Hacker News new | past | comments | ask | show | jobs | submit login
DRM’s Dead Canary: How We Lost the Web, What We Learned, and What to Do Next (eff.org)
660 points by mimi89999 on Nov 28, 2017 | hide | past | favorite | 290 comments

I think it's amazing how a lot of comments on EFF's resignation from W3C (https://news.ycombinator.com/item?id=15278883) seemed to focus on how they were being unreasonable about EME, and that allowing companies to have DRM is necessary. Yet, both then and now, the EFF keeps making the point that none of the DRM even works! It was never ABOUT the DRM. The companies don't give a shit about "copyright laws" or people "stealing movies". As this article very clearly demonstrates, the companies are using this to crush competition. That's it. There's no other use for this.

The DRM is a legal excuse to sue competitors out of existence. The existing EME-compliant DRM implementations don't even work. This whole thing is a farce.

I think the more accurate view is that the W3C is dead and has been for a long time.

At this point it is just a mechanism for oligopolists to collude with each other to maintain their dominant market positions.

It is funny to watch how something like Web Crypto takes years to implement, even though the technology is ancient, but if Google wants a new feature to spy on users it will be released next week.

*> the W3C is dead and has been for a long time.


With all due respect to the great vision of Tim Berners-Lee, as well as his historical achievements:

The W3C has turned into an anti-pattern of what to expect from a standardization organisation. In some sense, the W3C standards are the opposite of the RFCs by the IETF.

(and ISO is somewhere in between - they do produce over-engineered crap, but their signal-to-noise ratio is still tolerable, even though it hurts)

> In some sense, the W3C standards are the opposite of the RFCs by the IETF.

sorry to burst the bubble here but..


Good point!

Well, I did not intend to say IETF does everything right, but their signal-to-noise ratio is better by orders of magnitude.

Also, I'm under the impression that IETF learned from that utter failure and took measures to prevent similar mistakes in the future (please correct me if I'm wrong).

I did not observe that W3C actually learned anything from their mistakes, but produced less and less useful things over time (again, please correct me if I'm wrong).

Well please provide some examples of what you explicitly mean, and then we can see if your wrong or not.

It recently came to my attention that the mere concept of copyright law could be abolished with little economic consequence. In the end, the existence of those laws derives capital from other things, and it works as a sort of economic rent.

Would we be better without copyright laws?

It's a good question to ask as a thought exercise, especially since so many vested interests don't want you to think about it, and try to condition you not to question it.

I think the concept of copyright law is good in lots of ways, but the current copyright laws in the USA are pretty awful. It was originally 20 years, now it's 90+. Lots of old works are being lost or having access denied because they're still under copyright, but nobody is publishing them.

Also related: "the war on sharing" https://stallman.org/articles/end-war-on-sharing.html

From memory (an Economist artible that I cba to find right now) an economic study found that the ideal copyright limitation to actually stimulate authors to produce protected work was somewhere around - 25 years. We are now at 75 after death of the author or so.

So we are at the pure rent seeking stage.

If I had to choose all or none, I'd choose none.

Work for hire (producing something to begin with) would still be a thing.

For a broader discussion I'd prefer to reference the actual text for the basis of US Copyright.

"To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries."

With the meaning of those words at the time of their writing:

    * limited to scientific works
    * and methods of doing things that have direct industrial benefit.
    * ONLY by the author/inventor (not corporations)
    * LIMITED time, I think 5 years is probably plenty and 10 is a maximum.
    * I like the idea of a short default term, and paying (active effort) for longer renewal.
    * Consumer protections (trademarks) are a different matter entirely.

I still think you have to give authors and artists a way to make money from their works, and in principle at least copyright is helpful. But copyright seems to be becoming effectively perpetual and that's not helpful. And the whole scientific publishing bullshit is even worse.

My impression has been that the way bands make money is not from selling their music, because the record company takes most of that money, but rather from going on tours and selling people expensive tickets to experience something which is fundamentally impossible to experience through piracy.

Unfortunately, tour tickets are a scarce resource and there is a whole secondary market that makes tickets even more expensive [0]. This is not an argument pro or contra copyright, just another limitation of this approach.

[0] http://www.independent.co.uk/arts-entertainment/music/featur...

So you found one niche that suits your argument. What should writers do, throw 'writing concerts'? How about photographers? Filmographers?

Writers are not really protected copyright wise...they can always talk and explain and expand on what they write. Photographers can do requests, filmographers can naturally have rights to first showcasing.

> I still think you have to give authors and artists a way to make money from their works

I understand the sentiment but..why. Why is it necessary. Art and science advanced on its own long before copyright enforcement of any kind.

True there are things that are particularly benefited from copyright. But they do so at the expense of something else. It diverts labor to things that later require law enforcement to protect.

It is not necessary, but if society was good at assigning a price to the relative merits of informational resources vs physical goods it would result in a more efficient economy.

Yes, science and art will progress, but if there is no economy attached, then they will be dominated by people who don't have to make a living. Unless we fund the whole thing publicly. That would work, but in other contexts we believe the market is more efficient.

Art advanced along fine because there was no way to copy paintings and sculptures. There was no way to record a play or orator.

But that, of course, is no longer true. The advent of technologies to capture and distribute art has led to new forms of art, and with that an amazing situation where people have unparalleled access to the works of genius. However, those new forms also have a drawback: they can be easily copied and distributed without compensating the originator. So in order to keep being able to support filmmakers and novelists and musicians we need to shield them from this. Otherwise, they will stop making their works.

Who is going to spend 5 years writing a novel if they can only sell one copy?

> Who is going to spend 5 years writing a novel if they can only sell one copy?

Hopefully no-one. Apparently there is no value to that novel unless resources are spent protecting it.

We see today things that in a non-copyright world would not exist. But we dont see the things that would exist instead ,so its hard to know.

Economists call this the "Free Rider" problem: people are able to derive value from a common good without paying for it, so there is less incentive to produce the type of good than would be optimal.

Roads. Infrastructure for sewers. Defense. Fire suppression.

These are all cases where a purely free market fails to provide optimal levels of the good or service.

People are evidently willing to pay for novels, so we know they have value. The question is whether the current copyright system gives copyright owners too much power to extract rents at the cost of the public domain.

Isn't the author a free rider on the states legal infrastructure?

Writing books, making movies and composing music are some of the things that should we should never have an interest in creating externalities for.

No, assuming the author pays taxes, the author is not a free rider on the law enforcement infrastructure.

The act of publishing the book has positive externalities (people derive benefit from reading it). Copyright is an attempt to allow creators to capture some of those positive externalities to promote more production of books.

Your position that the creator should not have a mechanism to capture any of those benefits is rather extreme, as is the position of the copyright maximalists that assert they should capture all of the benefits.

Apparently there is no value to that novel unless resources are spent protecting it.

That is a non-sequitor.

Why? If the argument is that a novel would not exist because the author cant collect value from it without copyright protection, then the value he is collecting is based on the copyright protection costs.

No, we wouldn't, but I'd suggest going back to the earlier laws that weren't overreaching like the current ones.

In many ways it isn't even about copyright - it's about IP, and that's actually a whole other problem.

I'd say DRM works really well for some definition of "works". It certainly doesn't make it impossible to pirate anything, but the technology and the laws make it difficult enough that I rarely bother anymore and just pay for Hulu, Netflix, etc.

I don't think they're attempting to stifle competition, and if so they sure are not succeeding at that because there are new streaming services all the time. It's so they can prevent a commercially viable piracy business.

Does it though? Ten years ago it was trivial to surf to your local bay of pirates and get a copy of just about any popular film or series. This is still possible (hypothetically of course), but it takes a lot more effort (finding and joining trustworthy private trackers or setting up newsgroups), precaution (VPN, OPSEC), and diligence.

But that's not because DRM works.

Getting a digital copy of some bit of media is still trivial. Netflix forcing its DRM on its customers doesn't mean that you can't illegally download Stranger Things in excellent quality, and their DRM doesn't slow anyone dedicated to doing so down at all.

In fact, Netflix could stream all their stuff without DRM, and nothing would change (with one exception I'll come to in a bit). What's made piracy harder is a combination of factors:

* The legal way is often easier (just pay Netflix a small monthly sum and watch stuff)

* The legal way suffices for a lot of people

* Getting caught infringing copyright has serious consequences in many countries

* Downloading files from shady sources puts your computer at risk (Windows in particular; e.g., ransomware)

If Netflix turned off all their DRM tomorrow, then perhaps some pirates would have a slightly easier way to source their material, but otherwise nothing would change.

Except that the end-user gets a better experience.

At this moment Netflix is refusing to serve 1080p video content to anyone who uses a free operating system and free browser, because 'the DRM isn't good enough'. For 4k the rules are even more stringent; you need Microsoft Windows, Edge, and pre-approved trusted-platform capable hardware (which includes the monitor/TV).

For the rest of us, Netflix and the major content studios begrudgingly allow us to watch 720p video on our way too open computers.

This isn't about protecting the media streams from piracy, this is about making sure that the future of media consumption means consumers will run the media producers' software, using their rules, on hardware they control. We are not supposed to run our own HTPC, or do clever things with media we pay for (e.g., letting an algorithm watch ahead to warn the user of scenes with strobe light effects for epileptic patients, as the EFF mentions, or simply controlling a string of LED lights behind your screen for added effect, or downloading the streams to watch on holiday, or cut fragments out of a stream to use as samples in a lawful manner (e.g., a blog about films, or some cultural analysis), or …).

> At this moment Netflix is refusing to server 1080p video content to anyone who uses a free operating system and free browser, because 'the DRM isn't good enough'. For 4k the rules are even more stringent; you need Microsoft Windows, Edge, and pre-approved trusted-platform capable hardware (which includes the monitor/TV).

