I could dedicate the rest of my life working 100 hours a week on a browser, and I would die before I had something that could compete with browsers of 2017, let alone of the browsers far into the future at my demise. The standards grow in complexity faster than a small team of developers could possibly keep up with.
The best we have are attempts at forks of major browser engines, which will never gain any serious traction to have any power over the direction of web standards.
If people want to do something about it, they need to fork the web itself. HTTP, TLS, HTML, CSS, JS ... the entire stack needs to be scrapped and replaced with something sensible with a focus on simplicity. If a single highly talented developer working full-time can't implement a reasonable browser within a year, then the standard is too complex. This will of course never happen.
And so, on the subject of DRM, we've officially lost the war today. And combined with the impending loss of net neutrality, brace yourselves everyone: it's only going to get worse from here on out.
Don't get me wrong, it's still a long shot, but if an organisation could build a raft of talent, get that talent to make content that was only available on an open and progressive platform, then you might get some traction. So what might that look like, well, say I had the funds to secure 100 of the worlds best financial journalists and only delivered that content on a novel protocol, do you think I might be able to persuade some people to run a novel application to access that content, oh hang on, did I just describe Bloomberg...
Back in the dark ages, when the battle of www vs Gopher was still on, I sided heavily on the side of Gopher because it didn't get in the way of the content. Gopher was a means to navigate the maze of content and most of the content was textual, postscript and neatly typeset. You could sit down with it and read it focused or print it out.
We've regressed to the point where 5KiB of text comes with 2MiB of crap, meaning a noise to signal ratio of 26dB which is insane!
Really Gopher is dead though. We could do with a fresh start. A search engine like WAIS, a menu system like Gopher and a standard document format that allows you to get quality content on everything from your e-reader to paper without having to read some fucked up ebook flow layout conversion. And not postscript. Something you can author by hand.
I've even had enough of building things on the web. It is a horrible horrible thing to have to do. I envy system programmers who never see the pain of trying to keep a very large web application secure at even a basic level.
Unfortunately that's what the average layman wants. They want the SPA experience. That's what they want to pay for. What kind of professional am I if I don't give people what they want to pay for?
> I've even had enough of building things on the web. It is a horrible horrible thing to have to do. I envy system programmers who never see the pain of trying to keep a very large web application secure at even a basic level.
I build and maintain full stack web applications for my day job. Man, is it a pain. Between the database setup, server setup, back end application, front end application, security concerns, and browser compatibility issues, I rarely get to spend any time at all working on the business logic. Seriously, modern web development is 90% chasing down bugs, security enforcement, and fixing compatibility issues. Writing the business logic is the easy part.
That's true of most modern development. It might be more painful on the web, I wouldn't know, but systems programming is not really any different.
What about that experience do they want, and how do you know they want it? Engagement metrics can make auto-playing video look like a great idea, but people dislike it enough that browsers are starting to block it.
Sadly the average clickbait article contains a lot less than 5000 characfters of actual text.
It's only insane if you have the tools to look at what's happening under the hood. Most people don't have any idea.
How about TeX? Many sites already use js libraries that integrate latex.
CSS sure, but most people can learn the basic html tags in a minute. Same for the basic latex conventions.
Technical papers with formulae and complex references are slightly more detailed, but that ends up being gloss. Even LaTeX for a simple text is quite minimal (though you need the starting template).
Source: I've made something of a hobby of marking up source docs into HTML, LaTeX, and Markdown. Of the set, Markdown would be my first go-to, and I've used it for some book-length projects.
I would probably use org-mode for that.
Lawyers will make the most egregious leaps and grasps to paint the opposing party in the worst light possible, especially in the early stages of the case, because if they don't claim that Lynx is a "hacker's tool" in the initial pleadings, then it may be looked upon with suspicion if they try to raise that point later. So they are essentially trying to reserve as many potentially beneficial claims as they can at once, including (and especially) any claim that may portend that the other party is a devious scoundrel with the worst possible intentions.
Lawyers will thus front-load with every kind of tenuous, ridiculous accusation they can (without presenting a significant risk to the licensing), expecting some of it to get "laughed out of court", just so that on the off chance that it doesn't, it will help their case.
I'm sure a real lawyer would contest that to some extent, and I'm sure there is slightly more nuance to it than that, but that is my layman's assessment and I think it is roughly accurate.
The takeaway is not to take legal pleadings too seriously, because the goal is not to find justice per se. It is for your side to win, to get what it wants, under the assumption that that automatically represents justice.
I believe, the case is part of a more general theme (which is, indeed, related to the EME topic): There's a perceptible will to regulate any kind of browsing into consumer-style app usage. E.g., manually entering a URL ("URL hacking") has been considered a fraud attempt; using a browser which only supports the basic protocol set and not all of it is considered as possibly related to intrusion and terrorism (oh, that T-word again). In the end, we may wake up with the law enforcing a certain, standardized life style. We may wake up with a deregulated companies and strictly regulated citizens.
This is not to say there aren't ridiculous prosecutions that run their course, especially in niche areas that aren't widely understood and thus hard to create public outcry over, like insider trading or computer crimes. It's just to indicate that using Lynx, by itself, is not considered criminal by any sane person. It's a nit the prosecutors pick when they're trying to nail you on something larger, a detail they exaggerate to attempt to create the impression of one's villainous ways.
Just don't want people to uninstall Lynx in fear that they'll be arrested for firing it up. :)
EDIT: From re-reading your comment, it seems you're suggesting that this wasn't part of a larger operation, but that actual charges were brought because of a single aberrant entry in the access logs? I find this hard to imagine, but if true, I would guess that this is more along the lines of "abuse of police power to harass an enemy" than "literally a random dude who just visited our site in a text-based browser". I've read access logs for many years now and even small sites get all kinds of weird things in there, it doesn't seem plausible that something like that would flag off any kind of detector. Do you have a link to more details about the case?
Basically anyone that can use a text based browser also is using some form of *nix and knows how to handle a command line application. They probably tinker with computers and so have many low level tools at their disposal.
