drm "Unethical" HTML video copy protection proposal draws criticism fro

[+Frank B. Subscriber²]

"Unethical" HTML video copy protection proposal draws criticism from W3C reps

A new Web standard proposal authored by Google, Microsoft, and Netflix seeks to bring copy protection mechanisms to the Web. The Encrypted Media Extensions draft defines a framework for enabling the playback of protected media content in the Web browser. The proposal is controversial and has raised concern among some parties that are participating in the standards process.

In a discussion on the W3C HTML mailing list, critics questioned whether the proposed framework would really provide the level of security demanded by content providers. Mozilla asked for clarification from the authors about whether it would be possible to implement the proposal in an open source Web browser. Google's Ian Hickson, the WHATWG HTML specification editor, called the Encrypted Media proposal "unethical" and said that it wouldn't even fulfill the necessary technical requirements.

"I believe this proposal is unethical and that we should not pursue it," he wrote in response to a message that Microsoft's Adrian Bateman posted on the mailing list about the draft. "The proposal above does not provide robust content protection, so it would not address this use case even if it wasn't unethical."

The aim of the proposal is not to mandate a complete DRM platform, but to provide the necessary components for a generic key-based content decryption system. It is designed to work with pluggable modules that implement the actual decryption mechanisms. The proposal specifies a new set of API extensions for HTMLMediaElement, the interface that defines the specialized properties and JavaScript methods that are available on HTML audio and video elements.

Copy protection is one of the issues that we discussed last year when we wrote about the future of video on the Web in a post-flash world. Major streaming video services, such as Netflix, are eager to abandon plugins in favor of standards-based HTML5 video, but they have been held back by the lack of support for robust DRM mechanisms, which they need to use in order to fulfill their contractual obligations to the content providers.

Mozilla's Robert O'Callahan warned that the pressure to provide DRM in browsers might lead to a situation where major browser vendors and content providers attempt to push forward a suboptimal solution without considering the implications for other major stakeholders.

Some of the discussion surrounding the Encrypted Media proposal seems to validate his concerns. Mozilla's Chris Pearce commented on the issue in a message on the W3C HTML mailing list and asked for additional details to shed light on whether the intended content protection scheme could be supported in an open source application.

"Can you highlight how robust content protection can be implemented in an open source web browser?" he asked. "How do you guard against an open source web browser simply being patched to write the frames/samples to disk to enable (presumably illegal) redistribution of the protected content?"

Netflix's Mark Watson responded to the message and acknowledged that strong copy protection can't be implemented in an open source Web browser. He deflected the issue by saying that copy protection mechanisms can be implemented in hardware, and that such hardware can be used by open source browsers.

"There exist many devices with content protection mechanisms of various sorts baked into their firmware/hardware. Open source software could make use of such capabilities in just the same way as it makes use of other hardware capabilities," he wrote. "If my understanding is correct, it's not unknown for open source products to make use of or even ship with closed source components, such as drivers, for access to platform or device capabilities."

This would potentially address the issue on mobile and embedded devices with the relevant hardware capabilities, but it's not clear what it means on the desktop. This response is unlikely to satisfy Mozilla or diminish the organization's concerns.

The Encrypted Media specification is currently a draft-stage proposal. It is backed by several major stakeholders, but it doesn't appear to be gathering the momentum it needs to gain broader support. The requirement for DRM on streaming video isn't likely to go away, however. If consensus can't be reached and no better approach emerges, there is a risk that some browser vendors will simply implement their own solutions outside of the standards process.

Source: Ars Technica

[Phouchg]

Yay! HTML5 will bring innovation... of DRM.

If consensus can't be reached and no better approach emerges, there is a risk that some browser vendors will simply implement their own solutions outside of the standards process.

Hooray to the openness of web standards! Everyone can (and do) make their own standards!

F*cking asshats.

[Buttus]

so much money and time is spent on this DRM stuff, which is defeated within a couple of days...

oh well

[Mr. Gibs]

so much money and time is spent on this DRM stuff, which is defeated within a couple of days...

oh well

Not all DRM is bad though.

Netflix, Steam, Spotify etc all have DRM but it's not intrusive, it allows you to access your content wherever you may be, and it runs without you even knowing its there.

Now the DRM Ubisoft uses is quite the opposite.

[HawkMan]

For rented media, DRM is a necessity, otherwise it won't be rented media. and if rented media is to take off without the need of plugins, it needs to be done now. or your precious HTML 5 video will be dead and forgotten before it ever gets off the board.

