Re: Mozilla blog: DRM and the Challenge of Serving Users

On 2014-05-16 09:04 Mark Watson wrote:
> On Fri, May 16, 2014 at 8:08 AM, cobaco <cobaco@freemen.be> wrote:
> > they want DRM because in concert with laws like the DMCA it gives them the
> > leverage to force the (legal) distribution channels into idiotic things
> > like
> > region locks and non-skippable adds for 'soon in a theater near you'
> > (years
> > after that statement was true)
> 
> ​EME, at least, doesn't support either of these things, so I don't think
> your contention is correct for the technology we are considering here.

EME by itself does only 1 thing 'talk to CDMs'  It's the CDM's that do the 
enforcing, either is useless without the other.

Existing Hollywood DRM like the one on DVD's and the one on Bluerays tries to 
enforce region locks. Given how much effort Hollywood has expanded on them they 
clearly wants region locks, and want them badly

Given that the entire point of DRM is to technically enforce the random 
conditions Hollywood wants, why would they exempt those desired region locks 
from that enforcement? That makes absolutely no sense.

And since by their own admission distributors (like netflix and apple) and  the 
software makers (like Mozilla) are only adding DRM because their arm is being 
twisted by the content owners (they don't like DRM either we keep getting 
told). There is no credible reason to assume they would suddenly grow a 
backbone and say 'no' to Hollywood region-locking when that gets demanded. 
After all it's only a very small additional demand compared to aiding and 
abetting DRM in the first place.

(same reasoning goes for other absurd conditions like unskippable adds)

> You will be able to look at Mozilla's open-source sandbox to verify that
> the CDM does not have access to geographic information. Nor does the CDM
> have the power to block the operation of the controls on the <video>
> element. You will also be able to verify this in Mozilla's implementation.

uhuh, pull the other one. 

we've been over this on the list:

In order for CDM's to work as intended they *need* to have acces to the 
hardware or to pre-approved signed and verified OS components that do. That's 
why the CDM's are either platform specific black boxes, or talk to platform 
specific black boxes like e.g. Microsofts PlayReady DRM system.

There's no way for Mozilla to know what information those components share 
with the CDM, let along any possibility of Mozilla preventing any sharing

Mozilla *has* *to* allow this for the DRM to meet Hollywood requirements, and 
thus cannot stop the CDM from deciding "nope, not happy with where I think you 
are, not letting you see this"

The CDM might not have the power to block the controls BUT it *does* have the 
power to override them:
e.g you can press skip forward all you want in Firefox, which will duly pass 
it on to the CDM, but if the CDM decides to ignore that and send firefox back a 
non-skipped decrypted stream (potentially while lying about the timestamp) 
there's nothing you can do about that 
(because in order to circumvent/prevent that you'd need to buffer/cache the 
unencrypted stream and if that's allowed the DRM is broken to begin with)
-- 
Cheers

Received on Friday, 16 May 2014 18:56:16 UTC