Consider the difference carrying a knife, being a hunter, and carrying a knife being a bankrobber and going into a bank to use it.
Since illegality is, literally, whatever is contrary to the law, anything at all can be illegal. We can hope that crazy things won't be illegal, and decry their illegality—but, since it's convenient for a government to impose sufficiently many laws that anyone can have some infraction pinned on him or her (https://www.youtube.com/watch?v=JwsLAqjqnxo), to say that any particular thing can't be illegal is probably wishful thinking.
But there is clearly a demand for DRM-free browsers. And if the worst fears are realized, and mainstream browsers won't display media without DRM, or become snooping devices for IP oligarchs, that demand will increase.
Sure, it'll never be more than a niche, but DRM-free browsers will be there for those who want them.
IP owners are protecting their assets which are worth a lot. The irony is that the value of those assets come from us content consumers. And I'll be the first to admit that I'm a lot less interested in the local amateur hockey team than the national league team I follow. I chose to consume that brand. But I don't have to.
Yes I lament the loss of a vision for free-flowing information. But the society in which we live, unfortunately, values and protects powerful asset owners. Technology cannot fix a society problem.
Nothing has really changed, has it? Video services want to use DRM so they developed or bought tools to do so. A de facto standard emerged around the frameworks and the W3C essentially ratified the standard. If I understand it correctly, the standard itself isn't DRM, rather it's a place where DRM controls can be installed.
I get that the EFF saw this as an opportunity to ask for a promise from DRM companies to not sue researchers and I applaud them for that. But now that they lost that battle, I think it's entirely appropriate for them to drop out and apply their resources elsewhere. For example, if they can get rid of the ability to sue researchers in the first place, then none of this really matters.
I don't think there's a demand for DRM free browsers but there is a demand for DRM free content.
EME existed for several years already, and was implemented in browsers. Standardization doesn't change much.
And no one except the big movie producers even wants to use DRM. If you don't watch movies on the web, you'll never see DRM.
Firefox is DRM-free by default. It will download Widevine CDM if you start watching Netflix, but you can untick a flag in the settings to completely forbid it from downloading the CDM, if you're afraid of accidentally signing up for Netflix :D
It is now. But next year? In five years? And if it's gone, then what?
> This is a paranoid slippery slope.
Well, it's a slippery slope. And I do tend to plan for the worst. Plus a safety factor.
The "OMG EVERYTHING WILL BE DRM" panic is not new. We've had widely available DRM back when Flash was super popular. And still, to this day, the only DRM'd thing is movies.
Maybe you meant to type 'the only thing I care about'.
I meant to type "I never actually saw DRM on the web in person".
Also, proprietary desktop software is still usually "protected" by just a serial number :D
The ineffectuality of most DRM isn't really an argument for it (or even just an argument against arguments against it), though.
Not really; there's a lot of sophisticated DRM going around at least since the 70's..
There is not a demand for DRM-free browser.
I don't know anyone in the real world that demands a DRM-free browser.
What you are suggesting then, a non-comparable browser experience, already exists and has for years, yet to no avail. You would get niche technologists and die hard enthusiasts only and the rest of the world would trudge happily into the future, DRM and net nutrality distant memories.
What you and I want, what HN and friends want, is not even a debate most realise is happening let alone that it affects them and will affect them profoundly in the future.
The masses are deciding what our internet will look like for they comandeered it years ago.
The great thing about the open web that you rightly mention is still kicking, is that it's full of places and services that are driven by humans and passionate communities. Nothing about EME stops those communities existing, but nothing about those communities is going to stop Netflix being the most popular platform and using EME/DRM.
If you will excuse my fluffy analogy, the web is a farmers market that has a shopping mall being built right next door. What I think would help the web, is educating people that it's better to go to the farmers market so that we can support entrepreneurial and local community endeavors rather than stuffing corporate coffers and enabling that consolidation.
The support for different versions that does exist in browsers tends to be minute: ripping out support for older versions would cut out almost no code, because there's basically nothing specifically handling them. (Heck, the only forks in CSS are for quirks and limited quirks mode, and both of them affect very, very little of the layout engine.)
Comedy aside, CSS isn't the problem, but if an experienced web-dev can't make a site without learning for 5+ years and then feel like they have no knowledge of web development then we have a problem, and that's where we are now.
The problem with the long list of frameworks and libraries available is that there is no easy way to make a web2.0 site without years and years of learning and then the resulting site is a mish-mash of what works without it being easy to maintain. Sitting here looking at .NET & angularjs 1.x and wondering where it all went wrong (actually, not the.,NET part, that seems to work).
99% of websites can be done with either a static generator (lean) or WordPress (somewhat bloated, but really mostly standard libraries that can be cached and/or served by a CDN). The remaining 1% are the really bloated ones and sure they are the ones that we visit all the time (medium, BBC, whatever). But it's certainly possible to make a site with not too much knowledge of web development.
I was talking about work as a professional developer. We can all 'make a site', there exists any number of solutions for that, CMSes like Wordpress, Drupal etc don't count in this argument unless _you_ wrote Wordpress or Drupal from the ground up. Being a wordpress hack isn't being a developer. You won't ever be asked to write something straightforward in enterprise, you'll need to know at least HTML5 & CSS & angular 1.0 & 2+ (or similar) & docker & gulp/grunt & backend & databases & jenkins & MVC & node/npm & version control & bootstrap (or similar) and and and.
99% of sites outside of a company that makes real money and doesn't just serve a page are sites that aren't what developers actually do at work.
1. Assume we will eventually converge to a virtual machine target like WASM. Thus, eventually, browsers will only have to implement the low-level instructions of WASM, which will make building a browser much simpler. Note that as a side-effect, browsers may also become more secure.
2. Start with a working webbrowser, like Firefox or Chromium.
A basic text browser is the kind of thing that's buildable in a year. Moreover, once you start building that, maybe you have an idea for certain features that current browsers don't do well (bookmarking, navigation) or at all (change monitoring, api integration, editing).
I'm optimistic that there is a lot of unlocked potential in the HTTP/HTML platform.
The web is pretty much an operating system.
