS platform. There are APIs to determine what sorts of "decryption modules" are available and to use them to decrypt media.
If we're going to transition to a plug-in free web then we need HTML5 video to support these extensions. Sure, it'd be nice if the big media companies stopped insisting on using encryption to distribute their videos. But that's not likely to happen anytime soon. Premium video on the web requires either plug-ins or EME. I think most of us would pick premium web video + EME, rather than premium web video + plug-ins, or (perish the thought) no premium video on the web at all.
BTW, open source browsers can easily implement this spec since it doesn't require the browser to implement a "decryption module" themselves. Also, there is a mode called "clear key" that can be used if the underlying platform doesn't have any "decryption module" available.
Disclosure: I work at Netflix on streaming video in browsers.
> If we're going to transition to a plug-in free web then we need HTML5 video to support these extensions.
The first part does not imply the second. I know there are legal/licensing reasons for encryption but technology that is going to run the world of tomorrow should not be encumbered because of contractual obligations of today. I fail to see the technical reason why encryption is necessary for Netflix. HTML5 is a technical spec. It does not need to be riddled with extensions to fulfill business needs.
I can't view a stream if I'm not a paying member logged in to the website or XBox/Roku/AppleTV device. Once I am able to view the stream, encryption or not, I can record it through a number of hardware/software mechanisms if I am technically savvy. If I'm not technically savvy, I can't record it regardless of encryption. If I can somehow access the stream without logging in, say the files are stored on CDN and available to everyone over HTTP(S), then you should work on preventing that.
W3C/HTML5 are designing specs for the long haul. I am pretty sure I will be writing web apps in a decade too, like I did a decade ago. iTunes no longer has DRM'ed audio. Who knows, in a decade, Hollywood will give up DRM too, with pressure from Netflix, Apple, Amazon, and Google. But if engineers at these very companies that should be pushing for open-web, insist on burdening the spec to cope with DRM, I doubt we'll ever see that future.
What makes you think it's over the top? We have a public-interest organization pushing DRM, a technology that is decidedly against the public interest.
I'm surprised that this is upvoted to the top of the thread, when you haven't done anything except say "this is over the top" and given us a link that explains what DRM is---as if the DRM's detractors don't already know what it is or how it works.
> Sure, it'd be nice if the big media companies stopped insisting on using encryption to distribute their videos. But that's not likely to happen anytime soon.
That's only true because technologists continue to lie to media companies, telling them that DRM is feasible and not harmful to their interests (even though, in addition to being against the public interest, it tends to cause monopolization of their distribution chains---just ask the music industry happened with iTunes).
Look, these media companies are looking to us for advice; We're doing both them an ourselves a disservice by continuing to sell them DRM snake oil.
Content decryption modules are plugins by another name. The spec gives no guarantee that a given CDM can be interoperable with all browsers (being a binary it can possible arbitrarily reject to operate with a given browser), Operating system (because it's a binary) or that all browser functions and accessibility features will work with them (CDMs could completely bypass the browser's rendering pipeline and overlay the content using protected paths).
The proposal is a step back for the openness and interoperability of the Web. Substituting plugins with binary CDMs is not progress and I doubt any kind of popular content which rights are held by the big copyright giants will be compatible with clearkey.
I foresee that GNU/Linux users will be shafted and will not be able to access DRM'ed content and the proposal is toxic towards the Web.
Do you think EME is actually going to prevent Netflix shows from showing up on thepiratebay?
I don't think it has any chance - DRM on PCs is always pretty quickly bypassed - which is why it frustrates me so: it will likely end up preventing Linux users from accessing content legitimately, or Mac users from AirPlaying content to their TVs, with no actual benefit against piracy. At least where it pertains to high value content, it is little but a lie mutually agreed upon with rightsholders. :(
> BTW, open source browsers can easily implement this spec since it doesn't require the browser to implement a "decryption module" themselves.
Does this mean, that the 'decryption module' is necessary closed source?