How would for example Zune Pass work without DRM, how would Netflix work ?

[ArialBlue]

Wow HTML5 video may actually be a viable solution to plugins, how is that a bad thing?

[n_K]

*opens RAM viewer*

Play away, little HTML5 'encrypted' video...

[Phouchg]

*opens RAM viewer*

Play away, little HTML5 'encrypted' video...

Will that work with ASLR-enabled images? :shiftyninja:

[Boz]

Wow HTML5 video may actually be a viable solution to plugins, how is that a bad thing?

Beacuse it's reinvinting the wheel with something that is again going to be propriatery. Flash does this extremely well now.. so why do it again HTML5?

I'll tell you why.. after all the brooha about Flash being proprietary while HTML5 is open source, we can now really see that the whole Flash offensive is really something that has no connection with reality.

Browser companies like MS, Apple, Google are trying to destroy Adobe's Flash because they want to monetize and lock in videos and everything into their own browsers.

Your argument was somewhat valid if you told me, I don't want Flash because it's proprietary and I want everything on web to be free and made by standards. This means, using WebM, HTML5, JS and so on.. but when you come out and say, let me put DRM on HTML5 video and make it proprietary while each implementation will be different from browser and do things 3 times worse than Flash does overall while still pushing proprietary H.264, then you become an ultimate hypocrite.

[n_K]

Will that work with ASLR-enabled images? :shiftyninja:

I'd guess so with some work.

As HDCP is broken, probably easier to just get a GPU 'sniffer' to sniff the data live on the graphics card and dump that.

[HawkMan]

DRM'ed proprietary h.264 video has one advantage over flash though. it can be used on smart tv's and smart tv like devices (like receiver systems with the smart tv fucntion built in and bluRay players)

for services that use silverlight however, most of these devices can already support streaming silverlight video with drm with the built in codecs. and they even use it on some of the smart tv services/apps.

I believe the idea is that the DRM is independent of the video format just like HTML5 video is as well, which is good since WebM still sucks and probably always will compared to h.264 and then h.265, This is the eternal problem with the competing formats like WebM as soon as they get close to h.264, there's h.264 being released which does everything much better again.

[torrentthief]

i'm very happy about this, this means that we can have BBC iplayer and ITV player using HTML5 instead of the cpu hog that is flash. I don't know how any person can think this is a bad thing. We'll be able to rent movies/tv shows on youtube with this, so we'll pay less than a drm-free .mkv file or dvd/bluray disc, how can that be a bad thing, its great!

This is the only major thing that has been holding up online video streaming from switching to html5 from flash/silverlight.

[Phouchg]

HTML5 instead of the cpu hog that is flash.

Because HTML5 isn't a cpu hog. Oh wait...

[Boz]

DRM'ed proprietary h.264 video has one advantage over flash though. it can be used on smart tv's and smart tv like devices (like receiver systems with the smart tv fucntion built in and bluRay players)

You can do that with Flash as well. Flash supports major video codecs including h.264 and is even using the new chips to do multithreaded video decoding and WebM will be integrated soon as well.

You publish apps on any of these devices with AIR and you get even better performing video with StageVideo API than HTML5.

Now granted, web part, meaning in a browser Flash might or might not work on a smart TV, but I don't think this will be an issue because who's going to go on a TV to a website to watch a show. They will run an app that will be integrated tightly with the TV or a device as an app using native APIs to take really this experience to a new level.

Browser based approach while will be able to show h.264 video or webM video (and this is a big if though as we still don't know how that would work in real life and how well), will still be severely limited as browsers will most likely not have access to native APIs of the device you are watching the video on (like connecting with notifications for the TV, using intents to communicate with other apps on your TV etc etc).

So essentially, Flash/AIR is still going to be much better, even though when you say Flash it might not be traditional Flash you see in a browser.

This is the only major thing that has been holding up online video streaming from switching to html5 from flash/silverlight.

Yeah.. not really. One of the big things but not the only thing. There are NUMEROUS reasons why many commercial services are not using HTML5 and it's not only DRM. There are things like captioning, interactivity within the video, 7.1 surround audio, amazingly integrated analytics services and Flash Media Server, on-fly bitrate switching etc etc...

