- From: cobaco <cobaco@freemen.be>
- Date: Fri, 16 Aug 2013 21:23:10 +0200
- To: "public-restrictedmedia@w3.org" <public-restrictedmedia@w3.org>
On 2013-08-16 09:09 you wrote: > On Fri, Aug 16, 2013 at 8:40 AM, cobaco <cobaco@freemen.be> wrote: > > On 2013-08-16 07:49 Mark Watson wrote: > > > If a browser integrates a specific CDM, what makes you think that they > > > will pay less attention to user security and privacy with respect to > > > that part of the browser compared to the attention they pay to the > > > rest of the browser ? > > > > CDM's in general are in the EME spec as black boxes, > > consequently EME-implementors can't make sure they respect the user's > > privacy > > or security, as they don't have the access needed to verify that > > They are black boxes as far as the specification is concerned, yes, but > not necessarily as far as the browser implementor has concerned. For the > two that have shipped the browser implementor also owns the source code of > the CDM, > > so again I am wondering why you think they would pay less > attention to security/privacy for the CDM than for the rest of the browser > ? We can explicitly ask in the EME Security and Privacy Consideration that > they pay equal attention, if that helps. I consider it highly unlikey that the widely used CDM's will have a spec available for implentation/verification by anyone, sofar it's looking like they will all be proprietary and closed (the DRM proponents are saying "well those that don't want proprietary drm should make one, then maybe we'll consider it", the DRM opposers are replying to that with in essence "we're not putting our time and effort in creating a 'lesser evil' open DRM, there's to much DRM already") > If a browser uses a third-party CDM, I would expect the browser implementor > to get some assurances from the third-party, in whatever form they deem > necessary to maintain the integrity of the promises they make to users. Without access to the source code any promises about security or privacy are empty ones, it's walking blindly through a massive firefight hoping you won't get shot. We've all seen the news the last couple of months... In a world where a (US) national security letter can legally muzzle companies and individuals, can demand cooperation (or else) you simply cannot trust any assurances without code access, doubly so from a longterm perspective. Especially as everybody that has followed the news the last couple of months knows that the US has been busy doing exactly that (and there's probably similar programs in other places) > If they can't get that, they could refuse to support the CDM or they could > cover it with user warnings, disable it by default etc. - whatever they > deemed appropriate. If: - a multinational (like say google or netflix) controls the access to a significant percentage of the content through a CDM implementation (which is highly likely due to network effects and the usual power law distribution that implies) - and says "you'll just have to take our word for it, it's safe", - and you're an independend developer, or (small) company, or community (say Debian) ... Then you're just SOL, you have no leverage, and can't demand any real guarantees That means you loose the ability to guarantee anything about security or privacy of the CDM, your choices are now: - lie about it, and pretend you can guarantee something or - ignore security and privacy as issues (good luck with that in the long run), or - loose any realistic chance to actually enter the market in a meaningfull way since you don't support a widely used CDM and are thus not even considered by the vast majority of consumers. -- Cheers
Received on Friday, 16 August 2013 19:23:28 UTC