And from the spec:
>4.1
"Secure proof of key release must necessarily involve the CDM due to the relative ease with which scripts may be modified. The CDM must provide a message asserting, in a CDM-specific form, that a specific key or license has been destroyed. Such messages must be cached in the CDM until acknowledgement of their delivery to the service has been received. This acknowledgement must also be in the form of a CDM-specific message. "
Perhaps I misread, but the datastream is relayed from the browser to the CDM ( and the browser loads and potentially modifies the CDM), so how does the standard ensure that the proof of destruction is actually a message from the CDM and not from the browser?
>9.1
"Everything from user-generated content to be shared with family (user is not an adversary) to online radio to feature-length movies."
Does this imply that from the standpoint of the proposal the user is an adversary, unless specifically noted?
Thanks. I read the spec and saw this regarding open source browsers:
"9.5. Can I ensure the content key is protected without working with a content protection provider?
"No. Protecting the content key would require that the browser's media stack have some secret that cannot easily be obtained. This is the type of thing DRM solutions provide. [...] In addition, it is not something that fully open source browsers could natively support."
So in this scenario, what is the “decryption module” likely to be? Software you download? Software that comes with the OS? Hardware baked into the chip or motherboard?
What would prevent determined users from reading, and publishing, any “secret” keys used by such a decryption module? I'm assuming the answer is nothing, since this seems to have happened with every DRM scheme that has been tried.
3. DRM goes against the principles of the open Web which W3C is supposed to promote.
Given the above, it's not the business of W3C to promote DRM on the Web let alone to standardize it. Quite on the contrary, W3C should prevent DRM proliferation. And it's simply dumb to standardize the dying trends. Why doesn't someone propose to make Flash a Web standard for example? It's still widely used, but it's a dying trend for the Web.
> The W3C spec does not put "DRM in browsers." It allows browsers to use "decryption modules" that already exist elsewhere, like in the OS platform. There are APIs to determine what sorts of "decryption modules" are available and to use them to decrypt media.
See the W3C mail list. It is about putting DRM in the browsers. The language was watered down on purpose, but it doesn't change the reality.
The bottom line - those who think they need DRM - let them stick with what they have. Those who want to move to open web - don't need plugins and don't need DRM either.
Will EMEs be a new attack surface for security exploits? Who will be creating them and will we be able to rely on them to fix bugs responsibly and in a timely manner?
First you have to understand that not all of the content broadcast on the BBC is created by the BBC. They carry programs made by independent, limited, for-profit studios. They also regularly carry movies. All of which they put up on their iPlayer service.
While there is an argument that programs produced by the BBC should be DRM free, there is no way larger, and independent studios would allow their content uploaded DRM free.
Personally, I want the BBC (and other sites) to be able to use technology like HTML5 video, because I don't like flash, and it's unlikely the studios are going to suddenly decide their OK with DRM free video, I'm not necessarily /for/ DRM in HTML5, but I don't see any other way around it for now.
While you can argue all you want about how DRM is useless and easily broken, as yet no-one has managed to convince big TV and movie (and even game) studios of that. The BBC is just doing what it feels it needs to in order to be able to deliver video using the latest technology, while keeping it's partners happy.
I think everyone understands why these companies (including BBC) are pushing for DRM. That doesn't mean it's not evil.
The larger issue here, expressed quite well by Doctorow, is that this push requires converting the web into a closed platform. It's clear why entertainment companies want to turn the internet into something that can only be consumed by, say, the Apple app store.
That's also the reason why this will never fly. Even if/when the W3C gave in to these demands, browser makers other than Apple and Microsoft would never stand for it. And even if they did somehow, it would be trivial for the open source community to release one without those features.
I'm not saying the outrage is entirely misplaced, because it's important to keep an eye out for what those companies have planned for our future. But as far as the fear of actual threat is concerned this should not alarm anybody.
My argument, and I sent this too them when they were doing a consultation a while ago, is that they shouldn't be buying content that they can't use for public service purposes. We have many good sources of movies in the UK, and many of them are "free" at the point of use (ie advert funded). Let them show Madagascar, and while they do that the BBC can run some other program. They should remove themselves from the content purchasing market if the terms are too restrictive to allow them to meet their public remit. We don't /need/ these films on the BBC. They could run some of the content they're currently relegating the digital ghettos of BBC3 and BBC4 instead.
