Hacker News new | ask | show | jobs
by throwaway34241 3203 days ago
Do you have any evidence or reason to believe there is actual corruption on the committee (aside from them making a decision you disagree with)?

I suspect I agree with you on DRM but this style of debate, where there is no attempt to argue or explain the issue, and the first line of argument is personal attacks or denigrating anyone with an opposing viewpoint, is depressing. Consider that accusing climate scientists of corruption has also been fairly effective.

For this particular issue, Netflix etc already requires DRM to play in a browser, and the browsers already provide DRM for Netflix etc to use. I would like to understand what the consequences of this decision are, if some of the way this works is standardized. Will this lead to more DRM? Is the only conceivable explanation that the MPAA is slipping the W3C members some bribes?
5 comments
5_minutes 3203 days ago
"In 2013, EFF was disappointed to learn that the W3C had taken on the project of standardizing “Encrypted Media Extensions,” an API whose sole function was to provide a first-class role for DRM within the Web browser ecosystem"

With so much money involved here, it's quite naive to believe the W3C members are virgins here and did this out love for the web and for the consumers.

And:

"It is clear that the W3C allowing DRM technologies to be developed at the W3C is just a naked ploy for the W3C to get more (paying) member companies to join"[0]

0 - https://blog.whatwg.org/drm-and-web-security

link
cbhl 3203 days ago
A lot of people think that the battle here is EME versus DRM-free content, but that's not the case. You can still have all the DRM-free content you want, whether that's YouTube videos or iTunes MP3s.

Really, the decision being made is between EME and Adobe Flash. Flash was the one cross-platform way to serve DRMed content before EME. And now that EME is ratified, Adobe, Microsoft, Google and Mozilla can all work together to get rid of Flash, and all the 0-days it has been responsible for, and improve security and battery life for everyone on the Internet. https://blog.chromium.org/2017/07/so-long-and-thanks-for-all...

Of course, we should also work to get rid of DRM -- it gets in the way of legitimate uses, and annoys legitimate users far more than it annoys pirates. But rather than vilifying Google and W3C and expecting them to be our saviors, instead we should be talking to Hollywood and Authors to adopt a DRM-free model just as many top musicians already have.

Disclaimer: I work at YouTube, and this is my personal opinion, not that of my employer.

link
belorn 3202 days ago
You don't need to embrace DRM in order to stop using Adobe flash. The multiple browser currently in use for the last few years that don't have adobe flash installed is a rather strong proof of that. you would have an argument if EME came first and then flash had started to decline, but that is a false history. Flash started decline many years ago, and EME was forced onto the standard as an reaction to that.

W3C abandoning consensus (58.4%!) and open standards are biggest change in the organizations history. Its not just about DRM.

link
ehsankia 3202 days ago
Netflix has never existed without DRM. Flash, Winevine or whatever other technology they use, they've always had something. Without it, they would never be allowed to exist by the people who own the content. It's naive to believe they would just stop using DRM magically.

They would find another more hacky, less secure and less user-friendly solution, and everyone would be worse for it.

link
belorn 3202 days ago
The chain of events is not that EME has enabled Netflix to exist. Netflix and flash came first, and EME came afterward.

Lets be honest here. The argument being presented is that Netflix might create a new form of DRM without EME. We might get something worse then flash. There might even be a bad argument that Netflix and the content creator will abandon the market and millions in revenue if they can't get DRM.

A bunch of things that could happen, but not things that have happened. Flash have decline in used and Netflix was created in time before EME. To claim that EME was a requisite for those events is a logical impossibility.

link
Veedrac 3202 days ago
> the decision being made is between EME and Adobe Flash

Flash is a mix of dying and dead, mostly the latter. Having to use Flash is a strong economic and practical motivation not to use DRM, and if that wasn't the case there wouldn't be so much pressure to implement something in the browser itself.

link
kelnos 3202 days ago
That's pretty unlikely. If Flash (and Silverlight) died and browsers didn't have anything built-in, the studios/distributors would just get together and form a company to build a new plugin that does the job. Or worse, we'd have several competing implementations.

Regardless of which of these occurs, you can bet that they wouldn't bother to sandbox the implementations, and we'd end up with the same security issues we had with Flash.

