Hacker News new | comments | show | ask | jobs | submit login
Requirements for DRM in HTML are confidential (w3.org)
597 points by duncan_bayne 1377 days ago | hide | past | web | 404 comments | favorite

Great. DRM. The best example of shooting yourself in the foot ever.

Give customers encrypted content and the keys, try to prevent them from freely using the two together, undermine copyright fair use and first sale doctrines as you go along.

Intended effect - No Piracy

Actual effect - Paying customers get crippled products, pirates carry on regardless

It's crazy. And the more they try to lock it down the worse their products become and the better piracy looks in comparison. Pirates don't only beat the legit industry on price, they beat them on quality and availability. How can the industry allow this to stand? Let alone continue down the same path with their fingers in their ears shouting LALALALALALA I CAN'T HEAR YOU!?!

Let me tell you how things work in the real world.

When the people with money say "we want this", you don't argue. It doesn't matter if it's technically infeasible. It doesn't matter if it won't have the intended effect. When the people with money want something, YOU GIVE IT TO THEM. And let them deal with the consequences. Otherwise, you won't get the business, and life can otherwise be made very, very difficult for you.

The people who run Hollywood have lots of money to play with. The people who run the Web companies want a piece of that action. Hollywood says "no can do unless we have reasonable assurance that due diligence has been done to prevent piracy -- that means DRM." DRM isn't really about being effective -- it's about providing a nominal barrier to piracy that will dissuade casual pirates outright, and in the case of serious pirates, provides something that can be "broken" so the studios can go after the person who broke it with civil and criminal copyright infringement claims. Now you know why the DMCA anticircumvention provisions exist: so the copyright industry can do with the law what DRM alone couldn't do.

So the Web either gets DRM, or Hollywood makes content available on proprietary platforms that provide it.

Money shapes reality in this world.

Let me tell you something about the state of the real world: The content Hollywood produces is already fully available on the Web. They try to fight that, but they lose. So the w3c is in no position where it is necessary to accommodate them to get their content. Besides, for the w3c, where is the business incentive, where is the money involved?

> The content Hollywood produces is already fully available on the Web.

For people willing to pirate, it, yes. However, it's far less convenient to pirate movies and get them to your big screen TV than it was to use napster and listen to songs on your mp3 player. On the flip side, Netflix (i.e. content with DRM) accounts for roughly 1/3 of nightly internet traffic in the US. DRM facilitates consumer access to restricted content.

> Besides, for the w3c, where is the business incentive, where is the money involved?

The w3c is primarily an industry group. The players pushing DRM in HTML5 are Google, Netflix and Microsoft, all of whom have a business interest in being able to stream content via browsers.

> For people willing to pirate, it, yes.

What good is protection against piracy from people not willing to pirate?

And no, pirated content is far more convenient than DRMed content. DRM can only reduce the conveninence, not increase.

> What good is protection against piracy from people not willing to pirate?

It's about business. Protection that works for 99.5% of the population is good enough for the old content industries. Netflix couldn't exist in its current form without DRM -- Netflix does not succeed because of novel technologies, but rather because of successful content licensing.

To be clear I'm not a fan of DRM, especially not when it's baked into the HTML standard.

> And no, pirated content is far more convenient than DRMed content.

I didn't say that - you're arguing against a position I didn't state.

I don't think it's the DRM that facilitate anything. DRM is a tradeoff between pirated stuff and going to the theater. Netflix is a legal Napster while Hollywood are content with DRM as good enough protection.

It does, in that it allows business agreements to be signed. Without DRM, old content industries aren't interested in playing.

and we aren't interested in the old content industries. they are "considered harmful" at best

If you're interested in their content, then you are interested in the old content industries. If you aren't interested in their content, then what they do will have little effect on you personally.

I require a definition of how they are "considered harmful" because I seriously doubt that.

EME is a good example of harm.

But how is it harmful to you personally exactly? How is it harmful to anyone?

It corrupts the Open Web, meaning that one cannot simply decide to write a web client that will be able to display any standards-compliant content. It corrupts the W3C, in that it weakens their position in maintaining the Open Web, and lessens their value in the eyes of everyone except for the MPAA and its ilk. It harms culture, in that valuable cultural artifacts will be locked up in a way that will render them inaccessible to future generations, or people on non-blessed hardware.

I'm still waiting for the explanation of how it actually causes harm. Most of what you describe is not exactly harmful and is easily dealt with.

What's to stop someone from creating their own web client that doesn't implement that part of the standard? Where's it written that we have to follow every bit of the standard as it is written? Who gave this select group of people that much power over the open web?

Personally, I think the W3C was approaching being corrupted long before this issue. Maybe not in the terms you are describing right now but I've had issues with the behavior of various standard bodies and browser providers that happen to be a part of these bodies for a while now.

As for artifacts of culture being locked away from future generations, that is a potential problem. But we all know a silly DRM scheme isn't going to stop that. But that kind of thing has been in practice for a long time, way before we had electronics and the human race seems to be moving along in despite.

To me, a better solution is to show that people are willing to move on from these aspects of culture that everyone is so hung up on. If enough people show that these schemes don't work in the long run the content providers are more apt to change their ways. Look at the music industry, it's vastly different than it was just a few years ago and continues to change. Let these people attempt their schemes, in the long run it will matter little.

So, to paraphrase, you think there will be no harm because the W3C isn't doing anything useful as things stand?

Doing nothing useful doesn't necessarily result in harm.

I keep pointing out that people are claiming that this is harmful in some personal way. I keep asking how. The best I've seen is that it creates harm to the standards, which is more about causing harm to the people who control the standards. This decision directly harms the standards body itself, it does not harm the open web. Corrupting the standards with bad decisions hurts the reputation of the standards body, which will eventually importance in the scheme of things. The open web will just move on to something else. The reason I say that is because if the web is truly open, it is free to ignore the "standards" it doesn't like. Meaning, the people who use it can choose to not participate. It's a standard because everyone agrees to use it together. If the people using the open web decide they don't like a browser that implements DRM they don't agree with, then they have the option to choose a browser that doesn't implement the DRM. If there isn't such a browser, the open web allows someone to create and share it with the masses.

If this decision actually causes harm to the open web, then it's not truly open because that implies no one can get around the decisions made by this select group of people. If that's the case, then the web doesn't sound very open as it stands today.

This entire thread was about hollywood. To say that we aren't interested in what hollywood produces is a strange assertion, or a rather narrow definition of "we".

The problem here it does not dissuade anybody. All TV content is available on torrents within hours of the release. All movies appear on torrents sometimes before, sometimes within days of theatrical release. Technical knowledge that is needed to obtain this content is pretty much downloading one piece of software and clicking one link.

>>> or Hollywood makes content available on proprietary platforms that provide it.

Let them. They will spend tons of money on it and all those money will go down the drain once somebody wakes up and understands that treating customers as customers is better than treating them as enemies.

>> When the people with money say "we want this", you don't argue. It doesn't matter if it's technically infeasible. It doesn't matter if it won't have the intended effect. When the people with money want something, YOU GIVE IT TO THEM.

Strange how the general public don't get DRM-free movies from hollywood...

Either way, my point was exactly about 'Hollywood', if you want to call them that, it's them that are delusional about their ability to protect content with DRM.

>> Money shapes reality in this world.

In this case it sems to propagate delusions.

The general public doesn't have an issue with DRM, they happily purchase the content as-is today. They may grumble when they have to purchase a movie for the second or third time but they continue to do so. Therefore the public, being people with money, have stated overwhelmingly that they want content without stipulating anything about DRM, free or otherwise. You are attempting to apply your viewpoint on the general public, which clearly does not agree with you.

As for your statement that Hollywood is being delusional about DRM being able to prevent piracy. They are not delusional about it at all. They know exactly what's going on. They want DRM that prevents casual copying so that Uncle Bob doesn't give a copy of the latest movie to his entire family which is not an attempt at monetary gain. That way they only have to spend money going after serious piracy efforts that exist for the purpose of making money. Your statement assumes that Hollywood is being run by stupid people and that's a serious mistake to make in this type of debate.

>> The general public doesn't have an issue with DRM, they happily purchase the content as-is today.

Do they?

>> They may grumble when they have to purchase a movie for the second or third time.

So not happily then. And not what they actually want.

>> but they continue to do so

Because the choice is that or piracy, and many choose piracy. 'Not participating in popular culture' is a choice, but it's never going to be a big one.

>> You are attempting to apply your viewpoint on the general public, which clearly does not agree with you.

The general public are dolts, but even you have admitted they grumble and don't get what they want.

>> They want DRM that prevents casual copying so that Uncle Bob doesn't give a copy of the latest movie to his entire family which is not an attempt at monetary gain.

Then they have failed, because cousin bill, Bob's kid, has that figured out on them innernets.

>> That way they only have to spend money going after serious piracy efforts that exist for the purpose of making money.

Serious piracy efforts like usenet, torrents, IRC etc? Nobody makes much money there. There are for profit piracy-streaming services that advertise I guess. Never seem to have much legal trouble.

>> Your statement assumes that Hollywood is being run by stupid people and that's a serious mistake to make in this type of debate.

It is. Powerful, litigious stupid people with a lot of vested, anti-consumer interests.

>> Do they?

Yes, yes they do. Take a look at the proceeds from those industries and tell me people are not handing over money for said content.

>> So not happily then...

Ah, I see the problem. When I said happily I meant this definition: "felicitously; aptly; appropriately". Meaning they pay because that's what they are supposed to do. My bad. What they want and what they do are two different things. You see, they don't want to pay for multiple copies but they do, not because of DRM. They do so because that's what they are "supposed" to do. This is more of a philosophical, economical, and/or legal issue they complain about, not technological. DRM is technology that most people are probably not even that much aware of in their day-to-day lives.

>> ... many choose piracy...

I didn't claim otherwise. But, as you say, they have the choice to not participate. That's my current answer to what I feel is outlandish cable subscription fees as compared to my perceived value of what they offer. It doesn't work for me, therefore I don't pay for cable. I use other means to access the media that I wish to consume.

>> The general public are dolts...

I think it's rude of you to apply your viewpoint on a large group of people that aren't even aware of your problem. Then when they don't go along with what you think they should be doing or what you think they should know, your method to convince them otherwise is to insult them? You're not going to win anyone over with your argument.

