- From: Mark Watson <watsonm@netflix.com>
- Date: Fri, 12 Jul 2013 13:59:54 -0700
- To: Emmanuel Revah <stsil@manurevah.com>
- Cc: public-restrictedmedia@w3.org
- Message-ID: <CAEnTvdD4+0LQqCpWawogNsuSRJE=m1XgfsQYCL5Q9qVy80bKaQ@mail.gmail.com>
On Fri, Jul 12, 2013 at 1:43 PM, Emmanuel Revah <stsil@manurevah.com> wrote: > On 2013/07/12 21:25, Mark Watson wrote: > >> Sent from my iPhone >> > [...] > > Just to re-iterate, the intention is that the closed software comes >> from, or is at least well understood by, your browser implementor or >> your OS implementor. I believe you have bigger problems if you don't >> trust either of those. >> > > > Are you insinuating that FOSS users are paranoid freaks ? What are the > bigger problems ? I wouldn't mind clarification. I think FOSS users are more careful about what they trust than others. That doesn't make them paranoid. For example, if you don't trust your browser or OS implementation than how do you know it is telling you the truth when it does SSL certificate verification or indeed any other security function ? How do you know that the so-called anonymous mode really is anonymous, or rather what the implementors thought "anonymous" really meant ? How do you have confidence there aren't gaping security holes in the implementation that leave you open to malware ? Some people gain this knowledge through their own security review of the implementation source code. Other users trust the vendors of closed source browsers. Others trust the vendors of open source browsers and trust that the open source community has done this kind of review. What I'm saying is that *if* you trust a browser/OS on all of the above things, why wouldn't you trust them with respect to the CDM they ship and vouch for ? Giving examples where you believe user trust was misplaced isn't relevant to my point that there are many things that you need to be sure your browser/OS is doing right, and the CDM - if there is one - is just one of them. ...Mark > > > > > Furthermore, you have choices, which through >> the operation of competition pushes these vendors towards honesty and >> transparency. >> > > OMGLOL!!11!! > > > This is in contrast to the current situation where the closed software >> comes from a third party who indeed you may not trust and about whom >> you have no choice. >> >> Is this not an improvement ? >> > > > I'm not sure you heard the news, or read the initial post in this thread. > In short, users who trusted their own operating system/browser (Windows/IE) > have been abused and lied to. So no, using software that comes directly > from one company you trust is not a viable option for those who believe in > privacy. > > Perhaps you in fact believe that Microsoft did not abuse their users who > trusted them. If so I take everything back. > > > > > -- > Emmanuel Revah > http://manurevah.com > > >
Received on Friday, 12 July 2013 21:00:22 UTC