If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Slashdot)   DRM is coming to web pages and you have Google, Microsoft, and Netflix to thank   (slashdot.org) divider line 31
    More: Cool, DRM, Netflix, Silverlight, web pages, interoperability  
•       •       •

5214 clicks; posted to Geek » on 12 Feb 2013 at 11:36 AM (1 year ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



31 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread
 
2013-02-12 11:41:21 AM
In layman's terms means...
 
2013-02-12 11:41:21 AM
Dear fark HTML nerds - can someone please translate for us?  What does this mean and why should I be scared?

Thanks,
 
2013-02-12 11:44:52 AM

OceanVortex: Dear fark HTML nerds - can someone please translate for us?  What does this mean and why should I be scared?

Thanks,


Yeah, is this a bad thing, as the headline suggests, or a good thing, as the "cool" tag suggests?
 
2013-02-12 11:45:58 AM
Does this mean I'll no longer be able to use programs like Download YouTube and such? Awww...
 
2013-02-12 11:46:06 AM
This sounds like it's about having the ability to put some sort of authentication and encryption procedure into media elements without requiring external plugins. Right now, Netflix uses Silverlight in the browser and custom apps for the 18 bajillion other devices it supports.  Having services like Netflix work ANYWHERE that supports HTML5 video is a good thing compared to relying on native apps or everything.

DRM is bad, especially when we're talking about purchased e-books, MP3s, videos, and games. But when we're talking about streaming services, I don't really see why it matters.
 
2013-02-12 11:47:40 AM

Cythraul: Does this mean I'll no longer be able to use programs like Download YouTube and such? Awww...


It may mean that they work better...
 
2013-02-12 11:48:31 AM

jonny_q: This sounds like it's about having the ability to put some sort of authentication and encryption procedure into media elements without requiring external plugins. Right now, Netflix uses Silverlight in the browser and custom apps for the 18 bajillion other devices it supports.  Having services like Netflix work ANYWHERE that supports HTML5 video is a good thing compared to relying on native apps or everything.

DRM is bad, especially when we're talking about purchased e-books, MP3s, videos, and games. But when we're talking about streaming services, I don't really see why it matters.


But the outlying question is, this DRM, what is the extent of it's reach....as the end user that isn't informed, will want to know if this affect him downloading por------- free indy music.
 
2013-02-12 11:49:50 AM

jonny_q: This sounds like it's about having the ability to put some sort of authentication and encryption procedure into media elements without requiring external plugins. Right now, Netflix uses Silverlight in the browser and custom apps for the 18 bajillion other devices it supports.  Having services like Netflix work ANYWHERE that supports HTML5 video is a good thing compared to relying on native apps or everything.

DRM is bad, especially when we're talking about purchased e-books, MP3s, videos, and games. But when we're talking about streaming services, I don't really see why it matters.


tl;dr: BAD DRM = I have to "log in" to my XBox game to play single player. MEH DRM = I have to log in to Netflix to stream a movie.
 
2013-02-12 11:54:16 AM

FinFangFark: But the outlying question is, this DRM, what is the extent of it's reach....as the end user that isn't informed, will want to know if this affect him downloading por------- free indy music.


In short, I can't see how, so no.

But the services that are already using DRM, like the Ultraviolet "digital" copies of movies that you "purchased" will soon be playable in a browser without a special plugin or special UltraViolet player.

Now, whether we'll reach the point where the ONLY media you can get is DRM-protected media... who knows, but music and books have already strayed from that.
 
2013-02-12 12:05:04 PM
How will this affect developers who write/use their own HTTP clients?
 
hej
2013-02-12 12:08:41 PM
Given that I don't "buy" web pages, I don't see why this is a problem.
 
2013-02-12 12:24:25 PM

jonny_q: This sounds like it's about having the ability to put some sort of authentication and encryption procedure into media elements without requiring external plugins. Right now, Netflix uses Silverlight in the browser and custom apps for the 18 bajillion other devices it supports.  Having services like Netflix work ANYWHERE that supports HTML5 video is a good thing compared to relying on native apps or everything.

DRM is bad, especially when we're talking about purchased e-books, MP3s, videos, and games. But when we're talking about streaming services, I don't really see why it matters.


