
HTML5 Video at Netflix - Lightning
http://techblog.netflix.com/2013/04/html5-video-at-netflix.html
======
apendleton
Writing a technical article about the standards process around web DRM without
even obliquely addressing any of the criticism of it seems like a strange
choice to me. Almost everything in this article was already publicly known;
what I'd like to have seen was an actual rebuttal of the criticisms of, among
others, Ian Hickson, so as to move the standards conversation forward.

~~~
jonny_eh
They need DRM due to the reality of their relationship with Hollywood. There's
nothing to debate. Either they get DRM support in HTML5 and switch to it, or
they continue to use plugins and apps.

~~~
GhotiFish
I don't see a problem with that. No DRM in HTML5. People are demanding less
horrible web standards (flash must die!), and we watch the tension build until
something catastrophically breaks. Something HAS to break.

Aren't you willing to play chicken? I am.

~~~
dthunt
I am willing to play chicken. Flash must die, and more than that, the
standards should make no additional allowances for broken behavior, such as
allowing websites to discriminate between Platform A and Platform B.

In practice, as long as Javascript remains in its present form, they will be
able to effect this sort of discrimination, but the W3C doesn't need to
actively promote brokenness.

------
Laremere
I honestly don't understand DRM in html specs. Most people use open source
browsers. To crack the "DRM" all you would need to do is open up the source
code and slightly modify it. DRM only works when either the client side code
hasn't been cracked or when the server side requires clients to log in. The
first is impossible with open source, and the second is already a part of
html.

~~~
MatthewPhillips
The DRM doesn't happen in the browser, it happens either in the OS or on a
hardware component. Encrypted Media Extension just provides a way to
communication with the DRM component. It's up to the web page to choose what
type of DRM they accept. Expect most to require DRM on the hardware.

This means "premium" video is going to be fragmented. Big companies like
Apple, Samsung, Microsoft will get it, open source operating systems and DIY
devices will not.

~~~
laumars
_> This means "premium" video is going to be fragmented. Big companies like
Apple, Samsung, Microsoft will get it, open source operating systems and DIY
devices will not._

People said the same about DVD and bluray DRM, yet they've been cracked and
open source drivers distributed. Though it's sad that it ever had to come to
that.

~~~
fungi
cracked and work's out of the box are two different things... practically and
legally.

i dont care about netflix... like the vast majority of the internet, they dont
even operate in my market. yet their greed is going to fragment the internet
that i make a living from... all they are doing is ramming a new version of
shitty proprietary plugins/binary blobs down our throats.

~~~
laumars
_> cracked and work's out of the box are two different things... practically
and legally._

libdvdcss works out of the box and is completely legal in Europe. It's the
Americans that stand to lose more by imposing DRM extensions on the internet.
At least if they're part of HTML, the technology can be reverse engineered and
made cross-platform. With the current mess we're stuck with having to run
Silverlight DRM extensions in WINE. So as much as I hate DRM, I'd sooner see
it part of an open and cross platform spec than have content locked to
specific software that only runs on specific platforms.

~~~
fungi
> open and cross platform

Fail to see how this is anymore open and cross platform then NPAPI.

> content locked to specific software that only runs on specific platforms.

that is exactly what this delivers.

------
dj2stein9
I think if your intention is to encrypt your video content then you really
have no business being on the web in the first place. Just build a native app
and do whatever you want, and stop trying to bend open standards to be
compatible with your business.

~~~
jonknee
They're are many legit reasons to encrypt video (CCTV, video chats, etc). The
web is the platform of the near future, I'd rather support this stuff natively
than need multiple closed source desktop or mobile apps.

~~~
__david__
Encryption != DRM. All of that stuff you can do _now_ with SSL. No one cares
about video streams over SSL. It's what happens after the SSL layer that
matters.

------
dman
"We will remove this last remaining browser plugin as soon as WebCrypto is
available directly in the Chrome browser. At that point, we can begin testing
our new HTML5 video player on Windows and OS X." - What do they have against
linux?

~~~
flyt
Probably nothing, except statistically nobody uses Linux on the desktop, so
it's not a priority.

~~~
gnoway
Maybe not on the desktop, but there are plenty of people using it as a media
center OS. Enough that someone went to the trouble of rolling a custom Wine
distribution to get Silverlight + Firefox accessing Netflix.

At this point it's just kind of silly to exclude Linux, especially when all
the heavy lifting is already done; Chrome OS _is_ Linux, and I believe the
Roku devices are Linux-based as well.