>> Then they have failed...

Due to record profits, I think the situation has worked out quite nicely for them. I think you are exaggerating in your own mind the number of kids who are sharing movies with their families and the impact this actually has.

>> Serious piracy efforts...

If you think trading torrents is serious piracy, then you need to read up on what true media piracy is. I'm not talking streaming or torrenting content. There are areas of the world where you can buy a perfect copy of a DVD or Blu-Ray for very little and the original content owners get nothing. It's a huge industry and I'm not talking just movies/music here. Plus in these areas this is practically endorsed by the local governments as legal. And I believe there's been a few cases of big-time streamers having legal troubles, Megaupload comes to mind. Before you say anything, that fell apart because of government incompetence, not because of the lack of anyone actually breaking the law.

>> It is...

Then you are naive. Stupid people don't make that kind of money and do the things they do. Just because you think they're stupid and you can cast opinions on things they do as stupid doesn't make it true. Their anti-customer interests, which is only a recent thing mind you, are possible due to carefully crafted legal systems that took years of planning and execution that you claim they are too stupid to have accomplished. If you're going to fight this battle then you need to understand what you're up against.

>> Stupid people don't make that kind of money and do the things they do.

Very few people are intelligent in all areas, these people are clearly shortsighted and stupid in many.

I'm not going to address the rest of your comment, needless to say I disagree with pretty much everything you have to say on the topic, and I think that you set up and knock down a variety of convenient straw men on your response there.

I didn't claim they are smart in all things. I claimed they are smart in their own industry that they control.

But if you want to skip the rest of the response by claiming straw men without defending your claim then that's fine. Especially since you did it yourself with your "very few people are intelligent in all areas" comment. I was directly responding to your statements so I fail to see how the straw man fallacy applies. I did not present a distorted version of your position, I directly responded to it. But, who cares, it's only a discussion between strangers on the Internet. We're not creating world peace here.

Hollywood is delusional, though. They are missing out on a huge potential revenue stream by having DRM-free distribution platforms. Why was Megaupload so popular if people really liked DRM?

So, you are saying that people went to Megaupload, not because it was free, but because it was DRM free?

What are the numbers for comparing the amount of people who used Megaupload versus people who just paid?

Except that the Web's getting DRM exactly so that Hollywood can restrict content to proprietary platforms that allow DRM. Right now, the main use for HTML5's DRM support is DRM on Chromebooks - hardware that's only available from a handful of approved suppliers and is locked down from the hardware up to stop the user running any non-manufacturer-approved code on it. If you enable the ability to run your own code, the DRM module refuses to decrypt anything, and so far as I know no-one has found a way to bypass this.

"When the people with money want something, YOU GIVE IT TO THEM."

Apparently this applies to everybody except consumers.

In reality, most of the pirate activity in this house is my 4 year old son watching full length pirated movies on YouTube.

There is no real barrier to piracy. There's a minimal barrier for the hottest Hollywood properties - meaning you have to go through the hassle of a torrent instead of just going to YouTube - but if you want the content for free bad enough, you'll get it. Usually before it is available through legal channels.

Actually, that wouldn't necessarily be considered piracy. Unless the laws have changed the last time I read up on it, this is legal on your part but illegal for the source of the stream.

Where your kid might be the factor in the piracy bit is in file-sharing, which makes you an uploader and not just a downloader.

> or Hollywood makes content available on proprietary platforms that provide it.

What's wrong with that scenario, exactly?

>> or Hollywood makes content available on proprietary platforms that provide it.

> What's wrong with that scenario, exactly?

Nothing. It's the current scenario. It can bother users, but overall it bothers big media, because piracy is active and well on those proprietary platforms. That's the complaint we hear from them.

There's a large part of W3C that want change so that people with disabilities (such as poor vision) can enjoy big media products. Of course, that assumes that big media cares about implementing the ARIA stuff. I personally believe that their not caring in the past, on proprietary platforms, is an indication of what they'll do in the future, on the Web.

> So the Web either gets DRM, or Hollywood makes content available on proprietary platforms that provide it.

DRM in the Web will be a proprietary platform! The EME proposal is a proposal to make the former open Web depend on proprietary platforms. The actual DRM is not specified (how could it be?) and it only proposes an API the browser should provide for the proprietary binary blob DRM.

This is a really horrible step and an attack on the open Web! I'd much rather have Netflix and Hollywood use a completely proprietary DRM platform for their streaming services than them ruining the Web.

> So the Web either gets DRM, or Hollywood makes content available on proprietary platforms that provide it.

so, let's turn the web into another proprietary platform?

Or maybe make a small part of the web, which already has proprietary elements to it, have a new proprietary element that you can freely decide to not participate in.

The DRM is becoming increasingly complex and elaborate, and taking longer and longer to fully crack. Compare PS2 to PS3 crack times, for instance.

The media executives are of the firm belief that unbreakable DRM is just around the corner, and that when they reach it, piracy will end and they can go back to charging whatever they want again. A return to the good old days of $25 CDs for one song you like and eight filler tracks.

But as far as music and movies go, the genie's already out of the bottle: even with unbreakable DRM, we can always fall back on old camcorders / capture cards and microphones to make lossy copies. I think most pirates will tolerate a bit of quality loss if it saves them heaps of cash.

I think they will ultimately succeed in game DRM that remains unbreakable for the entire duration of a game's market viability, though. Especially with required online connectivity components. But only time will tell.

The PS3 only went uncracked for so long because Sony offered the option to install Linux on the PS3. Once Sony removed that option the people with the smarts to crack the PS3 did so. Once a magnifying glass was put under the PS3 it turned out that the "DRM" was actually horribly implemented (like Rand() functions that were essentially returning constants).


> The PS3 only went uncracked for so long because Sony offered the option to install Linux on the PS3. Once Sony removed that option the people with the smarts to crack the PS3 did so.

It's funny how the facts change over time. Just to correct the facts here: the reveal of the PS3 hack occured on January 26, 2010 and then OtherOS support was removed on April 1, 2010 citing security concerns as the rationale. And to top it off: if you look at the hacker's reasons for hacking, Linux was nowhere in his motivations.

Off topic: This is why I hate history. If we can't even remember what happened 3 years ago even if we have all records available at our fingerprints then how can we be sure what happened like 100 years ago?

You've misunderstood the facts. The PS3 security was not fully compromised with the first hack, and locking down the console was a motivation to those who ended up cracking the security properly (news released December 2010). Watch this... http://www.youtube.com/watch?v=HEFMAP0mTvY#t=0

Doesn't change the fact that Hotz was working on the crack before otheros was removed. So, the removal of otheros was not the seminal moment that the op described. That is, the ps3 did not take so long to crack due to insufficient motivation. It took as long as it did, because it was a more difficult platform. There are similar trends in other areas as well like rooting/jailbreaking phones and installing Linux on UEFI machines.

Hotz's hacking may have been a contributing factor for getting OtherOS removed, but it's removal does appear to be a motivation to those behind the more complete hacks that followed (I believe it's mentioned in the video series I linked to). So with a timeline of April 2010 to December 2010, fully exploiting the PS3 security took less than 12 months.

Sure, but I think that's orthogonal. My comment is addressing the OPs original premise. I seriously doubt there were hackers sitting around saying "we'll leave the PS3 alone as long as OtherOS stays supported." While removing OtherOS certainly brought more attention to the platform and accelerated the hacking, I think the reason it took so long for the PS3 to be finally cracked mostly had to do with the complexity of the architecture or other things. I don't think OtherOS was a factor.

As a counterpoint, I offer the xbox 360, which to my knowledge has not been cracked except for DVD firmware hacks and physically altering the device (mod chips).

The conclusion of this is that hackers will not continue to win the DRM battle. Eventually, enough holes will be plugged, where cracking these products becomes so time or cost prohibitive that the product stays closed for it's lifetime.

i don't follow sony because i don't consume from companies with lock in tactics (betamax, laserdisc, md, memory stick, etc, etc) but thank you for that. it was awesomely entertaining.

So, your current living quarters has hardly any modern entertainment to speak of? Good thing libraries still exist.

I can garantee you i don't miss blueray as i did not miss laser disc.

Also it's much more convenient that my camera and phones use sd cards instead of memory sick..

You're point?

Oh, don't get me wrong, I have no point per se. I'm just amazed that someone has gone that route in this age of apathy. But I am assuming this extends beyond Sony products as many electronics are along the same lines in terms of locked environments.

Yes, they certainly made mistakes with the PS3 crypto. And those mistakes are now certainly fixed in the PS4.

Although it sounds poetic, I don't believe for a second that the PS3 was protected by offering a limited Linux install option with crippled software graphics. The timing of the break just coincided well with that. Of course this is all my opinion on the matter.

The PS4 lacks Linux install support completely, so if Linux was the protecting factor, then people should already be tearing it apart, right? I could certainly be wrong, and there could be a gaping flaw, but my hunch is that it's going to take longer than the PS3 to crack.

<quote>I think most pirates will tolerate a bit of quality loss if it saves them heaps of cash.</quote>

From the studies done, piracy is not about cash, it's about convenience, freedom, etc. If the studios released the content for free (as in beer) but DRM-encumbered then pirates would still be removing the DRM.

DRM was and always will be pointless and insulting, no matter how elaborate it will become. Because it's not the right way to treat customers.

DRM on a sealed hardware platform is entirely different than DRM on a consumer controlled device, which is what the HTML5 DRM plugin interface hopes to achieve.

Do consumers really control their devices anymore? Maybe they still can, but in the industry, there's no doubt that this is viewed as a problem that needs solving.

How much quality loss people are willing to accept if they are not really keen on the content is astonishing. If you go to the pirate bay and look at some of the comments on the tele-synced copies, R6 with hardcoded Chinese subs and all the other sub-par quality rips there still is a large amount of positive feedback. Sure, there is always someone who doesn't know what any of the cryptic abbreviations in the title mean and is upset about the quality, but those seem a minority to me.

I would really like to see more scientific results on how low the quality can be if the viewer doesn't exactly desire the content but uses it to just pass the time and how that compares to the price of going to the cinema.

For music, I can go as low as 128kbps MP3 without noticing much of a difference, and 192kbps without noticing any difference.