Hahahah, amazes me how people still use that crap. Why not pirate it instead and give them a big fuck you with those restrictions?

Because it is a fiendish dilemma. Most people are fine to obligingly use proprietary apps on approved operating systems to gain access to the content, so if you care about remunerating content producers, and watching the media by means of open technologies that work on any modern operating system, then supporting Netflix is currently one way to do so.

But you are right, the downside is that my account is effectively limited to 720p because of complete non-sense.

The sad thing is that any competition (e.g., Amazon Prime) appears to follow the same rules as far as I can tell: sure, you can use your browser, for now, but nothing over 720p for you until you run our software outside of that sandbox of a browser on a verified trusted operating system.

I'm not sure where my point of rejection of this deal lies.

That's what I do, with zero remorse. They are killing the web to make bigger sacks of money. Fuck me if I'm going to feel bad about pirating the everliving shit out of their content.

So stealing is ok? Who pays for that content you pirate?

It's freeriding not stealing. Same sense as burglary is not murder or as obnoxiousness isn't assault etc.

So freeriding is ok? Who pays for creating that content you enjoy?

See, now we have a useful phrasing that actually can be discussed and brings up real issues.

Copying is not stealing.

I've never deprived someone of something they own or committed any kind of mayhem on the high sea.

Generally, I pay for whatever content I download. I'd have to do some research to figure out how to rip a Netflix stream or export recorded video from my DVR. Ripping DVDs (and especially Blu-Rays) takes a bunch of time, and encoding the result can be hard to get right (embedding subtitles, choosing a codec and profile that works on most of my devices, etc). It's easier and faster to torrent it than do all the ripping and conversion myself. Not that I do it much anymore; I suspect that format-shifting wouldn't be a good legal defense. And I also suspect that my ISP (the only high-speed one in the area) would dump me as a customer at some point.

> embedding subtitles

shame on you, good thing you aren't doing it either way ;)

> I suspect that format-shifting wouldn't be a good legal defense

you seem to imply by analogy to homerecording, torrenting stuff you once payed for (or didn't directly as with yt) might be ok, but sure enough, taperecordings were campaigned against, too.

Btw: I worry about codec and network exploits, so easy is not the exact term I would choose wrt torrents and p2p-"sharing".

> shame on you, good thing you aren't doing it either way ;)

srt's in the container, not hard-overlaid into the video ;-) We've got asshole neighbors. They'll purposefully rev their Ferrari to wake my kid up if they hear the TV (e.g. sound is up enough to easily understand a whispered conversation, then there's a bass-heavy explosion). Then there's the less-common use-case of watching a movie on a plane without blasting the audio.

> you seem to imply by analogy to homerecording, torrenting stuff you once payed for (or didn't directly as with yt) might be ok, but sure enough, taperecordings were campaigned against, too.

Tape recordings don't involve automatic sharing of the data with other people in the swarm as an implementation detail. I did a fair amount of downloading 8-15 years ago, but mostly dropped it when I started working.

It is far easier to access pirated media today and with far higher quality than 10 years ago.

The kids are using unlicensed streaming sites and get anything they want in the browser at the click of a button.

Huh? It's still trivial to pirate media. Grab a copy of the Tor browser, go to the same pirate bay you used ten years ago, download the same content you did then. Zero investment, it's just as straightforward.

The legal options have improved, but the illegal ones are still there and just as good.

That's trivial to us (hypothetically), not to the average consumer who is, quite frankly, well-advised not to risk getting 'fined' in an out-of-court settlement for infringing copyright. And how do they even know if they're on the real Piratebay? The original domains are blocked in many countries. TOR? VPN? These require knowledge or guidance; doable, but not zero investment.

> That's trivial to us (hypothetically), not to the average consumer who is, quite frankly, well-advised not to risk getting 'fined' in an out-of-court settlement for infringing copyright.

Pirating content has gotten SO easy that my elderly parents do it regularly by simply searching for streams of movies they want to see on google. DRM has stopped none of this - and the risks of getting drive-by malware are an afterthought to most people.

It's actually far easier to pirate media now. No need to setup a torrent client at all. Simply browse to one of the hundreds of free streaming sites and download over http directly in your browser.

The average person now get's dozens/hundreds of movies and shows on a cheap USB stick from their friends, then the plug it into their TV to play. Piracy is easier for the average consumer now than it ever was in the past.

Search Craigslist for "kodi" and find pre-configured devices for sale to access pirated content.

This is dangerous, because I'm not sure the people buying them understand that the content is pirated...

If you can google, you can find a mirror or a clone.

Whether it is the real pirate bay or not doesn’t matter, you could never trust TPB.

why is that ?

Why is what? You can find things with google because it's a search engine, that's what it's for.

You can't trust TPB because the content is user generated, TPB does not do much to stop people from uploading malicious content and boosting it to top10 by seeding with bots.

Nothing that involves "Tor" fits the "trivial" definition.

If Netflix captures the market of people who aren't comfortable subverting encryption, they win. 100% capture is unnecessary if they get the people who can't and intimidate the people who won't with the occasional prosecution of the people who do.

Right, that's why there's usually no need to bother with Tor.

Not exactly correct.

The illegal ones are not "just as good" - they faced the competition and got better in the past few years, learning from others successes.

Remember the Popcorn Time. It dropped a bomb because it was an evolution from "go to some tracker, find what you want, download it, wait, watch when it's done" to the modern standards of "think of a title, grab the popcorn and start watching".

(Just in case - I'm not approving or condemning of anything. Just stating the facts what had happened.)

Why Tor browser?

Maybe to bypass local blacklisting? For example, in the UK major ISPs block access to the popular torrent sites.

There are countless mirrors, Tor browser seems like a hassle.

>For the rest of us, Netflix and the major content studios begrudgingly allow us to watch 720p video on our way too open computers.

I wish they even gave this, but at least in here, many mainstream flicks are of even worse quality (although this restriction on some content seems to apply even on Windows and Edge browser, at least on my computers). Not that it really matters what's the nominal resolution of a 1000 kbps stream anyway (and lately Netflix has removed the option to see the actual resolution of the video I think), however...

... selling out the free web got us so much indeed.

You're on target, but I think you missed the bullseye by an inch.

Netflix, Steam and Spotify made it incredibly convenient to obtain content legally and at a reasonable price. They removed most of the incentives for piracy. There was a surprisingly long period when piracy was hands down more convenient than buying stuff legally, and services like these were responsible for reversing that trend.

More specifically, Spotify deserves a special mention, as it has been single-handedly responsible for massively changing my listening habits, because of the way the Daily Mix/Discover Weekly features keep pushing my boundaries. It gives me something valuable that I couldn't get otherwise.

> I'd say DRM works really well for some definition of "works".

Well, it works only for crooked purposes, and that's exactly the point EFF is making. DRM is therefore unacceptable, including in the context of the Internet.

And you are still missing the point. DRM doesn't make any pirating difficult. All it does is giving power to undemocratically extend copyright law in arbitrary directions by slapping DRM on something, and saying that breaking that DRM is illegal. It's a power grab tool. Just take a look how this garbage was used to prevent users from switching mobile carriers, claiming that unlocking the mobile phone (i.e. breaking its DRM) is illegal.

DRM _technology_ isn't the problem at hand, and yes it does "work" to effectively keep honest people's behavior constrained to corporately approved actions.

The real problem is DRM _law_, which is a gross overcriminalization of justifiably legal activity, like repairs, format shifting (both to and from DRM devices), security research, tinkering with your own possessions, etc. And on top of that, then demanding that all countries in the world follow suit.

Cheap and easy to use services work.

I first check Hulu and Amazon video, if it's not on there I pirate it. I can't remember the last time I heard of anyone being burned legally for pirating, and torrents are not difficult to use.

If you can't find a movie on hulu/Netflix/etc, do you then buy it on DVD?

Rarely do I want to see a particular movie that's not included in a flat-fee or free service. Having saved enough from those cost-cutting measures, most of those few are available for $2-6 from Redbox, iTunes, or Amazon Video; as I'll pay that much for a cup of coffee, and far more often, the convenience of shelling out a few bucks far exceeds the benefits of relenting to the annoyance of pirating. For the very few movies I otherwise can't get free/cheap, I likely want them enough that actually buying at retail is satisfying.

Torrents aren't difficult, but typically I'll burn more time trying to get what I want, uncorrupted, than my available time warrants. Legal burn is unlikely, but burned by bugs or malice is likely enough to waste time I could have spent just watching it via inexpensive legal sourcing.

And then there's that little issue about ensuring content creators actually getting paid, so there is actually content worth consuming.

> And then there's that little issue about ensuring content creators actually getting paid, so there is actually content worth consuming.

This is something creators need to get better at. Creators need a "Pirated my media but want to make sure we still get paid? Click here!" button. I want to pay a lot of artists, but I also don't want them to think I want to pay for the DRM'd form.

No way their distribution contracts would allow that.

Do distribution contracts typically disallow receiving donations?

How would distribution contracts have anything to do with someone wanting to give me money on the side?

it's competition

That doesn't make sense though. I'm completely allowed to send an artist money "just because". I'd be extremely surprised if there was any contract that said that wasn't allowed.

There's a difference between someone voluntarily sending an artist money, vs the artist openly soliciting donations in a manner easily construed as advocating piracy.

Yeah, but it's hard to tell the difference if worded correctly. It could just be a button saying "send us random money". It doesn't have to be explicitly for piracy.

Thing is companies like Netflix want to believe people are paying for seeing content, while truth is most people are paying for convenience. This needs to be drilled down to them.

> It's so they can prevent a commercially viable piracy business.

I think it's exactly this. They know they can't stop DIY hackers from pirating, but they can stop the next Napster.

