DRM to HTML5?

With tech companies abandoning the proprietary Flash and Silverlight media players for HTML5, it was inevitable somebody would try to inject DRM into the virgin spec. Who’s adding DRM to HTML5? Microsoft, Google and Netflix article tells that Microsoft, Google and Netflix are that “somebody”, having submitted a proposed modification to HTML5 to the World Wide Web Consortium (W3C) for “encrypted media extensions”.

This “Unethical” HTML video copy protection proposal draws criticism from W3C reps. Encrypted Media Extensions draft defines a framework for enabling the playback of protected media content in the Web browser. The proposal is controversial and has raised concern among some parties that are participating in the standards process.

It is reported Slashdot article reports that in a discussion on the W3C HTML mailing list, critics questioned whether the proposed framework would really provide the level of security demanded by content providers. The aim of the proposal is not to mandate a complete DRM platform, but to provide the necessary components for a generic key-based content decryption system. It is designed to work with pluggable modules that implement the actual decryption mechanisms.

DRM will be required by content providers even though usually DRM just does not work well. DRM is a way to prevent data from flowing freely, but usually fails in that. Very many people enjoy watching content produced by Hollywood than are up in arms over standardizing DRM for every platform. Google’s Ian Hickson, the WHATWG HTML specification editor, called the Encrypted Media proposal “unethical” and said that it wouldn’t even fulfill the necessary technical requirements.

drm-no

Who’s adding DRM to HTML5? Microsoft, Google and Netflix article tries to answer why those companies are behind this HTML5 DRM proposal. Majority of content on YouTube is built for Flash. HTML5 will probably supplant Flash. Google can’t afford to upset the corporate makers of film, TV and music on YouTube by making it impossible to let them control the distribution of their content. Netflix was an early Silverlight adopter and must now recognise the future is HTML5 thanks to Microsoft’s acceptance of the Jobsian HTML5 vision. Microsoft’s Bateman has tried to bulletproof the encrypted media extensions proposal by saying: “No ‘DRM’ is added to the HTML5 specification, and only simple clear key decryption is required as a common baseline.” it’s typical for IT vendors to adopt standards and then extend them in their own software.

14 Comments

  1. Gres says:

    Which can be an awesome blog you have got, carry on the nice operate. I reckon that I personally should certainly still understand your content often as you may find a way to upgrade frequently together with high quality and also useful recommendations and practices of which trigger my head.

    Reply
  2. Tomi Engdahl says:

    Mono Abandons Open Source Silverlight
    http://news.slashdot.org/story/12/05/29/1749214/mono-abandons-open-source-silverligh

    Moonlight, the Mono version of Silverlight, isn’t worth the effort any more. He said, ‘Silverlight has not gained much adoption on the web, so it did not become the must-have technology that I thought would have to become’

    Silverlight is a suitable platform for write-once-run-anywhere technology, there are just too many limitations for it to be useful.

    Reply
  3. Tomi Engdahl says:

    What’s Actually Wrong With DRM In HTML5?
    http://yro.slashdot.org/story/13/04/24/209234/whats-actually-wrong-with-drm-in-html5

    “The Free Culture Foundation has posted a thorough response to the most common and misinformed defenses of the W3C’s Extended Media Extensions (EME) proposal to inject DRM into HTML5. They join the EFF and FSF in a call to send a strong message to the W3C that DRM in HTML5 undermines the W3C’s self-stated mission to make the benefits of the Web ‘available to all people”

    Tell W3C: We don’t want the Hollyweb
    defectivebydesign.org/no-drm-in-html5

    Hollywood is at it again. Its latest ploy to take over the Web? Use its influence at the World Wide Web Consortium (W3C) to weave Digital Restrictions Management (DRM) into HTML5 — in other words, into the very fabric of the Web. Millions of Internet users came together to defeat SOPA/PIPA, but now Big Media moguls are going through non-governmental channels to try to sneak digital restrictions into every interaction we have online. Giants like Netflix, Google, Microsoft, and the BBC are all rallying behind this disastrous proposal, which flies in the face of the W3C’s mission to “lead the World Wide Web to its full potential.”