For movies, I've always been perfectly happy with DVD recodes into 700MB XviD. Could probably go much lower if they were recoding from a lossless master and using H.265. For most things, the Bluray/1080p quality jump reveals details I don't want to see, like how caked on actor makeup is, and all of their skin complexion issues. Great for nature shows, though.

The cutoff points for me are 64kbps Shoutcasts and telesyncs. At that point, the quality is so bad that it makes me dislike the music or movie I am watching.

Also, availability is a huge issue. For me in Germany it is nigh impossible to legally watch a recent episode of Game of Thrones. And Breaking Bad or Doctor Who has only recently become available via the new service watchever.de. And even there they are published far too late if you want to participate in the online discussion of an episode.

There is another party that you are ignoring. DRM is pushed by plataform sellers, and from the point ofview of the plataform sellers:

Intended effect - Lock people into your plataform, and externalize the cost into content distributors

Actual effect - Exactly as intended

I suppose that the title assertion is to be expected. DRM only works if you don't know how it works.


I'm not sure I see anything wrong with DRM per se (this could be my fever talking), there are probably good uses I'm too dim to think about, but I do think it's unnecessary as part of the HTML specification.

There's no industry or company that has switched to DRM-free content, that I know of, that has failed or suffered because of it:

* Music is largely available DRM-free now, thanks to Amazon's MP3 store (at the least, I'm sure there are others)

* For games, Steam makes it easy to avoid SecuROM Hell

* Despite DRM, all of Netflix's original series House of Cards was available on The Pirate Bay within hours of release. This doesn't seem to hurt Netflix's wish to create more content, or police it more heavy-handedly. (Maybe they would if they could)

For that matter, I think in the modern case every single time a business went DRM free it turned out OK. Isn't that right? In all modern cases, maybe after 2006-ish, DRM-free businesses were accompanied with an easy way to get the content online, and sales did not seem to suffer because at the end of the day piracy can appear (or be) shady and people (rightfully) don't trust shady websites, even The Pirate Bay with all of its popups.

I wish we had better numbers. I would like to see a real analysis on all the reasons people don't pirate and instead buy on Steam. I wish there was a good way to convince media businesses at large.

But I guess this is all water under the bridge, and I'm preaching to the choir.

> Music is largely available DRM-free now, thanks to Amazon's MP3 store (at the least, I'm sure there are others)

Apple should get significant credit here. It was Steve Jobs' open letter of 2007-02-06 to the big four labels calling for them to go DRM free that got the ball rolling. EMI agreed, and Apple started selling DRM-free tracks from them on 2007-05-27.

Amazon's public beta of their MP3 store launched on 2007-09-25, four months after Apple had started selling DRM-free music. Amazon was the first to get contracts in place with all four major labels for DRM-free music.

Actually I think you can also attribute it to (a) the iPod becoming massively popular and becoming synonmous with "portable music player", (b) Only Apple DRM and non-DRM-able MP3s supported on the iPod.

The iPod won the music player market, so if you tried to sell music with DRM you need to either (i) play by Apple's rules or (ii) have mundane tech users being confused when they can't play the music they bought on the what at become THE standard music player.

In 2006, during discusion of the Broadcast Flag DRM, an 82 year old senator was given an iPod and started to realise that lots of DRM wouldn't work with it. https://www.eff.org/deeplinks/2006/01/history-and-senator-st...

True, but the Apple music beast was really created by the music industry who insisted on them using DRM in the first place.

Yes, Apple did a bait-and-switch on the music industry. First they won by playing by the rules, then they used their dominance to change the rules.

I agree with this. When I was buying physical music CDs and play it on my laptop - different CDs had different DRM formats. After a while, I had 6-7 different DRM-enabled players. I stopped playing physical CDs on my laptop after that.

Steam can't be considered DRM free in many cases, for example because they don't let you backing up installers / packages, so if the service closes down you lose your collection. The only completely DRM-free gaming distributor is GOG. Humble Bundle and Desura are mixed.

You are right in general though. Going DRM free not only won't hurt any publisher, it will only gain respect from customers and will improve the quality of their products in a sense of improved usability, because any DRM means a crippled product (i.e. limited platforms availability, inability to make backups and etc. and etc.).

The problem is, that most legacy publishers are rarely customer focused and think that DRM helps their profits. And unprincipled distributors like Netflix are ready to oblige. But the irony is, those publishers only hurt themselves by continuing using DRM. It's mostly innovative publishers, or self published studios (and crowdfunded projects) that have common sense and avoid using DRM. Luckily some distributors are also principled enough to reject DRMed products from publishers. But such are a minority still.

Steam is a distributor. If a certain games has the Steam DRM included or not is (though sadly not mentioned on the product page) up to the publisher/developer. On the GOG forum there is a (probably outdated) list [1] of those games.

[1] http://www.gog.com/forum/general/list_of_drmfree_games_on_st...

DRM proliferation is conducted in three steps:

1. Publishers decide to treat all potential users as criminals, and insist on using DRM in their products.

2. Distributors accept that, and help these unethical publishers to sell those products.

3. Users accept being treated as criminals, and buy these products from distributors.

It starts from the publisher of course, but anywhere down the line, one can refuse to accept this. Distributor can refuse dealing with DRMed products from publishers. Users can refuse buying DRMed products from distributors. Any participation in that chain proliferates DRM, and one can't excuse this participation with the fact that it was initiated by the publisher.

2a. Distributors that don't accept that go out of business, because none of the publishers from 1. want anything to do with them.

For example GOG is a successful DRM free distributor - they only accept DRM free games from various publishers. There are others as well (for music, e-books and etc.). It's mostly video industry which lacks DRM-free distribution options (services like this are virtually non existent worldwide: https://www.headweb.com/en/ See their DRM-free terms of purchase: https://www.headweb.com/en/100237/purchase-terms).

Supporting unethical practice can't be excused with fear of going out of business by the way. Also, publishers need distributors and users not any less than distributors and users need publishers, if not even more. Therefore voting with your wallet (on either distributor or user level) is not senseless. Except that distributors have more leverage on publishers, because of their scale, in comparison with an individual who buys only DRM-free products. Therefore distributors can be blamed more for DRM proliferation.

Unless I'm mistaken (I may be) GOG is primarily in the business of selling old games, which is why the publishers are willing to forgo DRM on the titles.

Publishers of new games (especially expensively developed new games) are more likely to fear a loss of revenue, especially in the crucial early period after release, without DRM.

GOG sells new games from those who have common sense. As I said elsewhere in this thread, it's mostly innovative, forward thinking self published studios or crowdfunded projects. GOG isn't focused on old games exclusively anymore. They are focused on DRM free games though.

I'm not really sure why bigger size of the budget should reduce the common sense of the publisher. Legacy publishers are obsessed with DRM, but DRM has nothing to do with revenue whatsoever. It doesn't reduce any piracy, and only cripples the experience for legitimate users. It's stupid from common sense business perspective, and there is an increasing amount of big budget games which come out DRM free. I view it as simply mentality issue. Legacy publishers can't understand that they should start being customer focused. New ones have no issues understanding it, therefore they don't use any DRM.

I wasn't making a statement regarding DRM, I was just refuting that all steam games have DRM ;)

> I was just refuting that all steam games have DRM

Practically all do, I already explained above. Being unable to back up the installer is already DRM, and it's coming from Valve themselves, not from the publishers.

Always on-line DRM and such is another level of nastiness, but the above is DRM too.

You can still backup the game files after installation.

That may or may not work for reinstalling the game another time. And Steam doesn't help to make it easier, and doesn't let you find out these details before buying the game. therefore I don't consider it to be really DRM-free. The proper DRM free game is distributed as installer / archive package. Steam doesn't offer such option.

I purchase whatever I like on Steam and still hate DRM. They make it worth while with the sales and convenience.

My theory is that if Steam goes belly up, I can do a backup of my games, and use the same avenues pirates use to circumvent Steam. Hopefully they would release control of their games though if they went belly up.

As far as poor customer service, I suppose I have been lucky so far.

And GOG refuses to add GNU/Linux support. Considering that many GOG games run in DOSEmu anyway and some come with native Linux support this is not really understandable.

> And GOG refuses to add GNU/Linux support.

Yes, that's one of their downsides. Even their reasoning is becoming less and less sensible. They claimed they still can't figure out how to offer long term support on Linux. May be Docker can help them.

Shipping binary software for Linux is like playing a never-ending game of Space Invaders.

GOG's position is totally understandable.

No, it's not. Their position is (at least from their last status update): "we are trying to come up with a long term support methodology, and didn't find one yet". It takes them more than a year to design it. It doesn't sound reasonable to me.

Shipping binaries on Linux is nearly impossible on a long term support basis.

FatELF would of addressed at least some of these problems, but was largely rejected by the larger community of people not shipping proprietary products on Linux: https://icculus.org/fatelf/

Might Docker containers be a valid solution to this? Shipping old games is a sorta-kinda-similar problem to shipping frozen versions of web-apps.

That can work probably, since Docker claims that it doesn't impose big overhead, so it can be suitable for gaming.

You would probably find there are performance penalties in areas Docker don't really bother benchmarking or even talking about since they don't align to the design goals. I've only seen some fairly rudimentary demonstrations of VNC and X over the Network for isolating GUI apps in Docker.

Docker author here. I really doubt performance would be a problem. Namespaced linux processes access devices the same way every other process does: by getting a file descriptor to it and making syscalls against that. What we need to figure out is a portable way for a docker container to declare "I need access to the following devices". I would love to work with anyone interested to add that to the docker APIs for 1.0. I think long-term stable binary delivery is an important thing to do and I would like to help.

Ping me at solomon@docker.com about this anytime.

Can you explain the "no backups" part? I'm sure you know about the backups you can create in Steam itself, bundling the application. What is the missing detail? Being unable to extract the data again, without Steam? Is Steam unable to restore these bundles in offline mode?

Steam will require you to be connected to their servers once in a while at least. There's no pure offline mode.

steam is just like any other drm system for your games. it phone home and prevents you from playing without a connection to the mothership.

they just have saner fallback times than other ill talked solutions from EA. but besides its pretty eyes, its the same virus.

good luck running online games as root.

I once bought and downloaded SuperHexagon on Steam but didn't have the time to test it at home. Later on the train (I'm commuting for two hours a day) I wanted to test it. Sadly I wasn't allowed without a internet connection which was really annoying.