It is not at all the case that every film they show that they do not make is on iplayer. Most films are not. Most the content they make is on iplayer, but not all content they don't make. Not all content is even available in the live streams, eg sport which has other rights.
I would be happy for only BBC-commissioned content to be available without DRM and the rest to be not available or use plugins. Or indeed I would be happy for the BBC to not broadcast the output of Hollywood etc which is easily available elsewhere commercially eg on Netflix or Sky. I do not think that showing "Madagascar" is really a public service...
But would all browsers and services use the same HTML5 DRM scheme, or would they be incompatible with each other, and then you'd need someone to make a plugin with "all-in-one" HTML5 DRM schemes? Because if they aren't compatible then that defeats the point of doing this in HTML5.
I hate DRM too, and yet I love watching Netflix streaming. The fact is, if it's trivial to clone data to the point that regular users can do it (Napster, etc), the business model for online rental vanishes. The fact that DRM is always defeatable through hacks and analog loopholes doesn't matter: it just has to be good enough to deter the vast majority of users.
I believe we need comprehensive IP reform across the board, including strong consumer protections and freedoms for "owned" content. But if the vendors are using DRM anyway (and they are), I'd rather they do so in a standards-based, interoperable way.
"The fact is, if it's trivial to clone data to the point that regular users can do it (Napster, etc), the business model for online rental vanishes."
Yes, and if it is trivial to send photos without first developing them, the business model for Kodak will vanish! Why, if it were trivial for people to move a carriage from point A to point B, the business model for buggy whip makers might vanish!
Why should we be concerned about obsolete business models failing? Why should we be concerned about inherently bad business models, like "renting" bits, vanishing?
We need to eliminate anti-circumvention laws as a first step, and then start talking about the possibility of completely upending the copyright system and replacing it with something that makes sense now that we have the Internet.
> The fact is, if it's trivial to clone data to the point that regular users can do it (Napster, etc)
It's already trivial for regular users to download pirated data, even if only experts can get around the DRM to copy and release it[0] in the first place.
Case in point: House of Cards. Fully, freely and easily available to Joe The Pirate Next Door Schmoe, now that some nerd (TRIC? BTN? ASAP? Immerse?) has gotten around Netflix's DRM.
I think Netflix proves the opposite point: If it's easy enough to pay for content, people will do it.
There is nothing on Netflix I couldn't get via less legitimate means. And these days even technophobes know enough to type "downton abbey torrent" into Google. But they use Netflix because part of that $8/month goes to making it much easier, and a better viewing experience.
Netflix having DRM doesn't help Netflix or the users one whit. It just increases costs and reduces adoption among those who favor non-targeted platforms. It's just a pacifier for a small number of corporate executives.
>The fact is, if it's trivial to clone data to the point that regular users can do it (Napster, etc), the business model for online rental vanishes.
But it already is more trivial than Napster, so if that's your bar, the business model for online rentals and digital sales would already have vanished. And yet Netflix and iTunes seem to be doing OK.
IMHO the problem is that the technology DRM is being conflated withe the politics and legalities of DRM circumvention.
I have no problem with companies selling DRM protected content. They can sell their property on whatever terms they like. It's theirs to sell, after all, and my right and responsibility to choose whether to buy it or not.
I do have a problem with the criminalisation of DRM circumvention, which reaches perhaps it's ultimate banality in the criminalisation of unlocking your own phone (which requires the cracking of DRM protected firmware). That's ridiculous and wrong.
So I understand the BBC needs DRM to meet it's contractual and legal obligations, while being against the DRM lobby that is behind the most egregious DRM maximalist policies. some might call it a fine line, but I think it's there.
I used to work for one of these companies in exactly such a role. Initially my mission in standardization bodies was to look after consumer rights, but it changed to accommodation of IPR patents in the DRM field.
There is a group of about 200 professionals in the DRM field, mostly former engineers (that have little grasp outside their expertise) and lawyers that work for companies with significant patent portfolios in the space. They are mostly the same crew, having worked on technologies such as SDMI, OMA-DRM, MPEG-DRM, DVB-CPT frameworks and others - technologies that never saw the light of day over the course of 15 years. I always saw it as a travelling circus - people moving from city to city and continent to continent. They work in a symbiosis with technology people from the entertainment industries, who are also part of the circus.