    Don’t let the myths fool you: the W3C’s plan for DRM in HTML5 is a betrayal to all Web users.
    http://freeculture.org/blog/2013/04/23/dont-let-the-myths-fool-you-the-w3cs-plan-for-drm-in-html5-is-a-betrayal-to-all-web-users/

    A handful of myths have become common defenses of the W3C’s plan for “Encrypted Media Extensions” (EME), a Digital Restrictions Management (DRM) scheme for HTML5, the next version of the markup language upon which the Web is built.

    These arguments obscure the threat this poses to a free and open web and why we must send a strong and clear message to the W3C and its member organizations, that DRM in HTML5 is a betrayal to all Web users and undermines the W3C’s self-stated mission to make the benefits of the Web “available to all people, whatever their hardware, software, network infrastructure, native language, culture, geographical location, or physical or mental ability.” The W3C exists to bring the vision of an undivided ‘One Web’ to its full potential, and DRM is antithetical to that goal.

    1. DRM is not about protecting copyright. That is a straw man. DRM is about limiting the functionality of devices and selling features back in the form of services.

    2. DRM in HTML5 doesn’t obviate proprietary, platform-specific browser plug-ins; it encourages them.

    3. The Web doesn’t need big media; big media needs the Web.

    Protect internet freedom: tell the W3C that DRM has no place in their standards.

    Reply
  4. Tomi Engdahl says:

    Netflix plans its move from Microsoft Silverlight to HTML5 video
    http://www.theverge.com/2013/4/15/4228248/netflix-plans-its-move-from-microsoft-silverlight-to-html5-video

    Last month Google announced that Netflix was now available on ARM-based Samsung Chromebooks thanks to the use of HTML5 video — and now the streaming service has outlined its larger plans to eventually move to the format for all computers.

    Currently, Netflix primarily uses the Microsoft Silverlight plug-in when streaming video to web browsers, but Netflix’s Anthony Park and Mark Watson point out in a blog post that the current solution really can’t stand. Plug-ins don’t play well with with most mobile browsers, they can be cumbersome for users, and perhaps most importantly, Microsoft itself may not develop a new version of Silverlight beyond the current release.

    The solution is HTML5 video, but that relatively young technology requires further development to meet the needs — and DRM requirements — of a service like Netflix.

    Netflix has been collaborating on three W3C initiatives that together will provide the required functionality for streaming video services.
    “HTML5 Premium Video Extensions,”

    According to Netflix, the Chrome OS version of Netflix uses the first two extensions in the suite already

    Once Google builds that third extension into the browser, however, the door will be open for Netflix to start testing HTML5 video on a wide array of computers

    Reply
  5. Tomi Engdahl says:

    Netflix plotting move to HTML5 video – but only if DRM works
    ‘We’re a major source of funds for Hollywood’
    http://www.theregister.co.uk/2013/04/16/netflix_planning_html5_switch/

    Streaming video leader Netflix says it’s eager to move away from using Microsoft’s moribund Silverlight technology to support its service on desktop PCs, but it will be a while yet before today’s HTML5 browsers support the features it needs to make that happen.

    In a blog post on Monday, reps for Netflix – which by some estimates now accounts for around a third of all internet traffic in North America – said the company definitely plans to get off the Silverlight boat

    “We’re trying to get to the point where we don’t need a plugin. But we have to have DRM.”

    Silverlight has long been Netflix’s technology of choice for implementing its DRM solution on Windows and OS X.
    that solution presents a host of problems.

    approach of maintaining separate, dedicated clients for each platform can be a real drag. It would be much better if support for Netflix streaming were baked right into the HTML5 standards – and if the company has its way, it says, that’s just what will happen.

    But forget about getting rid of the DRM

    If all of this effort seems like a lot of trouble just to implement DRM technology that customers don’t really want, get used to it.