If browser vendors don't want to play ball (NPAPI is dying/dead, PPAPI and NativeClient are Chrome-only, etc.), then forget about in-browser video: they'd just build native apps instead. And maybe that's not a bad outcome for people who want the web to remain pure, but as a practical matter and a person who runs Linux, I like being able to run Netflix on my laptop.

I'm completely flabbergasted that people seem to believe that DRM would somehow magically disappear if the W3C hadn't been willing to discuss EME.

link
Veedrac 3202 days ago
You're looking at this as black and white, when reality doesn't work that way. It being infeasible to completely remove DRM from everything doesn't mean there isn't value in discouraging its use. And that's exactly what economic and practical incentives would do if including DRM meant they lost users.
link
freshhawk 3202 days ago
So, the argument is ... either cede control of your browser to us in a form where it is illegal to examine what we do with it OR we will continue to use a piece of crappy technology that exposes you to security problems.

That sounds less like a technical problem and more like a threat to me. Because neither of those are actually technically necessary, except to support a business model that depends on some form of DRM.

link
kelnos 3202 days ago
> Because neither of those are actually technically necessary, except to support a business model that depends on some form of DRM.

Well, yes, that's absolutely true. But they have the leverage here (at least for now), whether we like it or not.

link
appleflaxen 3203 days ago
but the converse is also true: if they don't implement EME, then you are welcome to install any third-party attack surface on your PC that you wish.

so why should _I_ have to install the un-auditable attack vector on _my_ machine?

you are well-positioned to understand this issue, so I'm baffled about how you can conclude this should be part of the default software suite in a browser.

link
AnthonyMouse 3202 days ago
> A lot of people think that the battle here is EME versus DRM-free content, but that's not the case.

Yes it is.

Suppose that in order to play DRMed content, the user was required to be staked to the ground and covered in angry fire ants. Nobody would be willing to do that, so people who use DRM would have no customers, so everyone would stop using DRM.

EME is in the opposite direction from this, so it will cause more DRM and less DRM-free content.

Adobe Flash has been slowly dying for years, which is not a problem.

link
matthewmacleod 3202 days ago
That's just wishful thinking, I fear.

In reality, all that will happen is that users will continue to be forced into using native applications where DRM can be enforced arbitrarily by whatever service they are trying to use.

link
AnthonyMouse 3202 days ago
And then DRMed content will be properly separated off into its miserable DRM slum that everyone hates, the cost of using it will be higher, users will complain more, companies who don't use DRM will capture more of the market, etc.

That's the entire point.

link
kelnos 3202 days ago
What "miserable slum", though? Honestly, I find Netflix's Android app an absolute delight to use. Even if I'm sitting on my couch with my laptop, I'll pick up my phone to cast something to the TV before I use my laptop for that purpose.

All in all, average customers (as in, not the majority of the HN crowd) seem perfectly happy with the current experience. Even if they had to install a native app to watch Netflix on their laptop, I doubt that would change their perception much.

link
Oxxide 3203 days ago
The fun thing about DRM, is that people love to defeat it.

They (the general public AND 3DM, to TorrentFreak, bunch of whiners IMO) said Denuvo was the death of cracking and piracy. 3DM: No games crackable in 2 years time, said the headline.

now the cracking scene, which was mostly dying, has seen some revival.

It has adapted, but it's a slow moving ship.

Now a new generation (or the older generation, who knows, I'm just relaying my own observations)) are taking everything being thrown at them: encryption, virtualization, obfuscation, changing keys each patch, etc and making it look like light work to crack properly.

They make short, short work of it for the amount of complexity involved. So I hope they continue to throw new things at them with Denuvo, to keep them interested.

One group cracks the base game, sometimes someone else grabs all the updates and rolls them into a cracked patch, etc.