What's important to note is that these people have big named companies on their business cards, but mostly have little involvement into day-to-day business and any products. They frankly just try to keep themselves important and thus employed.
Until you give the people in the wandering circus a new assignment, they will always need to find new targets for their technology.
I think that is the true reason underneath many of these DRM accomodation efforts into standardization bodies.
This is less to do with the "public" internet as accessed from mobile/desktop browsers; it's about enabling the next-generation of HTML5 based interactive TVs and STBs to interoperate with already deployed DRM and encryption platforms, such as TDT premium in Spain, Top-up TV in the UK, and various CI+ based cable operators across Europe.
The DRM is already out there, HTML boxes are already out there, some sort of API is going to happen (even if not through the W3C then through some organisation like HbbTV or OIPF) and if the BBC sticks its fingers in its ears and ignores this then it risks being stuck with an objectively worse API that its luckless developers will end up bashing their heads against at some point in the future.
How exactly would DRM for HTML5 work? Couldn't I just fork Chronimum or Firefox and make the browser save the video content in a file rather than showing it?
I think it's more that you'd move the technology out a level - take the same fantasy-ware which is currently in Flash or Silverlight and allow IE or Safari to call it directly. The OSS versions presumably wouldn't get this and would be unable to play such content. Imagine <video> started accepting QuickTime or Windows Media content and passing it directly to the OS framework for decoding & rights control.
I'm in favor of the idea: if we are to have DRM – and there's no sign of the legal sea-change necessary to change that – it might as well be something which doesn't spread a binary plugin with a huge attack surface around much of the web.
Let me preface this by saying that I am not in favor of DRM. However, from the perspective of working inside a media company, I can say with certainty that without some way of "protecting" the media stream, media companies will continue to use flash exclusively for distributing content.
Yes, of course you clever folk can find a way around any kind of blockage. That is not the point. It is security theater. It is the media equivalent of asking you to take off your shoes and put them through the x-ray. It does nothing to protect us from any kind of danger, but it is necessary to assuage the fears of powerful people with irrational beliefs.
Because, a media company is licensing content from all kinds of different sources. All those sources have to agree that they do not want or need any special protection. It won't do us technologists any good to petulantly insist that they distribute their IP with no DRM. It must be voluntary, and we should direct our efforts to figuring out how get their willing consent. That is, the CONTENT owners. Not the distributors, like the BBC, who have to make the content owners happy or they simply don't get the content.
So yes, Trunnel is correct. We need this, or some other equally compelling theater. The alternatives are that we continue to use flash, and iOS apps, or we get no content at all, from the content owners that need the theater to be happy.
Personally, I'm ok with the simple DRM scheme, where javascript can pass a decryption key into the video tag. Throw in a few extra features, like a header at the start of the file telling the browser to only play the video file on supported domains (to prevent websites that steal by embedding) and disable saving the move to disk.
To the content companies, it will be a lot better than nothing. It gives the same level of protection against casual copying as the more complex scheme, and absolutely every browser can support it.
The more complex scheme is an absolute nightmare, essentially bringing us back to the proprietary plugins (like flash) we have worked so hard to get away from.
And it won't even work, there is no way they can stop proficient users from ripping the streams. This scheme will be cracked in a few weeks after it is released.
That's a condition of selling on the Amazon platform. Doctorow also makes his most of his books available on his site, for free even, under a Creative Commons license in basically every format imaginable, eg: http://craphound.com/down/download.php
We need a standard for DRM for Netflix, Hulu, etc. Otherwise they will forever use Flash or Silverlight. How can anyone argue against it? Content providers must protect their content from being stolen. Do you want to make an app and everyone steals it and doesn't pay for it? Probably not.
I've got a standard for DRM: don't use it. It's easy, cheap and doesn't require any laws or draconian software requirements on end users. I've been using this DRM standard for decades, and yet the people who make the software I use and the music and movies I enjoy are still rolling in dough!
Do you want to make an app and everyone steals it and doesn't pay for it?
You can't steal an app, but you can copy and distribute my software all you want. Some of us actually work with business models that don't rely on legal privileges and broken "protection" schemes.