    “Right now what we’re basically doing is giving billions of dollars to Hollywood to buy the content, so that they can afford to build more content,” he said. “That’s basically the business we’re in.”

    “We just do streaming,” he said.

    Reply
  6. Tomi Engdahl says:

    HTML5 Video at Netflix
    http://techblog.netflix.com/2013/04/html5-video-at-netflix.html

    We currently use Microsoft Silverlight to deliver streaming video to web browsers on the PC and Mac.

    But since Microsoft announced the end of life of Silverlight 5 in 2021, we need to find a replacement some time within the next 8 years. We’d like to share some progress we’ve made towards our goal of moving to HTML5 video.

    HTML5 Premium Video Extensions

    Over the last year, we’ve been collaborating with other industry leaders on three W3C initiatives which are positioned to solve this problem of playing premium video content directly in the browser without the need for browser plugins such as Silverlight. We call these, collectively, the “HTML5 Premium Video Extensions”:
    Media Source Extensions (MSE)
    Encrypted Media Extensions (EME)
    Web Cryptography API (WebCrypto)

    First Implementation in Chrome OS

    We’ve been working with Google to implement support for the HTML5 Premium Video Extensions in the Chrome browser

    Reply
  7. Tomi Engdahl says:

    The W3C’s Soul at Stake
    Posted by Richard M. Stallman at May 02, 2013 12:30 PM
    http://www.fsf.org/blogs/rms/w3c-soul-at-stake

    The World Wide Web consortium is considering a proposal to specify standards for HTML extensions to implement Digital Restrictions Management (DRM). The proposal is supported by Netflix, Microsoft, Google and the BBC.

    Of course, the W3C cannot prevent companies from grafting DRM onto HTML. They do this through nonfree plug-ins such as Flash, and with nonfree Javascript code, thus showing that we need control over the Javascript code we run and over the C code we run.

    However, where the W3C stands is tremendously important for the battle to eliminate DRM. On a practical level, standardizing DRM would make it more convenient, in a very shallow sense. This could influence people who think only of short-term convenience to think of DRM as acceptable, which could in turn encourage more sites to use DRM.

    The arguments for standardizing DRM aim to avoid hypothetical minor inconveniences.

    However, the main point is that that’s a side issue either way. It is insignificant compared with the importance of discouraging DRM.

    Proprietary software is an injustice since users can’t control it, and it commonly carries other injustices with it. The proprietary plugins or kernels required to view media under this standard, like proprietary software in general, could never merit users’ trust. Once they harbor one malicious functionality, the digital handcuffs of DRM, there is no reason to suppose they won’t have back doors and spyware as well.

    Reply
  8. Tomi Engdahl says:

    Reject DRM and you risk walling off parts of the web, says W3C chief
    http://www.zdnet.com/reject-drm-and-you-risk-walling-off-parts-of-the-web-says-w3c-chief-7000017388/

    Summary: The web would be in danger of losing content if it were to turn its back on DRM-protected media, said Dr Jeff Jaffe, CEO of the web standards body W3C.

    Web technologies need to support DRM-protected media to reduce the risk of parts of the web being walled off, according to the chief executive of the web standards body W3C.

    Proposals to provide a hook for DRM-protected media within HTML are necessary to help prevent scenarios such as movie studios removing films from the web in a bid to protect them from piracy, said Dr Jeff Jaffe, CEO of the World Wide Web Consortium.

    Earlier this year the Free Software Foundation was one of 27 organisations strongly criticising proposals for Encrypted Media Extensions, a W3C draft specification for a set of APIs to allow HTML and JavaScript to interact with DRM systems, specifically with Content Decryption Modules (CDMs). This would allow the delivery of DRM-protected media through the browser without the use of plugins such as Flash or Silverlight.

    Ultimately, Jaffe believes it is in the interest of everybody that protected content remains available on the web, and that EME is a compromise that will make this possible.

    “The concern that we have is the premium content that owners are protecting using DRM will end up being forever severed from the web,” Jaffe told ZDNet at the Cloud World Forum in London.