It's nice to see some life return to something that was basically dead, made automated.

link
superflyguy 3202 days ago
"No games crackable in 2 years time, said the headline...now the cracking scene, which was mostly dying, has seen some revival"

Do you have a citation for this? Every game, dvd, stream, book etc ever has been cracked. Software protection has a 0% success rate.

link
gabriel34 3202 days ago
Excerpt from wikipedia's article on Denuvo

In January 2016, 3DM reportedly nearly gave up attempting to crack Just Cause 3, which is protected with Denuvo, due to the difficulties associated with the process.[8] They also warned that due to the current trends in encryption technology, in two years' time, the cracking of video games may become impossible.[8][9]

[8] Owen S. Good (9 January 2016). "Piracy group nearly gives up on cracking Just Cause 3, warns of bleak future". http://www.polygon.com/2016/1/9/10741274/just-cause-3-crack-.... Retrieved 17 January 2016.

[9] Robert Purchese (8 January 2016). "Finally, tide turns in war with PC game crackers". http://www.eurogamer.net/articles/2016-01-08-denuvo-game-cra.... Retrieved 18 January 2016.

link
Anthony-G 3202 days ago
Oxxide is actually arguing against this headline: https://torrentfreak.com/no-more-pirate-games-in-two-years-g...
link
y_tho 3202 days ago
> it's quite naive to believe the W3C members are virgins here and did this out love for the web and for the consumers.

So, no evidence, only a feeling of evidence.

link
ehsankia 3202 days ago
"There's a lot of money involved, therefore there must be foul play."

I personally would much rather have a secure, optimized and clean implementation, rather than hacky plugins and poorly developed solutions that put me at risk and destroy performance.

link
slrz 3202 days ago
But hacky, platform-dependent plugins is exactly what we get. Websites just get a standardized JS API to talk to these hacky binary-only plugins.
link
mozumder 3203 days ago
DRM is also how you get media companies to publish on the web.

Media companies couldn't give any less fucks about the web. They can go 100 years without publishing on the web, since they have other revenue paths that they're perfectly happy with.

This whole process of enabling DRM is web developer's efforts to kiss media-companies ass in order for them to publish their products on the web. Artists and other creatives have the option to publish their works wherever they see fit. It's their creation, not the public's. In fact, there are actual art galleries that won't sell you their works if they don't deem you sufficient enough. How you exhibit their work matters to them. That's their right.

The web needs these media companies more than the media companies need the web.

Anyone that complains about DRM is doing it wrong. You are limiting the web because you are saying you don't want media companies to publish on the web. You are now causing the web to compete against media companies private apps or physical media, which is a losing proposition.

No one gives a shit about freedom. Everyone wants to use rights-managed content online. And the ONLY way to do that is with DRM.

So, yah, I'm not seeing any corruption here. Just acknowledgement of the fact that artists own their works, and web developers need to kiss their ass if they want artists to publish on the web.

link
jgust 3203 days ago
> The web needs these media companies more than the media companies need the web

When you hear about the multi-billion dollar fines and the immense amount of resources spent chasing down and punishing pirates, I have a hard time following this argument. I'd argue that the content owners and media companies need to get on board with providing the most seamless, easy to use, and accessible product for consuming their wares or this

> other revenue paths that they're perfectly happy with

won't continue to exist.

link
kelnos 3202 days ago
> I'd argue that the content owners and media companies need to get on board with providing the most seamless, easy to use, and accessible product for consuming their wares

Right, and that's exactly what EME is. Because DRM-free content is a show-stopper for them right now, but they recognize that DRM is a pain point for customers.

link
mozumder 3202 days ago
Do us a favor and actually think your cunning plan through for a minute.

Why should content owners post their products for free consumption? What is the incentive for them to do that? How much money do you think they will make?

In case you haven't noticed, the web is losing to apps at every level, from things like Facebook/Instagram/Snapchat to shopping apps. Even newsreaders are being turned into apps. My parents only use the Apple newsreader, for example.

Do normal people even use the web anymore? It seems the web is only used by tech developers.

Such a sad loss for the web..

link
imtringued 3202 days ago
Requiring a server to playback the media is already the strongest form of DRM possible. If that's not enough they can just make their own native applications that implement all the DRM that they could possibly want. The only disadvantage of a native application is that they are not crossplatform and EME CDMs aren't exactly cross platform either. They are native code that require the module to be ported to the operating system that.

What's the point of the web if it's just another crappy proprietary platform? EME is basically Flash 2.0.

>Such a sad loss for the web..

What loss? Is the only purpose of a software platform to devour everything without any integrity and it's worthless if it fails to adhere to the will of multibillion dollar companies?

link
kelnos 3202 days ago
> EME is basically Flash 2.0.

