
Netflix on Android - tortilla
http://blog.netflix.com/2010/11/netflix-on-android.html
======
cscotta
I've read through this post a few times and am having some difficulty
understanding both the original problem and the solution that Greg is
suggesting.

From what I can gather, it seems that Netflix's product development team is
frustrated to find that there is no integrated support for DRM'd media streams
provided by the OS. From here, he jumps to the conclusion that the best
approach is working with _individual handset manufacturers_ to patch in
support for this at the OS or kernel level. This is difficult to understand.

It's an operating system. You build things on top of it. One does not go to
every PC manufacturer to add a "feature" to one.

Spectres of "fragmentation" aside, let's remember that these phones are real
computers running a real Linux-based OS that run real software, written in
real programming languages like C, Java, and Scala. They also have support for
encrypted transports like SSL and high-quality video codecs like H.264. Heck,
Adobe's even done it - secure content streaming on Android is possible, and
works fine (speaking strictly of the transport and decoding layer - leave it
to the bloggeurs to hash over what happens when you paint content on a
screen).

These facts suggest that implementing secure DRM'd video streams and a player
for them is not only possible, but much easier than working directly with two
of the most backward-facing industries in technology now (film studios and
mobile phone providers) to add this functionality.

~~~
bigmac
The problem comes down to key-hiding. You can encrypt it all you want but if
the attacker can extract the key from the software the game is over.

Working with the mobile phone providers, you can embed the root key in
hardware. This makes it more difficult to extract. Straight software solutions
exist, but are typically provided 3rd parties or by the OS vendors themselves.
The software solutions are obviously more convenient, for the reasons you've
alluded to.

Netflix gets to make lots of money exactly because they do the hard work of
working with the backward-facing industries.

~~~
wmf
But why is Android any worse than, say, Windows XP in this respect?

~~~
bigmac
The encryption/decryption libraries exist on Windows. For example,
<http://en.wikipedia.org/wiki/Windows_Media_DRM>

~~~
jpravetz
I think that Netflix also doesn't want to be in the business of building the
full secured/DRM code stack on all these platforms themselves. They'd rather
leverage. And for whatever reasons I believe they are/were a Microsoft video
encoding shop on the backend, which can limit their choices (e.g. they won't
use Adobe Access on Flash, which is not universal either).

------
nkurz
Could someone who understands the technical issues explain the details better?
While perfect security is of course impossible, I would think that a 'secure'
flash player could basically be grabbed off-the-shelf. And I haven't really
thought about it, but I don't understand why a native app would be that hard.
I presume the goal is just to make it difficult to record the movies to disk?

~~~
nutjob123
Are they only willing to use copy protection designed by the makers of the
operating system they are using? I'm just speculating but this seems to be the
case for ps3, xbox, wii, mac, pc, ipad.

~~~
mortenjorck
I never thought about it like that, but now that you mention it, it does seem
a likely pattern.

It's especially plausible because it frees Netflix from responsibility for
content protection systems across platforms -- if one of the targets is
compromised, the studios have to deal with the hardware vendor, not Netflix.

~~~
doron
Android hack development has reached a point where replacing the manufacturer
OS with a custom version built by hackers has become completely trivial on
some leading models. not only do I see more and more nontechnical users
carrying android phones, but an increasing number of them carry rooted and
custom OS builds.

The office manager at my workplace found her Verizon stock OS slow,and prone
to occasional crashes in trying to understand why, she stumbled about (google
search)a howto article on replacing the OS in two clicks (using unrevoked,
adding a zip file to your phone, and clicking some key combination), having
done so, happy and empowered by the change she performed, she instructs other
nontech how to own (!!!) their handsets.

The point of this story is that:

1\. This is probably the intention behind why google allowed this to happen
(if you check XDA developers, its thriving). in this sense phones are
different then full fledged computers, hacks tend to work fine and even better
then the bundle, certainly cleaner. you can download and replace your phone
ROM on the fly now with rom manager (available on Google app market, and try
several flavor for your own phone, (with/without htc sense, clean froyo etc..)
restoring your bought apps is simple, just log into your Google account, and
re download.

2\. The Movie industry will shun a platform that non sanctioned (i.e not
supporting DRM) developers and users can easily command, Netflix has no choice
but to comply.

------
RK
I just want an official queue manager app from Netflix for Android.

~~~
irons
I'm not sure you do -- queue management in the official iOS app is lousy, and
streaming-only to boot (except on the iPad, where it just presents a slow
webview of the Netflix site).

iPhlix has its problems, but is a much better overall package, and an indie
development effort.

------
FiddlerClamp
I'm surprised by this. Overdrive (<http://www.overdrive.com/software/omc/>)
seems to be able to handle 'loaning' MP3s out to Android phones, so there must
be some internal DRM involved that they're satisfied with.

------
waterlesscloud
I assume this is the same reasoning for not having Netflix streaming available
on Linux.

~~~
YooLi
Netflix chose MSFT's Silverlight for handling PC streaming. Lack of
silverlight on Linux is the problem.

~~~
waterlesscloud
Step 2 would be to ask why Silverlight is so important to them.

~~~
YooLi
Step 3 would be to ask what does Step 2 have to do with anything?

~~~
waterlesscloud
The reasons for their choice have everything to do with why they made the
choice.

------
teilo
And this is why DRM is a a threat to open source. Consider what this means:
Want Netflix? You need DRM. Want DRM? Say goodbye to your open-source kernel.

------
tomjen3
Thats just stupid - people can download all their content of p2p networks, but
not get it legally?

Smart move, people, smart move.

