2013 04 22

From TheCommandLineWiki
Jump to: navigation, search

Contents

Feature Cast for 2013-04-22

(00:00:17.397) Intro

(00:00:00.000) Hacker Word of the Week

(00:03:40.544) Rant: HTML EME Proposal

  • The encrypted media extension made a splash a few weeks back
    • Then discussion around it has gone worryingly quiet
    • What is the encrypted media extension for HTML?
    • It is a proposal to the W3C that has advocates for the open web concerned
    • EME is not strictly DRM as it would directly back locks for digital content into the web
    • Rather it is a standard to which DRM modules, called content decoding modules
      • Can be built by media companies and others
    • The idea is that if the browser encounters some encrypted media
      • Rather than just not being able show it as it does today
      • It could hand off to any installed CDM's that might be able to handle it
    • The implication too is that with plugins today, if a suitable CDM is missing
      • The user could be prompted to install it in order to see the media
    • Proponents, some surprisingly with the W3C, the web's standards making body
      • Say that this slight semantic twist avoids enclosing the web
    • They also claim that somehow this is better than protected content requiring plugins
    • I simply disagree, that all they have done is creater a smaller, simpler interface
      • But one that in every other important respect is exactly like plugins
    • Browser makers won't be free to implement CDM's, at least not the most valuable ones
    • This is like Mozilla being unable to add some new bit of visual display functionality
      • At least without asking for permissions from some third party
    • In this instance, the 3rd parties are likely to come from the content industry
      • And be formed similar to the licensing bodies overseeing DVD and Blu-ray encryption
    • Even worse, they would be like the body responsible for H.264, a common media format
    • H.264 doesn't necessarily include DRM but it is patented heavily
    • The license body for it licenses it for playback online for free
      • But every tool maker who wishes to support encoding video in H.264
        • Has to be pay substantial license royalties in order to do so
    • Even if for playback, CDM makers are generous like this
      • Which I very much doubt they will be at all
      • The risk of enclosing content creation from those otherwise using open tools is substantial
  • Even worse, like every other move to add content protection it is not likely to work
    • No DRM scheme has withstood the cash poor, time rich hackers of the world
    • Even using advanced, heavy duty cryptographic has not helped
    • In order for a player to work, in this instance a CDM interacting with a browser
      • The critical bits, usually meant to be kept secret, have to be shared
    • No DRM scheme I am aware of has avoided a dedicated attacker snagging these keys
    • The most annoying scheme, one used with Blu-ray, allows keys to be updated
      • In case someone is able to get decoding keys to unlock titles
    • Unfortunately, this means that users are often affected
      • Having to update their players, if that is even possible
        • In order to receive new security keys to retain the ability to decode and play discs
    • This is a horrible cat-and-mouse game where average person is the worst casualty
    • Even if a cracked key is immediately pulled and replaced
      • It doesn't really help as a pirate only has to decode a movie once
    • Being able to distribute pirated content doesn't rely in anyway on the DRM
    • EME won't be any different despite claims to the contrary
    • Despite the superficial compartmentalization of CDM's
      • This is exactly about bringing traditional DRM to the browser
    • Somehow having a web standard for handing off to a 3rd party bit of DRM
      • Isn't going to magical solve the technical problems inherent in DRM
      • And the massive upside for pirates to crack even a single copy, here a web stream most likely
    • I predict that if EME is approved and even more unlikely implemented
      • Than CDMs will simply be features of existing closed media players
        • Like Windows Media or Apple Quicktime or iTunes
    • I say that the odds of EME being implemented, at least in Firefox are slim
      • Because Mozilla has spent years fighting for genuinely open video formats online
    • EME would institutionalize the outcome Mozilla has been fighting
      • That rather than browsers being able to freely read media as they always have
        • They will have to seek approval and permission from 3rd parties
    • Sadly, I fear Mozilla will be a sole holdout, that Apple, Microsoft and Google
      • All see no problem with EME, having various investments in the idea
        • Of bringing more traditional media to users, for pay
  • The agency of individual browser makers is really the point here
    • Because DRM is exactly the wrong scenario of success with computer cryptography
      • And any break for a title is exactly the same as cracking every single protected title
      • DRM has never been about piracy or even respecting the value of works
    • Rather DRM is all about controlling innovation, especially existing players against newcomers
    • The canonical example most critics of DRM trot out is the history of CD vs. DVD
    • Both are digital, high quality formats with a decent storage value per disc
    • CDs have never widely had any sort of protection
      • Whereas DVDs were specifically designed to require a license to unlock most titles for playback
    • Which of these begat pretty much an entire 3rd party industry
      • Supporting format, time and device shifting?
    • The ability to buy CDs and rip not just to MP3 but any number of formats with different advantages
      • Proved powerful enough to overcome early attempts to re-enclose digital music
    • The ability to get unencumbered music for sources other than iTunes onto the iPod