Nothing is gained from having hopelessly complex technology.
 So I've read the RFC (https://tools.ietf.org/html/rfc1436) looks like it should be fairly simple, we can run gopher servers on both user machine and remote servers, so I can store my personal details locally, then give permission to other remote gopher servers to access that in a granular manner, third parties can operate gopher servers I can interface with to access 'cloud' style computing, storage, search, and manage contacts/calendars, sorted :)
[edit 2] Looks like Gopher has a pulse, you can access around 4.9 million unique 'files' using an HTML>Gopher tool run on this site http://gopher.floodgap.com/gopher/ here's a nice Ars write up https://arstechnica.com/tech-policy/2009/11/the-web-may-have...
[edit 3] My build of firefox does not seem to have Gopher support, it recognises the link (chrome just does nothing), but asks you for a local application to fulfil the request :(
[edit 4] It's now a plugin for firefox, https://addons.mozilla.org/en-US/firefox/addon/overbiteff/
Maybe you'll need your own hardware as well...
After that all you need is a layout engine, which GUI tookits like tk and gtk+ already have for text editing.
It‘s super lenient and very messy but at least it‘s consistent.
IMHO this was one of the biggest benefits coming out of the HTML5 efforts.
I don't expect this to happen in my lifetime. Any slight glimmer of hope from Apple ditching DRM on iTunes has died as nobody else shows the slightest interest in following their lead.
I understand that this is an extremely unpopular sentiment on HN, but here goes: at least with respect to video content, the industry seems to have largely proven DRM concerns unfounded.
Update: modulo the Hickson concerns below. Continuing:
DRM certainly has kept some (power) user-friendly features off the market. You can take this as a serious harm inflicted by DRM. But I don't think it's reasonable to take that harm in isolation; the alternative isn't simply a world with no such limitations, but also a world with less content made available online.
But I don't see a lot of evidence that those limitations, if genuinely important to users, can't be competed away. The restrictions might be dealbreakers for Paramount, but in 2017, Netflix can route around Paramount.
Yes, there are.
Copyright law in most countries is the result of a long history of back-and-forth fighting between content creators and content consumers. Copyright infringement has a number of carve-outs that allow people to access works in specific circumstances. Canada's copyright act, for instance, has a section which enumerates a number of these.
29 - Exceptions
29 - Fair Dealing
29.21 - Non-commercial User-generated Content
29.22 - Reproduction for Private Purposes
29.23 - Fixing Signals and Recording Programs for Later Listening or Viewing
29.24 - Backup Copies
29.3 - Acts Undertaken without Motive of Gain
29.4 - Educational Institutions
30.1 - Libraries, Archives and Museums
30.3 - Machines Installed in Educational Institutions, Libraries, Archives and Museums
30.4 - Libraries, Archives and Museums in Educational Institutions
30.5 - Library and Archives of Canada
30.6 - Computer Programs
30.62 - Encryption Research
30.63 - Security
30.7 - Incidental Inclusion
30.71 - Temporary Reproductions for Technological Processes
30.8 - Ephemeral Recordings
31 - Retransmission
31.1 - Network Services
32 - Persons with Perceptual Disabilities
32.1 - Statutory Obligations
32.2 - Miscellaneous
Before continuing with the discussion regarding how DRM is not an issue, take a look at the exceptions in your own country.
These are not small losses, but they are a negative space. You won't know what you're missing because now it just plain won't happen.
I think of it as the triumvirate of creators, owners (distributors) and consumers. The owners argue as if they create, the do not, they simply own the rights to distribute and take money. The vast majority of creators are getting shafted as well.
No. Creators are the owners of whatever they create unless and until they sign those rights away. And they sign it away for something they get in return.
It may well be that the media industry is structured in a way that puts creators at an unfair disadvantage in their dealings with media companies. If that is so then it should change.
But using this issue to justify completely unrestricted copying of all content regardless of what creators want is a cop out. Invoking the big business bogeyman as the sole response to all copyright issues is unconvincing, insufficient and ineffective.
What we need is a form of DRM that guarantees fair use rights and doesn't give draconian enforcement and surveillance powers to copyright owners.
For me, streaming is a concession to people who prefer it to owning their music. I don't want them ripping a stream I made $0.004 on (at best) thinking it's a fair exchange of value. My focus is on Bandcamp and other stores that offer DRM-free downloads. Without some kind of friction for copying off streaming sites, if you could just click "download" and not pay me anything, I just wouldn't put my music there.
My belief is someone who goes and pays a fair amount for the music understands it costs money to create, and will encourage the people they share it with under the CC BY-NC-ND 3.0 license to help me make more by buying their own copy (or a subscription).
Is watching Netflix at 1080p or more a power user feature? Because currently that's heavily restricted by DRM. Not possible on any open-source operating system, restricted to a few browsers on Mac and Windows. 4K is only enabled on Microsoft Edge and only if you also activate a bunch of hardware DRM features. So I have to watch 720p content on a 1440p screen which is ridiculous.
>But I don't see a lot of evidence that those limitations, if genuinely important to users, can't be competed away.
Amazon Prime imposes similar restrictions and is only slightly better at providing 1080p. Meanwhile piratebay still has more choice with more quality and is the only hope at "competition" to make them change their minds.
We are in a world where picking your devices freely is blocked by Amazon/Netflix and the content providers while at the same time those same companies want us to help them push for net neutrality. Commoditize the industries you depend on and capture the ones that depend on you seems to be the play and we should fight it wherever we can.
Consuming content anything else than the mainstream browsers on anything else than the mainstream operating systems or devices is definitely a power user feature, yes.
So where do you get more than 720p if you don't get it neither on open source operating systems nor on Chrome on Windows? If you get 720p max everywhere, why do you think this has anything to do with DRM?
Chrome on Windows uses its own Widevine DRM implementation instead of the OS-integrated one.
This shitshow is referred to as "robustness requirements" and Netflix apparently agreed to serve high-resolution video only to DRM implementations of certain "robustness" level (OS-integrated DRM with video drivers that co-conspire in enforcing restrictions on the actual device owner).
