- From: <piranna@gmail.com>
- Date: Fri, 12 Jul 2013 00:19:21 +0200
- To: Rick <graham.rick@gmail.com>
- Cc: Jeff Jaffe <jeff@w3.org>, Andreas Kuckartz <A.Kuckartz@ping.de>, "public-restrictedmedia@w3.org" <public-restrictedmedia@w3.org>
> It's not true. Companies shipping closed source EME drivers will have cart > blanche to do the same thing. > > On all operating systems. > > This is an EME issue. If EME drivers are closed source this is a wide open > security hole that must be addressed. > Maybe I misunderstood you. EME, as it's said, it's just an open API to access to (mainly closed) CDMs. It's an issue of the companies developing the closed CDMs to don't include malware on them, but it's also an issue of W3C to don't promote an API that could allow this to be done without having any other alternatives. Yes, there's the point of it's possible to develop Open Source CDMs the same way there are open alternatives to Flash players, so if we can't blame the W3C about opening a security hole allowing the <object> tag since this open alternatives are interoperable with the closed ones, now we can blame the W3C for opening it with EME since in this case an open CDM will not be interoperable with content protected with a closed CDM, that's the difference, so if you want to access to that content, you'll need to accept to use the closed blob they offer to you and trust and hope and pray it doesn't contains malware of any kind added by accident or in PRISM-purpose. -- "Si quieres viajar alrededor del mundo y ser invitado a hablar en un monton de sitios diferentes, simplemente escribe un sistema operativo Unix." – Linus Tordvals, creador del sistema operativo Linux
Received on Thursday, 11 July 2013 22:20:08 UTC