Using any browser that supports DRM-HTML5, that is. Let loose the various flavors!
 
2013-02-12 12:26:51 PM

hej: Given that I don't "buy" web pages, I don't see why this is a problem.


Think again. You won't be able to alter your security setting, privacy settings, delete their cookies, adblockers won't work, etc

Big Business über alles. Resistance is futile.
 
2013-02-12 12:50:35 PM
jonny_q

This sounds like it's about having the ability to put some sort of authentication and encryption procedure into media elements without requiring external plugins.


This sounds more like creating a bunch of proprietary, specialized plugins and calling them "Content Decryption Module"s and have them either return the decrypted video frames to the browser or crash your system directly.
 
2013-02-12 12:52:40 PM

jonny_q: jonny_q: This sounds like it's about having the ability to put some sort of authentication and encryption procedure into media elements without requiring external plugins. Right now, Netflix uses Silverlight in the browser and custom apps for the 18 bajillion other devices it supports. Having services like Netflix work ANYWHERE that supports HTML5 video is a good thing compared to relying on native apps or everything.

DRM is bad, especially when we're talking about purchased e-books, MP3s, videos, and games. But when we're talking about streaming services, I don't really see why it matters.

tl;dr: BAD DRM = I have to "log in" to my XBox game to play single player. MEH DRM = I have to log in to Netflix to stream a movie.


What you don't understand is that Netflix operates under three levels of DRM, two of which you don't see.

'You just log in' = SD, and the most limited content set.
Login + secure boot + software DRM = SD+, and a bigger content set
Login + secure boot + hardware enforced DRM and tamper proofing = HD, and the largest content set

/The studios are trying hard to kill SD level of DRM for everything except 30 year old repeats
//the cost to each client implementor of anything but SD is $30k/yr + $0.35/box, payable to Microsoft
///Plus your device has to undergo Netflix certification, which is like trying to make your autistic three year old brother plot a course for your rocket to Mars
////Ultraviolet is doomed because the question of 'who pays for the digital locker' is not resolved.  Current implementations only work until the studio keys in the files expire.
 
2013-02-12 12:54:46 PM
I might be thinking about this the wrong way, but this seems decidedly bad for OSS browsers. Otherwise, it seems like it'd be easy to spoof the end point. Actually, this might be a great idea: it either ends up with a anti-trust lawsuit against the big players or easily breakable DRM.
 
2013-02-12 01:15:33 PM

wildstarr: In layman's terms means...


Right now when a provider like Netflix sends you something via the web that they want to restrict the use of (like a streaming movie), they have to use an application separate from the browser. In Netflix's case, it's something they programmed using Microsoft's Silverlight development tools. On Pandora, as an example, it's the player they programmed using Flash. It is a separate thing from the browser and, more importantly, it is completely separate from the actual HTML web page in the browser.

HTML actually has a way to handle media like streaming video and audio, however, called HTMLMediaElement. This element defines certain standards for things like autoplaying the media, sizing it, pausing it, etc. It does not currently, however, define any way for the provider to say that the media is rights restricted. E.g., that the end user is not allowed to copy it, for example, or that it may only be played once.

They're proposing to change that so that in the future companies like Google and Netflix could provide streaming media (or other things that require protection like key exchanges or private chats/videos/etc.) that is rights restricted without having to use a separate player like they do now with Silverlight, Java and Flash applications. Instead, the video/audio would just be a part of the webpage like an image is now (and which non-restricted video and audio can be now as well).

The big pro for you, the end user, would be that you probably wouldn't need insecure, flaky programs like Flash anymore. In fact, with the advent of HTML5, you don't need it now except for legacy applications like Pandora.

The big con is that it changes the long-standing paradigm whereby you, the end user, are supposed to have the ultimate control over how the content is displayed to you on your machine which could have consequences ranging from you being unable to manipulate your own browser on certain pages (think blind people who use programs that rely on the open nature of HTML to dictate content to them as a good example) to you being unable to use those pages at all because you lack the control required to tweak things to make them work if you use any browser that isn't "supported" by the provider.
 
2013-02-12 01:20:25 PM

Vegan Meat Popsicle: wildstarr: In layman's terms means...

Right now when a provider like Netflix sends you something ...
The big pro for you, the end user, would be that you probably wouldn't need insecure, flaky programs like Flash anymore. In fact, with the advent of HTML5, you don't need it now except for legacy applications like Pandora.

The big con is that it changes the long-standing paradigm whereby you, the end user, are supposed to have the ultimate control over how the content is displayed to you on your machine which could have consequences ranging from you being unable to manipulate your own browser on certain pages (think blind people who use programs t ...


Thank you!  You win Internets for the best explanation so far.  Good work
 
2013-02-12 01:22:19 PM
ProfessorOhki Actually, this might be a great idea: it either ends up with a anti-trust lawsuit against the big players or easily breakable DRM.

That's what this part in Slashdot's article summary is for:
"The BBC calls for a solution with legal sanctions."

And, reading a sentence here and there in the BBC's requirements, it seems like they want
a) a secure way to identify the decryption plugins and
b) the possibility to refuse playback if they don't like the plugin or the platform/device it's running on
 
2013-02-12 01:36:43 PM

Vegan Meat Popsicle: The big con is that it changes the long-standing paradigm whereby you, the end user, are supposed to have the ultimate control over how the content is displayed to you on your machine which could have consequences ranging from you being unable to manipulate your own browser on certain pages (think blind people who use programs that rely on the open nature of HTML to dictate content to them as a good example) to you being unable to use those pages at all because you lack the control required to tweak things to make them work if you use any browser that isn't "supported" by the provider.


Your explanation was better than mine, but this last paragraph... I just don't see how that could happen. We're talking about an API layer for the HTMLMediaElement OM like you described. What would that have to do with keeping you from manipulating your browser or using a screen reader?

My main point in this thread is that I don't see how this will make anything WORSE... it'll just make things easier for people who don't have Silverlight and don't like having custom apps or custom hardware for frikkin everything.

But yeah, <b>ProfessorOhki</b> is right. The OSS browsers will probably refuse to implement it, so we'll end up with two classes of web browsers ... the ones that can play video and audio people choose to "restrict" and those that can't.
 
2013-02-12 01:39:37 PM
Another summary:

"Most of our crap uses the obscurity of Flash blobs for 'security' on the client side. But, OMG! Apple stuff is really popular and won't do Flash! Hrmupf. DRM might actually suck for us content providers if we have to come up with our own solution and implement it on more than one platform. Hey, I know! Lets cram that crap into browsers and it becomes somebody else's problem. Btw., here's our wishlist. Now, get cracking!"
 
2013-02-12 01:43:45 PM
Does this mean it'll become easier for me to block Macs and iDevices from my content? That would be swell.
 
2013-02-12 02:25:05 PM

jonny_q: What would that have to do with keeping you from manipulating your browser or using a screen reader?


Do you remember the old days when you could modify custom CSS for sites and your browser would use them to render pages no matter how they were designed by the site creator (I guess that's probably still possible, but who does that anymore...)? That worked because the DOM is supposed to be open and manipulable. You can even modify pages by directly manipulating nodes in the DOM with your own JavaScript after the page loads.

But if they include restrictions that start saying "you can't modify the playback speed or pause it or replay it", you lose that ability even though the function is technically there. You could not modify the content to allow pausing of the video or changing the playback speed because it would be disallowed by the DRM, the DRM being implemented by a standard that, for the first time, is created explicitly to disallow you access to certain pieces of the DOM.
In other words, .paused is still there, but you no longer have access to it for this node because another part of the node defines the DRM restrictions to disallow it. To my knowledge, there's no precedent for this. Sometimes attributes and nodes become unavailable for technical reasons, but not because you're just now allowed to manipulate it.
 
2013-02-12 03:08:35 PM

Vegan Meat Popsicle: But if they include restrictions that start saying "you can't modify the playback speed or pause it or replay it", you lose that ability even though the function is technically there. You could not modify the content to allow pausing of the video or changing the playback speed because it would be disallowed by the DRM, the DRM being implemented by a standard that, for the first time, is created explicitly to disallow you access to certain pieces of the DOM.
In other words, .paused is still there, but you no longer have access to it for this node because another part of the node defines the DRM restrictions to disallow it. To my knowledge, there's no precedent for this. Sometimes attributes and nodes become unavailable for technical reasons, but not because you're just now allowed to manipulate it.