I can get the exact same episode or film — in any resolution — on my HTPC in five minutes, DRM free, by breaking the rules.
1080p is available on Explorer/Windows and Safari/OSX. 4K is available on Edge/Windows with HDCP 2.2 and "Intel's 7th generation Core CPU".
I don't know if this has much to do with DRM, or if it's just a matter of supporting HEVC.
In a world where browser manufacturers, as a block, refused to implement DRM, it's seems obvious that sooner or later visual media producers would be forced to the table, to gain access to paying consumers. We could be in a DRM-free world, without the inconveniences of elaborate technical restrictions on pass-through and mutual device compatibility, or black box binary blobs on otherwise open source operating systems.
With a look on TPB, it seems evident that DRM doesn't work to prevent piracy. Any technical means that would be used to download a rate-adaptive video stream and save locally in the absence of DRM would seem to me to be more involved for the end consumer than downloading pirated media directly - so I don't think DRM even works as a speed-bump.
A standards body is a great place to achieve consensus around a negotiating position. I don't think the consensus that was reached was the one that leads to the best final result. The distance between where we are now, and that final result, is the cost of this decision.
A standards body is a great place to achieve consensus around a negotiating position, but a pretty big chunk of this standards body doesn't want the negotiating position you want.
If any one vendor - it doesn't matter whether it's a browser, or an operating system, or a graphics card, or a monitor, etc. - agrees to add DRM technology, they hope they'll get an increase in usage / sales at the margin by convincing shy media producers to distribute.
The only way to stop it is to band together and refuse across the board. Individually, everybody gets picked off. You can't be the only monitor that can't play movies, or the only browser that can't show the latest episode of GoT.
One might argue that these people would never pay for content and so mustn't be considered when talking about paid content. But given a chance not to jump through hoops and with geography specific pricing, there are ways to get people to pay. That could add up when done right on a large population base. Right now the big content houses are literally leaving money on the table and encouraging piracy (to put it in a different way)!
For me, a DRM-free experience is one I can enjoy on all platforms and devices I have. It also has a much better general UX.
Measured in all ways I can measure quality, DRM only reduces it. Thus sites like TPB still has the upper hand for people who care about quality, portability and UX.
WEBDL is usually 4-5GB
720p Bluray: 6GB
1080p: 8GB and up.
I'm not sure how true that is. Currently getting content is easy enough that the average consumer doesn't use it, but at least back in the mid 00's the technical people in my social circle got introduced to torrents by people who didn't know how turn off a computer except by unplugging it. They we're willing to take all sorts of risks with their computer on sketchy sites the second it became the easiest way to get their content.
If torrents and piracy become the easiest way again, I could easily see regular people going right back to it.
I still really don't think the protests happened because people suddenly became aware of abstract consequences of an obscure deal proposal. But exactly at that time, in an unrelated case, FBI shut down Megavideo, widely used by regular people then. This is what they took as a future of Internet under SOPA, and that's why, I believe (based on first-hand experience), they went to the streets.
I strongly believe that the convenience of Netflix and iTunes only exists because of piracy, and the industry would never have chosen it otherwise. They'd be stuck on pay per view.
Piracy does have serious negative side effects on both content creators and end users. It's kind of a hacker fantasy that it doesn't.
Ordinary consumers get it via sneaker-net on a USB key that they can now plug directly into their TV. Before that there was pirated DVD's and video cassettes, but the ease and cost of piracy is still improving faster than legitimate methods.
HD .mkv files can be viewed on virtually any device, including "smart" TVs long forgotten by their manufacturers which do not support Netflix/Roku/whatever apps, open source devices, smartphones, or regular computers. Usually, you just need to plug in a USB drive and press play.
They can also be of arbitrary high quality. And usually higher, not lower than streaming sources which adjust to network conditions.
It's true that the plans at legitimate distributors are currently very inexpensive. A good seedbox will run higher than Spotify and Netflix subscriptions plus a bowl of nachos but neither the quality, nor the choice, or convenience are even close to piracy.
You can download entire BluRay disks, about 40GB, 4K shows, 10GB IIRC.
You are wrong. Pirates have the same or HIGHER quality video in most cases.
In the US, maybe. In some other, less capitalist countries… well, paying for non-physical things seemed ridiculous. Still kinda does, but app stores have somewhat changed that.
Doesn't seem obvious to me. Why wouldn't they use their existing native apps?
In fact it seems they have apps for all platforms out there, except the traditional desktop, something it would cost them almost nothing to provide on top of their existing app-offerings.
Basically Netflix is the best proof you have that you don't need DRM in HTML.
And yet here we are. It's absolutely infuriating.
DRM is the price that content providers ask of Netflix. Netflix is fine with that, because the alternative is less content. Browser makers are ok with that, because the alternative is fewer people on browsers and more people on native apps. I'm personally ok with that because I dislike installing apps and I prefer the browser, although most people don't have a preference.
1. It avoids the ethical problem of pushing DRM onto people who just want a browser. (Firefox does offer a EME-free version, but you have to look for it, when you might not even know what EME is). If a CDM module installed automatically by Firefox becomes an exploit vector, they are ethically responsible, in my opinion.
2. It preserves browser competition. CDM modules only work in approved browsers, so people building new browsers are at a disadvantage. They may be able to use Firefox's sandboxed component, but it's not clear yet.
3. It avoids having second-class OSs for those browsers. For example, Firefox runs on MIPS and SPARC, but the CDM modules don't.
4. It makes it more expensive to use DRM.
This misses my point. No one cares about DRM - not the streaming service, or the browser vendors or most importantly, the users. Consumers have voted with their wallets on this - they'd rather watch Netflix than torrent.
Maybe I'm being callous, but I don't care much about "the ethical problem of pushing DRM". Nor do I care much about MIPS and SPARC. How many end users are running MIPS and SPARC anyway? And I especially don't care about it being difficult to use DRM. All of this sounds like ideological purity, which in my opinion, is a waste of time.
Could you list some benefits that would be appreciated by more than 0.1% of society?
It comes down to the same set of reasons.