I would like to know how they plan to get Firefox and Chrome to support that. As free software, adding such functionality would be moot, as it can be trivially by-passed.
Or do they want to ignore about 80% of Internet users?
I can see the future: a BBC iPlayer which only supports a few specific web browsers. And the masses will happily "upgrade". All PC manufacturers will ship browsers that support DRM out of the box. (The users want their software to Just Work, after all).
High-definition digital video gets broadcast over the air in the clear all the time.
Content owners tried to get DRM (the broadcast flag) into over-the-air broadcasts, saying that that was the only way they would allow digital broadcasts. The broadcast flag failed, content owners caved, and now they're broadcasting everything in the clear.
The HTML5 encrypted media extensions are another iteration of the same thing. If we stand up to the content owners, they'll cave again, just like they did last time.
I would like to put aside the fact about DRM and how I do not agree with what it represents. What upsets me here, is the article it self. It is very sloppy, no thought in it, no details. Basically worth of a tweet. I would really enjoy if people would put more time and work into what they are publishing.
I would never you a browser that had a "Sorry, cannot perform that operation now" dialog box (as many DVD players do to keep you from skipping pre-roll advertising.
[+] [-] trunnell|13 years ago|reply
Let's start with the facts. Here's the spec. It's called Encrypted Media Extensions (EME).
https://dvcs.w3.org/hg/html-media/raw-file/tip/encrypted-med...
The EME spec isn't that long, and the introduction has a nice diagram. Go check it out.
The W3C spec does not put "DRM in browsers." It allows browsers to use "decryption modules" that already exist elsewhere, like in the OS platform. There are APIs to determine what sorts of "decryption modules" are available and to use them to decrypt media.
If we're going to transition to a plug-in free web then we need HTML5 video to support these extensions. Sure, it'd be nice if the big media companies stopped insisting on using encryption to distribute their videos. But that's not likely to happen anytime soon. Premium video on the web requires either plug-ins or EME. I think most of us would pick premium web video + EME, rather than premium web video + plug-ins, or (perish the thought) no premium video on the web at all.
BTW, open source browsers can easily implement this spec since it doesn't require the browser to implement a "decryption module" themselves. Also, there is a mode called "clear key" that can be used if the underlying platform doesn't have any "decryption module" available.
Disclosure: I work at Netflix on streaming video in browsers.
[+] [-] chime|13 years ago|reply
The first part does not imply the second. I know there are legal/licensing reasons for encryption but technology that is going to run the world of tomorrow should not be encumbered because of contractual obligations of today. I fail to see the technical reason why encryption is necessary for Netflix. HTML5 is a technical spec. It does not need to be riddled with extensions to fulfill business needs.
I can't view a stream if I'm not a paying member logged in to the website or XBox/Roku/AppleTV device. Once I am able to view the stream, encryption or not, I can record it through a number of hardware/software mechanisms if I am technically savvy. If I'm not technically savvy, I can't record it regardless of encryption. If I can somehow access the stream without logging in, say the files are stored on CDN and available to everyone over HTTP(S), then you should work on preventing that.
W3C/HTML5 are designing specs for the long haul. I am pretty sure I will be writing web apps in a decade too, like I did a decade ago. iTunes no longer has DRM'ed audio. Who knows, in a decade, Hollywood will give up DRM too, with pressure from Netflix, Apple, Amazon, and Google. But if engineers at these very companies that should be pushing for open-web, insist on burdening the spec to cope with DRM, I doubt we'll ever see that future.
[+] [-] dlitz|13 years ago|reply
What makes you think it's over the top? We have a public-interest organization pushing DRM, a technology that is decidedly against the public interest.
I'm surprised that this is upvoted to the top of the thread, when you haven't done anything except say "this is over the top" and given us a link that explains what DRM is---as if the DRM's detractors don't already know what it is or how it works.
> Sure, it'd be nice if the big media companies stopped insisting on using encryption to distribute their videos. But that's not likely to happen anytime soon.
That's only true because technologists continue to lie to media companies, telling them that DRM is feasible and not harmful to their interests (even though, in addition to being against the public interest, it tends to cause monopolization of their distribution chains---just ask the music industry happened with iTunes).