Sometimes the game executable doesn't actually require you to be online the first time you launch it, even though Steam does. If you launch the binary from Windows explorer, there's a chance it'll work.

Only for games that require Steam. A game bought through Steam does not necessarily require Steam. Europa Universalis III can be run without Steam running. Europa Universalis IV only requires Steam to be run once (and once for every DLC you buy, in order to activate it).

These settings are up to the game developer themselves. You are right about the offline mode, but it does not apply to all games.

Running the game and installing it aren't the same thing. Some Steam can can be probably trivially copied (the game directory), and are backup-able that way, but you never know which ones, and which require more steps for installation. Steam also doesn't mark any such details on the games before you buy them.

Correct. You can backup a game when offline, but steam wont allow you to restore one without being logged in.

> For games, Steam makes it easy to avoid SecuROM Hell

Steam is not DRM-free. It's just gamer-accepted DRM.

Which seems more rooted in the overall ease-of-use and lock-in Steam creates as well as goodwill towards Valve from their games. Steam's terrible - fight them on a transaction, and you could lose your entire library.

You don't even have to fight them on a transaction to lose access to your library. My Steam client (on Mac) is hanging on startup every time and as a result I can't play the games I've bought and paid for. And of course Valve's customer support is doing nothing but sending canned replies.

Steam's DRM is still DRM and has all the downsides that come with it. You're exactly right that it's accepted by gamers due to Valve's cult status (which I honestly don't understand given that I only have mediocre to terrible experiences with their games and services) and the fact that people have bought huge libraries through Steam and have to defend their decisions.

Hsve you tried creating a new clean OS X account? it could be that you have a corrupted preference file, or something similar.

If Steam works on the new account you can start deleting plists.

Had this happen recently. The error logs and console output ended up not being particularly informative, so I downloaded and installed the Steam client again. Sorted out whatever kink was hanging the client at start, and the game library was still intact.

It's accepted because of things like:

- Great selection. Just about any game can be bought on Steam

- Steam sales. Amazing, unprecedented prices for games

- The DRM successfully stays pretty much out of the way for 99% of users

- Centralized game management. I don't want to have twelve different game distribution clients, each with one or two games. I would much rather have just one

- Centralized automatic updates. Less of a big deal today than years ago.

I don't think you lose your library. From what I was told, your account is put into a no-purchase mode where you can play your games but can't purchase any new ones.

They used to ban users altogether, I think they've changed their policy. They also used to ban users if someone gifted them a game and the transaction buying the game was charged back.

It's pretty unreasonable to claim fraud (charge back) if you buy a game and then someone gifts you...

I think the problem was, I could have your account shut down by gifting you a game and charging back the purchase.

Maybe if you're a total jerk about it?... I purchased the full iD collection once for like $90+, and the next day I requested a refund because several of the old titles didn't want to run. Despite the no-refund policy, they reversed the transaction. I've heard more positive stories than negative ones.

Do you seriously not understand the situation ?

It's great that you had a good experience with your particular customer service agent. But what if you request a refund from someone who is feeling unwell that day, had a death in the family or is just feeling like being an asshole. Then you're account could be blocked with limited recourse.

In this day and age there really is limited point to DRM. Everything becomes available on Torrent sites anyway and all it ends up doing is treating legitimate, paying users as second class citizens.

Are you in Europe? Because I'm pretty sure european law forces them to refund you in that case.

Sure, but they ignore the law. Had that with GTA 4, which didn't run fully because the integrated Microsoft-Always-Online-DRM didn't work. Got the "no refund" answer despite having a 8 year old account (at that time) and a not so small, albeit not massively large, library, and without ever having requested a refund before. I'm still angry about that and minimized my purchases there.

Edit: This also means, to the original comment, that Steam does not necessarily make it especially easy to evade SecuROM Hell or other DRM methods, as games on Steam can still have their own protection schemes. It only makes it easier insofar as those are normally marked and games have with Steam only another, better option. Maybe that was meant.

The trouble with laws like that is that they are only worth anything if you have the means to enforce your legal rights under them. If Steam -- or any other supplier or on-line service you use -- is based in one jurisdiction and you're based in another, the cost of actually taking them to court to force compliance could easily be prohibitive.

I'm a little surprised that they haven't been dinged by the card companies yet if reports of whole accounts being blocked based on one chargeback are true. Even Valve are just another retailer to the likes of Visa and Mastercard, and the card services tend to take a very hostile view of merchants who try to evade their obligations under the card service policies if something comes to their attention.

I'm also surprised there haven't been more legal cases considering the implications of SaaS, on-line media library services, software that requires phone-home activation/DRM, and the like. There are obvious ways that such systems/services could provide unfair leverage against consumers in the event of any dispute, and as you mentioned it seems very likely that they would fall foul of the law here in Europe, or at least in several national jurisdictions within Europe. The US tends to give businesses a lot more slack to play with on such matters, though.

it still only takes it happening once to you to lose your titles.

Personally as one of those pirates they are trying to stop piracy is only an issue when your content is not easily accessible the legal way or it is too expensive.

I have experienced both. For instance songs are very cheap when your monthly income over £1,500 but when your monthly income is £300 (that's the equivalent in pounds in the country i grew up in) that's a bit too much for just one song.

Same for everything else since they're all price for the US,UK,etc market.

Now that i can afford it i choose to pay for the content i like (it's my way of encouraging the people creating the things i like) even though i could still pirate it.

Then again I'm still forced to pirate some things that can't get legally.

Wish i didn't have to but it's not like their giving me a choice.

You are NEVER forced to steal things that aren't essential to survival. Starving on the street and steal a loaf a bread, that's one thing. Don't want to participate in many varied ways of listen to music for free legally and so choosing to steal the next big album you want to hear, not ok, ever.

You are NEVER forced to steal bread. Don't want to participate in gathering seeds and wild fruits for free legally and choosing to steal bread, not ok, ever.

I guess "essential" has many definitions, huh...

Come on, they're not in any way comparable.

The UN declaration of human rights includes one sentence talking about the right to food, and many paragraphs talking about the right to participate in culture, community, communicate, and so on.

So if we judge by that, the right to participate in culture is more important than the right to food (or more likely, is simply more often challenged and disagreed with).

If the whole legal regime around copyright is having the effect of preventing people from participating in their culture/society, those laws are immoral and should be opposed.

Have you even read the Universal Declaration of Human Rights? Articles 23 and 25 are not supplanted by Article 27. In fact, Article 30 specifically states that you cannot interpret the UDHR in any way that would allow you to remove rights set forth in previous the articles. And, as surprising as this may sound, the UDHR doesn't specify order of importance based on word count.

Wait, are you implying that the UN has declared that stealing the results of someone's labor is justified because it's a "right"? We might as well declare anarchy and get it over with.

I also fail to see how copyright laws are preventing anyone from enjoying their culture.

It's sad times we live in when creating culture is labeled "labor", "work" and so forth... About the "stealing" part - http://www.huffingtonpost.com/2012/02/06/lady-gaga-jack-whit... artists are more than happy to let anyone experience their art, it's the producers that have a problem with it.

I guess this is what you get when you allow business-minded people to define what being human is all about...

"It's sad times we live in when creating culture is labeled "labor", "work" and so forth."

It's sad when idle consumers come to believe they are entitled to the product of another's labor for free.

Well, I was talking mostly about food.

But if I use my culture as a basis for a song that I write and I wish to sell it to make money, then you're dang right I see it as stealing if someone takes it without my permission.

If an artist wants to share it openly, then that's excellent. But if the artist wishes to make money from their effort why is it your "right" to demand otherwise?

It's not about being business-minded, it's called having rights over your own property.

Because mostly it's not the artists who want to lock it up, and it's not the artists that stand to gain most from locking it up, it's the suits.

Ok, how is that any different?

An artist who works alone deserves your money but an artist who agrees to work with a third-party does not? Because the third-party might get a piece of the pie dictated by the contract the artist agreed to? That's an extremely weak defense of not paying for content.

Are book stores okay? Because I'm sure they make money from the books they sell that they didn't personally write. Well, that's not an exact comparison but I hope you get my point.

I have to say, I am astounded at the level of entitlement people seem to have when it comes to consuming content others worked to create. I want it, therefore it should be mine is the mantra of this type of thinking.

You don't think Mickey Mouse and other Disney properties are part of our culture? Copyright on those works would have expired ages ago, if the laws were enforced as they were written at the time. Disney continues to prevent people from participating in that part of our culture.

How do they prevent you from participating? Do they stop you at the doors of Disney World? Can you not watch Disney movies whenever you go to the theater? Oh, that's right, you just want it for free.

Although, I agree with you on the copyright laws, they shouldn't be extended like they have been. But that's an issue to complain to the people who write the laws, not the content providers who take advantage of them.

> But that's an issue to complain to the people who write the laws, not the content providers who take advantage of them.

that works when the law makers are ethical and neutral. When the "content providers" get in bed with law makers to create laws favourable to themselves, then what?

I want to participate in culture by creating a derivative work based on the disney micky mouse figure. But i m disallowed, because of the said laws, unless i paid disney some amount of money. Do you think disney deserves this money?

According to the law, yes. They absolutely deserve that money because that's what the law says. You can't choose to ignore a law because it's inconvenient for you. If you choose to ignore a law for your own benefit then that allows others to do the same for your potential detriment. That's extremely bad short-term thinking.

Your complaint is with the law, it has nothing to do with the content providers. You say but the content providers influence the law with money. In that case your complaint is with the system that writes the law. Your ire is misdirected and likely will cause nothing to change.

Of course, there's civil disobedience to consider. It would be an interesting way to combat the laws at hand but I'm not sure how to go about that in terms of media consumption. I suppose if enough people did it at the same time.

But you fall into the common problems with these type of discussion; you act as if your choices are limited. For instance, with piracy it's usually "they don't make it easy and/or cheap enough for me to buy so therefore I must steal it" which is a self-limiting range of options. It totally ignores several options such as simply not consuming the content in question and move on to something else. You present only one option in your desire to create, a derivative work based off of another's content. That's not your only option in this case.

Finally, this idea that this stuff is a part of our culture and we're locked out of it. I would say if we're locked out of it so tightly that we can't enjoy it then I wouldn't call it part of our culture. But this culture defense is new to me in these terms, it's an interesting idea. It will ultimately fail in the end but an interesting defense nonetheless.