Well, that, or they would have went the direction of newspapers & news - give up on producing quality content, and instead cater to the lowest common denominator by producing the cheapest, most polarising content possible.
This is a world where we were a couple years ago. The content providers used plugins to provide DRM for the raw video (Widevine for example) or serve the video inside a container that has DRM (flash/silverlight). One of the main reasons for flash and silverlight dying away is that browsers could do more and more of what they did. And playing video the way the content producers/distributors wanted is a big part of that.
I still maintain my netflix account 1) because my mum uses it with her Roku and 2) because they should be paid for providing value and good TV.
I have the technical skills (like nearly all HN readers I'd imagine) to stream whatever I want with essentially 0% chance of getting caught but I don't because NF has most of the content I want to watch and I don't watch that much anyway.
DRM may be pointless if you think its main goal is a way to prevent people from watching content they did not directly pay for.
But that is missing the point. It does not matter that you, an individual, can break it. It's a divide and conquer strategy: we as a community have to follow the rules and that's what matters.
DRM is about and has been extremely successful at giving content owners leverage over playback devices (you effectively cannot ship a playback device at any real scale without following the rules the content owners set) and transitively to players down the content pipe. That is why it is evil. It's the most clear manifestation of an unjust instrument of power over the user, to put it in Stallman words.
Except a desktop PC/laptop - hence https://youtu.be/HUEvRyemKSg
It's already happening too, note the way Netflix refuses to send higher quality streams to the PC, except through IE/Edge or the native app (which exhibits strange, tell-tale behaviors on multi-monitor setups).
Turned out, however, that I could not play this content on most of my devices, because it was DRMed into something awful, despite being regular sound files that anything can play underneath, and those devices did not support it.
So, I did two things: a) I downloaded the DRMed files that I had on my subscription, and spent an hour (probably should have taken less, but I have never done it before) on extracting regular MP3s from them and b) I cancelled my Audible subscription. So DRM wasn't just pointless to me, it was bad for both myself and Audible (I started with thinking they are awesome and now I low-key despise them).
ffmpeg -activation_bytes 1CEB00DA -i test.aax -vn -c:a copy output.mp4
The fact that it's a choice between "use the player I like" and "listen to the books I bought" is why DRM is evil.
I also don't really like blackboxes I can't at least theoretically look at the code for if I want to, I don't like it with the Intel manaement engines (and AMD) etc either but that is a trade off I have to make if I want to run new hardware, compromising my security so I can watch a movie is a lot less enticing.
This is the kind of future I fear https://en.wikipedia.org/wiki/Noir_(novel) (and if anyone is wondering my username isn't a co-incidence).
Nothing more; nothing less.
Does that mean (effectively) watermarking?
Do pirated releases even come from (defeated) DRM sources these days?
This article got even better.
IMO, some people will always pirate your movie/music/games/whatever. But if the crack lasts a few weeks, or if you have to unplug your DVD drive to get it to work, or if it's a low quality cam rip, or if all the good torrent sites have been shut down and now the last ones are infested with spyware, or if there's a risk of getting sued by the MPAA... all of these are factors that'll tilt the pirate vs buy decision.
The problem with DRM is that it gave them a way to have their cake and eat it too, at the expense of the general public. Every time you have to use a shitty half baked interface to select your movie/TV show (I'm looking at you, Netflix and Amazon) you can thank DRM.
For example, the Netflix library changes every now and then (at least that I've been able to detect), and there's more than one show that I can no longer watch anymore that I wish I could.
That to me is harmful because I don't really know when this happens until I search for it and it's no longer there. So I end up buying DVDs of shows/movies I really would like to re-watch in the future just so I can avoid Netflix's listing changes.
I guess the argument is that if there were no DRM I could download those shows I like the most and watch them at anytime, regardless of whether Netflix wants me to or not.
Not sure about the reasons for others to consider DRM harmful (or not), but this one to me is really important and would love to have a DRM-free alternative besides pirating (due to inconvenience mainly, and due to general concern for downloading stuff that might not be what it supposedly should be).
However this looks like wishful thinking at best, as time goes by and DRM is pushed further.
To present it as a decision solely made by Netflix grossly underestimates the contractual complexity and involved parties responsible for turning a screenplay into something you can stream in 4K, all of whom have ownership stakes to lesser or greater degrees.
I was merely trying to point out that whoever decides what gets delisted (in this case for the sake of simplicity I said Netflix), has control over what I will be able to watch instead of me.
The argument is not that there are no consequences, but that DRM is a net positive because those consequences are the trade off for more and better content online.
Why don't you clarify why you think the tradeoff is not worth it, instead of just saying DRM = bad?
Why is the price too high?
I'm not being obtuse, this is legitimately not obvious to me. Unpack your reasoning a bit, because I still don't see why it's axiomatic that DRM can't be a valuable tradeoff.
The right to read:
If I wasn't able to run a certain subset of software, i.e. DRM, then my machine would be less universal, not more.
Controling your machine does not imply you always understand what it is doing, jusy like controling your car doesn't imply you always know exactly where it is and how it got there. You may give your keys to your spouse to drive somewhere and you trust that they do just that. Back to computers, that means when you run someones elses software you don't necessarily know how it is doing what it is doing and you trust it does what you hope it does, yet you could be in control.
So when do you lose control? In the world of cars, when you do not have the choice whom to give your keys, when someone has the power to take your keys independently of what you want, then you do not have control. In the world of computers, DRM is to take your keys, or to never give them to you, in the first place. DRM has led to components in each and every PC that are built to be beyond the control of the owner.
I don't see a big problem with a DRM-capable computer on it's own, however, I don't think it's ideal and would argue against it. But the _big_ problem starts when I cannot buy a computer without it, anymore. That is where we are.
So make one. There'll be a lot of things it won't be able to do, but nobody's going to put a gun to your head and order you to stop producing a DRM-free machine for yourself.