      • Allow innovation to continue from any number of large and small music sellers
        • The pressure from which pulled the market back to a place largely free of DRM
    • Despite a few attempts to fight legal threats to DVD copying software
      • That format largely remains locked to either appliances or blessed media software
    • Ripping DVDs is still a bit of a pain which has allowed prices to stay higher, longer
      • And the only real alternatives are equally crummy in the form
        • Of locked down on-demand "rentals" and limited on-line streaming
    • There are other examples, for instance the insane creative of indie game developers
      • Especially those foregoing DRM and choosing to focus on trying new business models
    • Big box game titles tend to stick to consoles or PCs
    • Porting from one to the other years after a title's popularity has faded is considered innovative
      • Rather than being opportunistic about platforms, promotion and sharing
    • The history of the web suggests its spirit aligns most strongly with CDs and indie games
    • No one ever had to ask permission to view the source of a web site
      • Least of which a browser maker who then is free to extend that to end users
        • Who have for decades used that to learn how to create web pages
    • Most recently this has evolved into ubiquitous embed codes for media
    • It is no longer necessary to know the web's source code language, HTML
      • Well enough to stand up a new page in order to share some media
    • The very openness of the web abides as a crucial feature for new uses like this
  • So how exactly should we expect EME to play out if approved?
    • Tim Berners Lee seems to think EME is worth an exception to the open spirit of the web
    • Explaining his support for it, he seems to consider media delivered by plugins
      • A far greater evil than DRM and the enclosing of media
    • I worry that he has fixed a bizzare false calculation in his head
      • That bolting on a horrible, closed feature onto the web
        • Somehow makes the combination more open
    • Combining open and closed systems always results in an overall closed system
    • Sure using Flash to stream video today is a closed off part of the web
      • But having a standard mechanism for this is not the same as the previous fight for open video
    • Open video was about having browsers directly support an agreed upon open format
      • Not a negotiation protocol for shipping some link to media off to a closed player
    • The outcome of that fight is another cause for worry here
    • The commercial browser makers were so invested in their proprietary formats like H.264
      • That we got a horrible compromise where a web site creator has no idea
        • Whether the video he includes in his pages will playback at all
    • Now we have content players involved, not just the direct creators of web browsers
    • Netflix refuses to offer their service streaming on the web until EME is approved
    • Whereas before we had a hard enough time arguing about the open nature of the web
      • Amongst those who should be most concerned about the experiences of users and developers
      • Now we have a pure media player involved who could care less about open standards
    • In Netflix's defense, if they did not hold with DRM, they would not get content deals
    • They actually are yet another instance of DRM being used to control innovation
      • So much so that they in turn are exerting pressure on otherwise unaffected parties
    • Again, the web isn't about this sort of centralization of power
    • Every day, developers are coming up with new sites and services
      • Not because anyone has allowed them to do so
      • But because the bedrock standards and technologies of the web and the Internet are open
    • This is not incompatible with copyright
    • It actually has very little to do with copyright one way or the other
    • Rights holders have the means to deal with occasional, mistaken sharing
      • And law enforcers have plenty of resources to deal with commercial scale pirates
    • Accepting EME as a standard is an incredibly dangerous gamble
      • Risking the established and still emerging media ecosystem
        • For a scheme that is only open in the minds of some of its proponents
  • Worse, there is something at risk I haven't seen anyone else identify
    • By any measure, the most popular video online is not the few risk averse innovators
      • Just using it as a cost effective means of serving traditional content
    • Mostly through YouTube but also through any number of smaller video sharing services
      • The thing the web does for video better than any older media
        • Is support the smaller creators
    • Originally and still predominantly that means casual video takers
      • Uploading novel things they happen to capture for frictionless sharing
    • In the last few years, more resources have been spent trying to find
      • Models that allow more considered content, like videos with narratives or at least formats
    • What attracted efforts like the dedicated channels on YouTube, experiments like Twitter's video sharing
      • And more isn't the prospect of locking up these bits of digital content
    • The value was already proven in the model of being able to spread interesting things easily
      • So much so that some very smart people are convinced there are ways to profit
        • Without actively trying to enclosed the open nature of the web
    • If media platforms are strong armed into only allowing protected media
      • What then happens to the existing far larger ecosystem of peer media?
    • That is my worry, a variation on the H.264 licensing debate writ large
    • Instead of worrying about some particular format that can largely be worked around
      • The very heart of video on the web will be at risk

(00:23:47.795) Outro

Personal tools