The DRM is a legal excuse to sue competitors out of existence. The existing EME-compliant DRM implementations don't even work. This whole thing is a farce.
At this point it is just a mechanism for oligopolists to collude with each other to maintain their dominant market positions.
It is funny to watch how something like Web Crypto takes years to implement, even though the technology is ancient, but if Google wants a new feature to spy on users it will be released next week.
With all due respect to the great vision of Tim Berners-Lee, as well as his historical achievements:
The W3C has turned into an anti-pattern of what to expect from a standardization organisation. In some sense, the W3C standards are the opposite of the RFCs by the IETF.
(and ISO is somewhere in between - they do produce over-engineered crap, but their signal-to-noise ratio is still tolerable, even though it hurts)
sorry to burst the bubble here but..
Well, I did not intend to say IETF does everything right, but their signal-to-noise ratio is better by orders of magnitude.
Also, I'm under the impression that IETF learned from that utter failure and took measures to prevent similar mistakes in the future (please correct me if I'm wrong).
I did not observe that W3C actually learned anything from their mistakes, but produced less and less useful things over time (again, please correct me if I'm wrong).
Would we be better without copyright laws?
I think the concept of copyright law is good in lots of ways, but the current copyright laws in the USA are pretty awful. It was originally 20 years, now it's 90+. Lots of old works are being lost or having access denied because they're still under copyright, but nobody is publishing them.
Also related: "the war on sharing" https://stallman.org/articles/end-war-on-sharing.html
So we are at the pure rent seeking stage.
Work for hire (producing something to begin with) would still be a thing.
For a broader discussion I'd prefer to reference the actual text for the basis of US Copyright.
"To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries."
With the meaning of those words at the time of their writing:
* limited to scientific works
* and methods of doing things that have direct industrial benefit.
* ONLY by the author/inventor (not corporations)
* LIMITED time, I think 5 years is probably plenty and 10 is a maximum.
* I like the idea of a short default term, and paying (active effort) for longer renewal.
* Consumer protections (trademarks) are a different matter entirely.
I understand the sentiment but..why. Why is it necessary. Art and science advanced on its own long before copyright enforcement of any kind.
True there are things that are particularly benefited from copyright. But they do so at the expense of something else. It diverts labor to things that later require law enforcement to protect.
Yes, science and art will progress, but if there is no economy attached, then they will be dominated by people who don't have to make a living. Unless we fund the whole thing publicly. That would work, but in other contexts we believe the market is more efficient.
But that, of course, is no longer true. The advent of technologies to capture and distribute art has led to new forms of art, and with that an amazing situation where people have unparalleled access to the works of genius. However, those new forms also have a drawback: they can be easily copied and distributed without compensating the originator. So in order to keep being able to support filmmakers and novelists and musicians we need to shield them from this. Otherwise, they will stop making their works.
Who is going to spend 5 years writing a novel if they can only sell one copy?
Hopefully no-one. Apparently there is no value to that novel unless resources are spent protecting it.
We see today things that in a non-copyright world would not exist. But we dont see the things that would exist instead ,so its hard to know.
Roads. Infrastructure for sewers. Defense. Fire suppression.
These are all cases where a purely free market fails to provide optimal levels of the good or service.
People are evidently willing to pay for novels, so we know they have value. The question is whether the current copyright system gives copyright owners too much power to extract rents at the cost of the public domain.
Writing books, making movies and composing music are some of the things that should we should never have an interest in creating externalities for.
The act of publishing the book has positive externalities (people derive benefit from reading it). Copyright is an attempt to allow creators to capture some of those positive externalities to promote more production of books.
Your position that the creator should not have a mechanism to capture any of those benefits is rather extreme, as is the position of the copyright maximalists that assert they should capture all of the benefits.
That is a non-sequitor.
In many ways it isn't even about copyright - it's about IP, and that's actually a whole other problem.
I don't think they're attempting to stifle competition, and if so they sure are not succeeding at that because there are new streaming services all the time. It's so they can prevent a commercially viable piracy business.
But that's not because DRM works.
Getting a digital copy of some bit of media is still trivial. Netflix forcing its DRM on its customers doesn't mean that you can't illegally download Stranger Things in excellent quality, and their DRM doesn't slow anyone dedicated to doing so down at all.
In fact, Netflix could stream all their stuff without DRM, and nothing would change (with one exception I'll come to in a bit). What's made piracy harder is a combination of factors:
* The legal way is often easier (just pay Netflix a small monthly sum and watch stuff)
* The legal way suffices for a lot of people
* Getting caught infringing copyright has serious consequences in many countries
* Downloading files from shady sources puts your computer at risk (Windows in particular; e.g., ransomware)
If Netflix turned off all their DRM tomorrow, then perhaps some pirates would have a slightly easier way to source their material, but otherwise nothing would change.
Except that the end-user gets a better experience.
At this moment Netflix is refusing to serve 1080p video content to anyone who uses a free operating system and free browser, because 'the DRM isn't good enough'. For 4k the rules are even more stringent; you need Microsoft Windows, Edge, and pre-approved trusted-platform capable hardware (which includes the monitor/TV).
For the rest of us, Netflix and the major content studios begrudgingly allow us to watch 720p video on our way too open computers.