According to the law, yes.

That's begging the question. We could change the law, but first we have to ask if we should, and in what way. That's why chii asked: Do you think disney deserves this money? Only after we answer that, will we know what the law should be.

Change the law? Absolutely. That is actually what I've been trying to advocate all through several discussions, that the outrage is misplaced. Don't like the law? Demand a change in the laws instead and stop wasting time on the companies that follow the law.

It's like that silly issue where everyone gets mad every year at international companies following various country's tax laws to reduce their tax obligations as much as possible but never actually demand a change in the laws themselves. They rail against the company as if that will change anything.

But to answer the question again, yes indeed, Disney deserves that money because that's what the law states. I don't understand how I can make that more clear. The fact that they get any money at all from their original creation is directly tied into such laws. Without those laws they have to hope for the best on the goodwill of people to compensate them for their work. As for deserve? They created it didn't they? Do they deserve anything at all? If they do, for how long until it could be considered public domain? Should anything be considered public domain after a time at all? That's what the law is for, to answer those questions. If you want to change the law, the current law applies until you change it. You can't start at zero and build up, you have to start with what's already established. Therefore, Disney deserves that money because of the law as it stands today.

I'm not talking about piracy or passive consumption as "participation". I mean people who are making art, movies, music etc. can't create anything new with Mickey Mouse or Snow White or Bambi because they are owned by Disney. You can't even sell a ringtone of Alice saying "You’re mad, bonkers, off your head! But I’ll tell you a secret: all the best people are", even if you make your own version in your own voice. Because Disney decided they're not done wringing money out of a movie made before my father was born. I don't just mean wholesale copying, but using any of it as raw materials for something creative is prohibited.

Why does that matter so much? Why is it so important for someone to be able to sell a ringtone from a movie they didn't create? Why is it so important for someone to make money off a derivative work based off of the work of someone else? Besides, there are examples of people making money off of derivatives of popular content they didn't create. It's just a fine line between making a copy and creating a derivative.

I think the thing I've been missing is so far is because Disney is the example, which is a big company, and big companies are evil right?

Let me toss a wrinkle into that logic.

Newly graduated college student makes an animated short. Took months, maybe years, to get it done. Took weeks, maybe months, of hard work to get it visible to the public. Public loves the film and wishes to buy a copy. Someone makes a "derivative" work that copies the characterizations of the original animation. For some reason, derivative work becomes popular. Original creator loses out. Screw the original creator right?

You do realize that the most likely outcome of allowing derivative works to happen too soon is that the big companies with their huge resources will swoop in and wipe out the small guys in no time flat? You think I'm defending big companies with these statements? I'm defending all creators regardless if they are Disney or the dirt-poor artist down the street.

If you have a problem with Disney being able to continue making money from their original characters, despite some of their characters being based off previous stories in the public domain, because copyright laws keep getting changed then you're problem is with the system that allows such things. Attack the system, not creators because you'll almost always come across as unfair to them in some way.

Disney is the example, which is a big company, and big companies are evil right?

No, just a few :) My problem with Disney is that in protecting their own interests, they also extended copyright on tons of other people's works as well. http://web.law.duke.edu/cspd/publicdomainday/2014/pre-1976 I believe the original creator, big or small, is not as important as the rest of the people in society. If big corporations make most of the money from derivative works, that doesn't prevent other people from making their own as well. But copyright means there is a state-granted monopoly on nearly all creative works.

If you have a problem with Disney... then your problem is with the system that allows such things.

How would you "fix the system" so that only certain people get a say? Disney can lobby if they want, I just want them to lobby for different things.

> stealing

You keep using that word without realizing that the rest of us may have already moved on to a different concept of ownership.

By the rest of us I'm guessing a small number of people who have high ideals outside of reality? Your definition almost literally means no one has ownership over anything when it is your "right" to take it as you please.

How shall we define the act of taking property without due compensation that the owner of said property expects?

You seem to be acting intentionally dense. Surely you understand that the difference being discussed here pertains specifically to duplicable content, where the property involved is "intellectual property" and much more open to alternative interpretations than things like land or food.

No, I'm not dense, I see property as property. You act as if I don't know what's going on technology wise. But I do know and understand, it's not a difficult situation to comprehend. Implying I'm dense or any other derogatory term is just an attempt to dismiss me without having to actually consider what I'm saying. You shouldn't do that because that's typically the defense of someone who has little to back up their side of the debate.

You simply want to redefine things so you can apply your alternative interpretation of ownership in a way that allows you to obtain someone's property without compensating them for it. You feel entitled to someone's work because it's easy to duplicate it. It could take an artist weeks or months to create their work and you feel they deserve nothing because you can copy it in seconds. That's a sad justification.

Whether the fact it can be easily duplicated is irrelevant. Someone created that work with their time that they can't get back. They spent a moment of their life away from other things creating this that they can't get back. They spent resources (not necessarily money) creating this that they can't get back. None of that can be duplicated in seconds. If they wish to be paid for granting you access to that work then they should be compensated as they wish. If you don't agree with the price of admission then you don't get access. Thinking otherwise is admitting you feel you are entitled to it because you simply want it and the original creator can suck it. You are saying the creator's time and effort is worth nothing.

I simply cannot agree with that way of thinking.

I didn't say that you were dense, I said that you were acting dense. I also didn't espouse any of the positions that you credited me with, rather I simply pointed out that this is a complex issue. You have acted throughout this thread as though this were black and white, and as though "stealing" music were the same as stealing bread or any other physical object. The specific post that I replied to was the most telling instance of this. I'm not arguing for a position on either side of this issue right now, I'm simply telling you that if you want to have a discussion about it, you have to at least come to the table with the recognition that there is a rational basis for the opposing point of view. You can disagree, sure, but the way that you are doing so is far from productive.

Ah, ok, I see what you mean by not claiming I'm dense but just what I'm saying. My bad.

Also, again my bad, I'm attributing the whole discussion onto you instead of specifically your statement. I tend to lump everything together when multiple people respond throughout a single thread as though they are in agreement with the thread as a whole. I'll have to work on that.

I fully recognize the opposing position in this debate, I understand the thought behind it, I use to agree with it. But at this point, exactly as you point out, I highly disagree with it today. For the most part, I see people wanting to alter the definition of ownership for their own benefit to the detriment of the original creator. That the simple idea that a song can be perfectly copied countless times without damaging the original copy is somehow license to demand that the original creator hand over all their ownership rights without compensation is just wrong. It is as simple as the "black and white" example of stealing bread or any other physical object. I would give more credit to discussions about stealing bread because it's possible a human being stole it to survive, no one needs the latest hit song or movie to survive. If time and resources were spent in the creation of the product then I fail to understand why it's wrong for the creator to expect compensation, if they desire it.

Rational basis? What exactly is that in this case? Because I've never seen it. If anyone can give me a rational example of why the "I want it, it's easy to copy, therefore it should be mine" way of thinking is justified, then I'll reconsider my position.

I inadvertently focused this discussion too much on the duplicability aspect of the argument, when there are other factors at play as well. For example, if someone purchases a song and then plays it on speakers, and you are nearby and listen to it, I've never heard someone claim that you've stolen the music. Similarly, if you go to a music video on youtube, then listen to it while switching to another tab, you also have not stolen the music. Yet if you download the exact same song from a torrent site, then listen to it, and then delete it, the claim is that you have stolen the music. The dividing line here seems arbitrary and difficult to pin down. In every case, you had the same auditory experience. In the latter two cases, you had the same sequence of bits stored in memory, the same instructions execute on your processor. Yet only in the latter case have you stolen something. So, what is the property? What, exactly, is it that you have stolen? The fact that this isn't completely trivial to answer is my justification for claiming that there are, at the very least, some shades of grey in this issue.

If those seeds or fruit happen to be on land that someone owns then you are stealing those as well.

Ok. I agree forced may be a bit of a strong word since i can always choose not to pirate it.

However what about books or scientific papers which are hidden behind pay walls or just incredibly expensive.

The price of a good programming book is about £20. But when your monthly income is £300 that is a lot of money. Not to mention you have to pay electricity, gas, etc. and the prices for the utilities are not that much different.

So your options are:

1. buy the book and not eat for 2 weeks

2. pirate it

3. don't do anything and let your progress as a programmer be hindered by the lack of knowledge

That's what i call being forced. There's no situation where i can say i helped the author with the little i have and progressed in my development as a programmer.

If you give in to the system they set up knowledge become the privilege of the wealthy I agree that content creators need to live but the one size fits all approach is really f*ed up.

Open it up let people pay as much as they want or set different prices for different regions piracy will fall considerably if you do and for god sake don't limit peoples access to content by regions it's a sure way to increase piracy.

"The price of a good programming book is about £20. "

If only we had a global computer network by which you could find a much cheaper used copy. Or even a free loaner copy.

I will agree with you that it's definitely important for products to be priced appropriately for the region they are sold in. And, I understand that access to information can be a huge roadblock, which is why it's important for people to free up information as best as possible. Still, when you consider things like public libraries, free access to internet, etc., you have to question whether or not you have really tried to do it without pirating someone else.

Really? How about turning that around: how is it okay for me to pay more for something, solely because I live in a different country?

This is known as the 'Australian Tax' here, and is at the point where for some software products (Microsoft's dev tools, e.g.) it's cheaper to buy a budget flight to the USA, buy them there, then return.

Geographical pricing is morally indefensible.

I'm talking about lowering the cost in areas to match the economy. I too think the cost of software in Australia is crazy.

They are the same thing. The exact same thing. All you're quibbling about is that you don't like where the pricing is set for the region in which you live.

Huh? I'm not quibbling about anything. You brought it up, not me. I'm perfectly happy where pricing is at in my region. It's commiserate with the general economy. Nothing is disproportionately priced here. Some areas seem to be out of sync with their economy, either high or low.

Indeed - and if things get too far out of sync, it becomes worthwhile to import things from countries where they aren't. Except that such free trade is often prohibited by law.

And I sure as heck don't justify stealing just because you don't like the price.

Well, yes. I think we're in agreement there.

To play devils advocate, I'm not sure why you think the very poor should be concerned about respecting copyright law.