Look, these media companies are looking to us for advice; We're doing both them an ourselves a disservice by continuing to sell them DRM snake oil.
[+] [-] ferongr|13 years ago|reply
The proposal is a step back for the openness and interoperability of the Web. Substituting plugins with binary CDMs is not progress and I doubt any kind of popular content which rights are held by the big copyright giants will be compatible with clearkey.
I foresee that GNU/Linux users will be shafted and will not be able to access DRM'ed content and the proposal is toxic towards the Web.
[+] [-] comex|13 years ago|reply
Do you think EME is actually going to prevent Netflix shows from showing up on thepiratebay?
I don't think it has any chance - DRM on PCs is always pretty quickly bypassed - which is why it frustrates me so: it will likely end up preventing Linux users from accessing content legitimately, or Mac users from AirPlaying content to their TVs, with no actual benefit against piracy. At least where it pertains to high value content, it is little but a lie mutually agreed upon with rightsholders. :(
[+] [-] yk|13 years ago|reply
> BTW, open source browsers can easily implement this spec since it doesn't require the browser to implement a "decryption module" themselves.
Does this mean, that the 'decryption module' is necessary closed source?
And from the spec:
>4.1 "Secure proof of key release must necessarily involve the CDM due to the relative ease with which scripts may be modified. The CDM must provide a message asserting, in a CDM-specific form, that a specific key or license has been destroyed. Such messages must be cached in the CDM until acknowledgement of their delivery to the service has been received. This acknowledgement must also be in the form of a CDM-specific message. "
Perhaps I misread, but the datastream is relayed from the browser to the CDM ( and the browser loads and potentially modifies the CDM), so how does the standard ensure that the proof of destruction is actually a message from the CDM and not from the browser?
>9.1 "Everything from user-generated content to be shared with family (user is not an adversary) to online radio to feature-length movies."
Does this imply that from the standpoint of the proposal the user is an adversary, unless specifically noted?
[+] [-] logn|13 years ago|reply
"9.5. Can I ensure the content key is protected without working with a content protection provider?
"No. Protecting the content key would require that the browser's media stack have some secret that cannot easily be obtained. This is the type of thing DRM solutions provide. [...] In addition, it is not something that fully open source browsers could natively support."
[+] [-] Gormo|13 years ago|reply
So, a plugin-free web that requires plugins?
[+] [-] charlieok|13 years ago|reply
What would prevent determined users from reading, and publishing, any “secret” keys used by such a decryption module? I'm assuming the answer is nothing, since this seems to have happened with every DRM scheme that has been tried.
[+] [-] shmerl|13 years ago|reply
2. DRM is a dying trend.
3. DRM goes against the principles of the open Web which W3C is supposed to promote.
Given the above, it's not the business of W3C to promote DRM on the Web let alone to standardize it. Quite on the contrary, W3C should prevent DRM proliferation. And it's simply dumb to standardize the dying trends. Why doesn't someone propose to make Flash a Web standard for example? It's still widely used, but it's a dying trend for the Web.
> The W3C spec does not put "DRM in browsers." It allows browsers to use "decryption modules" that already exist elsewhere, like in the OS platform. There are APIs to determine what sorts of "decryption modules" are available and to use them to decrypt media.
See the W3C mail list. It is about putting DRM in the browsers. The language was watered down on purpose, but it doesn't change the reality.
The bottom line - those who think they need DRM - let them stick with what they have. Those who want to move to open web - don't need plugins and don't need DRM either.
[+] [-] duaneb|13 years ago|reply
[+] [-] Flenser|13 years ago|reply
[+] [-] shmerl|13 years ago|reply
[+] [-] samarudge|13 years ago|reply
As an example, you can currently watch Madagascar, in full, for free on BBC iPlayer (http://www.bbc.co.uk/iplayer/episode/b00gd77z/Madagascar/).
While there is an argument that programs produced by the BBC should be DRM free, there is no way larger, and independent studios would allow their content uploaded DRM free.