This isn't about protecting the media streams from piracy, this is about making sure that the future of media consumption means consumers will run the media producers' software, using their rules, on hardware they control. We are not supposed to run our own HTPC, or do clever things with media we pay for (e.g., letting an algorithm watch ahead to warn the user of scenes with strobe light effects for epileptic patients, as the EFF mentions, or simply controlling a string of LED lights behind your screen for added effect, or downloading the streams to watch on holiday, or cut fragments out of a stream to use as samples in a lawful manner (e.g., a blog about films, or some cultural analysis), or …).
Hahahah, amazes me how people still use that crap. Why not pirate it instead and give them a big fuck you with those restrictions?
But you are right, the downside is that my account is effectively limited to 720p because of complete non-sense.
The sad thing is that any competition (e.g., Amazon Prime) appears to follow the same rules as far as I can tell: sure, you can use your browser, for now, but nothing over 720p for you until you run our software outside of that sandbox of a browser on a verified trusted operating system.
I'm not sure where my point of rejection of this deal lies.
So freeriding is ok? Who pays for creating that content you enjoy?
See, now we have a useful phrasing that actually can be discussed and brings up real issues.
Generally, I pay for whatever content I download. I'd have to do some research to figure out how to rip a Netflix stream or export recorded video from my DVR. Ripping DVDs (and especially Blu-Rays) takes a bunch of time, and encoding the result can be hard to get right (embedding subtitles, choosing a codec and profile that works on most of my devices, etc). It's easier and faster to torrent it than do all the ripping and conversion myself. Not that I do it much anymore; I suspect that format-shifting wouldn't be a good legal defense. And I also suspect that my ISP (the only high-speed one in the area) would dump me as a customer at some point.
shame on you, good thing you aren't doing it either way ;)
> I suspect that format-shifting wouldn't be a good legal defense
you seem to imply by analogy to homerecording, torrenting stuff you once payed for (or didn't directly as with yt) might be ok, but sure enough, taperecordings were campaigned against, too.
Btw: I worry about codec and network exploits, so easy is not the exact term I would choose wrt torrents and p2p-"sharing".
srt's in the container, not hard-overlaid into the video ;-) We've got asshole neighbors. They'll purposefully rev their Ferrari to wake my kid up if they hear the TV (e.g. sound is up enough to easily understand a whispered conversation, then there's a bass-heavy explosion). Then there's the less-common use-case of watching a movie on a plane without blasting the audio.
> you seem to imply by analogy to homerecording, torrenting stuff you once payed for (or didn't directly as with yt) might be ok, but sure enough, taperecordings were campaigned against, too.
Tape recordings don't involve automatic sharing of the data with other people in the swarm as an implementation detail. I did a fair amount of downloading 8-15 years ago, but mostly dropped it when I started working.
The kids are using unlicensed streaming sites and get anything they want in the browser at the click of a button.
The legal options have improved, but the illegal ones are still there and just as good.
Pirating content has gotten SO easy that my elderly parents do it regularly by simply searching for streams of movies they want to see on google. DRM has stopped none of this - and the risks of getting drive-by malware are an afterthought to most people.
This is dangerous, because I'm not sure the people buying them understand that the content is pirated...
Whether it is the real pirate bay or not doesn’t matter, you could never trust TPB.
You can't trust TPB because the content is user generated, TPB does not do much to stop people from uploading malicious content and boosting it to top10 by seeding with bots.
If Netflix captures the market of people who aren't comfortable subverting encryption, they win. 100% capture is unnecessary if they get the people who can't and intimidate the people who won't with the occasional prosecution of the people who do.
The illegal ones are not "just as good" - they faced the competition and got better in the past few years, learning from others successes.
Remember the Popcorn Time. It dropped a bomb because it was an evolution from "go to some tracker, find what you want, download it, wait, watch when it's done" to the modern standards of "think of a title, grab the popcorn and start watching".
(Just in case - I'm not approving or condemning of anything. Just stating the facts what had happened.)
I wish they even gave this, but at least in here, many mainstream flicks are of even worse quality (although this restriction on some content seems to apply even on Windows and Edge browser, at least on my computers). Not that it really matters what's the nominal resolution of a 1000 kbps stream anyway (and lately Netflix has removed the option to see the actual resolution of the video I think), however...
... selling out the free web got us so much indeed.
Netflix, Steam and Spotify made it incredibly convenient to obtain content legally and at a reasonable price. They removed most of the incentives for piracy. There was a surprisingly long period when piracy was hands down more convenient than buying stuff legally, and services like these were responsible for reversing that trend.
More specifically, Spotify deserves a special mention, as it has been single-handedly responsible for massively changing my listening habits, because of the way the Daily Mix/Discover Weekly features keep pushing my boundaries. It gives me something valuable that I couldn't get otherwise.
Well, it works only for crooked purposes, and that's exactly the point EFF is making. DRM is therefore unacceptable, including in the context of the Internet.
And you are still missing the point. DRM doesn't make any pirating difficult. All it does is giving power to undemocratically extend copyright law in arbitrary directions by slapping DRM on something, and saying that breaking that DRM is illegal. It's a power grab tool. Just take a look how this garbage was used to prevent users from switching mobile carriers, claiming that unlocking the mobile phone (i.e. breaking its DRM) is illegal.