That's a gross exaggeration; it's nothing of the sort.

Flash is a generic application framework that gets more or less unfettered access to the network, local machine, and browser state (Chrome's Pepper Flash improved a lot of this, fortunately). EME is a heavily-sandboxed decryption and display engine, and nothing more.

link
tveita 3202 days ago
> Media companies couldn't give any less fucks about the web.

This is pure bluster. As if they'd just walk away from one of the highest reach distribution platforms and all the money that comes with it just because they were denied a gaping vulnerability surface that provides no benefit for either them or the consumer. Sure, instead of learning the lesson from Spotify they'll just leave pirating as the #1 accessible and convenient method of getting content.

The media companies are coming to the web, DRM or no DRM, but of course it costs them nothing to bluff and claim they will take their ball and go unless they get all the special treatment they want.

link
kelnos 3202 days ago
They certainly wouldn't walk away from the web for discovery and advertising, but they can and would easily walk away from it for the last part of distribution: sending you the content bits and having them display on your screen. They don't need the web for that, and they can build a perfectly good experience without it.
link
krapp 3202 days ago
>Media companies couldn't give any less fucks about the web. They can go 100 years without publishing on the web, since they have other revenue paths that they're perfectly happy with.

No they can't. Physical media is going under. Newspapers and magazines are folding, music is primarily distributed digitally, even TV stations are treating the web as their primary means of content distribution. Media companies have no other revenue paths that will matter over a decade, much less a century, and most no longer have the money, resources or capabilities to do anything else.

>The web needs these media companies more than the media companies need the web.

The web is nothing but a network of networks. It wouldn't even blink if every big media company went bankrupt and took all of their content with them. The web would be a lot less interesting and a lot less fun, and make a lot less money, but it would still exist, and people would just keep distributing and pirating what they have.

Media companies, meanwhile, have bet their entire future on the web, and are only now realizing that it isn't the gravy train they thought it was.

> Just acknowledgement of the fact that artists own their works, and web developers need to kiss their ass if they want artists to publish on the web.

Whether or not artists own their works is orthogonal to the fact that digital content distribution has rendered their works nearly valueless, and opened a nearly infinite competitive market for similar work.

Rights are irrelevant. Morality is irrelevant. What the artists want or feel entitled to is irrelevant. The cultural significance of the corpus is irrelevant. Effective DRM is technically impossible and if that's what artists are depending on to survive in the digital age, then they will lose.

They can die like the dinosaurs, or adapt to the new order and become birds. But they cannot, ever, ever unstrike the meteor that is the web.

link
kelnos 3202 days ago
I think you're conflating "the web" with "the internet". Media companies only need the web for discovery; for display they can release native desktop apps, which can even be launched from the web.

I'm not thrilled with DRM in the browser, but at least it's heavily sandboxed, and is way preferable to a series of native apps that get full access to my desktop.

link
krapp 3202 days ago
>Media companies only need the web for discovery; for display they can release native desktop apps, which can even be launched from the web.

What percentage of consumers exclusively consume media through apps, though?

link
kelnos 3198 days ago
Doesn't matter, because we don't currently live in a world where that's necessary. If Netflix/Hulu/HBO/etc. weren't available through the browser, you better believe they'd install the native apps. Sure, there will still be plenty of (mostly long-tail) DRM-free content available through the browser, but the stuff with mass appeal won't lose much of that appeal just because people need to install an app.
link
ori_b 3202 days ago
> The web needs these media companies more than the media companies need the web.

Why? The web seemed to be doing perfectly well without them. Maybe the profit margins of concerns like Youtube and Netflix need them.

link
AOsborn 3203 days ago
> They can go 100 years without publishing on the web, since they have other revenue paths that they're perfectly happy with.

I accept your logic but disagree with your premise. Online media is the future, and any media company knows this.

link
AlexMax 3203 days ago
They do not need the web to distribute their content online.
link
AnthonyMouse 3202 days ago
Then let them suffer the loss of revenue from losing all of those potential customers. Content producers who don't use DRM will be happy to take those customers from them, and those will be the content producers who have more money with which to make new content tomorrow.
link
majormajor 3202 days ago
Native apps on tablets, phones, and set top boxes are the future (present, really) of that, anyway.

Linux users could be a bit more screwed if publishers had to move to Windows/Mac apps if interested in desktop/laptop users, but otherwise it wouldn't be a big impact for the big properties.

What's the difference to a user of opening a Netflix app vs going there in the browser? Basically nothing.

Do we want apps on the web, or in the OS—that's the only question here. Browser vendors are incentivized to provide a path for apps in browser, because otherwise they become less relevant. And so this is the result.

(Personally I'd rather have OS-level native apps anyway. So please, kill DRM in the browser. Browsers are massive resource hogs. Netflix devs would probably be happy too to not have to deal with cross-browser-compatibility shit. The web is a mess already.)

link
freshhawk 3202 days ago
That used to be their attitude, and then they saw the drop in viewers as young people shifted to different online ways of distracting themselves.

They discovered that the whole "You will come to us. We are the rulers of content" attitude was delusional.

Now they are falling over themselves to get back to the top, while kids watch idiots play video games on twitch.

And even my 60+ year old parents just stream torrents because no one can provide a better experience no matter how much you are willing to pay.

link
AlexMax 3203 days ago
Very well put.

Ultimately, as long as the big content companies have content that people want to consume, they will have leverage. They want DRM, they will get DRM, or else they will take their content elsewhere, to alternative platforms that people will then flock to, making the web less relevant.

EME is the wrong hill to die on.

link
betterunix2 3202 days ago
By my memory the web BECAME relevant before DRM, before streaming video sites, before media companies started pushing their DRM on us. Remember how in the late 90s media companies were ignoring the web? Remember how webmail, web search, and social networking websites were the killer apps that people flocked toward?

Media companies tried to ignore the web because it is the antithesis of their business model. The result was that the media companies became less relevant, because the web is better than cable TV, better than movie theaters, better than physical discs. We could and should have ignored EME and forced media companies to adapt or die, just like all those other outdated industries.

Media companies are not special cupcakes, they are just businesses and like any other business they have to contend with disruptive new technologies. Nobody shed a tear when the film processing industry faded away; nobody suggested that digital cameras should be restricted for Kodak's benefit. Why are we acting like Hollywood deserves such special treatment?

link
betterunix2 3202 days ago
> DRM is also how you get media companies to publish on the web.

Forgive me not really giving a hoot.

> Media companies couldn't give any less fucks about the web. They can go 100 years without > publishing on the web, since they have other revenue paths that they're perfectly happy with.

Thus explaining their interest in the web, up to and including their push to lock it all down to prop up their outdated business model. If they are happy to stick with other sources of revenue they should do so.

> The web needs these media companies more than the media companies need the web.

Is that so? Funny how the web was already popular before media companies tried to get in on the action.

> You are limiting the web because you are saying you don't want media companies to publish on the web.

That's a strawman. Nobody is saying media companies should not publish on the web. We are saying that the thing that made the web valuable in the first place is openness, to which DRM is antithetical. Media companies are welcome to use the open system that is the web if they want to, and like the rest of us they will have to put up with certain trade-offs -- or at least that was the situation prior to EME.

> Everyone wants to use rights-managed content online.

I seriously doubt that the majority of web users -- billions of people -- care about rights management. The evidence seems to suggest that the overwhelming majority of users could not care less about copyrights, let alone the expansive "rights" that DRM is enforcing. People seem to ignore those "rights" at their convenience; in fact, people seem to seek the entertainment they want without regard to any "rights."

In fact, your beloved media companies also seem to not care terribly much about rights. The rights that copyright confers do not apply solely to copyright owners; included in copyright is the notion of the public domain and of fair use. Those rights are routinely ignored by media companies, through their lawsuits, their takedown notices (dancing baby), and their DRM systems which never include provisions for copyrights expiring and works entering the public domain. So other than yourself I am not sure ANYONE wants "rights-management."

Moreover, people have learned to love an entirely new kind of video entertainment: homemade, amateur videos of cats and other pets; of random people expressing their views; of dashcams in Russia; of idiots doing stupid things; etc. etc. In other words, while media companies were working hard to break the openness of the web, people were embracing that openness to create new forms of entertainment that the media companies could never have created on their own. Oh, yeah, it turns out the websites where those sort of videos are shared are the most popular video streaming services in the world and that more people (in the world generally) are watching videos on those sites than there are people watching cable TV.