Personally, I want the BBC (and other sites) to be able to use technology like HTML5 video, because I don't like flash, and it's unlikely the studios are going to suddenly decide their OK with DRM free video, I'm not necessarily /for/ DRM in HTML5, but I don't see any other way around it for now.
While you can argue all you want about how DRM is useless and easily broken, as yet no-one has managed to convince big TV and movie (and even game) studios of that. The BBC is just doing what it feels it needs to in order to be able to deliver video using the latest technology, while keeping it's partners happy.
[+] [-] Udo|13 years ago|reply
The larger issue here, expressed quite well by Doctorow, is that this push requires converting the web into a closed platform. It's clear why entertainment companies want to turn the internet into something that can only be consumed by, say, the Apple app store.
That's also the reason why this will never fly. Even if/when the W3C gave in to these demands, browser makers other than Apple and Microsoft would never stand for it. And even if they did somehow, it would be trivial for the open source community to release one without those features.
I'm not saying the outrage is entirely misplaced, because it's important to keep an eye out for what those companies have planned for our future. But as far as the fear of actual threat is concerned this should not alarm anybody.
[+] [-] samworm|13 years ago|reply
[+] [-] betterunix|13 years ago|reply
Then I guess they do not get to have it on the BBC website. You know, assuming the BBC sticks to its guns, which they apparently have not.
[+] [-] justincormack|13 years ago|reply
I would be happy for only BBC-commissioned content to be available without DRM and the rest to be not available or use plugins. Or indeed I would be happy for the BBC to not broadcast the output of Hollywood etc which is easily available elsewhere commercially eg on Netflix or Sky. I do not think that showing "Madagascar" is really a public service...
[+] [-] pbhjpbhj|13 years ago|reply
Not if you're a license fee payer or a UK tax-payer. You already paid to watch it.
[+] [-] mtgx|13 years ago|reply
[+] [-] lukifer|13 years ago|reply
I believe we need comprehensive IP reform across the board, including strong consumer protections and freedoms for "owned" content. But if the vendors are using DRM anyway (and they are), I'd rather they do so in a standards-based, interoperable way.
[+] [-] betterunix|13 years ago|reply
Yes, and if it is trivial to send photos without first developing them, the business model for Kodak will vanish! Why, if it were trivial for people to move a carriage from point A to point B, the business model for buggy whip makers might vanish!
Why should we be concerned about obsolete business models failing? Why should we be concerned about inherently bad business models, like "renting" bits, vanishing?
We need to eliminate anti-circumvention laws as a first step, and then start talking about the possibility of completely upending the copyright system and replacing it with something that makes sense now that we have the Internet.
[+] [-] Benferhat|13 years ago|reply
It's already trivial for regular users to download pirated data, even if only experts can get around the DRM to copy and release it[0] in the first place.
Case in point: House of Cards. Fully, freely and easily available to Joe The Pirate Next Door Schmoe, now that some nerd (TRIC? BTN? ASAP? Immerse?) has gotten around Netflix's DRM.
[0] https://en.wikipedia.org/wiki/Warez_scene#Release_procedure
[+] [-] wpietri|13 years ago|reply
There is nothing on Netflix I couldn't get via less legitimate means. And these days even technophobes know enough to type "downton abbey torrent" into Google. But they use Netflix because part of that $8/month goes to making it much easier, and a better viewing experience.
Netflix having DRM doesn't help Netflix or the users one whit. It just increases costs and reduces adoption among those who favor non-targeted platforms. It's just a pacifier for a small number of corporate executives.
[+] [-] mistercow|13 years ago|reply
But it already is more trivial than Napster, so if that's your bar, the business model for online rentals and digital sales would already have vanished. And yet Netflix and iTunes seem to be doing OK.
[+] [-] venomsnake|13 years ago|reply
[+] [-] simonh|13 years ago|reply
I have no problem with companies selling DRM protected content. They can sell their property on whatever terms they like. It's theirs to sell, after all, and my right and responsibility to choose whether to buy it or not.
I do have a problem with the criminalisation of DRM circumvention, which reaches perhaps it's ultimate banality in the criminalisation of unlocking your own phone (which requires the cracking of DRM protected firmware). That's ridiculous and wrong.
