It is very rare that I find something I want to watch here, where as the content I generally want to watch, sadly, exists behind a DRM-wall.
Services/competitors are a dime a dozen, but the issue is driving users to your service, and I don't believe users will run to watch content they don't want to watch just because it is DRM free. I also don't feel like we will force content creators to go DRM free since, as we're seeing, everyone is releasing their own streaming service, which would include DRM.
Hollywood has no desire to enter an open platform. They're completely happy if none of their movies are online, ever. Really. They already have a massively profitable distribution system in the theaters.
The problem is that people want to watch Hollywood movies on their computer, including people that use Linux. So what do you tell those people to do? Tell them run Windows? Have them go watch it in the theater? And they have copyright controls that can force offline sites that host copyrighted content in various countries.
So DRM is the tech industry's way to kiss these people ass. It may be flawed or may not work, but it's still ass-kissing. They're the artists, they get to decide what they do with their art. The consumer has no right to an artists creation. Their only choice is to pay up or ignore it.
And you'll find that this happens to other art mediums as well. There are many, many art galleries that won't sell certain works of art if they deem your ownership as insufficient. Literally - the customer is wrong.
That's true but Hollywood has been dead wrong so many times it's laughable. They've been dragged kicking and screaming from one giant pile of money to the next. Don't forget the former head of the MPAA Jack Valenti's testimony to Congress in 1982:
>We are facing a very new and a very troubling assault on our fiscal security, on our very economic life and we are facing it from a thing called the video cassette recorder and its necessary companion called the blank tape. And it is like a great tidal wave just off the shore. This video cassette recorder and the blank tape threaten profoundly the life-sustaining protection, I guess you would call it, on which copyright owners depend, on which film people depend, on which television people depend and it is called copyright.
But hey if Hollywood wants to refund every purchase I made adjusting for inflation and with interest of VCRs, LaserDisc Players, DVD Players, BluRay players and all the titles I bought on them over and over then fine let's go back to you can only ever see a movie in a theatre.
Yes I realize DVD and BluRay have DRM but there was just as much wailing and gnashing of teeth over those media when introduced and each one was more profitable than the last and remain so even though their DRM is now broken. Contrast that with the failed DIVX platform and you can see what consumers want versus what Hollywood does are very much out of sync.
People used to say the same about music before iTunes went DRM-free. In the long run, universal computers have far more value than audiovisual media. And you can explain what Hollywood wants without taking their side.
Music is a different animal. I can listen to a piece of music hundreds of times. I'll only watch a movie once, even the most diehard will only watch a movie at most dozens of times. I'm going to notice restrictions on my music way way sooner than I'll notice them on my movies. My only real objection to DRM on movies is philosophical, while my objection to DRM in music is practical, as in, I'll pirate my music if I can't move it around.
They can pirate it too, which is often a superior user experience in that the user can keep the file, move it to a different device, watch without arcane restrictions, etc.
Look at Netflix and others who are starting to build alternatives to that ecosystem (in addition to working with it for existing content). If DRM remained second-class, maybe the next such alternative would loosen its stranglehold a bit to gain a broader audience and reduce friction.
The dominance of a distribution platform is largely determined by the content it offers. If you aren't willing to play ball but the competition is, guess who gets the content?
The problem is DRM has been used for more than digital rights management. We've seen it used to surveill the user and collect information - and restrict actions on the users' computer when it thinks you're doing something illicit (not allowing you to burn things to disc, restricting the ability to screenshot videos, uninstalling/deleting programs, adding rootkits, etc).
Far outside the scope of providing authorized access to protected content.
What's terrible is Netflix could have used it's considerable influence to tell _that_ _Industry_ that we won't walk this walk anymore. EME - as I understand it - allows them to create a closed-source program that runs in a sandbox to authorize and reproduce content we've paid to view. It should have very limited ability to do this - but breaking out of sandboxes is what some software engineers are employed to figure out. We're trusting those companies with the ability to run their programs on our computer so we can watch Paul Blart: Mall Cop. We hope it works as it's defined, but it's not a guarantee.
It's not worth it and pirates don't rip from Netflix anyway. They usually work for the industry as some part of the distribution/theater network.
This hurts the customer. Our computers are not our own.
> What's terrible is Netflix could have used it's considerable influence to tell _that_ _Industry_ that we won't walk this walk anymore.
