Re: Clarification

On 2013/05/14 08:49, Henri Sivonen wrote:

> In the DRM case, Alice runs a CDM in order to watch movies to which
> Cecil own the copyright from a streaming service operated by Bob. The
> adversary is Alice, so the CDM runs on a computer controlled by the
> adversary.


This is an issue with trust. Alice must trust Cecil's CDM because/and 
Cecil does not trust Alice.

Alice is an authorised user, she is either logged in to her account or 
the content is publicly available, yet still, to consume the media 
properly Alice must put her faith in Cecil's honnest intentions to 
control her browser.

In this evironment everyone should be wary of each other. Why should 
Alice trust Cecil to not have malicious intentions ?  What about Cecil2 
?  Are all the Cecil's well intentioned ?

This has been mentionned before (I think over a year ago) but I will 
repeat: Why are the clients treated as adversaries ? This is a bug.


> publishing the source code
> for the CDM makes developing the obfuscating compiler postulated in
> the previous paragraph a more difficult engineering undertaking than
> developing an obfuscating compiler that may rely on the secrecy of the
> CDM source code.


And this is why a 100% Free Software/Open Source browser will not 
function with DRM'd content. The user must install a non-free CDM to 
render the media. The specifications may be open, but the implementation 
is not.



-- 
Emmanuel Revah
http://manurevah.com

Received on Tuesday, 14 May 2013 08:33:22 UTC