The reasons Netflix might have to exclude Linux are not unique to Netflix, but
somehow Amazon and Hulu - both Flash-based, of course - manage to support
these customers.

~~~
MatthewPhillips
I think in the short term Chrome will be a prereq to watch Netflix (fallback
to Silverlight in other browsers). In the long term DRM requirements are going
to change and hardware-level DRM is going to be mandatory. Speculation.

------
shmerl
They shouldn't be boasting, rather they should be ashamed about adding DRM to
the HTML standard. And they present it as if it's a great achievement. Really
unpleasant, if not even disgusting.

And if someone here claims that Netflix don't really like it, but just oblige
the crooked studios who push for DRM, what are they excited about then?

~~~
endianswap
Because technical challenges are interesting in their own right, even if there
is a larger political backdrop?

~~~
shmerl
They could say that, adding, that as a whole this is bad, and they'd rather
not do it, but "no choice and etc." (no really?). But they didn't. I
personally don't think that being excited about implementing an unethical
thing is good.

------
rogerbinns
Presumably they are going to require proprietary native code running in the
browser? If pure open source could actually play the streams then the DRM is
pointless.

~~~
MatthewPhillips
Yes, your HaikuOS box won't be able to watch Netflix, unfortunately.

~~~
threedaymonk
I suspect you're just trying to be a smartarse, but it hides an important
point. It's not that HaikuOS can't watch Netflix, but that in the platform-
specific DRM world, _no new system_ that comes along can ever be a viable
desktop without the blessing of the media establishment, and that this has the
effect of entrenching existing players, especially those with money and
connections.

The corollary of that is that keeping illicit distribution going might be a
good bet for a diverse computing future.

~~~
MatthewPhillips
You suspect wrong, I want the web to work the same no matter how I access it.
I'm saddened at the likely future you point out.

~~~
threedaymonk
My apologies! In that case, I join you in sadness.

------
pvnick
How feasible would it be, instead of encryption/decryption in the browser
source code (which can be defeated easily), to do decryption and rendering in
javascript, perhaps with emscripten + asm.js optimizations? That should
provide a reasonable amount of security through obscurity.

~~~
testbro
The problem, as with any DRM scheme is that the plaintext is available
somewhere. Figure out where the buffer is, read it via the JS console (or Pin
if the browser won't cooperate) and you're done. Asm.js probably offers as
much protection as a normal binary, although the niceties of the JS runtime
might make developing patches to dump streams easier than in native code.

I'd definitely say it's feasible, although I'm not sure it would add much
beyond what Flash/Silverlight already provide.

------
k_bx
Can anyone please explain me the purpose of DRM used by Netflix? I mean, if
you can see the movie, doesn't it mean you can screen-record it with pretty
great quality? And it can be done with any of available programs out there.
What's the point?

~~~
ihsw
Appeasing the political class (RIAA/MPAA).

------
benburleson
What exactly is Netflix trying to prevent by using DRM? It seems like people
are happy to pay for a Netflix subscription, even more if they could stream on
Linux.

~~~
MichaelGG
They are probably trying to prevent breaking their contracts with the content
providers, which, somehow, think DRM actually hinders things.

We'll see how quickly the new Netflix-only Arrested Development ends up on The
Pirate Bay.

I have a Netflix subscription, but sometimes I still prefer to torrent. I can
force HD, I can load proper subtitles (ones without all caps), I can fix audio
or video issues (levels).

~~~
gibybo
Probably about as quickly as the Netflix-only House of Cards ended up on The
Pirate Bay: about 2 hours after its release.

~~~
rayiner
At equal quality?

~~~
shitlord
I don't know what the original quality is, but for TV, there are usually 2 or
3 release formats (excluding webrips): standard quality (about half the
height/width of 720p), 720p, and 1080p. The standard quality and 720p are
usually posted a few minutes after the show airs, and the 1080p usually comes
a long time later. Sometimes, episodes are even posted before the show airs in
your region.

~~~
rayiner
But how are they doing the rips? Are they getting the original encoded stream,
doing analog capture and reencoding, or what? If DRM forces them to do a less
than perfect copy of the stream, that's a big win for the content producer.

~~~
tmzt
Maybe through DVI? If you can watch something on a standard computer monitor
you can also capture it in high-resolution RGB through the DVI port.

~~~
rayiner
Right, but then you decode -> re-encode which decreases quality. At the
aggressive bit-rates used for HD content online, that can be substantial. So
as long as DRM forces re-encoding, content producers can say: "buy it for the
best quality" and that's a win for them.

------
dpcx
Interesting; but with nothing to test, it seems like vaporware.

~~~
Pwnguinz
According to the article, it's already available on the Google Chromebook. So
presumably, there _are_ people out there capable of testing this out.

~~~
nnnnni
I have used it. It does work pretty well...