Why do you assume they didn't? And if they did and the industry said no, what should they have done? Walk away, lose access to all its content, see a large part of their subscriber base move to different services that do support DRM and therefor get the content and eventually have to start firing employees as their income drops?
Just about any streaming service has this exact same problem. They don't love DRM nor want to support it, it's annoying and cumbersome. But it's how you get access to the content. And unless you can survive purely on your own content you don't really have the option to walk away over your ideals.
If you want DRM out of the system, convince the content/rights holders that DRM isn't in their best interests, i.e they can make more money without it or at the very least won't lose money over not having it. If you're hoping that somehow a significant enough size of the population will boycott it for the industry to change, based on the ideals of the open web and open access, you'll be waiting a long time.
It's interesting that DRM is basically a "free market problem." In cases where there is a government-supported media production/distribution service, as with the BBC in Britain, no DRM is needed, because the success of the service is not dependent on income from licensing the content. Instead, the content itself is often put up for free on a government-hosted online archive, in as many formats as possible, to ensure it can reach all the citizens who paid for it.
About a 1 billion of BBC revenues of about 5 billion GBP come from licensing content worldwide. They utilize both geolocation access restrictions and DRM in an attempt to protect this revenue.
the issue itself is not a "free market problem" because copyright only exists because of government interference. Government created the "right" DRM is protecting against.
In a pure free market, there is no copyright, thus no need for DRM to protect a right that does not exist
DRM schemes effectively allow the implementer to invent their own rules well beyond what copyright law specifically reserves (e.g. restrictions on resale and lending, ability to create their own licensing regime to publish on a given platform), so I don't see how DRM depends on government intervention. DRM is already defined more by business and technical considerations than by the law. If anything, it seems to me that draconian DRM schemes would be more desirable to vendors if they didn't also have copyright lawsuits in their arsenal.
I see how that's supposed to work, but I don't think that's how it happens in practice, and hence doesn't explain much about the motivation behind actually bothering to deploy DRM. Proto-DRM (copy protection, lockout chips, dongles) was in play decades before anticircumvention laws, and as far as I've seen those laws have little practical value in stopping circumvention anyway. They seem to be primarily used for extra charges against vendors of "fully loaded" hardware (e.g. consoles and media players preloaded with illegally copied content). When governments are leveraged to go after pure circumvention tools, the Streisand effect usually kicks in and ensures that the necessary code and keys are spread far and wide. The main place where DRM actually has teeth is in applications where connectivity and an account are required, such as streaming media services (i.e. the primary application of EME) and online gaming. In that case, the vendor can frequently update anticircumvention measures in the client and deactivate accounts (or, in the case of vendor-managed platforms like game consoles, ban the actual device) that fail enough checks.
> And if they did and the industry said no, what should they have done?
Distribute industry content with DRM, distribute their own content without, and see what the results are.
Somebody's going to have to perform the experiment to see what the outcome will be. Since Netflix produces tons of content now, they are in an excellent position to try this.
Netflix creates tons of original content so it is both a producer and distributor. If Netflix really believed that the marginal value of DRM was zero they wouldn't use it on their own content since it has a nonzero cost on the distribution side.
The only other possibility that I can come up with is if Netflix's original content has multi-party rightsholder situations with contacts that legally require them to apply DRM even to "their own" content (IANAL and don't know much about how these things work, but it wouldn't surprise me).
From a purely consumerist standpoint, by far the biggest problem with DRM used to be how it was falsely advertised as selling copies, when it was in fact just temporary access that could end any day, even tomorrow (company/server shutdown, hardware token malfunction/loss, general incompatibility with new stuff). Now that "buying" has mostly been replaced by streaming subscriptions, this problem has disappeared: it is perfectly obvious to even the most naive user that access to the content will be gone if they cancel Netflix (or if Netflix disappears) and as a bonus, it has become just as obvious that the streaming provider knows what you stream, open, "natural" surveillance instead of hidden, deliberate. Now it is more like the cashier knows what you buy at the supermarket (how else could they do their job?), whereas before it was a bit like the loyalty card backend knows (ignoring the massive difference in centralisation between cashier and loyalty card).
I think you've perfectly summed up the problem the average anti-DRM advocate has: it's pretty easy to get people riled up when they paid a noticeable amount of money to “buy” something which goes away. In contrast, the Netflix/Spotify model where you pay a modest amount of money for all-you-can-eat accesss is hard to get much traction with since nobody thought they owned a particular work and the total price is so much lower that few people care.
