W3C home > Mailing lists > Public > public-html-media@w3.org > September 2016

Re: Formal objections to Encrypted Media Extensions

From: Joseph Lorenzo Hall <joe@cdt.org>
Date: Thu, 8 Sep 2016 07:53:28 -0400
Message-ID: <CABtrr-Usfx-U5338X9KH0+OyYAHbrvk6SWOHJ7PVJi63rQ6CAw@mail.gmail.com>
To: David Singer <singer@apple.com>
Cc: Mark Watson <watsonm@netflix.com>, Harry Halpin <hhalpin@w3.org>, Paul Cotton <Paul.Cotton@microsoft.com>, "public-html-media@w3.org" <public-html-media@w3.org>
On Wed, Sep 7, 2016 at 11:57 AM, David Singer <singer@apple.com> wrote:
>
>
> OK, there are risks from at least:
> 1) installing new software (OS X, for example, has security settings to enable you to lock down to the signed installs from the App Store)
> 2) using software that might have been subject to less security analysis (e.g. because of a fear of the DMCA)
> 3) a combination of the above.
>
> The OS might warn people who install new software.  EFF might warn people who buy devices with built-in DRMs. The EFF might suggest that that warning be stronger for installed DRMs.
>
> But I still haven’t got to the EME interface...

Yes, as you said up-thread EME will in most cases be open and
analyzable in UA implementations. EME is an interface to working with
CDMs for video, which will necessarily increase risks to web users in
your category (2) above. (It may also set precedent for future CDM/DRM
interfaces for things that would dramatically reduce the openness and
user-oriented control of the web platform... e.g., DRM interfaces for
text, images, page source, etc.)

I would like to be able to tell researchers they can analyze a CDM and
attempt to verify that it is doing certain things and not doing other
things. (The Sony rootkit compact disc DRM that Alex Halderman
examined as part of his PhD thesis is an obvious poster child for
important work here.)

While CDM producers may not be W3C members, content distribution and
UA developers tend to be members, and it would be great if all of
those in the room at W3C could agree that it's best for the web
platform if: 1) as Mark and David have detailed, the existing EME spec
has taken care with user consent and experience; 2) that CDM producers
and those that utilize or implement CDM interfaces agree that having
third-party analysis of these modules is important for accountability
and simply finding bugs; 3) the parties at least at W3C developing
these standards can agree to a [litigation non-aggression
covenant/something else?] that would give researchers some certainty
in their work.

-- 
Joseph Lorenzo Hall
Chief Technologist, Center for Democracy & Technology [https://www.cdt.org]
1401 K ST NW STE 200, Washington DC 20005-3497
e: joe@cdt.org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key
Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871

Tech Prom, CDT's Annual Dinner, is April 20, 2017! https://cdt.org/annual-dinner
Received on Thursday, 8 September 2016 11:54:53 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 8 September 2016 11:54:54 UTC