    “We would like the web platform to be a universal platform. We don’t think it’s good when content finds its way into walled gardens or into closed apps.

    Reply
  9. Tomi Engdahl says:

    Summed up better this way.

    If you reject DRM, you “risk” walling off parts of the Web.

    If you accept DRM, however, you GUARANTEE that parts of the Web will become walled off.

    Yes. We risk “walling off” Sony, Disney and the rest…

    Wow. A web the way I liked it, before big-media and commercial presence sought to replicate the AOL experience. :-)

    In fact, that’s a great way to describe this: If you accept DRM in HTML, you risk the AOLization of the web.

    In fact, having a standard implementation is worse for these companies because it will be a lot harder to replace once its broken and only a fool would assume that it won’t be broken almost immediately.

    Source: comments at http://news.slashdot.org/story/13/06/27/1839217/reject-drm-and-you-risk-walling-off-parts-of-the-web-says-w3c-chief

    Reply
  10. Tomi says:

    Windows 8.1: So it’s, er, half-speed ahead for Microsoft’s Plan A
    A desktop failure gambling on slablet success
    http://www.theregister.co.uk/2013/06/28/windows_8_point_one_review/

    Delivered as part of Windows 8.1, Internet Explorer 11 supports WebGL, a standard previously opposed by Microsoft on security grounds, enabling hardware accelerated graphics in the browser without a plug-in. DRM support for web video means that sites like Netflix can also deliver content without a plug-in.

    Reply
  11. Tomi Engdahl says:

    W3C green-lights adding DRM to the Web’s standards, says it’s OK for your browser to say “I can’t let you do that, Dave”
    http://boingboing.net/2013/10/02/w3c-green-lights-adding-drm-to.html

    Here’s the bad news: the World Wide Web Consortium is going ahead with its plan to add DRM to HTML5, setting the stage for browsers that are designed to disobey their owners and to keep secrets from them so they can’t be forced to do as they’re told. Here’s the (much) worse news: the decision to go forward with the project of standardizing DRM for the Web came from Tim Berners-Lee himself, who seems to have bought into the lie that Hollywood will abandon the Web and move somewhere else (AOL?) if they don’t get to redesign the open Internet to suit their latest profit-maximization scheme.

    Danny O’Brien from the Electronic Frontier Foundation explains the wrangle at the W3C and predicts that, now that it’s kosher to contemplate locking up browsers against their owners, we’ll see every kind of control-freakery come out of the woodwork, from flags that prevent “View Source” to restricting embedded fonts to preventing image downloading to Javascript that you can’t save and run offline. Indeed, some of this stuff is already underway at W3C, spurred into existence by a huge shift in the Web from open platform to a place where DRM-hobbled browsers are “in-scope” for the WC3.

    Reply
  12. Tomi Engdahl says:

    Web daddy Tim Berners-Lee: DRMed HTML least of all evils
    ‘None of us as users’ like it very much…
    http://www.theregister.co.uk/2013/10/10/berners_lee_on_html_drm/

    Tim Berners-Lee has warned against the risk of not standardising digital rights management (DRM) in the HTML specification, saying an approach that “does the least harm” might be the best approach.

    Web daddy Lee said Wednesday unless the geeks take charge and devise an acceptable standard, delivering a universal answer to DRM, then the web risks “fragmenting”.

    “The W3C does not and cannot dictate what browsers or content distributors can do. By excluding this issue from discussion, we do not exclude it from anyone’s systems,” Berners-Lee said here.

    Berners-Lee pointed out the danger of citing “what’s best for the user” in the argument on content protection, saying there are so many different parties involved – end users, browser makers and content distributors.

    During discussions about adding DRM to HTML the list of new scenarios and what they might mean for “the user” has grown.

    “The best solution will be one that satisfies all of them [users], and we’re still looking for that. If we can’t find that, we’re looking for the solutions that do least harm to these and other expressed wants from users, authors, implementers, and others in the ecosystem,” Berners-Lee said.

