Truly Stupid Ideas: Adding DRM To HTML5
from the it-burns dept
You would have thought by now that people would understand that DRM is not only a bad idea, but totally unnecessary: Apple dropped DRM from music downloads in 2009 and seems to be making ends meet. Despite these obvious truths, the stupidity that is DRM continues to spread. Here, for example, is a particularly stupid example of DRM stupidity, as revealed by Manu Sporny:
A few days ago, a new proposal was put forward in the HTML Working Group (HTML WG) by Microsoft, Netflix, and Google to take DRM in HTML5 to the next stage of standardization at W3C.
After all, this is exactly what Web users have been crying out for: “just give us DRM for the Web, and our lives will be complete….”
Sporny runs through some technical reasons why this is doomed to failure — little things like sending decryption keys in the clear — and points out the awful re-balkanization of the Web that it would cause:
The EME [Encrypted Media Extensions] specification does not specify a DRM scheme in the specification, rather it explains the architecture for a DRM plug-in mechanism. This will lead to plug-in proliferation on the Web. Plugins are something that are detrimental to inter-operability because it is inevitable that the DRM plugin vendors will not be able to support all platforms at all times. So, some people will be able to view content, others will not.
He also notes a fundamental problem with the following Use Case for the proposed technology:
What use cases does this support?
Everything from user-generated content to be shared with family (user is not an adversary) to online radio to feature-length movies.
That clearly implies that when people are not sharing their own content with family and friends, then they are indeed adversaries:
This “user is not an adversary” text can be found in the first question about use cases. It insinuates that people that listen to radio and watch movies online are potential adversaries. As a business owner, I think that’s a terrible way to frame your customers.
Thinking of the people that are using the technology that you’re specifying as “adversaries” is also largely wrong. 99.999% of people using DRM-based systems to view content are doing it legally. The folks that are pirating content are not sitting down and viewing the DRM stream, they have acquired a non-DRM stream from somewhere else, like Mega or The Pirate Bay, and are watching that.
This is the fundamental reason why DRM is doomed and should be discarded: the only people it annoys are the ones who have tried to support creators by acquiring legal copies. How stupid is that?
Follow me @glynmoody on Twitter or identi.ca, and on Google+
Comments on “Truly Stupid Ideas: Adding DRM To HTML5”
this is why big players have no business being involved in the HTML working group. It harkens back to when Microsoft first got into the web business and decided to push proprietary functionality within ie. Yeah, that flew so well, didn’t it?
And wasn’t one of the great features of HTML5 the ability to dump Flash as a required plug-in for viewing video? DRM is a giant step backward in web technology, in epic proportions.
And just think of how many malware, virus, adware and who-knows-what other kinds of crap will be buried in DRM plug-ins.
Oh yeah – how about MPAA and RIAA spyware – the ideal payload for that crowd of trustworthy advocates of turning back time…
Re: Re:
Isn’t the HTML Working Group made up of only big players?
All browsers implement proprietary functionality not part the of a ratified HTML spec. Generally, what gets used becomes the standard and the spec catches up to that.
I’d argue that proprietary functionality within IE(6) was a huge win for Microsoft. Many enterprises built apps on IE6, effectively locking enterprises into IE6 and effectively killing most of the browser competition. Of course, as this happened, IE progress ceased for many years. That is bad for consumers–but was good for Microsoft.
This lack of progress paved the way for new competitors such as Firefox and Chrome.
Re: Re: Re:
Sure IE6 caused all kinds of problems in the enterprise and to companies that wrote code with IE6 in mind. If it was so successful where is it now. Oh, I remember Microsoft dropped it, which is what all companies do with their successful ideas. In the end companies that wrote IE6 code found it raised their Help desk workload too much.
Also it didn’t lock users into IE, they simply ran two browsers IE for the IE6 coded sites and FF or Chrome everywhere else. I still have a plugin for Firefox that will use IE as the rendering engine for certain sites I specify, but it all happens within the FF tab. (Yes I still have internal sites that like IE and balk at anything else (Switches, routers, and phone systems come to mind).
Re: Re: Re:
I can’t believe you actually tried to claim that ie6 was good for something.
Re: Re: Re:
” This lack of progress paved the way for new competitors such as Firefox and Chrome.”
Actually Firefox wasn’t a new competitor. It was the legacy of Netscape, a superior browser that got bullied out of market by Microsoft. And in the long-run, Microsoft’s asshattery lost.
So while Microsoft, for a brief period in history, had a “huge win”, their proprietary offerings, coupled with their monopolistic methods, was a massive fail.
I’d also argue that had they not forced their way into lead position, Netscape would have flourished as a business.
So to claim your position is, in my view, blind to the reality of what transpired.
Re: Re:
And I had one more point. If the DRM scheme is somehow added to the HTML spec; it would be part of HTML; not a plugin.
Re: Re: Re:
…which would be akin to having a backdoor in the language standard. Think about that for a minute.
Re: Re:
why is drm a step backwards. google and every other search engine uses it to track you and sell you shit.
drm = $$$
This has “nefarious” written all over it. I seriously doubt this will be the DRM to “prevent piracy”, but instead, be a wrapper around the content so that circumventing it becomes illegal.
This means ad-blocking software will no longer be legal because Google will wrap its ads in DRM.
This is what the proposal is for, not the advocate against piracy.
Ironic: Google will stand up against SOPA but then screw everyone over pulling this crap.
DMCA: Don’t Mess with Corporate America.
Stands today more than it did when I first came up with the slogan in the late 90s.
I hate to say it but “I told you so!”
Re: Re:
that is an interesting idea, but I am not sure how that would work in practice. I mean if I goto TechDirt and have ad blocking software that prevent Googles ad, is TechDirt going to then ‘wrap’ them in DRM and send from their server? That would seem to complicate googles ability to track ads. not to mention add significant load to Techdirts servers and latency to the load times as we would have to wait for techdirt to get the ads from google, wrap them in DRM and then render the page.
Re: Re: Re:
“not to mention add signifcant load to Techdirts servers and latency to the load times”
Tragically, as someone who specializes in forensic SEO audits, I can assure you the web has become a massive mess of cloud based services pathetically slowing down more and more sites every day, whether it be CDN, or widget based. Images, scripts, it’s all moving off to third party servers.
Almost every audit I’ve performed in the past six months has had a speed problem directly as a result of the otherwise “minor” lag involved with browsers having to call the initial code set, then go back to the server, and off to third party networks over and over again for each additional chunk of code that serves up that which is stored on outside networks.
So at least from that perspective, tragically, the model could very well become mainstream.
Unless you can stop the copying of 1s and 0s, DRM will always be a failed concept.
Re: Re:
Then DRM will always be a failed concept.
Re: Re:
I can easily stop the copying of 1s and 0s.
EMP (Electro Magnetic Pulse) is fairly effective at stopping the copying process and in many cases destroying the copies as well.
Of course there would be some collateral damage involved but anything to stop those damned pirates!
Re: Re: Re:
YOU have the capability of generating the EMP for this?
Re: Re: Re: Re:
If ‘I’ did, I don’t suppose I would be typing this (as DHS would have already ‘eliminated the threat’)
You found me out.
LOL!
Re: Re: Re:
To date, the only non-experimentational method to generate an EMP that would actually prevent the copying of 1s and 0s… would be a nuclear bomb.
If you’re going that route, might as well go right to the source and save the rest of your bombs for another day
Re: Re: Re: Re:
Just for the historybooks, USA has researched electrical pulse guns that takes out a specific building (a directed EMP pulse more or less) with & without killing hte electronics themselves.
So the tech to eliminate specific targets is a reality.
DRM on HTML5 is a fantastic way to prevent or limit it’s uptake.
Re: Re:
DRM on HTML5 is a fantastic way to accelerate the development of HTML6.
Re: Re: Re:
And then putting DRM on HTML6 will accelerate the development of HTML7
Re: Re: Re: Re:
I can see already that this is one goes all the way to 11.
Re: Re: Re:2 Re:
Nono, This one goes to 12. 11 had DRM in it.
Re: Re: Re:3 Re:
We could do this at Firefox/Chrome version rates, and then in no time it’ll be right up to 9000!
Re: Re:
“DRM on HTML5 is a fantastic way to prevent or limit it’s uptake.”
Ah, but you are forgetting one thing. The uptake of HTML5 will not be driven by the end user, but by the content creator.
The consumer likely won’t know (or care) that a site is using HTML5 code, so their won’t be too much backlash.
Why add DRM if you can already make something not work for your potential audience? (see Hulu)
From Netflix and Google’s POV it’s probably an attempt to get licence holders to licence more content, since in their minds it’s still 1999 where web distribution isn’t important and DRM hasn’t been proven ineffective. In Microsoft’s mind (and to be fair maybe Google’s), I wouldn’t be surprised if it’s another way to introduce another defacto standard to block out as many competitors as possible.
Far better than adjusting licencing models and other obstacles that discourage people from consuming more content legally. /sarc
Re: Re:
It’s a very lame reason to introduce a web standard. Don’t forget, web standard is supposed to be aimed for the future, and go along web development. Introducing backwards dying idea as a standard is simply idiotic, and Google should be ashamed in participating in this farce.
Re: Re: Re:
LOL! Google should just be ashamed, period.
I would presume any type of DRM in HTML would be a cakewalk to crack…
Re: Re:
And another crime (via DMCA) that can be used against you if the powers that be get tired of your shenanigans.
Re: Re:
The only way that DRM on a computer system can work is if the user cannot run their own software on the machine. This is what the war on general purpose computing is about, unless the corporations control the user machines, they cannot control content on those machines.
Re: Re: Re:
Which is EXACTLY why everything is migrating to the Cloud. It is all about control. Specifically taking control from you and increasing the control they have over you.
Re: Re:
More likely that a splinter spec would be created without it or browser manufacturers would include the option simply to ignore it as if it didn’t exist, just like turning off Javascript.
What the heck, Google?!
And why is Netflix trying to be in charge of HTML?
Side note
The folks that are pirating content… have acquired a non-DRM stream from somewhere else, like Mega or The Pirate Bay, and are watching that.
It’s often noted around here that TPB and Mega have “legit”(non-infringing) users, too; but even an enlightened, insider writer, when in need of a villainous example, will cite them as a den of infringers. Can you blame the lay pundits for making them into pirate poster children?
Re: Side note
The argument isn’t that NOBODY uses the services for naughty things. To pretend that illegal streams aren’t available from them would be silly.
Its like a street corner in a shady neighborhood, sometimes you can buy a hot dog at the corner of Mega Ave and Pirate Bay Bvld from a legitimate vendor. Sometimes you can get crack and hookers. To ignore either set of clientele is to avoid looking at the whole picture.
Re: Re: Side note
Also, this site’s enlightened insider writer was block quoting someone else…
Also also, sorry for the double post.
Re: Side note
The argument isn’t that NOBODY uses the services for naughty things. To pretend that illegal streams aren’t available from them would be silly.
Its like a street corner in a shady neighborhood, sometimes you can buy a hot dog at the corner of Mega Ave and Pirate Bay Bvld from a legitimate vendor. Sometimes you can get crack and hookers. To ignore either set of clientele is to avoid looking at the whole picture.
Don’t you illegally download this web page or comment to your web browser! You must pay Techdirt and me $5 first if you want to view this content, because I don’t work for free posting these random comments, and neither does Glyn!
they have acquired a non-DRM stream from somewhere else, like Mega or The Pirate Bay, and are watching that.
He was doing good till this part. I don’t think he meant it in the same way as the MAFIAA (implying the purpose of the services is just to share copyrighted stuff) it can and will be interpreted that way.
In any case, the article makes very valid points. As for me, if I stuble upon some DRM plugin or DRMed portion of a site I’ll simply go without. When I file share I may be compelled to buy the content I see if worth it so I’m often a GAINED sale. When I hit a DRM wall I’m most certainly a lost sale.
Re: Do it like JS
If they allow pre-processor plugins on-demand, similar to how JS works via an Native Client (NaCl) system, it could very well be seamless in the next round of modern browsers. (IE11, Chrome 30, etc). As long as it can be done as an inline pre-processor it could integrate seamlessly, be custom to that site and license, and still work towards stopping recording (though a screen capture, and virtual sound card could still do it, but we’ll pretend that DRM actually works)… My goal wouldn’t be to stop DRM, but to make it so seamless for content streaming, that it doesn’t get in your way. Second to that is keeping it in the browser tab/view, and out of your OS level… where it is nicely sandboxed, and reduced as a potential attack vector.
My $.02
It wouldn’t bother me too much if said “plugins” were required to be in NaCl (Google’s Native Client) architecture, which really limits their ability to only access stuff in a browser (sandboxed). If said “plugins” are installed at the OS level, then this is just wrong. If they allow said decoder to be in an NaCl sandbox, and included like a JavaScript segment, it could be okay in terms of usability, and maintaining a balance with security.
I do appreciate seeing Netflix in on the discussion, since they are probably the single biggest instance of DRM licensed content. They are kind of stuck in the middle, of wanting to offer content/services to users, and having to appease the content gods requiring DRM schemes. There’s enough trouble in even getting content licenses, without DRM would make it far too difficult at this time.
My biggest concern here is that they avoid the OS level plugin systems of old. I thought that NaCl was a good idea when released, and if integrated seamlessly could be very good… worst you would have to do is “close the tab” to get out of a rogue site… instead of it infecting your system with malware. Further, there has been a lot of effort in terms of improving security with JS integration, and using the same API interfaces for video/audio pre-processing combined with something like NaCl could be good, without the need for full-os level integration.
I do *not* want to see another Silverlight/Moonlight instance where MS licenses the codecs for non-windows (and mac), but without any DRM, effectively making it useless for people on linux, or generic STBs (set-top-boxes, Raspberry Pi, etc) wanting to access content sites like Netflix.
what Dotcom said the other day is oh, so true! the Internet doesn’t, nor should it ever, belong to or be controlled by anyone or any country. why do these morons (who are supposed to be so internet savvy and rely on the internet to make and keep their businesses profitable) keep trying to take it over? why dont they just fuck off, all ready!
Have they decided to put the DRM in yet?
If not, I’m not too worried, not yet.
It’s just a proposal. It might go somewhere, it might not.
We’ll see.
If it goes somewhere, expect google to lose traffic fast.
As I have said before, not all DRM is bad. I’d argue the DRM used in Rhapsody’s older subscription service is superior to the DRM-less streaming/caching offered by most services. You could actually access your files. Play them on any player that supported the DRM instead of just the company’s app. You could easily mix in your collection with the subscription tracks, instead of being limited to the tracks offered by the streaming service. You could actually back up your subscription tracks effectively. If you are stuck on a severely limited rural DSL or satellite connection, this is very convenient. Streaming is either not feasible or the caching is difficult to backup. And Rhapsody DRM didn’t really limit anyone. Just update the licenses once a month and you are good to go. It is too bad this service is going away shortly in favor of all streaming/caching to useless files.
I’d wait and see what is truly proposed and how this DRM is used before I would right it off.
Re: Re:
and
Are at odds. Of course it limited people. You have to have a special player, hardware or software, which means you were limited to a specific subset. Which means that the odds were pretty good you’d have to stop using the player you preferred. You also have to check in periodically to update licenses.
Most of the benefits you list are not due to the DRM at all. I have all of those benefits with my music without Rhapsody, or DRM.
Re: Re: Re:
You are not following.
How many players can you listen to Spotify tracks in? Relatively few. Only those participating in the API, which remains very limited.
How many players could you listen to Rhapsody DRM tracks in? A lot. Rhapsody, Windows Media Player, Winamp, Real Player, and more. You can’t listen to Spotify on portable media players. You can with Rhapsody.
The benefits I listed are directly due to DRM. No subscription service without DRM can offer those features.
Re: Re: Re: Re:
This is just patently wrong. You only listed four “advantages” of DRM. All can be done better without it.
You could actually access your files. Without DRMat all, not just ones that include special support.
You could easily mix in your collection with the subscription tracks. Of course. I don’t see how DRM enables this.
You could actually back up your subscription tracks effectively. Again, without DRM there’s nothing that would stop you from doing this.
Re: Re: Re:2 Re:
Oops, editing error. I meant to write:
You could actually access your files. Without DRM, there’s nothing to stop you from doing this.
Re: Re: Re:3 Re:
And…
Play them on any player at all, no need for any special support.
Two editing problems in a row. I’m backing away from the keyboard now. 🙂
Re: Re: Re:
Then the vendor files for bankruptcy and turn off/sell their servers. Exactly how any kind of DRM is beneficial? Steam? I’m growing to loath them more and more.
Any kind of DRM invades property rights.
Re: Re: Re: Re:
Assuming you actually own the content. In the case of a subscription, you own nothing. DRM protects the service from theft if necessary.
Re: Re: Re:2 Re:
Assuming you actually own the content. In the case of a subscription, you own nothing
But you still pay the full price for the subscribed content, which is why I find this kind of crap from Steam outrageous, arms together with the “software is licensed, not sold” crap.
I never seen “License” buttons or labels in any (web)shop, only “Buy”/”Purchase”. Which looks like a purchase, cost like a purchase is a purchase.
And fuck you if you want to “alter the deal” after I bought the stuff, brought home, opened the shrinkwrap, opened the case, run the installer and slap me a maybe-maybe not legal EULA. Because if I refuse the BS in it, I can’t bring it back to the retail and get my money back.
No need for DRM in HTML
“Everything from user-generated content to be shared with family (user is not an adversary) …”
You know, I have never wanted DRM on any of my content to be shared with family. Generally, if anything, I want them to be able to reshare it with extended family or even friends of the family.
Not really surprising
“You would have thought by now that people would understand that DRM is not only a bad idea, but totally unnecessary”
Despite being debunked people also still buy copper bracelets for arthritis. It doesn’t matter if it works or not, because they’re sure if they clap hard enough Tinkerbell???℞℃Ω will live.
This doesn't make HTML5 much worse
HTML 5 has already gone well down a terrible road, by incorporating patented technologies and other features that benefit the big corporations at the expense of everybody else.
This is just another blemish in an already ugly and objectionable “standard”.
Re: This doesn't make HTML5 much worse
HTML 6 will be better.
Preposterous
I can’t believe that you ppl have been bamboozled into thinking that there is such a thing as legal and illegal data…
It’s boggles the mind.
Customers are Adversaries?
In today’s business world, I think all customers are not only viewed as adversaries but are treated like enemies and are, in fact, victims of economic warfare that are “raped” and “killed” over and over again. Reward is given for new clever ways to lie to, cheat and steal from the customer.
Re: Customers are Adversaries?
You’re giving them too much credits. Enemies, victims, what-have-you, assumes that deep down we’re still human, or at least an entity with instinct. Nope, no such luck. We’re just a series of numbers representing their “guess” of how much we have in our bank accounts, which btw just another number they arbitrarily assign to us representing the worth of our labor.
DRM is the most insulting thing ever.
If a plumber decided he wouldn’t come into my home until I remove all the sharp/blunt objects in my home so it’d be harder for me to kill him I’d say “fuck you” and find a different plumber.
Also, it’s saying my purchase of a product doesn’t factor into who should control it. Which is FUCKING BULLSHIT
Use case: sharing with your family
If you were sharing a home-video with family, why would you want to put DRM on it?
Re: Use case: sharing with your family
“If you were sharing a home-video with family, why would you want to put DRM on it?”
In case you live with someone who thinks site like TechDirt, and people like Aaron Swartz are heroic or have anything but a complete lack of morals and ethical views.
because you can’t risk your relative stealing the content you paid for and anyone with THAT kind of attitude is going to do so if you don’t DRM that shit!
obviously. #duh
Re: Re: Use case: sharing with your family
And when I say “paid for”, YOU bought that video camera right? and YOU bought the computer you used to turn the raw video into a unique creative work that you then copyrighted right?
See? It all makes perfect sense!
Why not? Apple added patented technology (MP4) to HTML5 already.
Besides, it doesn’t matter what the WHAT-WG says. Google has ultimate authority over HTML5. Whatever it adds to Chrome will end up in Safari (now just a fancy UI over Chrome anyways) and then Mozilla will be pressured to play catch-up.
It doesn’t matter though if Mozilla implements it anyways. They’ll implement a different version where the only difference is that the code says “moz” instead of “webkit”. Only half of the sites that use the Webkit version will even bother adding the Mozilla version too.
And now you see why I got out of the web developer business. >_
drm
my aunt,90, has macular degeneration so i gave here my nook color for her to be able to read books.we purchased 25 ebooks 1 at a time so we had our bank jumping up and down and ready to close our acct cause they thought it was fraud that many transactions.so i discovered drm for the first time.to install these books i had to d/l a program, drive 100k to gold coast to pick up the nook and then install them and then drive back.naively i thought i could stick them on a usb and mail them to her. that’s the way it should be.argo i say hehehe
Truly Stupid Ideas: Adding DRM To HTML5 from the it-burns dept
Truly Stupid Ideas: Adding DRM To HTML5
from the it-burns dept
You would have thought by now that people would understand that DRM is not only a bad idea, but totally unnecessary: Apple dropped DRM from music downloads in 2009 and seems to be making ends meet. Despite these obvious truths, the stupidity that is DRM continues to spread. Here, for example, is a particularly stupid example of DRM stupidity, as revealed by Manu Sporny:
A few days ago, a new proposal was put forward in the HTML Working Group (HTML WG) by Microsoft, Netflix, and Google to take DRM in HTML5 to the next stage of standardization at W3C.
After all, this is exactly what Web users have been crying out for: “just give us DRM for the Web, and our lives will be complete….”
Sporny runs through some technical reasons why this is doomed to failure — little things like sending decryption keys in the clear — and points out the awful re-balkanization of the Web that it would cause:
The EME [Encrypted Media Extensions] specification does not specify a DRM scheme in the specification, rather it explains the architecture for a DRM plug-in mechanism. This will lead to plug-in proliferation on the Web. Plugins are something that are detrimental to inter-operability because it is inevitable that the DRM plugin vendors will not be able to support all platforms at all times. So, some people will be able to view content, others will not.
He also notes a fundamental problem with the following Use Case for the proposed technology:
What use cases does this support?
Everything from user-generated content to be shared with family (user is not an adversary) to online radio to feature-length movies.
That clearly implies that when people are not sharing their own content with family and friends, then they are indeed adversaries:
This “user is not an adversary” text can be found in the first question about use cases. It insinuates that people that listen to radio and watch movies online are potential adversaries. As a business owner, I think that?s a terrible way to frame your customers.
Thinking of the people that are using the technology that you?re specifying as “adversaries” is also largely wrong. 99.999% of people using DRM-based systems to view content are doing it legally. The folks that are pirating content are not sitting down and viewing the DRM stream, they have acquired a non-DRM stream from somewhere else, like Mega or The Pirate Bay, and are watching that.
This is the fundamental reason why DRM is doomed and should be discarded: the only people it annoys are the ones who have tried to support creators by acquiring legal copies. How stupid is that?