Meanwhile, the "you don't control your machine" argument suffers from the same fundamental tension as many of the RMS/GNU/FSF positions: in the name of freeing you from restrictions, they impose restrictions. The GPL, in the name of protecting what you can do with the software, specifies some things you must never be allowed to do with the software. The hardcore anti-DRM position, in the name of protecting what you can do with the hardware, specifies some things you must never be allowed to do with the hardware.
Now, that's not necessarily bad; there are arguments to be made that trading off a small amount of freedom to do a handful of things protects a large amount of freedom to do many things. But unfortunately that's not a type of argument RMS/GNU/FSF can admit to, because they frame things in absolutist moral terms. The absolutist cannot speak in terms of tradeoffs. To do so is to compromise the entire position and, worse, to open the door to others who might propose a different set of tradeoffs and argue that they're as reasonable as the absolutist's proposal; at that point, as the famous line goes, you're just haggling over your price.
So if you want a computer with no DRM, by all means go and build one. Refuse to put anything in it that you don't absolutely control. You'll be giving up quite a few things, like being able to play back popular media, but if that's the tradeoff you want you certainly are free to go and have it.
What you can't do is force others to abide by that; most people simply do not care that there are things in their computers not fully under their control, or if they reflect on it are willing to accept the tradeoff of, say, having hardware/software that will refuse to play certain media unless certain third-party-imposed conditions are met. You could argue that the overwhelming majority of them have never thought about this and probably wouldn't come to a rigorous and well-informed decision about it, but morally you have no inherent right to substitute your judgment of what's good for them in place of their judgment of what's good for them. The most you can do is build your own computer which does things the way you want, install only software that you personally trust to abide by your principles, and advocate for others to do the same.
If you truly believe that DRM is harmful in general, you need to construct an argument that appeals to educating people about which practical freedoms they care about will be lost. At that point you need to accept that they might not care about those freedoms.
But if you construct an argument from the axiom that users shouldn't introduce anything into their systems they can't reasonably control, you've fundamentally isolated almost everyone who you want to convince. Of those remaining to listen, most will typically already be on your side end evangelizing the same thing. In order to be consistent, arguing from a core axiom of user freedom and choice requires sacrificing things like hardware security modules, which are a giant leap forward for user security. You can have the absolute freedom to do anything if you'd like, but you might find that there are relatively few ways to apply that freedom if you do.
The alternative is a balanced approach: you don't start from an axiom that users need to be inherently free, and that some amount of tradeoff in freedom is beneficial and desirable. Then you go on to demonstrate why DRM in particular is bad in general. But this is a much weaker position in general, and framed this way you'll have fewer people to argue with.
Imagine I would make the money I pay for media also DRM protected, so it can only be spend in a specific way? Would they accept my money?
If the social contract for DRM was "subscribe to a growing library of content for an inflation-adjusted rate", that'd be fine. Instead, the contract is "cede all your rights until there are no technological alternatives and a few monopolies own the whole market".
Not cool. I'd love to see the w3c disband over this.
Hacker News everyone, where one week the film companies are evil because they won't give Netflix all their content so people can have one streaming service and the next we have "monopolies own<ing> the whole market.
I often have slow internet access in my home which limits my ability to stream. If I can download when I have a good connection I can view later when my connection goes to shit. This is not an option with most streaming services (eg Netflix). I pay for these services. I should have control of how and when I view the content.
Now I always pirate media in advance I intend to watch in the air. I don't want to have to babysit my netflix downloads to make sure that they really are downloaded.
I think the limitations on playback are an unreasonable burden. More fundamentally, I think I should have the right to gain the fullest possible degree of control and knowledge of the workings of my computing equipment without being punished by the legal system. Just like I should have the right to repair, inspect and modify the physical objects I buy, should I be allowed to do that with my computing hardware and their information contents.
In the near future neural networks will recreate full software packages just from being connected to cloud-based applications that stream video and commands back and forth from a browser window (or a VNC-like desktop client/app). The DRM systems will always be cracked, because you fundamentally can't and should not be able to control what people do with the information you give them, and eventually even running the DRM by not sending the executable code at all will not be enough to make software impossible to copy.
However, I don't think this will be a large problem, because you can still fine people for sharing copyrighted material with randoms (I'm not sure I think that's a good idea, haven't thought about it enough), and once you have enough clients that integrate content stores and payment functionality with playback, you can get a user experience that is so much better than that of Spotify.
I think the right to free computation and inspection, repair, integration and modification of computing systems should be enshrined in national constitutions, as it is as fundamental as the right to free expression, and perhaps just the newest incarnation (and necessary extension) of that same principle.
One of the main reasons we need so much new content is because a large percentage of old content is no longer accessible, mostly for reasons related to rights management.
I had hopes that Netflix becoming a global phenomenon meant that a vast library of content would become available, but instead we are now in an era of increasing fragmentation of content offered, with content providers becoming content creators (fine), for exclusive content (rather limiting), offering only a token of third party content of dubious quality (hey!).
Here is a radical though: reduce copyright to 28 years, and let the Netflixes and HBO's compete against that! Not going to happen of course — the best some of us can do in the meantime is pretend copyright did end after such a term, or just meekly submit to whatever is made available, DRM-shackles and all.
Yep, I would have never discovers Jeremiah Johnson without TMC.
> Here is a radical though: reduce copyright to 28 years, and let the Netflixes and HBO's compete against that! Not going to happen of course — the best some of us can do in the meantime is pretend copyright did end after such a term, or just meekly submit to whatever is made available, DRM-shackles and all.
This is the real root of this issue. You're completely on the right track.
Originally, copyright only protected an idea for a very short amount of time. Basically the amount of time required to go to market with an idea. Copyright was intended to protect the little guy entering the industry so larger competitors couldn't steal their ideas until after the little guy entered the market.
Now, on the other hand, copyright accomplishes the exact opposite. It protects the big guys by ensuring that no-one can ever use or improve upon their ideas/products without their express consent for what seems like an eternity(see Disney constantly requesting copyright extensions on Mickey Mouse). There should be a hard limit on copyright of 5 years, maybe 10 for IP. As you said above, this will never happen as there are too many people and companies feeding off the current system. Disrupting the status quo would result in an eruption of outcry from studios, record labels, and publishers.