[torrentthief]

Because HTML5 isn't a cpu hog. Oh wait...

for me it isn't it uses hardly any on my core i3. HTML5 videos play as smooth as butter, flash on the other hand can be jerky if i have lots of tabs open. HTML5 supports h.264/webm and will support future codecs like HEVC, we are much better off with it instead of flash for video streaming.

[chrisj1968]

Yay! HTML5 will bring innovation... of DRM.

Hooray to the openness of web standards! Everyone can (and do) make their own standards!

F*cking asshats.

LOL, I like your comment. not alot of innovation in HTML5. so many other technologies OTHER than HTML5 I'm sure. however, somebody will crack this and create video stream software to copy I'm sure. or just to circumvent the technology.

[WesDog]

Thats fine with me. I have a rule I started using recently after I couldnt play a single player game I bought one day when my internet was down because someone hit a pole and took out several of them. I figured I had already had the game connect to the internet and verify that it was a true and legit copy. I thought I could simply click the icon and play the game. I could not because it couldnt reach the verification servers.

So from that day forward I decided that if the companies that put out entertainment content deliberately make it difficult for consumers to use their products in a normal way I was just going to get it from a torrent. So if a game has horrible DRM I'll just download the version that doesn't have any DRM. I'm done giving my money to people who honestly don't give a damn about whether the customers are happy with their product or not. If they want to put a bunch of DRM on web videos thats fine. I'll just download them with no DRM and watch them in VLC.

I sincerely hope that everyone will do the same. Either that or just boycott the companies that are abusing their customers and not giving them what they paid for. The only way they will quit being jerks and making things hard is to stop giving them money.

I'm looking forward to the big blowup with connected appliances. All of the options for watching television shows and movies without having a cable or satellite subscription. I'm sure this html5 DRM will be used to stop people from watching these shows on devices that they dont want it to be watched on. Have a Roku or Boxee that's too damn bad because this DRM will stop you from watching say, CBS or Fox content on those. You will only be able to watch the shows on approved devices through their own apps.

Can everyone please get together and let all the television, movie, game, and every other entertainment studio know that this is the future. It's possible to watch everything they put out without owning a television or a cable box. We want to be able to access the content whenever and wherever we are on whatever device we want to watch it on. I'm willing to pay a reasonable price for this and I'm pretty sure almost everyone else is also. Until these companies stop living in the past and trying to control what we watch, when we watch it and what we watch it on I'm going to keep getting it illegally. I want to be able to watch it on Netflix but they want to put a 28 day or 56 day hold on netflix and redbox because it hurts dvd and blu-ray sales. That should tell them that we would rather watch it on netflix or red box than buying the dvd or blu-ray.

TL;DR

The bottom line is give your customers what they want how they want it and you will make money faster than you can stuff it in your greedy little pockets.

[ArialBlue]

for me it isn't it uses hardly any on my core i3. HTML5 videos play as smooth as butter, flash on the other hand can be jerky if i have lots of tabs open. HTML5 supports h.264/webm and will support future codecs like HEVC, we are much better off with it instead of flash for video streaming.

I am going to just guess here,

Stop using Linux.

Stop using Firefox.

When was the last time you checked for updates for your browser, flash, and drivers?

Lets reverse this, on my computer HTML5 stutters and doesn't buffer properly while Adobe Flash delivers flawless hardware accelerated video playback.

Beacuse it's reinvinting the wheel with something that is again going to be propriatery. Flash does this extremely well now.. so why do it again HTML5?

I'll tell you why.. after all the brooha about Flash being proprietary while HTML5 is open source, we can now really see that the whole Flash offensive is really something that has no connection with reality.

Browser companies like MS, Apple, Google are trying to destroy Adobe's Flash because they want to monetize and lock in videos and everything into their own browsers.

Your argument was somewhat valid if you told me, I don't want Flash because it's proprietary and I want everything on web to be free and made by standards. This means, using WebM, HTML5, JS and so on.. but when you come out and say, let me put DRM on HTML5 video and make it proprietary while each implementation will be different from browser and do things 3 times worse than Flash does overall while still pushing proprietary H.264, then you become an ultimate hypocrite.

I am not sure how to respond to this.

I dislike HTML5 massively because (1) it is not a replacement for Flash gaming (2) it is re-inventing the wheel (3) it has horrible performance (4) Firefox and Opera does not support AVC/H.264 and MP3 (5) IE9 delivers poor h264 performance compared to WMP (6) browsers are too dumb to use system provided media decoders\ (7) YouTube HTML5 trial proves itself a joke compared to YT Adobe Flash Player.

[+M2Ys4U Subscriber¹]

Yay, let's make HTML5 <video> defective by design, that will make it more useful! </sarcasm>

[libertas83]

Beacuse it's reinvinting the wheel with something that is again going to be propriatery. Flash does this extremely well now.. so why do it again HTML5?

I'll tell you why.. after all the brooha about Flash being proprietary while HTML5 is open source, we can now really see that the whole Flash offensive is really something that has no connection with reality.

Browser companies like MS, Apple, Google are trying to destroy Adobe's Flash because they want to monetize and lock in videos and everything into their own browsers.

Your argument was somewhat valid if you told me, I don't want Flash because it's proprietary and I want everything on web to be free and made by standards. This means, using WebM, HTML5, JS and so on.. but when you come out and say, let me put DRM on HTML5 video and make it proprietary while each implementation will be different from browser and do things 3 times worse than Flash does overall while still pushing proprietary H.264, then you become an ultimate hypocrite.

I see alot of confusion on what is and what is not with this entire thread. HTML5 is not open source!

HTML5 is a standard. IE is a propieraty browser built on that standard, I believe Opera is as well but not sure on that. FireFox, Safari, and Chrome are built on open source. They all implement parts of HTML5.

This means any DRM protections can be freely added to any of the browsers. There is NO lock-in here.

The reality is content is king and needs to be protected. It amazes me how many people demand to take something from someone else's work just because it has become easy to do. There is no purpose for streaming content if it is not protected.

Now DRM is something that is optional for content providers to implement. This means YouTube is not going to DRM your videos that you upload, but maybe they will give you that option. They will, however, have to protect any videos that are owned by movie studios to even have the right to broadcast it.

Streaming is a renting model which means you pay to rent it, not own it. DRM makes perfect sense here.

[MS Bob 11]

Flash also has DRM for ages so it's not shocking. But HTML5 video would be better without any rights management support. Kill it with fire! You can never stop piracy and consumers hate DRM.

[ichi]

Streaming is a renting model which means you pay to rent it, not own it. DRM makes perfect sense here.

It does indeed, I can see how content providers obviously need to control the ability to play certain media on a rent service were you should only be able to watch a movie during a certain period of time, else the whole concept of renting doesn't make much sense.

The problem is, though, that DRM doesn't really work. No matter what crazy stuff you come up with on the software or hardware level, as long as watching movies involves photons and sound waves they can be recorded in one way or another.

The only single method that can prove effective is watermarking a unique client identifier, and only when it comes to find out who ripped a DRM video that's being shared. That still doesn't stop people from recording every movie they rent.

Maybe, just maybe, it could be time to re-think the whole renting business model. They might find out that adapting your business to the technology is easier than trying to adapt the technology to your business.

[Dick Montage]

The problem is, though, that DRM doesn't really work.

DRM works 100%. If you look at what the point of DRM is...

Is the point of DRM to 100% stop people copying content? It is not. All content providers know that their content can and will be copied. This is factorerd into every decision.

The point of DRM is two-fold:

1) Slow down the rate at which content is copied. In the example of movies - it's to make the first few days release revenues as high as possible. After this point, the DRM is usually cracked and they know and accept this.

2) To comply with legalities. Content providers HAVE TO BE SEEN TO BE DOING WHAT THEY CAN to protect their content. In fact, this is part of copyright law - it's a duty. If a company does not comply with this it sets a legal case which would become part of every copyright case from that point onwards. But the wording highlighted is important. They don't have to stop piracy, they have to be seen to be attempting to. This is all.

[The_Decryptor Veteran]

Yay, let's make HTML5 <video> defective by design, that will make it more useful! </sarcasm>

It's funny because it just wouldn't work, you can't implement DRM in an open source environment, somebody could always just patch it out.

Say you had hardware DRM that decrypted the content and wrote it directly to video memory, since the browser is still controlling that part of the memory you could just patch it to read the buffer out to disk.

The W3C won't go for it (conflicts with the notion of the open web, which is why we have the Internet as it is today), but that won't stop Microsoft, Google or Apple just making their own non-standard methods (we already see that behaviour today from them).

[n_K]

I like what some professor said about CAPTCHAs, if even ONE CAPTCHA is passed by a bot or spam or whatnot, then the entire CAPTCHA system is defective and isn't worth having.