    Reply
  13. Tomi Engdahl says:

    The W3C Sells Out Users Without Seeming To Get Anything In Return
    http://yro.slashdot.org/story/13/10/10/2241225/the-w3c-sells-out-users-without-seeming-to-get-anything-in-return

    “Questioning the W3C’s stance on DRM, Simon St. Laurent asks ‘What do we get for that DRM?’ and has a thing or two to say about TBL’s cop-out: ‘I had a hard time finding anything to like in Tim Berners-Lee’s meager excuse for the W3C’s new focus on digital rights management (DRM).”

    “What should we ask in return? And what should we expect to get?”

    What do we get for that DRM?
    The W3C sells out users without seeming to get anything in return
    http://programming.oreilly.com/2013/10/what-do-we-get-for-that-drm.html

    I had a hard time finding anything to like in Tim Berners-Lee’s meager excuse for the W3C’s new focus on digital rights management (DRM). However, the piece that keeps me shaking my head and wondering is a question he asks but doesn’t answer:

    If we, the programmers who design and build Web systems, are going to consider something which could be very onerous in many ways, what can we ask in return?

    Yes. What should we ask in return? And what should we expect to get? The W3C appears to have surrendered (or given?) its imprimatur to this work without asking for, well, anything in return. “Considerations to be discussed later” is rarely a powerful diplomatic pose.

    “none of us as users like certain forms of content protection such as DRM at all. Or the constraints it places on users and developers. Or the over-severe legislation it triggers in countries like the USA.”

    The saddest part of that discussion, however, is the question. What are we users – and what is the W3C – getting from building the risk of programmers being jailed into the core infrastructure of the Web? I have no doubt that browser vendors eager to cut deals will incorporate DRM into their offerings. Does that make it a good idea for the W3C to offer its name, its facilities, its intellectual property agreements, and its umbrella from antitrust prosecution to such a project? Why not leave the companies to pursue their own directions, and take on the risk of legal action themselves?

    On the bright side, I’m privileged to work at a place that understands the fruitlessness and damage inflicted by DRM schemes. I keep hoping that more people will take that example as a sign that businesses can thrive without treating customers as thieves.

    Reply
  14. Tomi Engdahl says:

    Firefox 38 Arrives With DRM Required To Watch Netflix
    http://yro.slashdot.org/story/15/05/12/172238/firefox-38-arrives-with-drm-required-to-watch-netflix

    Mozilla today launched Firefox 38 for Windows, Mac, Linux, and Android. Notable additions to the browser include Digital Rights Management (DRM) tech for playing protected content in the HTML5 video tag on Windows, Ruby annotation support, and improved user interfaces on Android.

    Firefox 38 arrives with DRM tech required to watch Netflix video, Ruby annotation, revamped look on Android
    http://venturebeat.com/2015/05/12/firefox-38-arrives-with-drm-tech-required-to-watch-netflix-video-ruby-annotation-revamped-look-on-android/

    The most important addition to Firefox 38 is undoubtedly integration with the Adobe Content Decryption Module (CDM) to play back DRM-wrapped content on Windows Vista and later. Mozilla announced the controversial (given the closed nature of DRM) move just under a year ago.

    The company’s reasoning for the decision is the same today:

    We are enabling DRM in order to provide our users with the features they require in a browser and allow them to continue accessing premium video content. We don’t believe DRM is a desirable market solution, but it’s currently the only way to watch a sought-after segment of content.

    The CDM in question is downloaded from Adobe shortly after you install Firefox 38 or higher, and it activates when you first interact with a site that uses Adobe CDM. Mozilla says some premium video services, including Netflix, have already started testing the solution in Firefox.

    Mozilla has designed a security sandbox that sits around the CDM, adding another layer of security for code that the company does not control itself. Firefox users can also remove the CDM from their copy of the browser, and the company even offers a separate Firefox release without the CDM enabled by default

    Reply

Leave a Reply to Tomi Cancel reply

Your email address will not be published. Required fields are marked *

*

*