Thanks for clarifying that your comment was limited to the scope of media elements. However, I think you're jumping to conclusions that implementing video encryption/decryption also means taking playback controls away from the user. And even if that happened, I don't see every browser implementing it and you would still probably be a Firefox addon away.

Consider Hulu for a moment. Even without denying the user access to his own browser, Hulu could still use server-side code to keep you from skipping past a certain point in a video until you've seen commercials. Hulu wouldn't need anything nefarious added to your browser to do that.

What attributes become unavailable for technical reasons? I can think of examples where a webpage doesn't have access to certain properties and methods for security reasons, but not where, say, a greasemonkey script is denied that access.
 
2013-02-12 03:09:49 PM

hamdinger: Does this mean it'll become easier for me to block Macs and iDevices from my content? That would be swell.


I don't think there's anything easier that User-Agent detection. Not sure why you would want that, but it's already pretty darned easy.
 
2013-02-12 03:19:34 PM

jonny_q: hamdinger: Does this mean it'll become easier for me to block Macs and iDevices from my content? That would be swell.

I don't think there's anything easier that User-Agent detection. Not sure why you would want that, but it's already pretty darned easy.


You don't block them from the content anyway. You present the content but disable the controls to post comments: they get to read what everyone else is saying but are forced to keep their opinion to themselves. Far far more cruel AND you still get the page views.
 
2013-02-12 03:30:17 PM

jonny_q: Consider Hulu for a moment. Even without denying the user access to his own browser, Hulu could still use server-side code to keep you from skipping past a certain point in a video until you've seen commercials. Hulu wouldn't need anything nefarious added to your browser to do that.


I think you misunderstand my point. It's not a matter of what's likely, it's a matter of what becomes possible. For a real-life example that's probable, look at the loop property of HTMLMediaElement. It's not hard to envision an online rental service disabling access to that property.

The point is that this extension would be the first time something was added to the DOM with the express purpose of restricting a browser's access to the DOM. No other class, method or attribute exists that is intended to take away the ability of the end user to control the content once it's rendered. Some people don't like that idea and think that the DOM should remain completely open.

jonny_q: What attributes become unavailable for technical reasons? I can think of examples where a webpage doesn't have access to certain properties and methods for security reasons, but not where, say, a greasemonkey script is denied that access.


If a tree has no image elements, none of the properties of an image are exposed. It's also possible from time to time for certain media elements like video and audio to have properties such as length or ended become undefined for some reason, usually related to network issues.
 
2013-02-12 09:15:55 PM

The Voice of Doom: jonny_q

This sounds like it's about having the ability to put some sort of authentication and encryption procedure into media elements without requiring external plugins.

This sounds more like creating a bunch of proprietary, specialized plugins and calling them "Content Decryption Module"s and have them either return the decrypted video frames to the browser or crash your system directly.


This is exactly what it means, and unless it's implemented at the domain level, any site that tries to do this is DOA. Why would I want to suffer through Hulu's shiatty DRM when Crackle is waiting in the wings ready to eat their lunch? Besides, DRM is the exact opposite of the whole point of projects like Java and Apache that were meant to make the web more open and uniform. If they're going to put a layer of DRM on all of it, they may as well puke a layer of .NET over the whole web. Then again, it still wouldn't be as bad as Flash.
 
2013-02-12 09:54:15 PM
Slashdot link + mention of DRM + mention of Microsoft = no way in hell I'm clicky on the linky.

I'd rather click a "(Featured Partner)" ad.
 
x23
2013-02-13 12:28:28 AM

jonny_q: hamdinger: Does this mean it'll become easier for me to block Macs and iDevices from my content? That would be swell.

I don't think there's anything easier that User-Agent detection. Not sure why you would want that, but it's already pretty darned easy.



he is an undereducated mouth breathing Apple hater... you expect him to understand how to do something simple like that?
 
2013-02-14 11:19:40 AM
For a website that is so interested in internet freedom, it's ironic how easy it is to get banned from their forums. If you post too much pro-MS, you get a warning to "sit in the corner" and that if it continues you will lose your account.
 
Displayed 31 of 31 comments

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »






Report