" -- all trace their success to business strategies that shocked and outraged established industry when they first emerged. Cable started as unlicensed businesses that retransmitted broadcasts and charged for it. Apple's dominance started with ripping CDs and ignoring the howls of the music industry (just as Firefox got where it is by blocking obnoxious ads and ignoring the web-publishers who lost millions as a result). Of course, Netflix's revolutionary red envelopes were treated as a form of theft."

That's exactly the point of the article.

Yeah, this right here. DRM might be technically impossible to get 100% right but you don't have to get it 100% right if you have regulation to back it up.

The alternative is that there is no way to protect IP on the web, which means that there is no incentive to transmit IP over the web which takes a shitload of value off the table.

These anti-DRM arguments smack of blind ideology.

"But if someone goes around your DRM and doesn't violate any other laws, the non-aggression pact means that you couldn't use the W3C standardised DRM as a route to legally shut them down. That would protect security researchers, it would protect people analyzing video to add subtitles and other assistive features, it would protect archivists who had the legal right to make copies, and it would protect people making new browsers."

This is a major part of the argument being made here and helps to close the gap between blind ideology and serious issue.

That's a perfectly reasonable point (which I agree with). It's naive to dismiss the concerns of content creators out of hand, but surely there's a middle ground we could get to legally over what constitutes fair use (or fair cracking?) when it comes to DRM.


I think what the EFF is saying her though is that the claimed protections for content creators is just a cover for anti competitive behavior.

If they would agree to only enforce DRM/DMCA laws on people abusing copyright laws it would be easier to get behind it.

Unfortunately, we have no protections on one side, and anti competitive shinanigans on the other.

> DRM might be technically impossible to get 100% right but you don't have to get it 100% right if you have regulation to back it up.

You do if you don't want the material to show up on pirate sites, which is why they claim they want it.

> The alternative is that there is no way to protect IP on the web

Protect it from what? It can't be posting the material to pirate sites because it's already there. It can't be preventing users from making a fair use copy because that isn't a thing to legitimately want protection from.

IT is ideology, you should check the gog.com entry in wikipedia, DRM does not work, the movies and games still get cracked so what DRM gives the users? DRMed games are slower, cause issues for legitimate customers, add the risk that in future the game will stop working and it will be illegal to patch or mod it. For video it adds hardware requirements like I must buy a new CPU from Intel. There is no benefit for the users, content is still easy to pirate. the only advantage is that they can now use the law to cause problems for people that want to use their legitimate copy as they want and for software maybe they want to also modify it(If I bought this game it should not be illegal for me to mess about install a mod or fix a crash)

I discovered GOG.com when I had no internet on a bus and couldn't play any Steam games, and when I couldn't figure out how to copy a Steam-managed game executable over to my friend so he could try it.

Pretty hilarious to have put up with that at all.

Now my gaming library is a trivial folder of executables like it should be.

Nobody said they don't get cracked but it's far easier to pay $10/month for a Netflix subscription than it is to hunt down rips of everything on there.

If there was no DRM you could just save the movie to your HD with little effort.

Enough people pay for streaming services to make them a viable business model. That's all the empirical data you need to show that DRM does work for its indented purpose.

> If there was no DRM you could just save the movie to your HD with little effort.

...after subscribing to the streaming service. At which point they have your money.

And it's not like you can cancel your subscription after that because then you wouldn't get new content, which is the entire point of having a streaming service instead of watching the same pile of old DVDs you've had since 1998.

I'm pretty sure people would pay for streaming services even if a DRM-free copy were easily available. Why? Because streaming a movie is no fun when the server can't deliver the necessary bandwidth. Maintaining an infrastructure that can handle streaming at the scale of Netflix costs money no pirate bay will ever be able to afford. So streaming services could still compete with the free offering based on quality of service.

Distribution is virtually free. It's essentially a solved problem. The hard and expensive part is being a gatekeeper. If companies gave up the idea that they need to play gatekeeper with their media, they could distribute it at virtually no cost.

And this to me, is the critical problem with all of these services. We don't need gatekeepers anymore, because that's a leftover from physical media. Those days are gone, and the gatekeepers need to die.

bootleg markets all around shkwed that years before broad-band, I believe.

Even bootleg markets took some effort because you are still dealing with physical media. With virtual goods, there's nothing to deal with other than uploading.

> Maintaining an infrastructure that can handle streaming at the scale of Netflix costs money no pirate bay will ever be able to afford.

Popcorn Time? The streaming bandwidth is handled by the very people watching the video.

There simply is no way to protect IP on the web, and refusing to understand that is burying-your-head-in-sand levels of myopia. If that takes "value" off the table, then it can come off the table, capitalism be damned.

You can try and legislate DRM all you want, but like a law to make pi=3 or enacting laws to declare that water not be wet, it is the wrong thing to legislate.

IP delivered in other forms will be converted to online by smaller players if that activity was legal. We would see more content not less.

The companies that make movies certainly care about people "stealing movies". Netflix, in turn, cares because they have to negotiate with those companies.

Should the W3C, in turn, care about keeping Netflix happy? That seems like the relevant question to me.

They definitely shouldn’t because netflix doesn’t need their help to succeed. They should make upstart netflix competitors happy however, to grow an ecosystem.

The frustrating part is that my choice to be a law-abiding media consumer subscribing to a bunch of services makes me get a worse service in many ways than a pirate. I can’t use a player of my choice, i can’t have a single UI on top of all media, I can’t rely on content remaining available. Pirates don’t have these problems. The DRM legislation and media conglomerates power ensures that the market can’t fix itself. You can’t make a netflix competitor without DRM because you’ll never get access to licenses for popular culture products. Even had the W3C refused to deal, the situation wouldn’t be meaningfully better.

How does W3C enabling a DRM option stop Netflix competitors, though?

It's not like the next Netflix could legally start by just downloading the current Netflix. They'd have to go back to the media owners and negotiate their own contracts for it. At that point, anyone trying to compete with Netflix presumably winds up with the same contractual requirements from the media providers to use some sort of DRM.

From that perspective, the W3C adding web platform support for DRM surely enables more competitors than it stops, right? Now the startup engineering cost is to build or hire one EME-compatible DRM provider, you don't have to build proprietary apps for every platform, you can trust people's browsers to run your DRM as easily as Netflix's and quickly launch to every platform that has a supporting browser.

There's also still room left to compete with a DRM free product, assuming you find a way to negotiate media contracts without it, and figure out how to market that fact both to media companies and to users why that would be an advantage. From a web platform standpoint the work that goes into providing pleasant DRM experiences still floats some of the needs of DRM-free video playback, because browsers are going to engineer one on top of the other to save effort.

The article explained in depth how the W3C didn't just enable a DRM option, they were in a position to create a standard that furthered the whole concept of DRM in a way that wouldn't have otherwise happened at all. And they make it painfully clear that DRM is used abusively to undermine otherwise legal rights.

None of which invalidates my points, which was with regards to corporate competition.

It furthers the whole concept of DRM, but as a standard open to any party, thus not really damaging competition on the scale of companies like Netflix, that if anything helps the next company to come along and wish to replicate the Netflix streaming experience, because Netflix "has" to share that baseline DRM standard with them (otherwise W3C wouldn't have endorsed it and browsers wouldn't support it).

Yes, DRM is used to abusively undermine the legal rights of users, but that doesn't stop competition for those users, and supposedly in a fair market the least abusive company you'd hope might be able to market a better value proposition. A DRM standard doesn't stop companies from being less abusive and using that as competitive leverage, even if it arguably furthers, or at least favors, the baseline amount of abusive behavior amongst that corporate ecosystem.

> It furthers the whole concept of DRM, but as a standard open to any party, thus not really damaging competition…

It damages (as the article states) the specific type of competition that is disruptive to the framing of Netflix-type business. I.e. there can be competition from a Netflix-clone but not from an innovative competitor who does something different building directly on Netflix in the way that Netflix themselves built directly on top of existing DVD markets to get started themselves.

Real innovation often involves this sort of non-clone, innovative, disruptive competition that doesn't just do something new but actually adapts the existing market in new ways. DRM certainly blocks a lot of that, and that is exactly what the DRM-advocates want to block and what EFF is talking about in stifling competition.

I suppose I'm arguing from a stricter reading of competition as a direct competition. Even expanding to "non-clone, innovative, disruptive competition", I still get back to in the case of a Netflix DRM is backed by contract law. Most of those same "non-clone, innovative, disruptions" would be "protected" against by contracts and license/subscriber agreements with or without DRM enforcing them. A lot of the arguments here about DRM stifling competition aren't dissimilar to complaining about how exclusivity contracts stifle competition. (Disney removing their entire catalog from Netflix in a couple years to give exclusivity to their own streaming service has much more to do with contract law than DRM.)

So too, the fact that you couldn't build a sharing service on top of Netflix has much more to do with the contract law and licensure of digital artifacts versus physical goods than anything at all to do with DRM. DRM is entirely orthogonal to the discussion. DVDs have DRM and that didn't prevent Netflix from building on top of them. What almost prevented Netflix from using DVDs was existing contract precedences with Blockbuster, but again that had much more to do with contract law than DRM.

DRM is a tool that is only as useful as law allows it to be, both for good and bad (how it gets regulated versus how it enforces legal structures). It does seem to me that many of the complaints about DRM are misdirected that there is no digital bill of rights and digital assets don't have regulations/protections that we take for granted for physical goods. Those problems remain even if W3C had blocked EME from becoming a standard.

Given that the article makes a case that Netflix and cable companies started by exploiting grey areas in legal contracts, it's clear that they're talking about competition that broadly. The fact is, weird grey areas or loopholes in contracts (basically everything that undermines "protection" against competition) is an opening for competition.