------
brianbreslin
So Silverlight is getting EOL in 8 years. Will they keep updating it with new
versions til then?

~~~
andrewguenther
My understanding is that it has already been axed. Microsoft supports product
versions for 10 years after their official release. You can expect to see bug
fixes, but no new versions.

------
da_n
Can't the big media eco-system collaborate and develop a plug-in instead (open
source, platform agnostic, an extension to HTML5 video etc)? I would rather
download and install "HTML5 Premium Content Add-On" or have it pre-packaged in
my browser/OS any day than have the internet itself be that much more opaque
by design.

~~~
wmf
iOS, Metro, and probably Chrome OS are not going to allow a new plugin.

~~~
da_n
How about Job's famous "Thoughts on Flash"[1]

> we strongly believe that all standards pertaining to the web should be open.
> Rather than use Flash, Apple has adopted HTML5, CSS and JavaScript – all
> open standards.

Not suggesting iOS would need to support it native or in Safari (though they
might choose to), they would only need to allow developers permission to have
it as a dependency in their app packages (Netflix.app, BBC.app, etc). it could
just be a thin layer on top of HTML5 video element, just to support DRM
delivery. Why is this less desirable than it being baked into the HTML spec
itself, essentially breaking the open web?

[1] <http://www.apple.com/hotnews/thoughts-on-flash/>

~~~
pornel
Browsers supporting all relevant W3C specs and all codecs _still_ won't be
able to play HTML5-based Netflix.

Playback relies on Netflix's proprietary Content Decryption Module that
they've given to Google to bake into ChromeOS.

Netflix is replacing `<object>` + NPAPI plugin with `<video>` + Netflix CDM
plugin. So their HTML5 player is as much standard as their HTML4 player was —
it's merely a tag to launch a proprietary binary.

Apple would have to license Netflix's CDM plugin and bake it into the iOS in
the way that ensures it's usable only in ways approved by Netflix.

There is no way to avoid that, and that's the whole point of EME spec that
Netflix+Google+Microsoft pushed through W3C.

~~~
da_n
Interesting, thank you for the answers, sounds like it could be a fair
compromise in that case.

------
bm1362
I'm always pleased with Netflix- their product is good and so is their
engineering. I'd consider them the ideal company to work for as much of their
product is both cutting edge and customer facing.

Looking at the open positions, I see no internships or entry-level positions
in Engineering- anyone have any advice on landing a gig there?

~~~
michaelrkn
they have a reputation for only hiring very senior-level engineers.

------
danjones
It's great to see Netflix pushing for HTML 5 media encryption, it's one of the
things the orignal spec for these elements lacked. Once it becomes standard
across the browsers we'll hopefully see more media publishers come onboard
supporting HTML 5.

~~~
wmf
Because EME makes the DRM pluggable, it's never going to be standard across
browsers. Different browsers will have incompatible DRM plugins.

~~~
notatoad
As i understand it, it's a standard API that the browser exposes to external
processes. The browser doesn't have _any_ DRM plugins, just EME. the
decryption happens outside the browser, and any decryption modules installed
on the system will be available to all browsers.

~~~
wmf
You can say it any way you want, but Apple devices will only support FairPlay
(which will not be available on any non-Apple platform) and I would expect
Chrome OS to only support Widevine. There will not be interoperability.

~~~
likeclockwork
And frankly, I don't want any of that crap on my machine.

------
RyanMcGreal
I like how almost every single comment is a variation on "Netflix for Linux,
please".

------
mattyohe
What surprises me about this is that Microsoft is actually going to support
Silverlight through 10/12/2021.

~~~
stormbrew
Standard practice. It's really limited support. The Eeebox's video decoding
hardware I bought just a few months ago isn't supported by silverlight and
probably never will be, which makes watching HD streams on netflix nearly
impossible. That's just going to get worse.

------
lshemesh
Pretty hilarious that almost all the comments on that page are related to
native support in Linux.

------
ancarda
I wonder how long it will take for the DRM to be broken in HTML 5...

------
mtgx
Does it work in Linux?

~~~
joenathan
Linux is only a kernel. The blog post says it runs on ChromeOS witch utilizes
a Linux kernel.

~~~
mtgx
I wouldn't assume so quickly that because it works on Chromebooks, it can work
on Linux. Google uses a certain type of DRM for Chromebooks, and they've
collaborated with Netflix for this.

------
nej
Linux support?

~~~
pornel
Only if Netflix chooses to port their HTML5 DRM plug-in (CDM) to Linux and
makes the CDM API available to browser vendors (the W3C spec they wrote
deliberately does not have this API documented).

And this is unlikely, since Netflix and other cable companies stated they need
strong DRM with OS and hardware support (which I presume is what they got in
the closed version of ChromeOS).