That said, I think we can all agree that is absolutely absurd that record labels are still profiting off of albums where every person who worked on them is now dead for an example.
Let's also be real here and address the issue that artists don't really benefit from signing on to contracts with large corporations outside of maybe better publicity. 90% of the proceeds from listens on spotify or shows on Netflix are going to the companies that own the rights and not the musicians/actors. That's why most non-mainstream music is moving into self publishing/independent labels.
If the entertainment industry could survive the age of "DVD ripping with abandon", can't it survive the age of "people copying Netflix movies with abandon"? Do industry leaders anticipate the latter will be much worse than the former? Is the cash flow situation that dire?
Or is DRM about something besides preventing piracy?
What we do know for certain is it will strip you as a consumer of control over of hardware and software that you purchased.
Nothing will stop 'piracy' - noting will stop any crime.
Copying DVD's required cost and labour. There's a limit to how much pirating any individual can do.
Over the net - it's rather instantaneous.
DRM'd content raises the bar beyond most people, so it cuts down on piracy.
All it takes is one individual to make a "DRM" free version of a movie and begin to torrent to the public - and then the bar is lowered to the average consumer / pirate..
I don't buy this. Do you have data supporting this claim?
Disclaimer: I am totally biased and think IP laws are morally wrong and a huge regressive tax on the poor.
Copyright is DRM without the D. It puts just enough friction on using my creations commercially to make them decide to pay me rather than risk consequences. I don't mind it going public domain after a while. I'm not greedy, and I understand that culture needs to be fed to continue producing more.
Void copyright if DRM is employed, the same way you can have secret parents.
Legal protection shouldn't come without a price.
This also has the side effect of eliminating curation bias / censorship allowing for all sorts of new content to become available that might not otherwise be allowed on iTunes/Netflix etc.
The actual problems here are discovery and piracy. The former increases the benefits (real and perceived) of middlemen with promotional channels, speaking to both to the creators wanting their work to be found and anyone finding it. The latter is similarly important: most artists don't make money so every lost sale counts and for every artist who believes content should be unencumbered there seem to be more who demand DRM, especially the mainstream ones with the most customers.
Not addressing both of those is fatal: if customers can't find what they want easily, the service is unlikely to make it out of the indie market. The key thing to remember is that outside of the diehard anti-DRM community, nobody sees this as a problem – most people find what they want on a major service, pay an acceptable amount, and leave satisfied.
Blockchains don't solve those problems and add new ones, like performance and irrecoverably failing open if there's a bug, which are likely showstoppers.
iTunes movies still have DRM. Arguably DRM free audio had extremely little bearing on the future of video, given the very different demands of each marketplace.
Remember also, that with a few exceptions (Sony rootkit anyone?), music had a long history of being DRM free before digital distribution came along (vinyl, tape, CD etc). Video distribution by contrast has a long tradition of many copy prevention "solutions" over the years on many different physical formats.
Even that is not ultimately necessary. What we need to do is convince politicians that it's a bad thing, and in theory we should have a lot more influence over those. They can pass the necessary laws to say DRM is illegal and it would be much better plus potentially easier than crawling and begging to the media companies to throw us a bone.
In practice it's not so easy because the US has a broken and corrupt political system where the politicians are more dependent on rich donors than on the People who vote for them.
So once again we arrive to the same conclusion Larry Lessig did many years ago: if you want to fix the copyright issues, or the climate issues, or healthcare issues, or any other big issue, you need to fix money in politics first. Everyone on all sides, no matter what other conflicting issues they have with each other, should be working hard on that issue if they want any hope for their other issues.
Do people want DRM-free media, or do they want ease of use?
There's no technical reason why there has to be a choice between the two. Spotify could implement 'Save to device' or 'Share this song offline' features very easily. The only reason they don't is down to the politics of ownership.
In politics, very often, there are no strictly enforced rules, there are groups of pressures pushing in opposing directions. W3C has no way to prevent proprietary browsers for doing what they want, they just put some pressure on them. They know that going through W3C is the easiest way to agree on a standard and to provide interoperability for their users.
This is a small amount of pushing power.
EFF withdrawing is normal: that's the main item they were interested in. The question now is to see whether Mozilla will stay.
All power is ultimately politics, not rules. People can use politics to change the rules, which happens often through lobbyists, influence, or even force.
Powerful actors operate on the level of politics; they write the rules. The plebeians operate at the level of rules. If I'm unhappy with something a major corporation does, I can operate within the rules and complain to a regulator or take the company to court. If the corporation is unhappy then they get the rules changed, for example by having laws passed that prohibit my lawsuit, eliminate their liability, or hamstring the regulator. It also happens in smaller domains, such as among employees of a business: those skilled in politics get the internal decisions and rules made in their favor.
The exception is, broadly speaking, more common than the process described above: The issues most people deal with in their everyday lives aren't important enough to motivate political action.
Save for the fact that their life is completely shaped by politics.
I like your analysis a lot, but I don't like your conclusion. Because ultimately, humans make politics, so one can influence them. In french there's a saying : if you don't care about politics, then politics will take care of you...
There is an English template for expressing this idea; it goes "You may not be interested in politics, but politics is interested in you".
I don't know what originally filled the spot where I've put in "politics".
I agree with you; I meant to imply that as part of the mechanism.
Not true. See Google's NaCl and Mozilla and Microsoft's own alternatives to that. Neither went anywhere because each browser pushed in a different direction. It's only through W3C that they managed to build WebAssembly and all agree to use it.
I see this DRM thing the same way. Without W3C they may have built their own DRM solutions (and in fact, they have, years ago), but they wouldn't be compatible with each other, which means they wouldn't get too much adoption either.
Prior to the first spec being presented to the W3C, it had already been worked on by two of the biggest browser vendors.
It would be possible to create a browser that displays DRM content and ignores DRM. The only thing that content publishers could do is ban that browser. And then it would adapt to disguise itself as other browsers.
DRM on the web can only happen if all of the major players (that is, browser publishers) agree to play along.