The logical conclusion is that much of contract law is in the way of competition. But the point is that whether we think competition is good or bad or contract law should exist or not or be strict or whatever, the companies in this case are not following the Golden Rule.

Contracts were intended to block things like Cable TV or Netflix, but they came into existence by finding loopholes in those contracts. The argument is that their exploitation of the loopholes added real value, invented new services etc.

The arguments about competition here are anti-protectionist. They basically say that since we recognize that Netflix added value, we not only should be glad that they found the contract loopholes, we should probably eliminate all such protectionist contracts.

The argument about regulation in this case is that we don't necessarily need regulations to protect digital rights because it's trivial enough to technically enable them as long as we don't prohibit the rights legally. Take away the legal enforcement of DRM, and DRM becomes irrelevant for technical reasons. Thus, no digital bill of rights is needed.

It's not my argument (I'm not sure), but it's logically consistent.

In short: legal protection of DRM enables companies to have profit and power and avoid the threat from new types of companies, services, and innovation that would otherwise happen and would be in the public interest. The public isn't only interested in Netflix alternatives but in all the world of innovative developments that would be possible if we removed the protections of Netflix's business model (even if it doesn't protect Netflix as a player in that model).

Really short: it's about competition between types of businesses or between business models, not competition within a business model.

It's about cable competing with airwaves; about radio competing with live concerts; about books competing with priests, etc. not about competition between different books etc.

I assume you haven't read the article, please read at least the introduction since it does a much better job of explaining the issue than I can.

> Netflix, in turn, cares because they have to negotiate with those companies.

Which is why Netflix has around 200 native clients for all known hardware and platforms where DRM is implemented outside the web.

Why people think it’s reasonable to have apps for everything, but somehow Netflix is special and must run in a browser built on an open stack...

Now that is something I cannot fathom.

Install a goddamn app. Leave the web pure. Leave the web alone :(

Does Netflix actually hates DRM but is forced to use it? are the Netflix original movies DRM free? If not then we need to stop excusing Netflix for using DRM because bad guys in Hollywood are forcing them to do it.

Netflix's argument for the longest time was they didn't want DRM, but they had no choice.

But, now their originals are becoming a larger and larger part of what they provide, they've steadfastly stuck to having DRM on all their content (first and third party). So that prior argument kinda falls flat on its face.

Shipping new player variants is a pain. The kind of pain you read about on thedailywtf.

Once you have streaming working with DRM on all devices you need a %@#$$@#$@ good reason to introduce DRM-free streaming. Netflix wouldn't want to discover that its own content plays with very low quality on, say, Panasonic TVs made between April and August 2016.

Because all devices can play only DRM videos? Most devices if not all can play not DRM video and probably not including DRM uses less resources so this is not an excuse not to offer the option, (that can be off by default and only power users could enable it). Is there extra work, yes it is, but you can't be anti DRM but use it because we need to put some work to offer no DRM version of a stream.

I've worked with this. I've dealt with blackbox player blobs with >100 undocumented tuning variables, and with TVs whose manufacturer didn't really know what worked and what broke.

I wouldn't be at all surprised if some TV manufacturer broke some streaming variant (such as high-bitrate unencrypted smoothstreaming), discovered after a few months, and silently fixed it in new models without issuing an update for the old models.

EDIT: I wouldn't assume that TVs are better at playing DRM. Just from my experience, non-DRM works better (less code that might be buggy). What I'm saying is that once Netflix had a few hundred working devices that worked with DRM, avoiding player bugs became a really good reason to stay with DRM.

Adding an option would not affect TVs that use the old players, only TVs that would update the Netflix app would get this DRM free option and users would have to enable it, if it is not working they can disable it and complain. I understand your point but this is not a good excuse why people on PCs that don't have the right CPU,cables and monitor can't watch 4k videos that they paid for (..because Netflix wants to give you DRM free video but because some old TVs may not work then you can't get it so please watch low quality stream)

> are the Netflix original movies DRM free?

Everything on Netflix is DRMed, as far as the user is concerned. You cannot get a copy of the video file for offline playback. You cannot play the movie on a video player without the Netflix app. They remove stuff all the time and then you lose access. Hell, they even control the quality based on which browser you are using (only Edge can play 4k).

Netflix is in on it, plain and simple. They want to control your movie-watching. That's what earns them their monies. The only upside about Netflix original content is they don't put any kind of geographic lock on it.

Yes they do. Netflix has plenty of originals that aren't available in every territory.

You can actually download things for offline playback, they added the feature recently and the app won't stop reminding me.

I'm not sure where it gets stored, and it certainly isn't just an mp4 that can be used with my preferred player, but it does technically work.

There is no advantage for Netflix in allowing you to freely download their content. So why would they?

The W3C is supposed to care about keeping Netflix and EFF happy. They're supposed to reach a compromise. There seems to have been very little compromise here. They've certainly managed to make EFF very unhappy.

EFF argument was highly politicised and conflating US law, with global technology standardisation.

Quite simply EFF had a weaker argument, even though there is a lot of sympathy for their cause from representatives in W3C, who also think US law is an arse, its simply not the correct forum for the battle.

That has been proven false by their response to the DRM non-aggression pact.

To stay relevant as a content platform and limit the scope of proprietary code to a small encryption module instead of a bloated behemoth like Flash.

That's not say that's a great argument, but the problem with making EME a battleground is that there is zero leverage over the content companies that insist on DRM, zero. Studios have the content people want to watch, if they can't watch it on the web they'll use proprietary apps. Technologists like to believe we shape the future, but browsers do not shape the content industry, rightsholders do. From their perspective, refusal to implement EME is damage they will route around, and they have the leverage to do it. Also note the inefficacy of DRM in general.

The place to win this battle is in congress. We need to move towards strengthening fair use and outlawing DRM, that's the only way to take the teeth out. The idea that the browser is an important battlefront is nonsense, EME is a sensible compromise that keeps the browser relevant. I respect the Stallman-esque view that the web should in no way be compromised but it's not a winning move in the long-term.

In implying that the point of DRM is to make copying the data impossible, the EFF is creating a straw man.

I don't lock my doors and windows because I think it makes it impossible to break into my house. I know full well how easy it is to get in anyway, just by breaking a window. I lock my doors and windows because I expect it to create just enough of an inconvenience to mostly deter others from breaking into my house.

Let me re-iterate the emphasis on the word 'mostly'. I'm not trying to make the perfect the enemy of the good here. It's the same for media companies. They're not looking for something that will prevent everyone from pirating movies. They're looking for something that will make pirating movies just inconvenient enough that most people choose to pay for content instead.

The EFF really needs to come up with a less specious argument if it wants to see much success in convincing anyone who doesn't already agree with them in the first place.

A better analogy is this, You buy a paper book but it comes inside a big glass box so you can't xerox or scan it. To read it you have to use a key that you received that will unlock a stick inside the box that you can control to turn the page. A pirate buys the book, brakes the glass, makes many copies, all the pirates then can read comfortably, can take notes on the book, can go fast trough the pages, yopu the person that uses the legitimate DRMed book you use it in a uncofortable way, you can't make notes, skipping trough pagers is super hard, lending it to a friend is impossible. So DRM made it harder for legitimate users, for pirates is still easy.

That's a pretty poor analogy. The average user doesn't notice DRM or even know what DRM is. The difference between Netflix with DRM and Netflix without DRM is approximately 0 for the average user.

DRM isn't there to keep content off the pirate bay, it is there to keep mildly computer literate people from doing Right Click->Save As in Netflix and then sending House of Cards to all their friends.

I hate to underestimate the "average user," but there are legitimate things the average user could do with a Save As button in Netflix, like playing video on unapproved devices that they own. There are a lot of people who still don't have a smart TV capable of streaming Netflix but do have one capable of playing .mp4 files from a USB drive.

The last time I ripped a DVD was so my mother could watch it on her iPad over a long plane flight. If DRM didn't exist, I imagine importing a DVD or Blu-ray into iTunes would be as easy as importing a CD. Empowering users to watch media they own on devices they own would have a real impact. It might not be something the average user devotes a lot of thought to, but it would certainly be something they would do if they were allowed.

Are you sure? I do not use Netflix but DRM books(at least some of them) you can't copy paste text, I think many people will miss this. Someone explained that Netflix app buffers very bad, this seems to be a problem caused by DRM but I can't prove it.

I doubt that many people are reading ebooks in a context where they need to copy and paste regularly, I could be wrong though. I read exclusively ebooks and it hasn't ever come up that I remember. I'm not saying it isn't a valid use case, but I question whether it is a common use case for the average user.

I'd be curious to know how someone has narrowed down the black box that is Netflix to determine that buffering is caused by the DRM.

Sorry if I was not clear, I suspect that DRM caused the buffering issue, or at least an open source player could be implemented that could keep more back buffer so you can go back 30 seconds. Wouldn't be illegal to reverse engineer the players that include DRM? or you would have to be careful not to look at the bytes that implement the DRM.

The Kindle and Nook iOS apps both let you copy/paste. I did it all the time when I got stuck having to use DRM ebooks in school, and never had a problem with it. There may be limitations on how big a region you're allowed to do it with, but, if so, the limit's large enough that I didn't encounter it in the course of normal academic use.

I did sometimes run across ebooks that basically used images of the text instead of actual text, and copy/pasting from those naturally doesn't work. But the ebooks in question were all non-DRM.

I am disabled, I need to copy paste the full chapter so I can have my Text To Speech application read it to me. Maybe today the Kindle app has TTS, I can't find it on Google though.

I can see your point for calling straw man, but you seem to be implying this was their only argument. My takeaway was that the primary arguments centered more around controlling competition to secure monopolistic positions, threatening legitimate security researchers from disclosing truths, and preventing fair use.