Also thinking along devil's advocacy lines -- it seems that without a universal basic income, people naturally resort to theft and copyright infringement to pull themselves back up to the baseline quality of life. With the economy naturally balancing itself out either way (The rich either pay taxes or get stolen from; the poor either spend their money or don't have any), it seems to make sense to go for whichever option has the lowest overhead.

Because being poor doesn't give you the right to take from others to satisfy your own entertainment desires. I think Jean Valjean wouldn't have been quite the sympathetic character if he stole a lute instead of a loaf of bread ;)

Yes, but copyright abuse doesn't equate to stealing bread. I realise you already know this, but it's kind of a fundamental distinction here.

I totally agree with your statements. The only thing I pirate nowadays are basically movies because there is no easy way to purchase them. I don't really pay for music though as I use mostly Grooveshark/Soundcloud and/or listen to online radio.

And it's fucking ridiculous that you have to a saloon to watch a new movie and pay a ridiculous amount of money per person to watch a single movie.

I pirate all movies I can out of basic principal, they are not getting a dime extra from me since they continue with their harassment.

I am actually very pleased with Steam as it's an excellent service. But if I would want to play a game on let's say Origin I would definately pirate that game if it doesn't exist on Steam.

So, content providers are "harassing" you in some way by not making it easy for you to purchase their content or they want to charge what you personally feel is too much? You pirate because they "harass" you? That's a new defense of pirating for me.

Do they target you specifically with this harassment or is it just in general for the population of where you live?

> forced

You keep using that word. I do not think it means what you think it means.

Depends... He could live somewhere that he can't get access to legal copies of TV shows he wants to watch (Some TV shows take months, if ever, to show up locally). Or live somewhere like Australia where everything costs prohibitively more than elsewhere.

If I want a TV show - Say House of Cards - and it's not available, or it's available much later than elsewhere, or it's prohibitively more pricey... They want the show and the only reasonable way to get it... then it will "force" people who want it to Piracy.

>> "They want the show and the only reasonable way to get it... then it will "force" people who want it to Piracy."

I would very much like a Ferrari California. It's unlikely I will ever be able to afford one - it is prohibitively expensive for me. I am not being forced to steal it. I understand like a rational human being should that if I can't afford something or it isn't available to me and it isn't essential to my survival I have no right to take it. I know that physical theft analogies aren't very good when comparing to piracy but seriously - you are not being forced to do anything. You make a choice to steal it. Whether that's morally right or wrong is your decision to make.

First, the show is being given away for free elsewhere--it is mere accident of geography that the person can't access it.

Second, stealing implies that the person being stolen from can't access it anymore--which is clearly not the case here.

Stealing is the wrong framework to use here.

No, I think it's more the role of the victim of the theft to decide whether it was morally wrong or not.

Otherwise, yes, this idea of being "forced" to pirate something they want but don't have easy access to seems a rather silly statement.

You seem to have confused "wants" with "needs".

> DRM-free . . . Steam

How is Steam DRM-free? You must first log in to your Steam account in order to play. Locked down. They seem to do it with very good UX, but it's DRM.

I think this negates the first part of your thesis: that DRM-free is picking up.

Steam could be used simply as a distribution method, you have an account to purchase and download. The level of DRM protection is up to the developer/publisher to decide. It's possible for the game to no longer require Steam once it has been downloaded.

Although, if the developer/publisher doesn't include an installer of some sort within the game files reinstalling without Steam might be a bit tough. Makes me wish for the old days when you didn't need installers, you just zipped up the folder as a backup. Need to reinstall? Unzip to new folder.

They can also remove games from the store and from users' libraries: http://www.forbes.com/sites/erikkain/2013/12/30/steam-remove...

From the store, anyway. The update at the end of the article states that they were wrong, and the single player game is still in users' libraries.

> For games, Steam makes it easy to avoid SecuROM Hell

Not really, there are Steam games with all kinds of additional vendor-specific DRM, including SecuROM.


The reason for piracy is simply bad salesmanship.

Nobody would bother with torrents if there is a much easier and correctly priced alternative - when Steam started selling games in Bulgaria I stopped pirating games. When Spotify started selling in Bulgaria I stopped pirating music. When, eventually, Netflix starts selling in Bulgaria - I'll stop pirating movies.

The solution to piracy is simply knowing how to sell your product. DRM is an attempt at a technological solution to a non-technological problem.

> DRM only works if you don't know how it works.


Doesn't really apply here. When sending an encrypted message, the adversary doesn't know the secret key. With DRM, the adversary is the receiver of the message. You (or your computer) already has the secret in Kerckhoff's sense. It's just a matter of finding out where the key or the unencrypted data is stored - in the worst case by hooking up hardware to the mainboard or the screen.

You could make DRM "Kerckhoff hard", but you'd have to use a completely trusted architecture with secure boot and signed applications - which is not conicidentially where all major players are moving. Even then, there are a couple of loopholes (bugs/jailbreaks, you could tamper with the hardware, or you could just record the signal during playback ("analoge gap"))

People don't seem to understand this about DRM. It's based on encryption, but encryption only allows a secret message between alice and bob, away from the prying eyes of carol. But in a DRM situation, alice and carol are the same person.

> or you could just record the signal during playback ("analoge gap")

And for that we are striving for newer technologies to close that gap from the analogue side. I'm not being entirely serious (yet), but thinking about Occulus Rift or Google Glass, etc.

Once we get our media/games to jack in directly to our brains, like all the cyberpunk novels prescribe, it's going to be pretty hard to get a tap between the analogue side :)

Whatever means you use, you must have an unencrypted stream somewhere, and you can tap that stream.

In your example, just make a computer that pretends to be your brain, and you'll get the data to post at Pirate Bay.

Overall I agree with you except your example of Steam.

Steam is DRM.

Gaming is going towards more online by adding value (just like SAAS can't be pirated like traditional software) always online games by nature such as Battlefield 4 can't be pirated as well.

That's possibly why also Simcity decided to go online but the added value wasn't enough and caused a backslash.

No, the organizations are just paranoid. I had to sign an NDA before seeing the Disney digital content handling requirements. That sort of document will be the W3C requirements. It didnt say anything detailed about implementation, just requirements about encryption, watermarking etc.

> * For games, Steam makes it easy to avoid SecuROM Hell

Steam has its own DRM, and games distributed via steam may have additional third-party DRMs (including SecuROM and other similar shite).

IIRC GOG is only DRM-free games, although it is less convenient.

GoG is actually quite convenient, it has a much better website and a good downloader.

The only downside is the much smaller library than Steam.

I find the site good, but I only got grief from the downloader (back when I tried it a year or 2 ago, it may have gotten better since), for all of its slowness Steam's installation and updating process is much more hands-off and convenient.

The downloader is quite smooth, at least now. You still have to install and update manually, which is a bit annoying.

The one really cool thing in Steam is savegame sync, but not even all games support it.

> The one really cool thing in Steam is savegame sync, but not even all games support it.

Yes, that was a very annoying discovery when I came back from holidays, after I'd started playing Rogue Legacy on my laptop and realised I had to hunt the savegame locations and pray they were compatible between the OSX and Windows versions of the game (they were)

And no GNU/Linux support...

> all the reasons people don't pirate and instead buy on Steam.

Because the sames are stupidly, insanely reasonably priced. $5 for 20 hours of content? Games from time to time being 50% off? The ease of getting new content in a few clicks?

Contrast that with movies that are available for download at the same time they show up on DVD in stores: $15 for <2 hours of content that's probably not going to be that great, when my alternatives are to go to the movie store and pick it up for $2 as a rental or to pirate it for free.

I think that the early exploitation of Napster against the music industry made publishers feel like they were losing large amounts of revenue. There was one programming publisher who was trying to make the argument that the lack of availability for an affordable price was the reason why people were downloading illegally.

The counter argument was that his small niche was not indicative of a large industry. What you are mentioning about Amazon is pretty enlightening for me to read. If you think about it, the lock-in you suffer from iTunes is an outdated and anti-consumer stance. It is absolutely unnecessary to force a purchaser to store his digital goods on the cloud.

> DRM only works if you don't know how it works.

That's not entirely true, I don't think? What about AACS, which uses a very clever master key / sub key + key revocation mechanism. People figured out exactly how it worked well before it was actually "broken" - and it was broken by stealing private keys from devices.

> For games, Steam makes it easy to avoid SecuROM Hell

Steam is DRM. Sure, it's fairly nice as DRM goes, but it is still DRM.

> Steam is DRM. Sure, it's fairly nice as DRM goes, but it is still DRM.

Depends on what you mean by DRM. Many Steam games run without Steam and only use it as a platform for digital distribution.

> DRM only works if you don't know how it works.

Which is why it doesn't work.

But it is very useful for excluding competitors and pissing off consumers.

I recall DreamCast failing primarily because of piracy -- everyone burned games to CD-Rs instead of buying them.

Not really... in the PSX there used to be TONNES of copied CDs and we all know how that went...

The failure of the Dreamcast was the pitifully small library, not piracy.

the dreamcast had 700+ games, more than gamecube and xbox combined

Wikipedia lists 967 games for the xbox alone. The Gamecube appears to have come in somewhere around 500 or so. But it's probably worth noting that no one ever claimed either of those consoles had massive libraries, either.

It is amazing how that myth persists. Piracy was much more common for the playstation, and I seem to recall it did ok.

I even heard that Sony was trying to make their games pirat-able in order to promote them faster and kill the competition, LOL. Don't know if was true, but worked fine.

DRM enables movie rentals over the internet and that's about the only good use I've seen for it.

Sadly, both Steam and Netflix still include DRM, it's just a bit less annoying.

Netflix along with Google and Microsoft are the companies behind the HTML5 DRM proposal.

iTunes doesn't DRM music anymore either. Haven't for years.

This is up to the publisher, audiobooks and most japanese music is still DRM'ed on iTunes. (and the most annoying thing about it is there is no way to see that before you purchase).

This is all so ridiculous, rtmp for instance is as secure a DRM as its ever gonna get and that never stopped me from downloading a stream. Even things like HDMI/HDCP is broken beyond repair. And all of this should justify damaging the w3c reputation forever, what are they thinking?!

This whole concept of DRM is just idiotic, its enough if one guy breaks the DRM and releases it. Why should I even bother booting a propertary OS (windows) and buying a stream everytime I want to watch something if I can just download a release and watch it, and its not like they can do anything against that either.

Why should I bother and buy HDCP capable new hardware, bother with proprietary NSA-compliant US software I much rather buy the DVD, trash it and just download it in a open and free format (I don't even bother with ripping (and breaking CSS) anymore).

> And all of this should justify damaging the w3c reputation forever, what are they thinking?!

Thinking isn't required to accept your paycheck -- in fact damaging the reputation of the W3C is their goal. There are fewer ways to fragment the standards of the internet better than undermining the integrity of the dominant standards committee by infiltrating it and proposing crap to be standardized.

Since the MPAA and her malicious allies are standing members then their propositions are considered seriously as a matter of policy, regardless of the stated goals and their actual effect.

Preventing piracy is at the bottom of a very long list of power that DRM provides, and maintaining control over your content distribution networks is at the top. The two have some overlap, but it's extremely limited (pirates don't pay, but content distributors do, so they will squeeze the distributors as much as they can).

What are they thinking? The majority of the W3C membership want this work done, and the W3C is ultimately bound by its membership. Not working on this isn't an option — take the W3C out of the picture and it'll still be done, quite probably behind closed doors, which is even worse for the web; MS, Apple, and Google are all likely going to ship this whether the W3C specifies this or not; for better or for worse, it is likely to become part of the de-facto Web Platform.

And if you read the lists (as opposed to overly emotional hearsay calling them stupid), you'll realize their concern isn't so much piracy in and of itself (they recognize DRM can and will be broken — they aren't blind), but rather "casual piracy", as it were, ripping a disc having had it lent to you, for example. The aim is to make it sufficiently inconvenient to work-around that that doesn't happen, not that it avoids release on P2P networks and the like.

Are you sure about that? The majority of the W3C membership is staying pretty quiet about it, at least on the list.

Even if you're right about the requirements (it's hard to say, what with their being confidential and all), is it worth breaking the Open Web to make it slightly harder for folks to pirate TV shows?

And if you're right, why then is every requirement short of non-user-modifiable client components being promptly shot down?

> The majority of the W3C membership is staying pretty quiet about it

As gsnedders said, it doesn't matter. The EME spec is written and pushed by Google and Microsoft, and Apple is on board. Those companies have a strong financial interest to do what hollywood asks here, and together they account for a large majority of the browser market.

The only possible thing that could stop this is pressure on those browser vendors by users of those browsers - which means, for users to stop using them. So far, the public and even here on HN there is little interest in doing that.

I don't think Apple was initially on board. I think it may be there only since late last year.

All of this started with Netflix, and the outrage should be directed mostly at them (but definitely at W3C and the 3 companies, too).

Netflix got Microsoft (obviously, since Hastings is/was on their board), they got Google because of the Chromecast and perhaps some other previous partnerships, and also because Google is very interested in having content these days, which inevitably leads to them supporting the studios' corrupted ways to get the deals. And finally, I guess they got Apple, who saw Google and Microsoft was already on board, and thought it's a done deal, so why not?

I just can't believe that Netflix & Co would rather ruin the web than try to negotiate harder with the studios and make them understand DRM doesn't work, or just get some other kind of deal that's perhaps a little more profitable for the studios. I mean Google managed to give people the same "Match-like" service for free to the users, while Apple charges $25 a year, right? And Apple managed to make their music DRM-free years ago, no?

So I refuse to believe this is the only way around not using Silverlight and nothing can be done about it. There is a way - they just found it much easier to corrupt W3C, and I think this was MPAA's goal from the beginning. MPAA are the people who want to make IPSs all over the world police the web for them (ACTA/TPP), and want to be able to censor the websites they want off the web at will, with no judicial process (SOPA).

So you can only imagine what they have in mind for the browser vendors. Bringing DRM to the web is merely Step 1. Protocols like WebRTC's Data Channels that can make file-sharing easy through the browser, the way https://www.sharefest.me does it? Well, I guess that needs to be banned and discarded now. We can't have such piracy-aiding tools in the browsers, now can we? And so on.

It's clear MPAA runs the show already, if they got W3C, and 3 of the major browser vendors to do what they want. So expect more of this. MPAA member to take over after a "sudden" retiring of Tim Berners Lee from W3C in a couple of years? Wouldn't surprise me at this point.

> I just can't believe that Netflix & Co would rather ruin the web

People keep repeating this. How is it ruining the web to remove the requirement for crappy (and, at this point, end-of-lifed) browser plugins in order to play Netflix content? The only reason I, and I suspect most people, even bothered to install Silverlight was for Netflix. If I can get a pure HTML5 video-watching experience with no browser plugins, and get Netflix content, that is unambiguously a win for users everywhere.

You're acting like DRM didn't exist on the web prior to EME, and would continue not existing without EME. That's flat-out wrong. It existed and continues to exist using proprietary software that is shoved down users' throats.

But you can't get a pure HTML5 DRM experience! All the HTML5 bit is, is a Javascript API to a CDM decryptor that is every bit as crappy, proprietary, closed-source, insecure and buggy as Flash or Silverlight.

I'm still unclear as to how users are supposed to get the CDM decryptors. Are they installed like browser plugins? Or are OS vendors going to provide built-in ones for other companies to use?

Either way, the actual user experience is going to be a pure HTML5 player. If I have to install something first, that's unfortunate, but once it's installed I'll never have to think about it again, unlike the current situation where I'm confronted with the crappy plugin-based user experience every time I use the site.

Currently CDM decryptors are bundled with the browser, which in turn is generally locked to a particular OS or device. Browser vendors don't have to provide a way to install different decryptors and many of them aren't planning to.

Also, the actual user experience is not going to be a pure HTML5 player. Since this is intended to support hardware DRM that overlays the video onto the rendered page itself, sites have to assume the video is basically a rectangle crudely inserted into the page just like with plugins. They might be able to overlay stuff like controls on the top using HTML, but it's not clear if they'll even be able to rely on that.

None of the ones that have shipped already are installed like browser plug-ins. The ones Netflix deploys (PlayReady on Windows 8.1 with IE11 and Widevine on Chrome OS with Chrome) are bundled with operating systems and work with the browsers (one per OS) bundled with those operating systems.

Well, at the very least, it's a smaller piece of code :). (Don't get me wrong, I'm very strongly opposed to DRM and HTML5 DRM in particular.)

Maybe compared to Flash and Silverlight because they provide much more. But a CDM module would still have to do all the decryption, decoding, rendering, overlaying the browser window stuff. So it would still be a rather large piece of code.

> Well, at the very least, it's a smaller piece of code :)

I'll grant you that :)

> How is it ruining the web to remove the requirement for crappy (and, at this point, end-of-lifed) browser plugins in order to play Netflix content?

Because then the Web will rely on proprietary binary crappy blobs in its basic functionality. Something which can't be implemented in an open source way. A plugin like Silverlight is no necessity for the web and if Silverlight is crappy and dying then that's really a problem of its users and Netflix. It shouldn't be my problem as a non-Netflix user. If the Web however starts to depend on such a crappy binary blob (which is the result of the EME proposal) then we all have to suffer and it will be a problem for us all.

In other words: If Netflix insists on DRM then they should write their own crappy plugins and applications but not ruin the open Web for all of us.

> You're acting like DRM didn't exist on the web prior to EME, and would continue not existing without EME.

No, we are not. We are just saying that EME will make the open Web depend on crappy proprietary binary blobs and hence no longer be open or libre.

> It existed and continues to exist using proprietary software that is shoved down users' throats.

EME is exactly that! It's proprietary crap software which is forced down everybody's throat because it makes the former open Web depend on it. It's not only something Netflix customers will have to deal with. It's something every web browser and web implementation has to deal with somehow. Which is impossible for open and libre implementations. Thus it will be the end of the open web.

> I don't think Apple was initially on board. I think it may be there only since late last year.

Didn't Apple already ship an implementation of that API in Maverick?

(Disclaimer: I haven't read the lists actively in quite a while, and no longer have access to Member-Only lists.)

There have been votes about whether this is in-scope of the AC. As you can tell by work continuing, the vote passed. How many abstained (explicitly or by not voting)? I cannot remember, and cannot check.

The requirement to merely make it more difficult, but not impossible, has been stated on several occasions. Forgive me for not looking up references for this, but it's almost 4am and I ought to sleep. :)

And they believe, rightly or not, non-user-modifiable client components are needed to make this sufficiently difficult — as otherwise someone could easily make a tool to make it sufficiently easy to violate the licensing terms (assuming, for now, all content is licensed — which is itself questionable; if it's not then in many jurisdictions they cannot place restrictions).

We (EFF) raised a formal objection to whether content protection was in-scope for the new HTML WG charter; our objection was overruled by the Director, but there was no vote of the AC.

Hmmm. I think a vote would be a good start, but as an interested third party I don't think I have any way of encouraging that short of advocacy.

In which case they're being supportive in private, and utterly quiet in public. That's a neat trick in itself.

But I don't think it's an issue of what they believe, it's an issue of what the actual licensing terms are. Those are the real requirements, and so far they've not been made available.

I don't think there's any WG which includes all W3C members — most members simply don't care enough to wish to dedicate resources to every WG, not to mention the extra obligations it makes them take on via the patent policy. The situation isn't at all unusual — just a more contentious subject matter!

That's true ... but this is a most fundamental issue. I'd have expected that the companies that have benefited historically from the Open Web would be at least a little concerned. Like Google. Oh, wait.

Google's now got two of their own OS'es (one of which has 85% of the worldwide market on the fastest growing segment of personal computing...) and a leading browser in the desktop space. Whatever caring about an Open Web they had before (when they were at the whims of Microsoft, Apple, other browser makers, etc) is long gone.

> What are they thinking? The majority of the W3C membership want this work done, and the W3C is ultimately bound by its membership.

When they accept organizations like MPAA on their board, no surprise this is the sort of decisions we get, and the sort of decisions we can expect for the web standards from now on.

W3C has been corrupted, and it's only going to get worse for the web if people keep listening to them.

No, it's perfectly reasonable that the MPAA be allowed membership. It'd be worse if the W3C got to choose who could join.

The issue is the 'crisis of representation' - i.e., some voices are heard more clearly than others.

It becomes the defacto standard when it's adopted by developers, it's adopted by developers when their boss hires them to adopt it, they hire people to develop it because they are assured a return on their investment. Why are they assured a return on their investment? Because they decide what the standards are.