I can't decide whether this is bad or a sign of progress towards training people that DRMed content is not worth much.
The major EME providers are PlayReady, which is Microsoft, and Widevine, which is Google.
You've already given those two companies pretty broad permission to run binaries on your computer (unless you use Firefox on Linux) so I'm not sure what the incremental security issue really is.
That's quite the invalid assumption. Additionally, if I let Google run binaries on my system in one spot, it does not mean I have given them full access to run binaries elsewhere.
I suppose but when you're already using Chrome using the Widevine CDM isn't a huge difference. When you're using Edge using the PlayReady CDM isn't a huge difference.
I see the general theory of the argument for Opera and especially Firefox but even so, why trust a CDM blob less than any other commercial binary?
Tell that to the 4k webrips on the private torrent trackers; I'm sure they'll be surprised both by the fact that they exist, and have apparently gained sentience.
It would be better if the platforms that wanted DRM just made their own damn desktop apps, just like they make their own iOS apps, Android apps, Roku apps, smart tv apps, etc. There's no reason for them to be embedded in a browser.
They knew the adoption rates for out-of-browser proprietary content viewers were awful. That is why they dedicated resources to usurp the open web.
If Mozilla had fought back, we might have progressed towards the death of the obsolete content model big media wants to keep in place and prevent change in the market. It would have at least been a step in the right direction - instead, the promise of the open Internet was sabotaged, and big media gets to be more "convenient" at its sacrifice.
Mozilla did fight back, but nobody in the OSS community at large bothered to care about EME until the writing was already on the wall. I remember being at the Mozilla Summit 2013 discussing Mozilla's alternative proposals, but even by then the prevailing mood was that of imminent despair at the inevitable.
AFAIR the alternative with the most promise involved implementing a new video codec in JS (heavily leveraging the GPU and the then-nascent asm.js) with first-class support for digital watermarking, then convincing studios that per-user watermarking was more effective than DRM. You can see the difficulty of Mozilla's position: it wasn't enough to come up with an alternative to EME, they had to come up with an alternative to DRM altogether. A tough sell, to say the least, and basically DOA because Chrome and IE were shipping EME for use with Netflix in 2012.
Why is reasonable DRM a problem in the first place? I'm paying Netflix $8 a month to watch thousands of movies whenever I want. Being constrained to a large number of devices that take some steps to prevent someone from ripping the movies is a fair tradeoff. It works flawlessly on my computer, on my phone, and on my xbox. The DRM hasn't bothered me once.
Because I'm going to immediately argue with you that there is no reasonable DRM.
It comes from two ideological positions. One believes that content creators need complete systemic control of what they make - at all costs (that the creator maintains full control no matter how the content is interacted with) - and the other is that content shouldn't be controlled (or that I, as a buyer of content, should control the content I bought), and all real world implementations fall between those extremes.
But when it comes to DRM, it should be understandable that plenty of people (myself included) are not willing to allow third party companies to run proprietary code (the drm) on my hardware for the exclusive purpose of preventing me from interacting with data on my own computer (the streamed movie / music). When web browsers start baking in this proprietary functionality, it forces me to look for alternatives to the established open source browsers.
If you are content with that relationship with content (heh) providers, then this is not your fight. But at least accept that a lot of us want to own our computers, and proprietary software takes away that right, and DRM is just one of the more visceral forms proprietary software takes where its entire purpose is to impede the users ability to control their computers.
So, install a DRM-free browser on your universal computer and get a dedicated box for the subscription service? Except for perfectly avoidable waste, what did I miss?
The problem is, eventually, no one is going to make an DRM-free browser because "no one" will use it if they can't watch movies or access whatever other content will be locked down with EME. Firefox let's you easily disable DRM, for now, I have no faith it will remain that way forever. If content providers were really never going to give up on DRM requirements, I think a standardized "Media Browser" specification should have been created with the only goal being audio/video delivery, completely separate from web standards. I don't even understand why Netflix wants to be under the thumb of the major browsers, they should be the one's looking for a dedicated solution so they can declare independence.
Yes, the bundling is ridiculous, but as long as the browser is open source, it'll still be possible to disable it - it's a tiny amount of code to allow that to happen, not a high maintenance effort item at all.
They quite frankly can't technically, only legally - they're selling a 0 margin good, anyone who has it can basically give away infinite copies at zero cost per additional copy. Anyone who wants it for free will have it for free. They need no more than drop a few words into Google or type the name of something into a fully automatic tool like Sonarr.
It's pointless for them to bother trying to stop piracy, especially of analog content using technical means.
"but it's not perfect, someone could just xyz and abc and get around the system."
DRM is not about being perfect against a dedicated pirate. Just like locks on doors, it's about putting up a few barriers that serve to keep the vast majority of people honest. No one is under any illusions that DRM will stop movies and games from showing up on torrent trackers.
There's a big different between breaking a door down to bypass a lock and pirating a movie via bittorrent though.
It doesn't "keep honest people honest" when piracy is so damn easy regardless of what they do with DRM. The point of that phrase is to increase the effort and motivation necessary to commit a crime - in this case, DRM doesn't do that. With or without DRM any idiot can download the latest Popcorn Time fork and stream movies with 1 click. DRM doesn't hinder the most casual of pirates at all, it only hinders honest customers.
People are pretty wary of using torrents because they're scared of being sued. What DRM on Netflix prevents is you ripping all of the seasons of your favorite shows, with almost no risk of getting caught, and then cancelling your Netflix subscription/sharing the rips with your friend, who is probably not inclined to use torrent sites.
Most people I know who casually pirate things don't even use torrents, they use streaming websites, file lockers, Kodi plugins, etc. Which offer similarly no risk of getting caught. I was simply using Popcorn Time as the extreme example of the level of ease it can be at.
None of these are exactly out-of-the-way high-effort options. There's no increased effort - you just don't bother trying to do so via Netflix. Any of these can be Googled in a few minutes. DRM does nothing to prevent them.
The legal risk you're talking about is just that though - nothing to do with DRM, everything to do with a legal threat. Note that it's more effective than DRM.
Even those who do go out of their way somewhat to improve the piracy experience don't go that far. I wouldn't compare configuring a typical Usenet+Sonarr+CouchPotato+Plex rig to breaking down a door, and that's pretty much the most advanced sort of setup you can get. It may require slightly specialized knowledge, but it doesn't require specialized intent usually. The intent is still the same as that of the casual pirate, it's just a tradeoff of upfront effort for later ease.
So how do we ensure people keep making quality content and software? Should they give it away for free by default and just count on charity?
Seems to me the only ultimate solution is to have some kind of guaranteed basic income, at least for all people that aren't involved in the creation of tangible goods (that can't be copied at zero cost).
Does anyone remember what the prevailing mood was like when/before Chrome started becoming popular? Were people simply happy to see more companies putting a dent in that avatar of Lovecraftian horrors that was Internet Explorer?
Why didn't Mozilla work harder to catch up with Chrome and counter Google? Was it a case of "My enemy's enemy is my friend?"
And why did Opera slip away into the mists of obscurity? I remember it being pretty good and it was actually my main browser for a year or so.
> Why didn't Mozilla work harder to catch up with Chrome and counter Google? Was it a case of "My enemy's enemy is my friend?"
I'd argue that this "catching up to Google" was more their problem than their solution.
In making Firefox more and more Chrome-like they took away many unique and important Firefox features and they keep moving further and further in that direction. They now want to trash XUL and move to an extension framework that exactly matches Chrome's, removing the deep flexibility and customization that Firefox users have enjoyed. Several of my favorite extension authors have already announced they're giving up when that change happens.
If your browser just plays catch up without differentiating itself in any significant way, why would anyone use it?
Mozilla came up with some cool UI ideas, but never implemented them, or quickly did so, got them to a tiny percentage of their full potential and then abandoned them. That's the kind of thing they should be focusing on - that's the kind of thing that made Firefox gain market share in the first place. Instead they keep playing catch up. And playing catch up with a massive codebase against a giant company is incredibly hard.
Right now Brave is doing a better job differentiating itself and it's built on top of Electron - on Chrome's core codebase. If it were a little more active I think it'd have a shot at something.
That's a good reason. Ideally sand-boxing desktop applications will be an easy thing to do in the future. Maybe the big companies involved in making this Netflix thing happen could have spent their time coming up with a cross platform standard for that. No matter what, the open internet's more important than me or you or even Morpheus. I make the trust call with desktop applications every day, I'd be ok with making the call for 1 or 2 more. I have DRM turned off in Firefox and I won't change it for Netflix or Hulu (the only 2 sites for me that don't work with it off), I limit Netflix and Hulu use to Roku.
Because the browser provides a privacy and security sandbox where you can't be fingerprinted and where it is more difficult to turn decoding bugs into remote code execution exploits.
Users should have a lot more faith in the protections of a browser over the free-for-all security and privacy nightmare that is desktop computing.
Who told you it's going to be sandboxed? It's probably going to be a obfuscated binary blob (it has to of it wants to try ensure that nothing is intercepting it) which will try verifying that OS isn't intercepting data.
The spec talks about both securing the CDM with Sandboxing and preventing fingerprinting, amongst other security + privacy issues that should be addressed:
the spec also says if the CDN isn't sandboxed then the user needs to be warned and prompted to allow exec:
> if a user agent chooses to support a Key System implementation that cannot be sufficiently sandboxed or otherwise secured, the user agent should ensure that users are fully informed and/or give explicit consent before loading or invoking it.
For me, it usually wouldn't start up (some oddball Windows Store error, probably because I don't sign into my machine with a Microsoft ID) and streaming quality was horrible, especially at the beginning, and there was no way to tell it to wait longer for buffering.
That wasn't his central point I don't think, also Flash and Silverlight where largely beaten by the Open Web because they never got the adoption sufficient to rival it.
So instead they lobbied for it to be built in, the day will come when view source won't work anymore because everything fed down will protected by DRM and we moved another step closer to turning the web into a gigantic walled garden for whoever the incumbents are at that point in time.
> That wasn't his central point I don't think, also Flash and Silverlight where largely beaten by the Open Web because they never got the adoption sufficient to rival it.
this is a false statement, Flash was ubiquitous. Still today every chrome user on desktop has a flash player. Obviously, this isn't true for mobile, but before the mobile era flash was basically on every Windows and Mac computer with a browser.
Merely been installed isn't adoption, if 99% of my web time is using HTML/JS to render content and 1% of that time Flash then do the web browser and flash have the same adoption?.
By that metric notepad would be the most adopted programmer text editor in the world..
Yes, with WebAssembly. (With ASM.js, the predecessor it was still JS, but hard to read as human.) that's why WebAssembly is bad for the open web. In near future we will see binary blob SaaS like full Office running in browser. So the 1990s vision of vendor lock-in come to a full circle.
One of the only positives to come out of these new standards was that NPAPI could be deprecated.
We've arguably replaced an insecure and general purpose open interface to proprietary blobs with more narrow and single purpose open interfaces to proprietary blobs.
The thing is that there is (for all intents and purposes) no difference between ECE and plugins.
Actually, ECE is a plugin. The only difference is that it helps web-designers switch plugin providers.
That's it. No more security. No more standardization.
As a user, you still depend on the goodwill of the ECE provider throw you a bone. If you use a slightly niche OS (say, OpenBSD on ARM), you're out of luck.
If Adobe decides that it's not worth their time to develop a plugin for PaleMoon, they won't and you're out of luck (or will MS let their ECE plugin run on Linux, or Google's run on FF?). You (as a user) won't be able to switch to another provider. It all depends on the provider.
I completely understand and sympathize with your point, however this:
"If you use a slightly niche OS (say, OpenBSD on ARM)"
Is rather hilarious - calling OpenBSD on ARM a 'slightly niche' OS in the context of 'operating systems people use to watch video on the web' is rather ambitious, don't you think? OpenBSD on ARM would have to increase it's user base in this arena by a couple orders of magnitude to elevate itself to 'slightly niche'....
I picked two relativity popular platforms, though niche together to focus on the danger. All the more so would something like the rust os have problems.
The bigger issue will be when these providers will start holding OS's hostage (well, you want to view half the web? You've got to have a locked bootloader and only I have the key. You want to index our sites? Google has permission (the unlocking key) but not you).
Google's CDM ("Widevine") does run on Firefox, apparently.
I wonder whether it would be feasible to run the CDM within QEMU on a platform like OpenBSD/ARM? At the end of the day it's just ordinary code that runs in the Gecko Media Plugin sandbox.
What other option was seriously on offer? I buy DRM-free music but the video options are extremely limited to a few committed proponents — I love them for that but it's like saying nobody should buy conventional agribusiness food because you can buy organic free-trade kombucha.
