[smaddock]

Blog post author here. Since this post, there's now an option available for DRM-enabled Electron. However, it's only available through a single vendor, castLabs [0].

This is a closed source, downstream effort which means no modifications can be made to Electron itself. All changes must make it upstream to show up in this fork. When asked whether they would eventually merge it upstream, they didn't provide a clear answer [1].

I also wrote a followup blog post with more detail on the current state of DRM options on the web [2]. Spoilers: it's not great.

Regardless of all of these problems, I still hold an interest in browser development and have been working towards making Electron a viable option for building a browser [3].

[0] https://github.com/castlabs/electron-releases

[1] https://github.com/castlabs/electron-releases/discussions/24

[2] https://blog.samuelmaddock.com/posts/the-end-of-indie-web-br...

[3] https://github.com/samuelmaddock/electron-browser-shell

[speedgoose]

Did you consider to not get a license? You could perhaps download and execute Widevine pretending to be Firefox or Chrome. Is there advanced spying software in Widevine preventing to do that?

[smaddock]

I'm honestly not sure about the legality of downloading from another distributor. I do know that distribution requires a license [0].

The risk doesn't seem worth it to use such a workaround for a serious project though.

[0] https://source.chromium.org/chromium/chromium/src/+/master:t...

[bonzini]

Kodi downloads an entire ChromeOS image just to extract the widevine shared library, for example.

[sli]

Surely there's no way locking down distribution this much helps anything or anyone if working around the terms is simply some minor tedium that can be automated.

[zucker42]

Potentially, there's a 5 year jail sentence for doing that[1].

[1] https://www.law.cornell.edu/uscode/text/17/1204

[matheusmoreira]

Imagine spending 5+ years in prison over copyright. I've seen news about violent criminals doing less time for violent crimes with actual victims.

[mvolfik]

The thing is he isn't circumventing copyright protection. He is just allowing it to play in his browser too, no downloading etc. I'm a legal noob, but there always was that "fair interests" like making stuff work on different devices/OSs (youtube-dl is hiding behind this a bit), would it not apply here?

[smogcutter]

“Legal noob” is definitely one way to say “I am absolutely not a lawyer”.

[zucker42]

The ambiguity here is why I said potentially. Does circumventing a technical measure mean to access the content without Widevine, or is using Widevine in an unintended way enough? However, the law quite clearly says that fair use doesn't matter; you can't break DRM even if you're not violating copyright.

[mcjkrw]

Would it be legal if DRM is not shipped with the browser, but the user can download and install it separately (copy it manually to the browser folder)?

[avmich]

Let's rephrase: can you create a clone, a derivative work of a working OS browser, which only has DRM part not changed?

I'm not sure if you're asking for technical or legal advice. If legal, then since most of us are not lawyers here, strictly speaking we can't judge if "Hello, world!" program will put us in jail or not.

[zucker42]

Probably not, at the very least since Widevine is licensed by Google.

[NetOpWibby]

Thank you for creating a browser shell, maybe I can bring my browser project out of retirement. I just wish Chromium/Electron wasn't the only flavor (hence one of the main reasons I use Firefox). I had hoped Servo to be an additional option but alas.

[smaddock]

I feel you regarding Chromium, I use Firefox as my daily browser. As for building my own browser, Electron/Chromium just seems like the most achievable option to empower individuals to create a browser.

[heinrich5991]

The link [0] still seems to work and redirects to https://github.com/castlabs/electron-releases/discussions/24 for me.

[smaddock]

Oh! That makes sense, they must have moved it from Issues to Discussions. Thanks, I'll update the parent comment.

[DelightOne]

> This is a closed source, downstream effort which means no modifications can be made to Electron itself.

It has the MIT license since 2 months ago. Did the closed-source part change or is that only about the non-npm code?

[smaddock]

The code included in the GitHub repository downloads the closed source Electron binaries. Just for comparison, the full source would look something more like what's accessible here: https://github.com/electron/electron

[DelightOne]

Thanks! I see it as unlikely that they will release the code, because castlabs also seem to have a business of auditing implementations for consideration for the widevine program: https://github.com/castlabs/electron-releases/wiki/EVS#3pl

[jcelerier]

> This is a closed source, downstream effort which means no modifications can be made to Electron itself.

how does that work with the fact that Blink (LGPL) is part of electron ?