It's the same old regulatory capture game since before, but now it's divorced from government support.

W3C's reputation went out the window in the minds of all serious software developers with the concept of HTML5's "living standard" aka, no standard. This is the kind of standards we can expect from a standards body in the industry. The only solution is to start again from scratch, maybe on top of TCP/IP only.

W3C have never been an official standards body; the most they’ve ever made is a ‘Recommendation’. That’s not necessarily a bad thing.

Standards matter only as much as the implementations adhere to them. Making HTML living standard thas the right thing to do, because only this really reflects the reality: browser vendors implementing differnt bits of the functionality described. Feel free to start from the scrach.

and now they are changing HTML5 to "HTML," the purpose is clear, to sew more confusion into the so called standard and hide the debacle that is w3c.

"this reality reflect the reality"

please... why have a standard at all then. What a joke and perversion of terms. Orwell would be proud.

I don't care how it gets done, but if we need this to finally kill off flash than I am for it. This problem is solved technically so let's just get it done. Yes, every DRM will eventually be broken, but at least it satisfies the executives enough, so what's the problem?

I don't understand why purists on the email list end up holding up something that will ultimately be a positive thing from a number of perspectives. Security, battery life, and script-able/touch friendly controls.

We want to kill Flash because it's proprietary and closed source (just like HTML DRM). Replacing Flash, which at least works on Linux, Windows, and Mac, with platform-specific DRM, is a huge step backward for the web.

Not really. I want to get rid of Flash because of security, battery life/performance and because it is not touch friendly.

Security, battery life and touch-friendliness aren't necessarily the most renown features of a DRM binary blob.

Communicating with the blob in an open-source project will be particularly fun.

Because those purists - and I'm one - care very deeply about the principles of the Open Web, the very principles that are touted on the W3C website itself.

The fundamental issue is this: up until now, anyone with the will to do so and a general purpose computer could build a browser that could display all the content on a W3C-standards-compliant website.

If EME + CDM are endorsed, then that will no longer be true. The Open Web will be a thing of the past.

That is why we're trying to prevent this from going forward in its current form.

I don't even understand what the term "Open Web" even means. I don't see how driving video on the web away from flash and onto a standardized system is against the principals of openness, even if DRM is a requirement for content creators.

Because it's not standardised! Only the interop between the browser and CDM is standardised - the CDM itself is a closed-source, proprietary blob like Flash or Silverlight.

Actually, it's worse than that. The interop between the browser and CDM isn't standardised at all. The only thing this standardises is the browser API that websites should use to request that the browser communicate with the CDM on their behalf.

The interface between the browser and the CDM is proprietary and unspecified, so browser vendors and CDM providers have to negotiate that themselves. The format of the encrypted binary messages passed to the Javascript API is proprietary and unspecified. The API used to communicate with the license server is also proprietary and unspecified, so it doesn't even provide much interop from the media provider perspective - they still have to write a whole bunch of DRM-provider-specific code for every DRM scheme, and it looks like every browser vendor will have their own one.

Basically, it standardises just enough to give media providers the ability to claim they're using pure HTML5, without offering any more interoperability than if every browser vendor just had their own proprietary HTML5 extension for DRM. It's a PR stunt rather than a meaningful attempt at interoperability.

What is exact benefit of driving web away flash? It would make sense if the alternative would be open, but it is not.

> Yes, every DRM will eventually be broken, but at least it satisfies the executives enough, so what's the problem?

Executives are never satisfied, and the world doesn't revolve around them. Should we allow tapping of our communications because it satisfies our leaders.

> Security, battery life, and script-able/touch friendly controls.

And what do any of these have to do with DRM? In fact, I can guarantee DRM will offer more vulnerable entry points, require more battery on mobile devices, and not be script/ux friendly.

They will be satisfied enough to offer HTML5 video. The point is killing off Flash. It is a lot easier to secure a smallish DRM module in a browser than a gigantic environment like Flash.

Not really.

"Securing" a DRM plugin means "securing" the browser it runs in (otherwise it will be cracked by the browser lying to it about whether DRMed media is being played "securely"), which means "securing" the OS the browser runs on and so on...

Oh yeah, and in terms of being a purist - the company I co-founded produced a DRM system for Windows software. It's still in use, and I still make money from feature enhancements and bugfixes to it.

So please don't (like a few on the W3 list) paint me as some sort of anticapitalist hippie tinfoil-hat wearer.

I know a fair bit about DRM myself, which is why I say it has no place in the W3C or the Open Web.

We have basically two options here. DRM for video and audio streams will be introduced by each browser vendor separately, or we have some kind of standard. I would rather see a standards based approach... This is reality. The merits of DRM really have nothing to do with this discussion.

What is the purpose of a standards based approach, if one cannot implement the standard? That is the reality that EME + CDM offers: 'standards' that can only be implemented by the company that owns the proprietary, closed-source CDM blob.

So the only solution is to make the propriety, closed-source CDM blob independent from the browser. Something that can be plugged into any browser. Like Flash or Silverlight. Or maybe something more specialized that just handles the DRM with as little overhead as possible, to make sure it doesn't eat up more CPU than it should.

If it cannot be open, it cannot be part of browsers that are open, which a lot of browsers are.

note that, flash playback is still the default at most websites because HTML5 video playback generally sucks. its less efficient and provides a lesser experience in all major browsers.

Eventually this will change, but still.

That and of course, that NO single benefit is worth giving way to DRM. NONE. DRMs are a terrible invention from all points of view.

You would only see big investment in HTML5 video if big content sites could use it. Currently most of them want DRM...

This should really be at the top of every HTML DRM discussion:

HTML DRM will not give you plugin-free or standardized playback. It will simply replace Flash/Silverlight with multiple custom and proprietary DRM black boxes that will likely have even worse cross-platform compatibility than the existing solutions. In other words, giving in to HTML DRM will only make the situation worse.

Some vendors will keep pushing for it, but at the very least we should not officially sanction what they are doing.

For this reason, I would advocate abandoning the W3C (which is now socially toxic) and creating a new set of standards (I'd love to see a replacement for HTML) which we can advance freely.

But that's the solution you would want, a plugin. That way the DRM is not part of every browser being made, it's an add-on that individuals can decline to install. Content providers want this and they will eventually get it, one way or another. If they don't get their plugin then they'll go with their deep pockets to demand laws that require all browsers to have this tech by default, without your choice. Which would lead to browsers either complying or removing the media elements.

What you are saying is just ridiculous. Adding DRM to HTML5 will destroy the open web and not preserve it.

First of all the DRM proposal does NOT talk about plugins. The DRM support won't be plugins. Microsoft already implements the spec in their latest IE and it doesn't work with plugins at all. They ship Microsoft's DRM technology as the one and only available DRM. Which is perfectly fine according to the spec.

So do you understand? This moves DRM into the browser and not into a plugin. The plugin thing was what we had with Flash and Silverlight. Those things were plugins which are not part of the browser (well except Google decided to make Flash part of Chrome).

There could be no law to force browser vendors to ship DRM. It would not be legally possible. It is silly to think so. And if it gets proposed we can fight it then. We don't have to bend over backwards now to take the DRM bullshit that vile companies like Google are proposing.

If content providers want DRM then they can develop their own crappy DRM plugins and applications. But they should under no circumstances be allowed to ruin the open web.

That's the initial proposal that I was aware of so if it's changed since then I suppose I'm no longer up to date. That's fine.

But it is not ridiculous thought for this to plugin based, especially if your only example is Microsoft. I suppose Apple and Google will build it into their browsers since they support this. I suppose it's ridiculous that I said it but it's the solution you support by your very own words? If the content providers make their own crappy plugins the browser needs a way to communicate to that crappy plugin, which is exactly what I've always understood this proposal to be and exactly what I stated.

You don't think that an industry with the backing that the entertainment industry can't get this done? It's silly to think that? Where do you think the DMCA came from in the first place?

Now, I'm only talking about DRM for video and audio elements. If you're talking about DRM across the board for every aspect of what makes a web page, then I'm with you.

A key paragraph:

link: http://lists.w3.org/Archives/Public/public-restrictedmedia/2...

Well, as I say, the actual requirements that lead to the proposal of EME would be a start. This is how it looks to those who don't agree that EME is a good fit with the Open Web:

- 'big content' has certain requirements relating to preventing users copying data streams

- they won't make those requirements public (as you've said, the agreements are confidential)

- their licensees propose a technical solution that is unacceptable to many others because it necessitates the use of non-user-modifiable client components

- all proposed alternatives (e.g. FOSS DRM, server-side watermarking, client-side watermarking, no DRM at all) are shot down as being either too expensive or inadequate to the (secret) requirements

In a normal software project, I'd take an apparently insoluble conflict (the requirement for non-user-modifiable client components) to mean that we have done a poor job of determining requirements.

Hence my request for either a real user to talk to (e.g. an MPAA rep) or the actual requirements docs, which you've told me are confidential.

And that sets off my spidey-senses ... something is not quite right here.

Exactly. The "just trust us" approach is bogus, antithetical to the open web, and cripples the overall progress in this discussion.

Well, my question is does HTML even need to encompass everything it does. It seems to me that we have an ever expanding monster. HTML does not have to be everything for everyone.

I thought that was more-or-less what was being discussed. My understanding was that the media element being accessed would not play the stream unless a specified DRM component was available, most often due to a plugin installed to the browser. It wasn't that they wanted DRM in the open web, they wanted the open web to have the ability to communicate with a third-party DRM. A third-party solution that an individual can decline to install and not participate.

>> A third-party solution that an individual can decline to install and not participate.

A third party solution that they can't get hold of because the 'official' one only runs on windows and intel, and the ps4.

So? If they don't provide the content you wish to see in a way that's convenient for you but is convenient for the mass of their market I fail to see the problem. If you want to see the content bad enough then you accept the requirements. Otherwise, it says more for you to not participate by not giving money. As more people do this, things will change.

So we shouldn't encourage its addition to open standards.

If it's in the standards to explain how to implement it and make use of it but it's implemented as a third-party item that's up to the individual to decide whether to install or not, what difference does it make? We're eventually going to get that anyway so why not know how it works upfront?

Plus, from what I've read Chrome should start losing market share immediately because it already has a form of EME implemented. All these people in an uproar over the W3C's decision should be switching to something else to show their concern.


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact