
Tim Berners-Lee Officially Supports DRM in HTML - joseluisq
https://www.techdirt.com/articles/20170707/15544137737/tim-berners-lee-sells-out-his-creation-officially-supports-drm-html.shtml
======
merricksb
Heavily discussed 5 days ago, about the same time this article was published:

[https://news.ycombinator.com/item?id=14720591](https://news.ycombinator.com/item?id=14720591)

------
SquareWheel
Well that's an awfully uncharitable title. Isn't it possible he simply thinks
EME is a better alternative than Flash/Silverlight? Because I sure do.

~~~
kuschku
It's not a better alternative, because it makes DRM too easily accessible.
Many companies that would never have used Flash for DRM are now using EME or
considering it. Including YouTube, Twitter, Facebook, etc.

In a few years every video on the web will use DRM, and you won't even be able
to download YouTube videos.

~~~
karmadog
If that's what content creators want, isn't it in their right?

You're technically not allowed to download YouTube videos anyway, there just
isn't a convenient measure against it. You're not paying, you're probably
blocking ads and now you want to download stuff for free? You're _worthless_
to creators.

Also, you're not getting to see all the videos that aren't on Youtube exactly
because there is no DRM.

~~~
AlexandrB
> If that's what content creators want, isn't it in their right?

No, because DRM + DMCA has repeatedly been used to violate consumers' and
researchers' fair use rights. It's my right to lock my house, unless you're
inside it and I'm effectively turning it into a prison.

------
verytrivial
Choice summary quote:

> The problem here seemed to be that Netflix and the MPAA realized that they
> had enough power to push this through without needing to protect security
> researchers, and just decided "we can do it, so fuck it, let's do it." And
> Tim Berners-Lee -- who had the ability to block it -- caved in and let it
> happen. The whole thing is a travesty.

~~~
cdubzzz
Also, this line of thinking really stood out to me -

> [...] this argument [that DRM is a necessary evil] rests on the assumption
> that the web needs those content producers more than those content producers
> need the web -- and I'm not convinced that's an accurate portrayal of
> reality. It is fair to note that, especially with the rise of smart devices
> from phones to tablets to TVs, you could envision a world in which the big
> content producers "abandoned" the web and only put their content in
> proprietary DRM'd apps. And maybe that does happen. But my response to that
> is... so what?

I have to agree with the author here - so what? I don't think such
"proprietary DRM'd apps" would have any trouble taking off for people seeking
content from big providers, so why does W3C feel it needs to bend so far to
the will of Netflix and the like?

~~~
thegayngler
I don't know the scenario you provided is what I had hoped would happen not
that they would html would have DRM support.

------
askvictor
I agree that DRM is a bad thing, but in this instance, what is the alternative
to implementing in the browser? Media companies will each have their own DRM
plugins, which won't work on all browsers and platforms. Which is worse?

~~~
Touche
Being in the spec is worse, because now it is the browser's responsibility.
This is what EME defenders don't seem to understand, it's all about offloading
the responsibility off of media companies and onto browser vendors.

Let me repeat that, EME is a redistribution of software maintenance (bugs,
etc.) off of the media companies and onto browser vendors.

~~~
tehbeard
Past experience with buggy software has shown me media companies are way worse
at this than Microsoft/Google/Mozilla whose job is to ship working code.

~~~
chimeracoder
> Past experience with buggy software has shown me media companies are way
> worse at this than Microsoft/Google/Mozilla whose job is to ship working
> code.

With EME, you still have to download a proprietary binary written by the media
companies and run it on your computer. It's not inherently any less buggy than
the previous approaches were.

~~~
hsivonen
The proprietary DRM components come from Google, Microsoft and Apple.

------
dakom
I don't get the gripe. EME is used solely for wrangling media bits and it
doesn't insist on any specific CDM. It's up to the browser manufacturers to
decide if they want to include any closed-source implementations.

The fact that commercial browser manufacturers include their own closed-source
implementation makes perfect sense (IE = playready, Safari = fairplay, Chrome
= widevine).

If ARRI decides to create a web browser, would you expect them _not_ to allow
their end users to natively play ARRI raw files if they could provide it,
simply because other browsers can't include that closed-source capability?
Seems to me like an arbitrary restriction.

If I want to use open-source-only browser, and lose out on some of the
proprietary commercial stuff I get elsewhere, that's a respectable choice, but
it shouldn't be the only one.

~~~
Touche
It's not the only choice. This is not about what browsers implement, this is
about what open-standards spec.

~~~
dakom
Sure, but EME with an open-source clearkeys-only CDM is essentially equivalent
to a vanilla js aes lib, no?

------
TrickyRick
Can't browser manufacturers simply refuse to implement this standard? After
all if Google doesn't implement it there will be some 70% of users not able to
use Netflix (Or whatever other service requires this) and that might be a good
enough incentive for Netflix to skip out on DRM.

~~~
leppr
Yea but what's the incentive for Google ? They are a player in this space as
well, and if anything they seem to want to scale up (Youtube Red, etc).

 _(And suddenly, people remember how monopolies hurt consumers and regret
giving Chrome so much market-share. Or not.)_

~~~
amelius
This is somewhat ironic, since Youtube became big because of content right
infringements.

~~~
dasil003
Cross the bridge and then burn it is a proven strategy, I wouldn't exactly
consider it ironic.

------
mnarayan01
EME removes much of the cost associated with adding DRM to content in exchange
for increased portability of content that is DRM'd.

This doesn't seem like a good trade-off to me. Yes it's only for "media", but
once it's essentially free to add DRM, I foresee a whole bunch of current
content becoming "media" in ways that I'm going to find unfortunate even
totally disregarding the DRM aspects.

That said, I neither consume much content that's currently DRM'd nor do I have
any technical difficulty accessing such content, so other's might want
different trade-offs.

------
keithb-
I definitely do not understand what's going on here. As noted in the appeal
posted by Doctorow [1], DMCA prohibits bypassing DRM so this W3C "approval"
seems completely unnecessary. If it's oversight that you want, then a W3C
standard isn't the way. A W3C standard is just a description of system
behavior; it doesn't carry with it any penalties for deviation. If it did, I
would have sued all the browser devs who delayed support HTML5 elements citing
compensatory damages: my livelihood was affected!

At the same time, the appeal seems misaligned because (again) the
specification may be superior in accessibility, privacy, etc. but the
implementation can be total crap. What option do you have? Open a ticket for
Chrome or Firefox? Stop watching Fox News because their plugin is buggy and
slow?

This whole thing seems like a polite disagreement among intellectuals. The EFF
expected more from Berners-Lee but it turns out that he chose to act
differently.

[1] [https://www.eff.org/deeplinks/2017/07/notice-w3c-effs-
appeal...](https://www.eff.org/deeplinks/2017/07/notice-w3c-effs-appeal-
directors-decision-eme)

------
Santosh83
Don't blame Tim for what we ALL have done to the Internet since three decades.
This was the inevitable result of commercialisation. Tim can't stop it, no
matter how much respect/influence he might have. DRM (as an abstract idea)
won't go until we stop having to earn money to survive, and I don't see THAT
happening soon. The Internet has just become the latest arena where the age-
old battle is playing out.

~~~
dasil003
This. People don't understand the forces at work here. They think we can get a
coalition of free software advocates to prevent the march of DRM, but they
fail to realize that content rights-holders have market clout. Consumers will
jump through whatever stupid hoops they put up. Meanwhile, free software
advocates have no market clout, if they succeed in killing EME in a browser,
then the general consumer perception will be that that browser is broken and
will lose marketshare.

This situation sucks, and I fought against it professionally for almost a
decade, but at the end of the day if there's a market need for something, tech
will be built for it in a completely amoral fashion.

------
Phemist
Considering Firefox is open-source, is patching in a backdoor to the EME
implementation a feasible way of handling the DRM situation? I don't see many
reasons why I would not want to be running client-side intentionally
backdoored EME?

~~~
kuschku
Firefox includes a proprietary binary for EME.

------
briantakita
This has major political ramifications re: fair use. Given how many media
outlets are known to be deceptive & to push agendas, it's important to be able
to save the video to keep these organizations accountable...

[https://w2.eff.org/IP/DRM/fair_use_and_drm.html](https://w2.eff.org/IP/DRM/fair_use_and_drm.html)

------
IanCal
Honest question:

What is different about this compared to all the previous things we've had
that used plugins?

~~~
pix64
The DRM plugin is for decryption only and runs in a sandbox (in Firefox
anyways). Flash has a much larger attack surface. Performance of flash is
usually much poorer when compared to the browser's video player.

~~~
hrrsn
Not trolling, just genuinely curious: what about this is so awful then? This
sounds like a step in the right direction?

~~~
kuschku
This makes DRM easy. Very easy.

So easy that Twitter and Facebook are considering to implement it for all
videos. So easy that YouTube is starting to implement it.

This kills the web.

~~~
icebraining
So, just like the web until ~2014, when Flash video was the default and sites
could very easily add DRM to their players?

~~~
kuschku
And building DRM was so complicated close to no sites had it? Yes, exactly
that.

Right now, YouTube is working on adding EME based DRM, as are Twitter and
Facebook.

Even with their Flash based video, you could always easily download it.

------
jamespo
I can't find where in the article people are being forced to use this?

~~~
Ygg2
When content providers, a la YouTube switch to it.

~~~
karmadog
YouTube probably won't force this, but even if they do, nobody forces you to
use YouTube.

~~~
Ygg2
YouTube doesn't need to want to use this, the content providers will be
breathing in its neck about NotDoingEnoughToStopPirates, and they'll comply
out of wish to avoid frivolous lawsuits.

Riiight, I'll just move to next high speed, high capacity video platform, that
will magically grow in the meantime.