And just to play devil's advocate for a moment, while I tend to agree about your straw man point, is it completely a straw man argument if some of the CEO's at the large corps pushing DRM actually do believe they can make copying data impossible? I mean, just because we know this is a pipe dream, and many very smart people may argue convincingly against it with hard evidence, does not mean everyone will actually believe it.

It's not their only argument. But it's one that they lean on a too hard. I think because, as the balance of votes on my previous comment seems to indicate, it's very popular with most DRM opponents. Assuming that is the case, it's a big disappointment, because, in the context of an important public debate like this, preaching to the choir is a serious tactical error.

To your second point, I can't speak for most CEOs of large media conglomerates, but I would say that I've never been in the habit of believing that CEOs truly believe everything they say. Their messages are crafted.

What I can speak to, though, is what I was told when I was asked to evaluate copy protection strategies in a product I was working on, and tried to push back with the "but you can't make piracy impossible, anyway" argument. And it was basically the response I described above. Eventually I was able to come up with a compromise, which was that we would use a much less intrusive technology than the one that was originally proposed, on the grounds that even the most optimistic benefit to us didn't justify the added inconvenience to legitimate customers.

I don't think that argument works here, though, because the DRM in things like Netflix is so convenient for the average consumer that very few people even realize it's there.

Maybe that leaves us with only the "controlling competition" argument. Unfortunately, that one also seems like a tough case to make these days. The story of browser streaming over the past few years has been one of increasing competition. Once upon a time, Netflix had a near-monopoly. Now there are all sorts of streaming services. I mostly use two of the smaller paid ones, my public library offers streaming, and my partner and I are seriously considering canceling our Netflix subscription. If the goal was to squeeze out the competition, they don't seem to be having much success at it.

For my part, I think the main argument I'm left with is one of interoperability: I don't want my content to be tied to specific hardware devices. The situation with the Amazon Kindle is awful, and has really kind of killed ebooks for me. And it's a great example of content creators shooting themselves in the foot with DRM: They could have retained the ability to sell and distribute their own content if they hadn't worried so much about it. Instead, they just handed basically the entire digital book distribution market to Amazon, and Amazon proceeded to act like about as benevolent a dictator as Amazon always does. This is a slightly different story from how things work with streaming in browsers, though, so I'm not sure you can just stand that analogy up and use it as a solid argument.

Except that the cost of circumventing DRM has nothing to do with the cost of pirating movies. People pirate movies by downloading them with the DRM already removed. The DRM only affects the source, and by all evidence it doesn't affect them enough to prevent the first copy from happening, which is the only useful thing it could possibly do since it isn't present on any of the subsequent copies.

It's like arguing that all citizens should wear shackles because it will keep prison inmates from escaping. It doesn't work that way and the people insisting it does have ulterior motives.

DRM was the means. The goal was to shift away from the need to embed Flash.

Well, surely DRM prevents enough users from copying the product to make it worthwhile?

It does not need to be perfect to achieve that.

Many people will never go looking for tools to break the DRM or DRM-free copies from torrent sites and the like.

But if anyone could just copy what they see on e.g. Netflix with the click of a button, then many more probably would.

No, the cost of DRM do not repay itself by preventing enough users. There have been tests cases, studies, and the repeated conclusion I keep seeing is that DRM has no correlation to the revenue from individual music, games and films. It has however a correlation to platform and user retention, which is what this article continuously refers to.

To take a few examples, remember when the European Commission hired researches to do a study on the effect of piracy? What about the revenue from itunes after it went DRM free? Sale of music that is available on youtube after it went HTML5? Revenue from music, film, and games on the longer term after aggressive blocking of torrent sites? What about the long term effect from anti-piracy/DRM laws?

The whole EFF article ends on the conclusion that DRM will not exist if their only purpose is to prevents enough users from copying the product. That effect won't be worthwhile enough to pay the cost of DRM. Only a sticky platform that prevent competition will bring the revenue to validate investing into DRM.

The European commission study you're referring to a) said that piracy did make a difference on Hollywood films (it said it didn't make much difference in other sectors, but for major films it did) and b) had such enormous margins of error it was essentially worthless.

You're not helping your case by bringing up evidence you don't site except for one example where it showed the opposite to your claims

The report states:

"In general, the results do not show robust statistical evidence of displacement of sales by online copyright infringements. That does not necessarily mean that piracy has no effect but only that the statistical analysis does not prove with sufficient reliability that there is an effect. An exception is the displacement of recent top films."

The difference is not for all Hollywood films, a finding that I recall other studies have found before the EU one when they looked at movies that got leaked before a cinema release. But comparing Cinema DRM to EME is like Apples to oranges, they are not the same thing. Cinema DRM is not intended for end users.

So in general it doesn’t show anything, except for top movies.

> Well, surely DRM prevents enough users from copying the product to make it worthwhile?

What I don't understand is that it's not how it works, all it takes is for one single user to make a copy and upload it on newsgroups/bittorrent/... and it's available for everybody.

That means that in order for DRM to work you need a 100% success rate at preventing unprotected copies. This seems absolutely implausible.

Since I'm unhappy with the selection and compatibility of the current streaming services offering I keep pirating all the TV shows and movies I watch and they're always available for download mere hours after their official/legal counterparts. It's not like videogames where intricate anti-piracy measures can take weeks or even sometimes months to break, here it's mostly about the time for the pirated copy to disseminate on the network.

I wonder by which metric video DRM can be said to work. It's a pain for legit users because they can't view their movies and shows on all of their devices easily and it's a complete non-issue for pirates.

People don't go to Netflix because they can't get it anywhere else. Bittorrent is still a thing.

People go to Netflix because you pay once and then you can just watch stuff.

So they don't really need any sort of protection to stop piracy. They need it to corner and control the legal market.

It does need to be perfect to achieve that. If only one pirate can bypass the protection then everyone can just go to a streaming site and watch the movies without DRM.

Controlling illegitimate users is impossible. Therefore the purpose of DRM is control over legitimate users to the point where they can harm legitimate competitors.

This argument is deeply flawed. It is never about the few people who have the technical skills to circumvent copy protection schemes.

Copy protection needs only to be economic. It works as soon as accepting the copy protection is convenient enough that enough customers prefer it to hunting down an illegal copy with good enough quality and without protection.

That makes absolutely no sense. You need to pay to access Netflix. What then does DRM on Netflix achieve in making the "customer accept the copy protection"? The customer already fricking paid!

Everything that is on Netflix you can already get on TPB (since the DRM is ineffective to those with technical skills), so how could the existence of DRM possibly have influenced the customers decision to pay vs. pirate?

The Pirate Bay is a much higher technical bar for general non-technical users than the average Hacker News poster seems to understand.

There are lots of people who can right click save as who will never, ever, ever torrent.

That argument is flawed. To prevent the plebs from right click-saving, it's enough to add some Javascript. If they have the skills to work around that, they have the skills to torrent.

So what does DRM solve again?

Side-stepping a little bit of javascript is something that can be taught trivially, avoiding malicious sources is not.

Considering torrenting is the preferred method to view online content at least here in Bulgaria, and I assume in most of the rest of the non-western world, I would advise against underestimating the technical abilities of most internet users.

You’ve never had to answer tech support tickets for a SME SAAS product, clearly.

“How to I reset my password?”

“Click ‘Forgot Password’”

This isn't an answer why DRM is making these customers choose Netflix over piracy. These people don't even know what DRM is.

> Considering torrenting is the preferred method to view online content at least here in Bulgaria

You're really getting "my own peer bubble" and "the general population" mixed up.

Next door in Romania, I agree with what he says. Using torrenting or other pirate source is standard practice for anyone under the age of 35-40. It is by no means limited to a niche demographic of tech anoraks. A decade ago in my city, before the big ISP mergers, when you signed up for broadband internet our local ISP would actually give you the username and password for an eMule server where you could quickly share films and music with other people in the city.

It is not hard to find a illegal copy of a movie, you just need to know how to google, eventually you will find a website that embeds the video, no need for torrent application, downloading and running software.

So tell me again why I should fire up Google, look for some shady website with dubiously dangerous ads to download or stream a movie when I can just fire up the Netflix app, tap the movie I want and start watching?

I think you did not understand my point, I have a steam and gog account, I pay for Intellij so I am not advocating for piracy, my point is that DRM does not make piracy super hard that only developers and linux users can pirate movies, I gave an example that you can watch a movie just by knowing how to use google, I am also sure that children in schools will teach each other how to get latest cartoons via torrent or website. If you go on gog.com you will see a large number of games, DRM free, music is now mostly DRM free, again my point is that Netflix offering a DRM free stream will not cause the number of subscribers to drop, because piracy is not that hard as the previous comment said it is. I agree with you 100%, I would pay the subscription to Netflix to avoid those websites, but it would be cool that I would not have to buy special hardware for it. P.S. I do not use or considered using Netflix because of my Internet speed.

And you misunderstand my point. DRM plays into many other measures to provide a sufficient incentive to seek commercial offers over piracy. DRM makes the initial copying hard. This pushes illegal copies into the dark corners of the web because of their lowered availability. At this point DRM was already successful.

I did not notice any change since DRM was implemented for movies, piracy was illegal before and piracy is not much harder with DRMed videos, you can watch Game of Thrones immediately as it is released. Maybe you think is harder now but is easy to pirate and easy to find the pirated content with google, then click play and done. If you have time I recommend reading gog.com page on wikipedia and also find the interviews with CD Project Red devs about DRM.

And then there are publishers that experiment with DRM. I distincrly remember one older case where the add-on to a game that contained copy protection sold more copies than the base game without protection. How do you explain that?

As long as there is a moment where you properly show content to a user, there is a moment he can copy what he sees perfectly too, therefor DRM will never work.

If it's just to prevent that, you could just have a "copy=false" attribute on the tag, which browsers would respect. No need for proprietary encryption nonsense.