So I understand the BBC needs DRM to meet it's contractual and legal obligations, while being against the DRM lobby that is behind the most egregious DRM maximalist policies. some might call it a fine line, but I think it's there.
[+] [-] julianpye|13 years ago|reply
[+] [-] npsimons|13 years ago|reply
[+] [-] ldite|13 years ago|reply
The DRM is already out there, HTML boxes are already out there, some sort of API is going to happen (even if not through the W3C then through some organisation like HbbTV or OIPF) and if the BBC sticks its fingers in its ears and ignores this then it risks being stuck with an objectively worse API that its luckless developers will end up bashing their heads against at some point in the future.
(Incidentally, this is the thread from the last time this came up; https://news.ycombinator.com/item?id=3620432 )
[+] [-] Drakim|13 years ago|reply
[+] [-] acdha|13 years ago|reply
I'm in favor of the idea: if we are to have DRM – and there's no sign of the legal sea-change necessary to change that – it might as well be something which doesn't spread a binary plugin with a huge attack surface around much of the web.
[+] [-] TheZenPsycho|13 years ago|reply
Yes, of course you clever folk can find a way around any kind of blockage. That is not the point. It is security theater. It is the media equivalent of asking you to take off your shoes and put them through the x-ray. It does nothing to protect us from any kind of danger, but it is necessary to assuage the fears of powerful people with irrational beliefs.
Because, a media company is licensing content from all kinds of different sources. All those sources have to agree that they do not want or need any special protection. It won't do us technologists any good to petulantly insist that they distribute their IP with no DRM. It must be voluntary, and we should direct our efforts to figuring out how get their willing consent. That is, the CONTENT owners. Not the distributors, like the BBC, who have to make the content owners happy or they simply don't get the content.
So yes, Trunnel is correct. We need this, or some other equally compelling theater. The alternatives are that we continue to use flash, and iOS apps, or we get no content at all, from the content owners that need the theater to be happy.
[+] [-] phire|13 years ago|reply
To the content companies, it will be a lot better than nothing. It gives the same level of protection against casual copying as the more complex scheme, and absolutely every browser can support it.
The more complex scheme is an absolute nightmare, essentially bringing us back to the proprietary plugins (like flash) we have worked so hard to get away from. And it won't even work, there is no way they can stop proficient users from ripping the streams. This scheme will be cracked in a few weeks after it is released.
[+] [-] danbmil99|13 years ago|reply
http://www.amazon.com/Homeland-ebook/dp/B00AEC8O2K
If he's so hot on this issue, why is he selling his creativity with DRM, thereby hurting open standards which don't support it?
[+] [-] alecperkins|13 years ago|reply
[+] [-] spo81rty|13 years ago|reply
[+] [-] npsimons|13 years ago|reply
[+] [-] icebraining|13 years ago|reply
You can't steal an app, but you can copy and distribute my software all you want. Some of us actually work with business models that don't rely on legal privileges and broken "protection" schemes.
[+] [-] cmircea|13 years ago|reply
Or do they want to ignore about 80% of Internet users?
[+] [-] samkline|13 years ago|reply
[1] http://googlesystem.blogspot.com/2010/08/google-chromes-pdf-...
[+] [-] doctorfoo|13 years ago|reply
[+] [-] surrealize|13 years ago|reply
Some content owners say that it is. That's a lie.
High-definition digital video gets broadcast over the air in the clear all the time.
Content owners tried to get DRM (the broadcast flag) into over-the-air broadcasts, saying that that was the only way they would allow digital broadcasts. The broadcast flag failed, content owners caved, and now they're broadcasting everything in the clear.
The HTML5 encrypted media extensions are another iteration of the same thing. If we stand up to the content owners, they'll cave again, just like they did last time.
[+] [-] Tomino|13 years ago|reply
[+] [-] scaphandre|13 years ago|reply
You might want to register your opposition with the BBC here: http://www.bbc.co.uk/complaints/complain-online/
Takes less than 3 min.
[+] [-] undoware|13 years ago|reply
[+] [-] mckoss|13 years ago|reply
[+] [-] unknown|13 years ago|reply
[deleted]
[+] [-] deliverd|13 years ago|reply
[+] [-] unknown|13 years ago|reply
[deleted]