The real problem is DRM _law_, which is a gross overcriminalization of justifiably legal activity, like repairs, format shifting (both to and from DRM devices), security research, tinkering with your own possessions, etc. And on top of that, then demanding that all countries in the world follow suit.
I first check Hulu and Amazon video, if it's not on there I pirate it. I can't remember the last time I heard of anyone being burned legally for pirating, and torrents are not difficult to use.
If you can't find a movie on hulu/Netflix/etc, do you then buy it on DVD?
Torrents aren't difficult, but typically I'll burn more time trying to get what I want, uncorrupted, than my available time warrants. Legal burn is unlikely, but burned by bugs or malice is likely enough to waste time I could have spent just watching it via inexpensive legal sourcing.
And then there's that little issue about ensuring content creators actually getting paid, so there is actually content worth consuming.
This is something creators need to get better at. Creators need a "Pirated my media but want to make sure we still get paid? Click here!" button. I want to pay a lot of artists, but I also don't want them to think I want to pay for the DRM'd form.
I think it's exactly this. They know they can't stop DIY hackers from pirating, but they can stop the next Napster.
That's exactly the point of the article.
The alternative is that there is no way to protect IP on the web, which means that there is no incentive to transmit IP over the web which takes a shitload of value off the table.
These anti-DRM arguments smack of blind ideology.
This is a major part of the argument being made here and helps to close the gap between blind ideology and serious issue.
I think what the EFF is saying her though is that the claimed protections for content creators is just a cover for anti competitive behavior.
If they would agree to only enforce DRM/DMCA laws on people abusing copyright laws it would be easier to get behind it.
Unfortunately, we have no protections on one side, and anti competitive shinanigans on the other.
You do if you don't want the material to show up on pirate sites, which is why they claim they want it.
> The alternative is that there is no way to protect IP on the web
Protect it from what? It can't be posting the material to pirate sites because it's already there. It can't be preventing users from making a fair use copy because that isn't a thing to legitimately want protection from.
Pretty hilarious to have put up with that at all.
Now my gaming library is a trivial folder of executables like it should be.
If there was no DRM you could just save the movie to your HD with little effort.
Enough people pay for streaming services to make them a viable business model. That's all the empirical data you need to show that DRM does work for its indented purpose.
...after subscribing to the streaming service. At which point they have your money.
And it's not like you can cancel your subscription after that because then you wouldn't get new content, which is the entire point of having a streaming service instead of watching the same pile of old DVDs you've had since 1998.
And this to me, is the critical problem with all of these services. We don't need gatekeepers anymore, because that's a leftover from physical media. Those days are gone, and the gatekeepers need to die.
Popcorn Time? The streaming bandwidth is handled by the very people watching the video.
You can try and legislate DRM all you want, but like a law to make pi=3 or enacting laws to declare that water not be wet, it is the wrong thing to legislate.
Should the W3C, in turn, care about keeping Netflix happy? That seems like the relevant question to me.
The frustrating part is that my choice to be a law-abiding media consumer subscribing to a bunch of services makes me get a worse service in many ways than a pirate. I can’t use a player of my choice, i can’t have a single UI on top of all media, I can’t rely on content remaining available. Pirates don’t have these problems. The DRM legislation and media conglomerates power ensures that the market can’t fix itself. You can’t make a netflix competitor without DRM because you’ll never get access to licenses for popular culture products. Even had the W3C refused to deal, the situation wouldn’t be meaningfully better.
It's not like the next Netflix could legally start by just downloading the current Netflix. They'd have to go back to the media owners and negotiate their own contracts for it. At that point, anyone trying to compete with Netflix presumably winds up with the same contractual requirements from the media providers to use some sort of DRM.
From that perspective, the W3C adding web platform support for DRM surely enables more competitors than it stops, right? Now the startup engineering cost is to build or hire one EME-compatible DRM provider, you don't have to build proprietary apps for every platform, you can trust people's browsers to run your DRM as easily as Netflix's and quickly launch to every platform that has a supporting browser.
There's also still room left to compete with a DRM free product, assuming you find a way to negotiate media contracts without it, and figure out how to market that fact both to media companies and to users why that would be an advantage. From a web platform standpoint the work that goes into providing pleasant DRM experiences still floats some of the needs of DRM-free video playback, because browsers are going to engineer one on top of the other to save effort.
It furthers the whole concept of DRM, but as a standard open to any party, thus not really damaging competition on the scale of companies like Netflix, that if anything helps the next company to come along and wish to replicate the Netflix streaming experience, because Netflix "has" to share that baseline DRM standard with them (otherwise W3C wouldn't have endorsed it and browsers wouldn't support it).
Yes, DRM is used to abusively undermine the legal rights of users, but that doesn't stop competition for those users, and supposedly in a fair market the least abusive company you'd hope might be able to market a better value proposition. A DRM standard doesn't stop companies from being less abusive and using that as competitive leverage, even if it arguably furthers, or at least favors, the baseline amount of abusive behavior amongst that corporate ecosystem.
It damages (as the article states) the specific type of competition that is disruptive to the framing of Netflix-type business. I.e. there can be competition from a Netflix-clone but not from an innovative competitor who does something different building directly on Netflix in the way that Netflix themselves built directly on top of existing DVD markets to get started themselves.
Real innovation often involves this sort of non-clone, innovative, disruptive competition that doesn't just do something new but actually adapts the existing market in new ways. DRM certainly blocks a lot of that, and that is exactly what the DRM-advocates want to block and what EFF is talking about in stifling competition.
So too, the fact that you couldn't build a sharing service on top of Netflix has much more to do with the contract law and licensure of digital artifacts versus physical goods than anything at all to do with DRM. DRM is entirely orthogonal to the discussion. DVDs have DRM and that didn't prevent Netflix from building on top of them. What almost prevented Netflix from using DVDs was existing contract precedences with Blockbuster, but again that had much more to do with contract law than DRM.
DRM is a tool that is only as useful as law allows it to be, both for good and bad (how it gets regulated versus how it enforces legal structures). It does seem to me that many of the complaints about DRM are misdirected that there is no digital bill of rights and digital assets don't have regulations/protections that we take for granted for physical goods. Those problems remain even if W3C had blocked EME from becoming a standard.
The logical conclusion is that much of contract law is in the way of competition. But the point is that whether we think competition is good or bad or contract law should exist or not or be strict or whatever, the companies in this case are not following the Golden Rule.
Contracts were intended to block things like Cable TV or Netflix, but they came into existence by finding loopholes in those contracts. The argument is that their exploitation of the loopholes added real value, invented new services etc.
The arguments about competition here are anti-protectionist. They basically say that since we recognize that Netflix added value, we not only should be glad that they found the contract loopholes, we should probably eliminate all such protectionist contracts.
The argument about regulation in this case is that we don't necessarily need regulations to protect digital rights because it's trivial enough to technically enable them as long as we don't prohibit the rights legally. Take away the legal enforcement of DRM, and DRM becomes irrelevant for technical reasons. Thus, no digital bill of rights is needed.
It's not my argument (I'm not sure), but it's logically consistent.
In short: legal protection of DRM enables companies to have profit and power and avoid the threat from new types of companies, services, and innovation that would otherwise happen and would be in the public interest. The public isn't only interested in Netflix alternatives but in all the world of innovative developments that would be possible if we removed the protections of Netflix's business model (even if it doesn't protect Netflix as a player in that model).
Really short: it's about competition between types of businesses or between business models, not competition within a business model.
It's about cable competing with airwaves; about radio competing with live concerts; about books competing with priests, etc. not about competition between different books etc.
Which is why Netflix has around 200 native clients for all known hardware and platforms where DRM is implemented outside the web.
Why people think it’s reasonable to have apps for everything, but somehow Netflix is special and must run in a browser built on an open stack...
Now that is something I cannot fathom.
Install a goddamn app. Leave the web pure. Leave the web alone :(
But, now their originals are becoming a larger and larger part of what they provide, they've steadfastly stuck to having DRM on all their content (first and third party). So that prior argument kinda falls flat on its face.
Once you have streaming working with DRM on all devices you need a %@#$$@#$@ good reason to introduce DRM-free streaming. Netflix wouldn't want to discover that its own content plays with very low quality on, say, Panasonic TVs made between April and August 2016.
I wouldn't be at all surprised if some TV manufacturer broke some streaming variant (such as high-bitrate unencrypted smoothstreaming), discovered after a few months, and silently fixed it in new models without issuing an update for the old models.
EDIT: I wouldn't assume that TVs are better at playing DRM. Just from my experience, non-DRM works better (less code that might be buggy). What I'm saying is that once Netflix had a few hundred working devices that worked with DRM, avoiding player bugs became a really good reason to stay with DRM.
Everything on Netflix is DRMed, as far as the user is concerned. You cannot get a copy of the video file for offline playback. You cannot play the movie on a video player without the Netflix app. They remove stuff all the time and then you lose access. Hell, they even control the quality based on which browser you are using (only Edge can play 4k).
Netflix is in on it, plain and simple. They want to control your movie-watching. That's what earns them their monies. The only upside about Netflix original content is they don't put any kind of geographic lock on it.
I'm not sure where it gets stored, and it certainly isn't just an mp4 that can be used with my preferred player, but it does technically work.
Quite simply EFF had a weaker argument, even though there is a lot of sympathy for their cause from representatives in W3C, who also think US law is an arse, its simply not the correct forum for the battle.
That's not say that's a great argument, but the problem with making EME a battleground is that there is zero leverage over the content companies that insist on DRM, zero. Studios have the content people want to watch, if they can't watch it on the web they'll use proprietary apps. Technologists like to believe we shape the future, but browsers do not shape the content industry, rightsholders do. From their perspective, refusal to implement EME is damage they will route around, and they have the leverage to do it. Also note the inefficacy of DRM in general.
The place to win this battle is in congress. We need to move towards strengthening fair use and outlawing DRM, that's the only way to take the teeth out. The idea that the browser is an important battlefront is nonsense, EME is a sensible compromise that keeps the browser relevant. I respect the Stallman-esque view that the web should in no way be compromised but it's not a winning move in the long-term.
I don't lock my doors and windows because I think it makes it impossible to break into my house. I know full well how easy it is to get in anyway, just by breaking a window. I lock my doors and windows because I expect it to create just enough of an inconvenience to mostly deter others from breaking into my house.
Let me re-iterate the emphasis on the word 'mostly'. I'm not trying to make the perfect the enemy of the good here. It's the same for media companies. They're not looking for something that will prevent everyone from pirating movies. They're looking for something that will make pirating movies just inconvenient enough that most people choose to pay for content instead.
The EFF really needs to come up with a less specious argument if it wants to see much success in convincing anyone who doesn't already agree with them in the first place.
DRM isn't there to keep content off the pirate bay, it is there to keep mildly computer literate people from doing Right Click->Save As in Netflix and then sending House of Cards to all their friends.
The last time I ripped a DVD was so my mother could watch it on her iPad over a long plane flight. If DRM didn't exist, I imagine importing a DVD or Blu-ray into iTunes would be as easy as importing a CD. Empowering users to watch media they own on devices they own would have a real impact. It might not be something the average user devotes a lot of thought to, but it would certainly be something they would do if they were allowed.
I'd be curious to know how someone has narrowed down the black box that is Netflix to determine that buffering is caused by the DRM.
I did sometimes run across ebooks that basically used images of the text instead of actual text, and copy/pasting from those naturally doesn't work. But the ebooks in question were all non-DRM.
And just to play devil's advocate for a moment, while I tend to agree about your straw man point, is it completely a straw man argument if some of the CEO's at the large corps pushing DRM actually do believe they can make copying data impossible? I mean, just because we know this is a pipe dream, and many very smart people may argue convincingly against it with hard evidence, does not mean everyone will actually believe it.
To your second point, I can't speak for most CEOs of large media conglomerates, but I would say that I've never been in the habit of believing that CEOs truly believe everything they say. Their messages are crafted.
What I can speak to, though, is what I was told when I was asked to evaluate copy protection strategies in a product I was working on, and tried to push back with the "but you can't make piracy impossible, anyway" argument. And it was basically the response I described above. Eventually I was able to come up with a compromise, which was that we would use a much less intrusive technology than the one that was originally proposed, on the grounds that even the most optimistic benefit to us didn't justify the added inconvenience to legitimate customers.
I don't think that argument works here, though, because the DRM in things like Netflix is so convenient for the average consumer that very few people even realize it's there.
Maybe that leaves us with only the "controlling competition" argument. Unfortunately, that one also seems like a tough case to make these days. The story of browser streaming over the past few years has been one of increasing competition. Once upon a time, Netflix had a near-monopoly. Now there are all sorts of streaming services. I mostly use two of the smaller paid ones, my public library offers streaming, and my partner and I are seriously considering canceling our Netflix subscription. If the goal was to squeeze out the competition, they don't seem to be having much success at it.
For my part, I think the main argument I'm left with is one of interoperability: I don't want my content to be tied to specific hardware devices. The situation with the Amazon Kindle is awful, and has really kind of killed ebooks for me. And it's a great example of content creators shooting themselves in the foot with DRM: They could have retained the ability to sell and distribute their own content if they hadn't worried so much about it. Instead, they just handed basically the entire digital book distribution market to Amazon, and Amazon proceeded to act like about as benevolent a dictator as Amazon always does. This is a slightly different story from how things work with streaming in browsers, though, so I'm not sure you can just stand that analogy up and use it as a solid argument.
It's like arguing that all citizens should wear shackles because it will keep prison inmates from escaping. It doesn't work that way and the people insisting it does have ulterior motives.
It does not need to be perfect to achieve that.
Many people will never go looking for tools to break the DRM or DRM-free copies from torrent sites and the like.
But if anyone could just copy what they see on e.g. Netflix with the click of a button, then many more probably would.
To take a few examples, remember when the European Commission hired researches to do a study on the effect of piracy? What about the revenue from itunes after it went DRM free? Sale of music that is available on youtube after it went HTML5? Revenue from music, film, and games on the longer term after aggressive blocking of torrent sites? What about the long term effect from anti-piracy/DRM laws?
The whole EFF article ends on the conclusion that DRM will not exist if their only purpose is to prevents enough users from copying the product. That effect won't be worthwhile enough to pay the cost of DRM. Only a sticky platform that prevent competition will bring the revenue to validate investing into DRM.
You're not helping your case by bringing up evidence you don't site except for one example where it showed the opposite to your claims
"In general, the results do not show robust statistical evidence of displacement of sales by online copyright infringements. That does not necessarily mean that piracy has no effect but only that the statistical analysis does not prove with sufficient reliability that there is an effect. An exception is the displacement of recent top films."
The difference is not for all Hollywood films, a finding that I recall other studies have found before the EU one when they looked at movies that got leaked before a cinema release. But comparing Cinema DRM to EME is like Apples to oranges, they are not the same thing. Cinema DRM is not intended for end users.
What I don't understand is that it's not how it works, all it takes is for one single user to make a copy and upload it on newsgroups/bittorrent/... and it's available for everybody.
That means that in order for DRM to work you need a 100% success rate at preventing unprotected copies. This seems absolutely implausible.
Since I'm unhappy with the selection and compatibility of the current streaming services offering I keep pirating all the TV shows and movies I watch and they're always available for download mere hours after their official/legal counterparts. It's not like videogames where intricate anti-piracy measures can take weeks or even sometimes months to break, here it's mostly about the time for the pirated copy to disseminate on the network.
I wonder by which metric video DRM can be said to work. It's a pain for legit users because they can't view their movies and shows on all of their devices easily and it's a complete non-issue for pirates.
People go to Netflix because you pay once and then you can just watch stuff.
So they don't really need any sort of protection to stop piracy. They need it to corner and control the legal market.
Controlling illegitimate users is impossible. Therefore the purpose of DRM is control over legitimate users to the point where they can harm legitimate competitors.
Copy protection needs only to be economic. It works as soon as accepting the copy protection is convenient enough that enough customers prefer it to hunting down an illegal copy with good enough quality and without protection.
Everything that is on Netflix you can already get on TPB (since the DRM is ineffective to those with technical skills), so how could the existence of DRM possibly have influenced the customers decision to pay vs. pirate?
There are lots of people who can right click save as who will never, ever, ever torrent.
So what does DRM solve again?
“How to I reset my password?”
“Click ‘Forgot Password’”
You're really getting "my own peer bubble" and "the general population" mixed up.
There is still room to argue that the user's choice was to install a browser that made DNT the default option.
But it's a moot point, since the sort of web services that were in mind when DNT was proposed largely ignored it. They never set the evil bit in their responses, either.
It surely does not. DRM is broken (by any skilled pirate), and the rest of pirating users can get it without said DRM after that. So let's make it clear. Usage of DRM has nothing to do with piracy.
Whether or not DRM exists for those other 99.99% of the people is completely irrelevant. The show is already on torrents put there by those who could bypass the technical protection of DRM. So now those 99.99% of users can watch it for free, too, without having to know how to bypass DRM themselves.
The goal is just to make it just hard enough to pirate that the masses don’t spend the time to figure it out.
My mom and her friends pass around cds and rip them on iTunes. Because it is easy. She’s pirated hundreds of cds. She didn’t know what what.cd is. She doesn’t know what the new version of what.cd. I don’t either.
So if only Paisleybeard and VikingVik can crack the GoT DRM, you maybe only need to get cooperation from the Croatian and Swedish police for a few weeks, and then you get some amount of time when pirated shows are no longer available. But then Swashbuggerer and NotSoJollyRoger and Plaidbeard step up, and the pirate crews flock to their standards. But for a time, some people who might have otherwise pirated may have paid. But then you're back to talking to the American and Filipino and Scottish police. And if one of your captains is in a non-extradition country, you may have to talk to Pinkertons or ex-military contractors.
If it is trivial to crack the DRM, everyone can be a pirate captain if necessary, with a crew of only themselves. You will never, ever stop piracy for longer than a few minutes in any pirate-friendly household with that kind of DRM. That's like the difference between posting your property and putting up an actual fence or wall. It is just a virtual boundary that has legal consequences in the out-of-band enforcement system.
And don't forget that when pirate captains voluntarily retire, or are forcibly retired, they can still publish "how to be a pirate captain" guides for the media-seas they once sailed. They can distribute models for 3D-printing your very own pirate ship. So the DRM-makers have to put constant effort into changing tactics and updating technical countermeasures to fight that kind of fight. It gets to be expensive, because the defense has to be perfect, while the offense can breach it through any ant-sized hole. Furthermore, the analog hole will always be there, and every paying customer has the keys to your fortress gate.
You need the DRM to go after one Kim Dotcom, instead of getting civil judgments from a thousand unremarkable people who were just doing the same thing that hundreds of thousands of other people do routinely and innocuously, without ever getting caught. You need it to narrow down the size of a class of people until it is safe to demonize and turn into examples, without alienating your potential customers.
Without DRM, when grandma gets sued for $10000 because she sent a copyrighted video to all 8 of her grandkids, the rights-owner looks like a bad guy. But when a nerd cracks the DRM and seeds a torrent resulting in thousands of downloads, prosecutors can pile on the computer crime charges, and it looks like the hacker is a dangerous criminal, who was probably stealing your identity and browsing through your cloud photos, too.
It's all about public perceptions. Shooting people in the head is somehow less acceptable if you didn't draw a line in the sand first. People get distracted from the main issue--which is people getting shot in the head--if the victims could have made some choice that would have yielded a different result. The public then gets fixated on where the line should be drawn, rather than taking away the shotgun from the homicidal maniac.
That's a very big point that's not emphasized enough in the article, IMHO.
If security researchers are (legally) prohibited from investigating EME technologies in browsers, then EME extensions become a big vector attack, and standards-compliant browsers that include them, become much less secure than browsers that don't.
As a user, I care about that a lot more than I care about Netflix' competitors. Netflix is not only unjustly protecting itself from future competition, it is directly threatening my own safety.
Personally I think we should make it illegal to look for vulnerabilities in all software. And while we're at it, just on the off chance that somebody does come across a vulnerability (inadvertently, of course), why don't we simply make it illegal to exploit the vulnerability?
That is wrong (from the EME standard, section 10):
> User Agent and Key System implementations MUST consider media data, Initialization Data, data passed to update(), licenses, key data, and all other data provided by the application as untrusted content and potential attack vectors. They MUST use appropriate safeguards to mitigate any associated threats and take care to safely parse, decrypt, etc. such data. User Agents SHOULD validate data before passing it to the CDM.
That is, a browser has to be secure to implement the EME standard, if it is not secure it is not in compliance with EME! (Next up, anybody who falls from a building is in violation of the W3C gravity standard and as such flying is possible.)
I trust I don't have to point out that I am joking.
If the US law changes, then the w3c standard still stands, I don't think anyone involved in W3C thinks preventing security researchers doing their job is a sensible thing.
EFF are picking a fight with the wrong people, and producing propaganda to support that fight, making themselves less credible to those who actually understand the details.
I know 'Fake News' is a popular thing in the US, but I don't think its a sensible tactic in the tech community.
Any site depending on EME will not see traffic from me.
Guess saying “I told you so?” won’t do much at this point.
Just like the DRM battle was lost, I get the feeling the net neutrality battle is a losing battle. Even if it's not this year, eventually, the deep pockets will win -- From what I've seen basic computer literacy (I don't mean using a smart phone) isn't even being taught consistently -- trying to get the majority of the general populace (which isn't even enough to win politically, but I'll ignore that) to understand why repairability and open source matter, nevermind net neutrality seems like an exercise in futility.
While that happens, the tech companies benefitting the most from open source software and the openness that the web introduced are doing their best to split it up amongst themselves.
I've given up on this iteration of the internet, instead of ranting what I should probably do is go try and contribute to whatever is next, whether that's mesh networks or ipfs.
It baffles me that anyone thinks he's insane at this point. For every point he's ever made, you can now easily find 10 real world examples of his fears coming true over the past few decades.
But perhaps this is just more reasoning why the battle is a losing one -- people like me are just going to think things are gray while the people who are right are trying to convince us of the fact that it's black and white. It's just too hard for people individually to see past their own blindspots.
Stallman has often been correct, but that's not to say he isn't also sometimes utterly bonkers as well but on different issues (or to an insane extreme on some others).
I don't know that I blame Netflix as much as I blame the W3C for being spineless/bending to their will. It's absolutely Netflix's perogative to seek the most money, and to try to force their users into apps if that's how they can do so, but the W3C should have been different/stopped it. From my understanding that's the point of a standards body like that (and like the article states, it's in purported reason they were founded at all).
In the end, I'm not as dissapointed with the W3C because the world just isn't that cut and dry most of the time (and browsers still at least give you the option to turn EME off), but
Also: this duality was why I was suspicious of the end result of the Net Neutrality (as opposed to net neutrality) in discussions couple days ago and I got completely shredded. People should be more critical of everything and not fall for feel-good phrases by faceless corps.
Perhaps someone should come up with a small <5-line snippet that explains some portion of how to defeat Widevine, and then everyone in Israel should, I don't know, configure every mail server they know of to autoinject the fragment into all outgoing mail, or something. And/or configure everyone's browsers to autoinject it into every modified multiline text input field (maybe).
Obviously it wouldn't be able to last. But it would be VERY good publicity. And the thing is, Widevine would constantly be being updated so the instructions would constantly break and need to be changed, so exact-string filtering wouldn't work ;)
So. I'll start, despite not living in Israel: both Chromium and Firefox will use PulseAudio if it's available, and fake soundcard drivers exist for Windows/macOS as well, so sound isn't really problem if you're prepared for an "export" process that takes as long as eg SpotAHEM tracks take to play.
It's always about control of something, whether it be the consumer, distribution channels, etc.
I also found https://security.stackexchange.com/questions/124762/how-does... asking how they work, which corroborates that they really do have the key inside. Shakes head Nice...
Kinda depressing to know there actually are competent implementations out there.
I wonder if this is deliberate: the EFF surely realize this themselves, but maybe they don't want to mention it because of precisely the reason you mention, and the fact that the EFF don't want to jeopardize anyone misinterpreting their opinions and positions on the subject.
That is equally lame as what Ajit pai said recently wrt to NN: "wouldn’t you want your surgeon to be able to buy access to an express lane in which a network was allowed to grant privilege to certain data over others? That is, AT&T should be allowed to provide a service in which data bytes flowing between an operating room and a surgeon take precedence over bytes of 100 dudes Googling to find out whether Jennifer Lawrence is married."
A bit OT, but can't that already happen? I thought companies could set up private networks between various locations, and set up prioritized traffic on those already, with corresponding SLA if desired.
So the surgeon/operating room can pay more money for a faster link. Just like there are different tiers of internet already with different speeds. I don't see how NN affects this.
...there was this recent attempt at adding DRM to a (not-quite) juicer, which --- fortunately --- didn't become successful: https://news.ycombinator.com/item?id=14148216
That fiasco was the perfect moment to inform the public about why you should be able to make any coffee you want in the brand new coffee maker you just purchased, how the actual system itself doesn't stop you anyway, and how DRM is just a tool for powerful companies to continue to consolidate their power
You're a criminal. You wouldn't steal a car, would you? Why steal Keurig's profits, then?
I absolutely would! Especially if it was a better car than the only one I was "allowed" to drive and costs half as much
Not too long ago I obtained a office printer from Brother. Came with Cartridges. After only 4 papers these Cartridges where empty, or rather, it claimed to be empty. In reality they were still sloshing full of ink. Tried chinese cartridges for 2$ but had to settle for the 20$ ones from Brother.
The windows driver comes with all kinds of malware (even a toolbar was included!) so I settled for PostScript, which the printer thankfully supported.
I have since resold this piece of garbage on ebay, went back to my trusty old HP Laserprinter with cheap chinese cartridges.
> EFF is suing the US government to overturn Section 1201 of the DMCA.
Yep. It's likely simply unconstitutional. And undemocratic way this law was passed stinks, but repealing it is pretty hard.
In the 1980s the civilised world turned its back on the apartheid regime of South Africa, and in time South Africa ended apartheid. This didn't come at an insignificant cost (South Africa was at the time a well-developed economy which other nations would have liked to have traded with), but it was morally worthwhile.
Clausewitz noted that war is diplomacy carried on by other means. It seems to me that this article is EFF's declaration of independence, and the next logical step is to declare war on the W3C and its members. They are breaking the web; they are destroying the security of the web's users; we need to stop enabling this behaviour.
However, I have kept all of my ripped/bought/downloaded music as well, and I have a very clear exit plan for how to keep "my" Spotify library in case the company goes belly-up or decides to cripple its offerings somehow. It will take me a couple of weeks to recreate the library locally, but I'm OK with that.
For now, I'll enjoy the recommendations and easy access to music that is new and exciting to me.
- Third party clients are a thing, to the point where I really feel like I'm being sold a streaming service and not a tiny window through which I can occasionally listen to music. My normal media player is a python script that talks to an API. This is amazingly useful.
- When using Spotify-provided apps, there's the ability to save things for later offline listening. I haven't yet hit a limit on how many things I've been able to save.
- There's no limit on the number of devices I can use with the service, although I can only stream concurrently on one -- multiple offline devices have worked great though
- There isn't a time limit that certain content is available (this is much easier to feasibly achieve with audio compared to high-definition video, and a major difference between Spotify and services like Netflix).
This is sufficient usability, freedom, and value for money for me to subscribe with the knowledge that what I'm paying for is access to a library that Spotify has created and maintained. I used to rip/buy music on a regular basis and no longer really feel the need to do so. I think it's probably useful to consider what the differences are between services and specifically what makes them anti-consumer.
The limit is 3,333 tracks, last I checked. Should be plenty for most people, I think.
> - There's no limit on the number of devices I can use with the service, although I can only stream concurrently on one -- multiple offline devices have worked great though
I also like that if you start Spotify on another device while music is already playing, you'll get the option to either control playback on the currently playing device, or switch playback to the new device, seamlessly.
I also consider it a subscription to a library, and I'm fully onboard with the fact that if I cancel my subscription, I lose access. I know people think of streaming services as something new, but it's basically the same as any subscription service that people already used before.
I looked at your playlist format specs, why do you use floats? I'm currently coding on a GO audioserver and save time intervals as Nanoseconds (time.Duration). This makes more sense to me, as floats may behave badly in some contexts.
I wonder if floats are going to be a significant problem, hmm.
No wonder it is impossible to find dvd & vhs recorder combination units. Hard to find a dvd recorder too.
You never fully owned that CD, you owned the physical object, but not the content, you only had permission to play it under certain conditions.
With that system, what would stop someone from selling software that can be used to infringe copyright. As long as they don't do so themselves or "incite" anyone else to do so (perhaps promoting a legitimate use like pre-buffering), could they be sued?
(Secondarily, the companies that advocated for DRM never questioned how someone operating under the non-aggression pact would be able to break the DRM; they tacitly acknowledged that this would be trivial -- so whether or not you're worried about secondary infringers like the ones you describe, they would exist, because things that are technologically trivial are impossible to stop, even if they're illegal -- all that EME would do is give these companies the power to stop people who WEREN'T using such tools for infringement and thus wanted to operate in the open; it would have no effect on people who WERE infringing and operating anonymously and in the shadows)
It is a similar problem like Intel ME and closed bios.
We use usecure proprietary code, closed unreparable one-purpose 'kiosk' devices yet we can still record video output or make a screen (camera?) recording. What are they thinking? This is all just to give them advantage over users, to more control and restrict them. Terrible.
Perhaps even prevent you from copying any part of them or download anything from them?
Maybe Web Assembly will also play a role (perhaps as a DRM'd browser "wrapper" to view content through) - it would be like using a DRM'd browser "window" via Flash or something.
Where any browser can view the content, but it is impossible to get any of the content out (because no one saves bits of conversation from blogs or anything like that - and all websites will always exist).
Hmm - indeed, imagine if you couldn't copy twitter feeds or facebook posts (and they were DRM'd in such a manner that trying to do so would be a violation)...? All of sudden, people could erase posts and claim they never said it, because there isn't any copies of it around (today, they have to get lucky and hope nobody made a copy first).
I don't lament this, really. It's my choice. I'm just wondering if it's an observation that can only be made when you're not scrambling to watch the latest season of Game of Thrones (which I have never seen).
My life is fine.
Oh, and if I do back up 10 seconds, can you explain to me why you apparently just dumped your entire buffer and have to reload it from scratch before you're willing to play anything? Did the movie change because I backed up ten seconds? No. Sheesh.