Browsers didn't respect Do Not Track.

I don't understand what you mean. DNT is a flag supposed to be respected by web services, not by browsers.

Some versions of some browsers turned DNT on by default. Respecting DNT in this instance would have always made this flag a choice by the user.

There is still room to argue that the user's choice was to install a browser that made DNT the default option.

But it's a moot point, since the sort of web services that were in mind when DNT was proposed largely ignored it. They never set the evil bit in their responses, either.

> Well, surely DRM prevents enough users from copying the product to make it worthwhile?

It surely does not. DRM is broken (by any skilled pirate), and the rest of pirating users can get it without said DRM after that. So let's make it clear. Usage of DRM has nothing to do with piracy.

No, not really. You're thinking that every user has to copy a movie from the browser. But only a very tiny percentage of the people wanting to see the latest Game of Thrones episode need to steal it so that everyone else who intended to pirate it can watch it as well.

Whether or not DRM exists for those other 99.99% of the people is completely irrelevant. The show is already on torrents put there by those who could bypass the technical protection of DRM. So now those 99.99% of users can watch it for free, too, without having to know how to bypass DRM themselves.

You drastically underestimate the amount of piracy that occurs from just “cntrl c cntrl V”ing files.

The goal is just to make it just hard enough to pirate that the masses don’t spend the time to figure it out.

My mom and her friends pass around cds and rip them on iTunes. Because it is easy. She’s pirated hundreds of cds. She didn’t know what what.cd is. She doesn’t know what the new version of what.cd. I don’t either.

The more difficult it is to strip DRM, the fewer pirate captains there are. You don't need to take out every pirate to end piracy; you just need to take out every captain.

So if only Paisleybeard and VikingVik can crack the GoT DRM, you maybe only need to get cooperation from the Croatian and Swedish police for a few weeks, and then you get some amount of time when pirated shows are no longer available. But then Swashbuggerer and NotSoJollyRoger and Plaidbeard step up, and the pirate crews flock to their standards. But for a time, some people who might have otherwise pirated may have paid. But then you're back to talking to the American and Filipino and Scottish police. And if one of your captains is in a non-extradition country, you may have to talk to Pinkertons or ex-military contractors.

If it is trivial to crack the DRM, everyone can be a pirate captain if necessary, with a crew of only themselves. You will never, ever stop piracy for longer than a few minutes in any pirate-friendly household with that kind of DRM. That's like the difference between posting your property and putting up an actual fence or wall. It is just a virtual boundary that has legal consequences in the out-of-band enforcement system.

And don't forget that when pirate captains voluntarily retire, or are forcibly retired, they can still publish "how to be a pirate captain" guides for the media-seas they once sailed. They can distribute models for 3D-printing your very own pirate ship. So the DRM-makers have to put constant effort into changing tactics and updating technical countermeasures to fight that kind of fight. It gets to be expensive, because the defense has to be perfect, while the offense can breach it through any ant-sized hole. Furthermore, the analog hole will always be there, and every paying customer has the keys to your fortress gate.

You do not need DRM to put people in jail for pirating, this thing happened before DRM.

You do need DRM to strategically put specific people in jail for pirating, in a way that would not be dismissed by your consumer base as either petty or draconian.

You need the DRM to go after one Kim Dotcom, instead of getting civil judgments from a thousand unremarkable people who were just doing the same thing that hundreds of thousands of other people do routinely and innocuously, without ever getting caught. You need it to narrow down the size of a class of people until it is safe to demonize and turn into examples, without alienating your potential customers.

Without DRM, when grandma gets sued for $10000 because she sent a copyrighted video to all 8 of her grandkids, the rights-owner looks like a bad guy. But when a nerd cracks the DRM and seeds a torrent resulting in thousands of downloads, prosecutors can pile on the computer crime charges, and it looks like the hacker is a dangerous criminal, who was probably stealing your identity and browsing through your cloud photos, too.

It's all about public perceptions. Shooting people in the head is somehow less acceptable if you didn't draw a line in the sand first. People get distracted from the main issue--which is people getting shot in the head--if the victims could have made some choice that would have yielded a different result. The public then gets fixated on where the line should be drawn, rather than taking away the shotgun from the homicidal maniac.

I agree with you that this law is harder then copyright law, but your comment is not clear what is your opinion if you think it is justified to have such a law.

My opinion is that DRM-supporting laws are not only unjustified, but their existence is also an impediment to true copyright reform.

> the many crypto-currency members of the W3C warned that using browsers for secure, high-stakes applications like moving around peoples' life-savings could only happen if browsers were subjected to the same security investigations as every other technology in our life (except DRM technologies)

That's a very big point that's not emphasized enough in the article, IMHO.

If security researchers are (legally) prohibited from investigating EME technologies in browsers, then EME extensions become a big vector attack, and standards-compliant browsers that include them, become much less secure than browsers that don't.

As a user, I care about that a lot more than I care about Netflix' competitors. Netflix is not only unjustly protecting itself from future competition, it is directly threatening my own safety.

You don't need to worry about it. If nobody is allowed to look for vulnerabilities in EME, none will be found. So we're all safe :)

Personally I think we should make it illegal to look for vulnerabilities in all software. And while we're at it, just on the off chance that somebody does come across a vulnerability (inadvertently, of course), why don't we simply make it illegal to exploit the vulnerability?

Wait... all vulnerabilities are bugs and many bugs make software vulnerable in some way (even if not obvious at first). So where do you propose to draw the line between normal software QA (testing and bugfixing) and a hunt for vulnerabilities? My reading is that this would blatantly outlaw all forms of software testing.

GP is being sarcastic. Obviously outlawing finding and exploiting vulnerabilities in software would be useless (since black hats would ignore the rule) and actively harmful to the security of the modern software ecosystem (since white hats wouldn't).

> If security researchers are (legally) prohibited from investigating EME technologies in browsers, then EME extensions become a big vector attack, and standards-compliant browsers that include them, become much less secure than browsers that don't.

That is wrong (from the EME standard[0], section 10):

> User Agent and Key System implementations MUST consider media data, Initialization Data, data passed to update(), licenses, key data, and all other data provided by the application as untrusted content and potential attack vectors. They MUST use appropriate safeguards to mitigate any associated threats and take care to safely parse, decrypt, etc. such data. User Agents SHOULD validate data before passing it to the CDM.

That is, a browser has to be secure to implement the EME standard, if it is not secure it is not in compliance with EME! (Next up, anybody who falls from a building is in violation of the W3C gravity standard and as such flying is possible.)

I trust I don't have to point out that I am joking.

[0] https://www.w3.org/TR/encrypted-media/

Its not W3C who produced the US law, is that so difficult to understand?

If the US law changes, then the w3c standard still stands, I don't think anyone involved in W3C thinks preventing security researchers doing their job is a sensible thing.

EFF are picking a fight with the wrong people, and producing propaganda to support that fight, making themselves less credible to those who actually understand the details.

I know 'Fake News' is a popular thing in the US, but I don't think its a sensible tactic in the tech community.

This isn't even theoretical! See the Sony rootkit DRM scandal. EME will almost certainly become an attack vector in the future.

IIRC EME is sandboxed, so you can't really expect any vulnerabilities in it to be exploitable. This is equivalent to complaining that sites you can visit can run arbitrary javascript. Security researchers neednt investigate the DRM itself, they can instead verify the sandbox.

EME is basically the new Flash Plugin.

Yep, and I will cripple it just like I did Flash.

Any site depending on EME will not see traffic from me.

But then you need to disable of WebAssembly too -- another DRM lobbied standard.

Could you elaborate on this? Wasm has nothing to do with DRM as far as I can tell.

Not directly, but encourages obfuscated binary blobs, like some DRM decoders and as a new complexity also new security challenges. It is come back to Flash, ActiveX or Java Applets. See top comments: https://news.ycombinator.com/item?id=10487713

View source has always been a priority for the wasm folks, and it's supported a debuggable text-based format the whole time for this reason. It's also significantly different than Flash, ActiveX, or Java Applets.

Sure thing. Except we were sold and promised cross-platform works everywhere DRM if we just included EME because “EME will be a standard”? Oops. How did that work out?

Guess saying “I told you so?” won’t do much at this point.

Not by anyone who'd ever read the spec you weren't.

If discovering EME exploits is outlawed, only outlaws will discover EME exploits.

It is outlawed in US and possibly some other countries. But most of the World should be fine.

Is it wrong of me to think of the net neutrality battle in the same way? The more and more I think about the battles the EFFs fights, the more I respect them and think stallman's brand of insanity (if it's possible to call it that politely) is more and more necessary.

Just like the DRM battle was lost, I get the feeling the net neutrality battle is a losing battle. Even if it's not this year, eventually, the deep pockets will win -- From what I've seen basic computer literacy (I don't mean using a smart phone) isn't even being taught consistently -- trying to get the majority of the general populace (which isn't even enough to win politically, but I'll ignore that) to understand why repairability and open source matter, nevermind net neutrality seems like an exercise in futility.

While that happens, the tech companies benefitting the most from open source software and the openness that the web introduced are doing their best to split it up amongst themselves.

I've given up on this iteration of the internet, instead of ranting what I should probably do is go try and contribute to whatever is next, whether that's mesh networks or ipfs.

> the more I respect them and think stallman's brand of insanity

It baffles me that anyone thinks he's insane at this point. For every point he's ever made, you can now easily find 10 real world examples of his fears coming true over the past few decades.

I just want to clarify, I agree that stallman is right a large amount of the time, but it's just the delivery and the extremes that he will go to that I can't get behind 100%.

But perhaps this is just more reasoning why the battle is a losing one -- people like me are just going to think things are gray while the people who are right are trying to convince us of the fact that it's black and white. It's just too hard for people individually to see past their own blindspots.

I think he simply forgoes more modern conveniences than most of us, but I think there are still a lot of people, especially older people, that do it without even thinking or talking about it. I think he just seems extreme because he happens to be in the computer industry while rejecting a lot of what it has enabled.

If anything, RMS was being optimistic.

Being right and also being crazy are not always mutually exclusive.

Stallman has often been correct, but that's not to say he isn't also sometimes utterly bonkers as well but on different issues (or to an insane extreme on some others).

It is not, but I'd like to note one thing: while here Netflix is the 'bad guy', in the Net Neutrality issue they are positing themselves as the 'good guy'.

This article made me wonder if I should cancel my Netflix account. I still see them as a "good guy" (and haven't really considered it heavily until now) because of how straight forward and valuable their offering is, the contributions they make to the open source community, and their general underdog-ness in comparison to the entrenched cable industry. They just don't seem to be overtly evil, they seem to be making a fair amount of consumer and even business environment-friendly decisions (they're running a profitable business, not using VC money to suck the air from the market).

I don't know that I blame Netflix as much as I blame the W3C for being spineless/bending to their will. It's absolutely Netflix's perogative to seek the most money, and to try to force their users into apps if that's how they can do so, but the W3C should have been different/stopped it. From my understanding that's the point of a standards body like that (and like the article states, it's in purported reason they were founded at all).

In the end, I'm not as dissapointed with the W3C because the world just isn't that cut and dry most of the time (and browsers still at least give you the option to turn EME off), but

These new-style tech companies have become very good at keeping the underdog/one-with-the-masses image while slowly turning into market-cornering behemoths the likes of Bell. Netflix is just following the Google's playbook IMO.

Also: this duality was why I was suspicious of the end result of the Net Neutrality (as opposed to net neutrality) in discussions couple days ago and I got completely shredded. People should be more critical of everything and not fall for feel-good phrases by faceless corps.

Netflix would benefit from the net neutrality repeal. It's basically bound to get repealed, so they don't have to actively lobby for it to be so (and get the negative pr that comes with that) so instead they can get positive pr just from saying "We support net neutrality!" while not doing anything to actually support it like lobby for it to remail.

Could you please elaborate on your theory that it would benefit from NN repeal? I disagree but wish to understand your stance better.

They can pay so that: people with really slow internet can have netflix at high speeds, and if competition ever starts to sprout, they can quash it by paying for its speed to be stifled.

Thank you.

I'm reminded of the US RSA export fiasco of the 90s. I unfortunately can't find the cool email signature I learned about the whole thing from, but its home on the internet now seems to be http://www.cypherspace.org/rsa/.

Perhaps someone should come up with a small <5-line snippet that explains some portion of how to defeat Widevine, and then everyone in Israel should, I don't know, configure every mail server they know of to autoinject the fragment into all outgoing mail, or something. And/or configure everyone's browsers to autoinject it into every modified multiline text input field (maybe).

Obviously it wouldn't be able to last. But it would be VERY good publicity. And the thing is, Widevine would constantly be being updated so the instructions would constantly break and need to be changed, so exact-string filtering wouldn't work ;)

So. I'll start, despite not living in Israel: both Chromium and Firefox will use PulseAudio if it's available, and fake soundcard drivers exist for Windows/macOS as well, so sound isn't really problem if you're prepared for an "export" process that takes as long as eg SpotAHEM tracks take to play.

But as they say, it's not about piracy. Piracy is incredibly simple no matter what. I can also just take a camcorder to my screen to capture Netflix no matter what garbage crypto they put in the display connection. But I don't even need to do that, because I have a cheap-ass HDMI splitter from China that already strips HDCP effectively and effortlessly.

It's always about control of something, whether it be the consumer, distribution channels, etc.

TIL about cheap HDMI splitters stripping HDCP. I had no idea this was a thing, that's very interesting. I'm also very surprised that Google even autocompletes "hdmi splitter remove hdcp" (!) and then shows me eBay product listings with "Hdcp Stripper" in the product title. Wow.

I also found https://security.stackexchange.com/questions/124762/how-does... asking how they work, which corroborates that they really do have the key inside. Shakes head Nice...

They are necessary for some people with older receivers or TVs that don't negotiate HDCP properly and give them black screens/no sync situations.

It's almost like there are numerous completely legitimate reasons to break DRM!

just buy a new tv. what, do you hate consumerism? do you hate america?

But Widevine is not just one system, there are multiple security levels. Software-only version (L3) that runs in chrome CDM on desktops (SD quality) can be defeated easily (it uses arxan's TransformIT as an OEMCrypto implementation), but in order to break L1 you'd need to break into the TrustZone which is much harder, and even if you did it on a particular device, Google could revoke certificate for that device or even device model.

Oh. :(

Kinda depressing to know there actually are competent implementations out there.

This worries me because they know they can't implement strong DRM systems while respecting users' right to control their own devices. So with "TrustZone", "Secure Boot" and other things like that, they don't respect that right anymore[0], and unfortunately EFF doesn't point this out in their article.

[0] https://www.gnu.org/philosophy/can-you-trust.en.html

Very good point.

I wonder if this is deliberate: the EFF surely realize this themselves, but maybe they don't want to mention it because of precisely the reason you mention, and the fact that the EFF don't want to jeopardize anyone misinterpreting their opinions and positions on the subject.

What the fuck is wrong with these lame excuses: "But now that apps exist and nearly everyone uses them, big companies can boycott the web, forcing their users into apps instead. That just accelerates the rise of apps, and weakens the web even more. Apps are used to implement DRM, so DRM-using companies are moving to apps. To keep entertainment companies from killing the web outright, the Web must have DRM too."

That is equally lame as what Ajit pai said recently wrt to NN: "wouldn’t you want your surgeon to be able to buy access to an express lane in which a network was allowed to grant privilege to certain data over others? That is, AT&T should be allowed to provide a service in which data bytes flowing between an operating room and a surgeon take precedence over bytes of 100 dudes Googling to find out whether Jennifer Lawrence is married."

> wouldn’t you want your surgeon to be able to buy access to an express lane in which a network was allowed to grant privilege to certain data over others? That is, AT&T should be allowed to provide a service in which data bytes flowing between an operating room and a surgeon take precedence over bytes of 100 dudes Googling to find out whether Jennifer Lawrence is married

A bit OT, but can't that already happen? I thought companies could set up private networks between various locations, and set up prioritized traffic on those already, with corresponding SLA if desired.

> That is, AT&T should be allowed to provide a service in which data bytes flowing between an operating room and a surgeon take precedence over bytes of 100 dudes Googling to find out whether Jennifer Lawrence is married

So the surgeon/operating room can pay more money for a faster link. Just like there are different tiers of internet already with different speeds. I don't see how NN affects this.

If so, then it's that much more disingenuous, considering that specialists are more likely to be aware of issues like those and of options they have to solve them. The Average Joe will never feel compelled to cross-check a claim like this.

It's been a long time, but I worked in a company with a call center in NC, and some support folks back in CA. We had some 'private pipe' between the two locations. I've no doubt it used 'public internet' connections along the way, but my recollection was it was somewhat separated, and we had some SLA in place. It wasn't pitched as "faster than the other internet", but I believe we had minimum ping times and minimum speed stuff in place, and when things were down we got some prioritized service (and probably some discount on the bill). It's been years, and I wasn't in the networking side of things, so I don't know all the details, but... I can't imagine hospitals that had a need for a certain level of network speed and availability couldn't contract for that already, and no doubt they'd pay more than home users any way (businesses generally already do).

They can. Also, MPLS circuits exist.

But for that to happen wouldn't the surgeon need to outbid Google for network priority?

Well, it will endup on patient bill anyway. G's CTR losses on telesurgery QOS.

though this hasn't happened yet, there's no reason that a company couldn't put DRM in its toasters to control whose bread you can use

...there was this recent attempt at adding DRM to a (not-quite) juicer, which --- fortunately --- didn't become successful: https://news.ycombinator.com/item?id=14148216

Isn't there extensive DRM already on coffee machines?

Hilariously, this might be the most effective way of explaining how DRM "works" and is damaging to the average user. Keurig's DRM was so poorly implemented that I defeated it with a piece of dirty scotch tape.

That fiasco was the perfect moment to inform the public about why you should be able to make any coffee you want in the brand new coffee maker you just purchased, how the actual system itself doesn't stop you anyway, and how DRM is just a tool for powerful companies to continue to consolidate their power

> I defeated it with a piece of dirty scotch tape.

You're a criminal. You wouldn't steal a car, would you? Why steal Keurig's profits, then?

"You wouldn't download a car"

I absolutely would! Especially if it was a better car than the only one I was "allowed" to drive and costs half as much

and printers?

Printers are the best example of the worst case scenario of DRM.

Not too long ago I obtained a office printer from Brother. Came with Cartridges. After only 4 papers these Cartridges where empty, or rather, it claimed to be empty. In reality they were still sloshing full of ink. Tried chinese cartridges for 2$ but had to settle for the 20$ ones from Brother.

The windows driver comes with all kinds of malware (even a toolbar was included!) so I settled for PostScript, which the printer thankfully supported.

I have since resold this piece of garbage on ebay, went back to my trusty old HP Laserprinter with cheap chinese cartridges.

W3C has no excuse. And behavior of Netflix, Google, MS and Co. is disgusting. They should be blamed for this stupidity.

> EFF is suing the US government to overturn Section 1201 of the DMCA.

Yep. It's likely simply unconstitutional. And undemocratic way this law was passed[1] stinks, but repealing it is pretty hard.

1. https://www.eff.org/deeplinks/2013/03/ustr-secret-copyright-...

What I'm interested in is when we as a community start to punish these companies. When will conferences refuse to allow Netflix, Apple, Google and Microsoft employees to present?

In the 1980s the civilised world turned its back on the apartheid regime of South Africa, and in time South Africa ended apartheid. This didn't come at an insignificant cost (South Africa was at the time a well-developed economy which other nations would have liked to have traded with), but it was morally worthwhile.

Clausewitz noted that war is diplomacy carried on by other means. It seems to me that this article is EFF's declaration of independence, and the next logical step is to declare war on the W3C and its members. They are breaking the web; they are destroying the security of the web's users; we need to stop enabling this behaviour.

The world where you fully owned a thing after buying it is over. Whether we like it or not, all businesses are working on deploying this new model.

I wrestled for a long long time whether I should get a Spotify subscription. I've been a subscriber for around 6 months now, and I like it.

However, I have kept all of my ripped/bought/downloaded music as well, and I have a very clear exit plan for how to keep "my" Spotify library in case the company goes belly-up or decides to cripple its offerings somehow. It will take me a couple of weeks to recreate the library locally, but I'm OK with that.

For now, I'll enjoy the recommendations and easy access to music that is new and exciting to me.

Of all the services that I've used or thought about using, Spotify is absolutely one that has done many, many things right in being consumer friendly in ways that I feel are fairly important:

- Third party clients are a thing, to the point where I really feel like I'm being sold a streaming service and not a tiny window through which I can occasionally listen to music. My normal media player is a python script that talks to an API. This is amazingly useful.

- When using Spotify-provided apps, there's the ability to save things for later offline listening. I haven't yet hit a limit on how many things I've been able to save.

- There's no limit on the number of devices I can use with the service, although I can only stream concurrently on one -- multiple offline devices have worked great though

- There isn't a time limit that certain content is available (this is much easier to feasibly achieve with audio compared to high-definition video, and a major difference between Spotify and services like Netflix).

This is sufficient usability, freedom, and value for money for me to subscribe with the knowledge that what I'm paying for is access to a library that Spotify has created and maintained. I used to rip/buy music on a regular basis and no longer really feel the need to do so. I think it's probably useful to consider what the differences are between services and specifically what makes them anti-consumer.

> - When using Spotify-provided apps, there's the ability to save things for later offline listening. I haven't yet hit a limit on how many things I've been able to save.

The limit is 3,333 tracks, last I checked. Should be plenty for most people, I think.

> - There's no limit on the number of devices I can use with the service, although I can only stream concurrently on one -- multiple offline devices have worked great though

I also like that if you start Spotify on another device while music is already playing, you'll get the option to either control playback on the currently playing device, or switch playback to the new device, seamlessly.

I also consider it a subscription to a library, and I'm fully onboard with the fact that if I cancel my subscription, I lose access. I know people think of streaming services as something new, but it's basically the same as any subscription service that people already used before.

I designed a playlist format to solve your exact problem, but unfortunately there hasn't been much uptake so far: http://universalplaylist.stavros.io/

I also thougth about this problem. Current playlist implementations are seriously lacking when you move your library. I have some shell scripts here that just replace parts of the path in the playlists.

I looked at your playlist format specs, why do you use floats? I'm currently coding on a GO audioserver and save time intervals as Nanoseconds (time.Duration). This makes more sense to me, as floats may behave badly in some contexts.

I use floats because it's most natural to represent duration in time. Nanoseconds are going to be about as lossy as floats too, I guess (although for a different reason). If you're going for maximum accuracy, you'd need to represent the duration as the number of samples.

I wonder if floats are going to be a significant problem, hmm.

However, owning a digital thing without buying it is incredibly easy.

Before beta/vhs the thought of owning a movie/tv show was ridiculous. Now the thought that i cant is ridiculous.

No wonder it is impossible to find dvd & vhs recorder combination units. Hard to find a dvd recorder too.

By new model, do you mean Licensing? You do know this is not new right?

You never fully owned that CD, you owned the physical object, but not the content, you only had permission to play it under certain conditions.

I guess the one loud and clear message here is that companies prefer for exploits to be sold on the black market\given to the public anonymously than for the companies to be alerted to exploits

I think the trade-off described in the article was that companies value market share control more than the security of their products, since high security would go hand in hand with more open markets.

I mean, if it goes through I'll definitely stock up my disassembler knowledge, I bet people on the black market will pay some cash for DRM breakers.

I think that's a rather fair assessment of the situation.

Everytime I see a "woe is us" post I think about how developer greed led to most of it. We were the ones who wrote ad tracking code, we were the ones who took VC money, we build the walled gardens, all because it pays well. We will continue to do so rather then make any effort against it.

The same can be said about war machines. This is a problem as old as human history.

> We proposed a kind of DRM non-aggression pact, through which W3C members would promise that they'd only sue people under laws like DMCA 1201 if there was some other law that had been broken. So if someone violates your copyright, or incites someone to violate your copyright, or interferes with your contracts with your users, or misappropriates your trade secrets, or counterfeits your trademarks, or does anything else that violates your legal rights, you can throw the book at them.

With that system, what would stop someone from selling software that can be used to infringe copyright. As long as they don't do so themselves or "incite" anyone else to do so (perhaps promoting a legitimate use like pre-buffering), could they be sued?

We addressed that: both jurisprudence (Grokster) and global copyright laws establish a doctrine of "secondary liability" for incitement to copyright infringement. This right would be enforceable against technology firms if they produced such a technology. The fact that DRM advocates still wouldn't promise not to sue when no law was broken confirms that they weren't interested in DRM's power to curtail illegal activity.

(Secondarily, the companies that advocated for DRM never questioned how someone operating under the non-aggression pact would be able to break the DRM; they tacitly acknowledged that this would be trivial -- so whether or not you're worried about secondary infringers like the ones you describe, they would exist, because things that are technologically trivial are impossible to stop, even if they're illegal -- all that EME would do is give these companies the power to stop people who WEREN'T using such tools for infringement and thus wanted to operate in the open; it would have no effect on people who WERE infringing and operating anonymously and in the shadows)

I'm thinking (just as an example) of pre-buffering software that temporarily stores the files unencrypted. Perhaps simply because they hadn't thought about the implications for copyright infringement. Would that still be incitement?

The horror! I hear some people also sell hardware that can be used to infringe copyright (perhaps promoting a legitimate use like general-purpose-computing). They should be sued out of existence.

> “software that can be used to infringe copyright”

aka “software”

From the title I was expecting much more than just DRM. 20 years ago the web was a wildly diverse place, compared to today's web, even though there were so many fewer websites and people online. This is a substantially greater loss, but whatever. When you need to play politics everything becomes sensational and your primary argument is the center of the universe.

I am also totally against locked black boxes. This hiding and obscuring practice is just preventing learning, repars and inspections.

It is a similar problem like Intel ME and closed bios.

We use usecure proprietary code, closed unreparable one-purpose 'kiosk' devices yet we can still record video output or make a screen (camera?) recording. What are they thinking? This is all just to give them advantage over users, to more control and restrict them. Terrible.

I wonder if EME or some other similar mechanism in the future will be used to create websites that can only be viewed by certain browsers and/or operating systems?

Perhaps even prevent you from copying any part of them or download anything from them?

Maybe Web Assembly will also play a role (perhaps as a DRM'd browser "wrapper" to view content through) - it would be like using a DRM'd browser "window" via Flash or something.

Where any browser can view the content, but it is impossible to get any of the content out (because no one saves bits of conversation from blogs or anything like that - and all websites will always exist).

Hmm - indeed, imagine if you couldn't copy twitter feeds or facebook posts (and they were DRM'd in such a manner that trying to do so would be a violation)...? All of sudden, people could erase posts and claim they never said it, because there isn't any copies of it around (today, they have to get lucky and hope nobody made a copy first).

Am I the only individual in the known universe not doing business with Netflix or similar sleazebag outfits? Because principle and because absent pressing need for product.

I increasingly feel left out of life because I don't contort my entire life around watching "the latest thing". It's becoming an increasingly sober realization that the world around me is becoming increasingly monocultural because _everyone is watching the same things_ and that it is a culture of which I am not a part.

I don't lament this, really. It's my choice. I'm just wondering if it's an observation that can only be made when you're not scrambling to watch the latest season of Game of Thrones (which I have never seen).

Neither have I, don't worry. Nor House of Madmen (whatever) or the latest installment on vampires. In fact, no TV at all.

My life is fine.

I truly don't miss it. In fact the past year, since I have turned off the tube, has been the most productive of my entire life.

I hope this is sufficiently on-topic: EFF is having a two-for-one matching donation drive this week. We depend on individual support for the work we do — whether it’s at standards bodies, in the courts, or building tech like Let’s Encrypt and Privacy Badger. There aren’t many people who understand what we do: if you’re one of them, please consider donating this week to double your effect: https://supporters.eff.org/donate/power-2017-s

This kind of thing makes me want to vote with my dollar by canceling Netflix and torrent instead.

Tried to watch a show on netflix the other day, some technical issue so I just torrented it and played it back on my PS4. Instant seeking, much better quality video, zero buffering. Piracy is STILL a better UX.

I still can't believe that every stupid streaming app still chokes and reloads if I want to backup ten seconds to catch something I missed, even in cases where I have more free RAM than the size of the entire video file. Come on, you have to buffer forward anyhow, just buffer backwards a minute or two or something. If we're in some hyperconstrained environment where that isn't possible, fine, but in 2017 even a lot of "embedded" environments have more than enough RAM to pull this off in comfort.

Oh, and if I do back up 10 seconds, can you explain to me why you apparently just dumped your entire buffer and have to reload it from scratch before you're willing to play anything? Did the movie change because I backed up ten seconds? No. Sheesh.

Can't risk holding unencrypted frames in memory for a whole ten seconds mate, the paying customer might want to look at them!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact