updates Meet the browser: Firefox Next

[ViperAFK]

Yeah its totally understandable why firefox implemented support for it, all the other major browsers already have, so firefox taking a stand and not implementing it wouldn't actually accomplish anything, other than losing firefox users, gotta pick their battles.

 

It is kind of sad how we've come full circle though... killing flash just to end up with another adobe plugin.

[gohpep]

New Nightly not only shows you Mozilla sponsors, but targeted Mozilla sponsors, in the new tab page. Basically, now they track your browsing history and give you personalized tab ads, instead of just showing the same links for everyone.

[The_Decryptor Veteran]

Only if you enable it, it was disabled by default for me at least.

Seriously doubt it tracks your browsing history though.

[tompkin]

Apparently everybody, Microsoft and Google pushed for the W3C to accept it, and Apple implemented support for it in Yosemite. And since Netflix required it, people were upset that Chrome didn't support it under Linux, something which has "recently" (last year) been fixed.

It's not something they wanted to do, but since users/sites/competitors wanted it there wasn't much they could do to stop it. At least they heavily sandbox the plugin from the system to prevent it doing anything odd.

Edit: And DRM support is limited to MSE video playback, something which is still limited to YouTube only because of some pretty big limitations in the support Firefox provides (exactly enough for YouTube to work and that's it).

Are we talking about DRM (Digital Rights Management)? 

[The_Decryptor Veteran]

Yep, the W3C spec about it is called "Encrypted Media Extensions", and the actual DRM modules themselves are called "Content Decryption Modules" (Specifically unspecified, security through obscurity and all that)

The EME spec just details how a page can request playback of DRM locked material, and a example DRM module called "Clearkey" (Which is actually completely specified and is something like plain AES encryption, so nobody minds it), all communication with the actual DRM module is left up to the browser, and every browser does it differently with a different DRM backend.

Edit: How's this for fragmentation, Chrome supports the "Widevine" DRM scheme, IE11 uses "PlayReady", Firefox uses "Primetime" and Safari exposes "Fairplay", and content providers wanted this mess.

[+Red King Subscriber²]

New Nightly not only shows you Mozilla sponsors, but targeted Mozilla sponsors, in the new tab page. Basically, now they track your browsing history and give you personalized tab ads, instead of just showing the same links for everyone.

This is unacceptable.

Edit: How's this for fragmentation, Chrome supports the "Widevine" DRM scheme, IE11 uses "PlayReady", Firefox uses "Primetime" and Safari exposes "Fairplay", and content providers wanted this mess.

Sounds like a headache.

[gohpep]

This is unacceptable.

Disabled by default, but probably just for nightly just so we aren't ###### off.

 

 

Yep, the W3C spec about it is called "Encrypted Media Extensions", and the actual DRM modules themselves are called "Content Decryption Modules" (Specifically unspecified, security through obscurity and all that)

How do you implement it if you don't know how it works?

[+Red King Subscriber²]

How do you implement it if you don't know how it works?

Private decryption key?

[tompkin]

Yep, the W3C spec about it is called "Encrypted Media Extensions", and the actual DRM modules themselves are called "Content Decryption Modules" (Specifically unspecified, security through obscurity and all that)

The EME spec just details how a page can request playback of DRM locked material, and a example DRM module called "Clearkey" (Which is actually completely specified and is something like plain AES encryption, so nobody minds it), all communication with the actual DRM module is left up to the browser, and every browser does it differently with a different DRM backend.

Edit: How's this for fragmentation, Chrome supports the "Widevine" DRM scheme, IE11 uses "PlayReady", Firefox uses "Primetime" and Safari exposes "Fairplay", and content providers wanted this mess.

Well, more power to them if they get it to work but the problem with DRM has always been that it punished the honest person while the dishonest person just went about their business.

 

Hopefully it will be better. 

[gohpep]

Multiprocess Firefox

[The_Decryptor Veteran]

...

How do you implement it if you don't know how it works?

You don't, that's the point. If you want to support the DRM modules you need to enter into a business agreement with the DRM provider. There is Clearkey, but the usefulness of that is very limited, and nobody actually wants it (Too weak for content providers, and doesn't actually lock down the file in any way)

The point of Clearkey is that you can serve your video over a public CDN, while then transferring the decryption key to the end user over a secure (TLS) channel. Problem is you either need to share the key between all users (Making Clearkey useless), or re-encode the file for each user, defeating the point of caching servers, and basically re-implementing what TLS does. It might be useful for live broadcasts, but that's about it really.

Well, more power to them if they get it to work but the problem with DRM has always been that it punished the honest person while the dishonest person just went about their business.

 

Hopefully it will be better.

The Adobe provided modules is fairly standard as DRM modules go, what's different is that Mozilla sandboxes the system from it, basically treats it like a untrusted plugin and greatly limits what it can do.

I mean, it still sucks, but at least they're trying to minimize the harm and impact, they didn't rush into supporting it like Google did.

[gohpep]

You don't, that's the point. If you want to support the DRM modules you need to enter into a business agreement with the DRM provider. There is Clearkey, but the usefulness of that is very limited, and nobody actually wants it (Too weak for content providers, and doesn't actually lock down the file in any way)

The point of Clearkey is that you can serve your video over a public CDN, while then transferring the decryption key to the end user over a secure (TLS) channel. Problem is you either need to share the key between all users (Making Clearkey useless), or re-encode the file for each user, defeating the point of caching servers, and basically re-implementing what TLS does. It might be useful for live broadcasts, but that's about it really.

What about this? https://github.com/fraunhoferfokus/open-content-decryption-module I don't know what this uses

[The_Decryptor Veteran]

Interesting project, but apart from letting Firefox use PlayReady (or such), it doesn't offer much.

It's still reliant on the DRM module providers to release a module for the platform, won't let Firefox on Linux use PlayReady, etc.

Edit: And technically Firefox already supports something like this, their CDM API is "agnostic" and can actually be used to provide support for any codec (Was first used for OpenH264 support for WebRTC), they're also looking at extending it to JavaScript so that web pages could provide their own video decoders for things.

[.stan]

http://www.gavinsharp.com/blog/2015/05/19/leaving-mozilla/

 

And the next big one is leaving...

[MikeM97]

http://www.gavinsharp.com/blog/2015/05/19/leaving-mozilla/

 

And the next big one is leaving...

 

It would matter a lot.

[+Zlip792 MVC]

Just noticed:

 

about:crashes look:

 

[Boo Berry]

No crash reports have been submitted.

 

 

No crashes for me in Firefox or Nightly. In the latter I'm running the e10s dev build of LastPass and that's it, no other extensions.

[LimeMaster]

No crash reports have been submitted.

 

 

No crashes for me in Firefox or Nightly. In the latter I'm running the e10s dev build of LastPass and that's it, no other extensions.

But the point on Nightly builds is to find bugs & attempt to crash it, so Mozilla can fix it.

[Boo Berry]

Some of the issues people encounter in Nightly are due to plugins and extensions breaking. I try to keep both Firefox and Nightly as 'light' as possible, e.g. only LastPass is installed for both, no other extensions (don't need 'em, actually).

[+Red King Subscriber²]

Firefox sure is up to its head in scummy practices these days - I am look at you 38.0.5

[+Zlip792 MVC]

Servo Browser - http://blogs.s-osg.org/servo-the-countdown-to-your-next-browser-continues/

[bawz]

havent gotten 38.0.5 yet in Fedora , Maintainer hasnt compiled it. usually he does compile the Release Candidate but this time he hasnt. just wondering if he's hanging out for 38.1.0 ? whens that due to be released ?

[Boo Berry]

I haven't seen a X.1.X release in a long time. However 38.0.1 was already released - we're like three weeks away from 39's release anyways.

[bawz]

I haven't seen a X.1.X release in a long time. However 38.0.1 was already released - we're like three weeks away from 39's release anyways.

3 weeks from a 39 release , dunno what the release schedule is for 38.1.0 an so on with that esr branch

[Boo Berry]

Ahh, ESR branch, gotcha.

 

This should give you a general idea: https://www.mozilla.org/en-US/firefox/organizations/faq/