So much for the all-important media companies.

> Just acknowledgement of the fact that artists own their works

We have evidence of artists dating back hundreds of thousands of years. Copyright and the notion that ideas and artistic expression can be owned only dates back to the 18th century and was just the final stage of European society adapting to a new communication technology (printing presses). We now have a new communication technology (computer networks) and society is adapting to the new rules and realities of that technology. Some ideas about art and artists rights are going to die, but in their place we will have new ideas and new rights. It is already happening, although in all likelihood none of us will be alive to see what society ultimately settles on.

So basically, the "fact" you are acknowledging barely rises to the level of a footnote in the history of artistic expression, one that is already fading into history as the Internet eats the remaining legacy communication systems. Sorry if that is a hard pill to swallow.

link
nkw 3202 days ago
>Media companies couldn't give any less fucks about the web. They can go 100 years without publishing on the web, since they have other revenue paths that they're perfectly happy with.

LOL. With what? Their paper? Their DVDs? Their CDs? Their cable channel subscribers?

link
kelnos 3202 days ago
Their in-house or contracted native app, of course. Which you bet they'd build if they didn't succeed in getting functional, reliable DRM on the web.

Most of them already have pretty nice mobile apps; writing a decent native desktop app or three wouldn't stretch their capabilities at all.

link
appleflaxen 3203 days ago
let them go, and take their drivel with them.

if they want DRM, let them convince their own customers; just leave it off my machine.

link
lern_too_spel 3202 days ago
There are multiple open source web browsers. You are free to install one without DRM and free to visit websites that don't need that feature. What changes for you just because there is a standard?
link
AnthonyMouse 3202 days ago
Websites that otherwise wouldn't have used DRM start to use it, that's what changes.
link
lern_too_spel 3202 days ago
If you can point to one example of a website that implements DRM that otherwise wouldn't have, I'll buy this argument.

On the other side, I can point to many websites that removed Flash/Silverlight/other security nightmare plugins after implementing EME.

link
yarrel 3202 days ago
The security holes that the standard introduces into my browser.

If I can compile it out, or get a version that someone I trust has compiled with it removed, that only leaves the rest of the web as a botnet attack surface.

That's what changes. Or doesn't improve, depending on how one views the timeline.

link
lern_too_spel 3202 days ago
> If I can compile it out, or get a version that someone I trust has compiled with it removed

You can. https://www.google.com/amp/s/techcrunch.com/2015/05/12/mozil...

> that only leaves the rest of the web as a botnet attack surface.

1. Every new feature added to the web platform increases the attack surface of the browser, so this concern is not unique to EME. In this case, it removed a reason somebody would otherwise install Flash, which has a significantly larger attack surface.

2. All the major web browsers implemented EME before it became a standard, so the standardization of EME does not change anything here.

link
burkaman 3203 days ago
The parent comment is not the first line of argument, it's the continuation of a years-long argument. Even if you completely ignore the history, the first line of argument is found in the article, not the comments. If you would like to understand the fundamentals of this debate, this comment section is not the right place to start. It's very easy to find arguments and proposals from all sides of the issue elsewhere.
link
ori_b 3202 days ago
No, it's probably not intentional corruption and malice. Just a belief that users are getting more of what they want as passive consumers paying large companies for services, rather than as creators in a peer to peer web. Realistically, they're likely to be right.
link
otakucode 3202 days ago
I agree that this style of debate is not terribly useful, but I will grant that this issue does stir significant emotion in people who are seeing their baby suffocated to death. However, I am uncertain what you believe is meant by 'actual corruption'? How could abandoning consensus, the normal functioning of the body for decades, and refusing to continue discussion in order to reach a compromise, not be a de-facto corruption of the organization?
link
rnhmjoj 3202 days ago
https://www.youtube.com/watch?v=h94ZKGVg-B8&t=8m23s

If they are not corrupted they certainly acted in an extremely suspicious way.

I advise you to watch the whole video because it gets better and better, the press conference part in particular.

link