I am very excited about this news, this is probably the most important news in weeks, and could impact the Internet for years to come.
They have no market influence. They have maybe ~10% of the market globally (I've seen figures between 5-15%), and that's primarily desktop - which is decreasing daily. On mobile it's even worse (probably less than 1%).
Any influence they have solely extends to the desktop, and that's not the primary way people are interacting with the internet nowadays.
That's not a killer feature to the market: I bet 99/100 people don't know what DRM is or what it stands for. They just care that they can watch videos or not.
For better or the worse the overwhelming majority of browser users don't know, care, or have any idea about how the internet is standardized, how DRM works, and why it matters to them.
Indeed, that would kill Firefox once and for all.
I use Firefox and almost never use another browser but I'm afraid over time, it's share of the market will fall. This news makes me fear so even more. I do hope I am proven wrong though. I've seen one monopolist fall. I do hope I see many more.
In other words you have no idea what you're talking about, and why should anything else you say be treated any differently?
The user cares about access to content. The user does not care about DRM. The user does not care about corporate interests. Ad blockers are proof of this. The user wants what they want, and the people who provide that to them with the fewest hassles are the ones who win.
Everyone needs to appreciate that "cost" is a gigantic hassle to most people, no matter how much money they have. The concept of owning their content is another big consideration for people, which is why we saw "rental" models for video streaming fail in the past compared to "ownership" models.
The DMCA makes this illegal. No browser vendor is going to take that risk. Maybe some anonymous developers will release a firefox fork or similar, but that's a big risk. Not to mention, most groups who pirate content tend to keep their methods secret and only release the content.
If the browser interferes with them, or the OS can't promise a "secure" chain from plugin-output > display, they can just refuse to stream the content.
You can bet EME plugins will be highly platform specific, and poorly supported, if at all, on platforms that respect their users.
If nothing else, the standard already allows for the CDM to access the network (albeit managed by the user-agent) which means, for example, it could ping Microsoft to ask about this particular Win10 computer (as identified by user agent, IP address, and/or user account data from the content provider).
Netflix/Microsoft/Hollywood/etc. aren't going to stop until they can close the loop as much as possible, with MS and hardware manufacturers already working to tighten things from the other end (see HDCP and the various frameworks for "protected content" that MS has been working towards).
Either providers will push to integrate those platform-level frameworks, or they'll just stop offering content to web browsers entirely.
HN users would do well to keep this in mind the next time they are singing MS's praises about how MS are embracing open source and becoming the savior of all things programming.
Piracy is never going away and this re-run of corporations trying to control content created by people (corporations are not people) will fail the same way that every single previous effort has failed. Piracy will outlive the old fools pushing for these programs.
I'm not saying piracy is the answer, but once these troublesome corporate fools have all died sanity will return to the market and piracy will be replaced by pro-consumer models.
That's one of the reason why we argued so strongly that the W3C should include a covenant. Even if EFF continues to successfully obtain temporary exemptions from the DMCA in the tri-annual review, we can't do that for security researchers or lobby for similar fair use exemptions in every country.
Not convinced any country isn't underwater though.
If they are caught... ;-)
Nothing says "attempting to survive as a legitimate corporate entity" like "let's flagrantly violate https://en.wikipedia.org/wiki/WIPO_Copyright_and_Performance... ..."
Edit: If oligarchs create unworkable rules, why not create a new game?
All major browsers (Firefox, Chrome, IE, Edge, Safari) have already included HTML EME DRM support for years, so it is a de-facto standard already.
This is the world we live in. People are willing to sacrifice privacy and security in favor of convenience. Sounds a hell of a lot like a book I read in high school.
People are so willing to make these sacrifices because they don't even understand what they're sacrificing. They don't understand what they're sacrificing because they couldn't be bothered. Apathy is the disease that will bring down the world. I'm calling it now.
This is simply not true. Netflix's entire business model is based around one thing: video content delivery. It started with DVDs in red envelopes, and has evolved to be app-based streaming now. Neither of these two things has any relevance to web browsers.
Netflix's wish to be able to provide its content on as many platforms as possible for the lowest cost? Yes, that would make a lot more sense for why they are pushing this. Not an enticing enough argument for destroying web browser-based DRMs imo.
I have pointed this out before.
It is an important point that I think perhaps is overlooked when users ponder how to change the web.
Want to change how the web is presented, fix annoyances, scratch an itch?
Try to achieve through web development? Good luck.
Try to achieve through browser development? Far more interesting. Alternative, open source, non-commercial browser. For example, implements limited set of features.
Web development follows browser development.
For example, a browser that does not automatically follow URLs so that ads and other crud can be loaded into pages.
Giving users access to a browser like this may be a far more effective means of influencing web development away from annoying "user experiences".
If such annoyances rely on a certain modern web browser feature, then use a browser that lacks the feature.
Non-commercial means developers do not care about "market share". They are not trying to "compete" with the major browsers on features. They care about creating a superior alternative to major browsers that shifts the focus from advertisers and media companies to users.
If the annoyances users have while using major browsers are bad enough, then they will try alternatives and the "market share" may shift. Or maybe not. But who cares? Because with an alternative browser "market share" is not the goal.
In another thread, a Chrome developer perhaps a former Firefox developer tells of how they dropped some feature because it was too "power-user" and that is not "what [they] were going for". Maybe you are within the market they "are going for". And maybe you are not. If you are not, then waiting for developers at a large corporation, whose customers are advertisers, to cater to your needs is futile.
The idea was that you tell the server what capabilities you have, it then tells you what it wants to offer you and a negotiation ensues.
I have no idea where this concept of a "standardized hypertext client" came from! ;-)
In this case W3C is involved just as a tool. Microsoft/Netflix didn't need W3C for anything other than the brand name lending legitimacy to the spec they've designed and implemented before presenting it to the W3C, and didn't materially change it after.
Didn't Spotify just abandon Safari (OS X) because unlike Mozilla it doesn't support the DRM they need?
More importantly, I'd prefer not to use the netflix app/site at all. I'd much prefer to pay for content and have a variety of apps to choose from.