Re: Clarification

On Tue, May 14, 2013 at 11:26 AM, Mark Watson <watsonm@netflix.com> wrote:

>
>
> On Tue, May 14, 2013 at 6:33 AM, Alastair Campbell <alastc@gmail.com>wrote:
>
>> Henri Sivonen wrote:
>>
>>> So the browser taken together with the CDM wouldn't be Open Source in
>>>  the sense of coming with the downstream freedoms associated with Open
>>> Source, then. Open Source isn't just about source disclosure. Source
>>> disclosure is a mere prerequisite for enabling the downstream
>>> freedoms.
>>>
>>
>> So Mozilla would not be able to produce a build of Firefox that includes
>> a CDM?
>>
>> It sounds like EME provides some separation, but not enough for a (fully)
>> open source browser. I assume Google gets around this by using webkit/blink
>> as the rendering engine, but the rest of the browser is not open source.
>>
>> I also assume that having the CDM outside of the browser would mean we're
>> back in plugin territory?
>>
>
> As I mentioned, there are two ways that a browser that did not wish to
> ship closed source code could integrate with a CDM. One would be for the
> case where the necessary DRM functions are included within the platform
> with published APIs. Indeed Mozilla have proposed that platform APIs of
> this nature that are available to one browser must be available to all
> browsers. That seems like a good idea to me but we will have to wait and
> see if such published APIs are forthcoming.
>
> The other option is to ship a mechanism that will download, verify and
> load specific UA-vendor-supported CDMs. This would enable the UA-vendor to
> offer some of the security and privacy protection that they typically offer
> (though not as far as "here is the code" unless through the admittedly
> challenging obfuscating compiler route described by Henri).
>
> I would point out that even the most open-source of systems relies on
> plenty of closed source code. There are device drivers, code in the GPU,
> microcode in the CPU, never mind the hardware itself, which is just code
> compiled with chip fabrication plant. So, I wonder if the concerns about
> closed-source CDMs are more to do with the functionality of those than the
> fact that they are closed-source.
>
> ...Mark
>

You're right, there are instances of closed source in drivers.  This is an
ongoing battle and many hardware vendors are providing API's so that
drivers can be open source.  Router manufacturers are shipping with Linux
these days to great success, and it is possible to install Linux on many of
the more successful routers.  There is also an ongoing initiative to open
up hardware, and this is being realized with more and more open open Linux
SOC's entering the market.  The principal source of secretive hardware
interfaces is video cards; they are afraid of competitors swiping their IP.

Bottom line is that the existence of a problem in no way justifies
perpetuating the problem.

-- 
Rick

Received on Tuesday, 14 May 2013 20:56:37 UTC