Re: Unrestricted publishing in EME? Re: DRM, EDE, CDM, W3C and the TAG:

On Sun, Oct 27, 2013 at 8:27 PM, Tim Berners-Lee <timbl@w3.org> wrote:
> Can we imagine or design a EME system which instead
> as usable by anyone as a publisher?

I find it *very* distressing that you are talking about making DRM
egalitarian in this sense rather than talking about making DRM
egalitarian in the sense of allowing anyone to implement and ship the
client technology stack royalty-free and without having to get keys
signed by a particular gatekeeper or talking about making DRM
egalitarian in the sense of different suppliers of the non-DRM parts
of the stack having a level playing field when it comes to integrating
with the DRM part as opposed to DRM component supply getting coupled
with the supply of the rest of the client stack.

The reason the W3C is even talking about DRM is that the major
Hollywood studios have decided to require DRM and users want to see
movies from Hollywood majors so badly that the studios can get away
with their DRM requirements. That sort of situation doesn't apply to
all publishers. Not all publishers want to impose DRM and many that do
aren't publishing content that is in enough demand for people to
tolerate DRM on that content. From a health-of-the-Web perspective,
there's no need to make DRM egalitarian in terms of making it readily
available to all publishers. Any copyright holder is free to
participate on the Web already if they don't self-impose DRM.

As far as publishing goes, DRM indeed isn't egalitarian in terms of
applying it to content, but the W3C would *totally* be missing the
point by being uncomfortable with *that* non-egalitarian aspect of
DRM. That's like observing that some countries have software patents
and some don't and making it egalitarian my making all countries have
them.

However, even if there is only a little DRMed content that is in broad
demand on the Web, whether DRM is egalitarian as far as implementing
and shipping the client technology stack matters for the health of the
Web. Similar to patents being a problem in term of implementing and
shipping the client stack even if patents only apply in some
countries.

DRM client implementation hasn't been egalitarian previously in the
sense that the DRM parts of Flash Player and Silverlight aren't
independently interoperable implementable (as evidenced by Gnash and
Moonlight not having the DRM parts), but at least within the confines
of each operating system for which Flash Player and/or Silverlight has
been available, the playing field has been level between browsers in
the sense of browsers being free to independently interoperably
implement an NPAPI host. So far, it looks like EME is changing that
dynamic and making DRM less egalitarian in that sense.

> (Clearly, you might think, this won't work as for a system to be so highly
> used by both consumers and receivers it would be cracked instantly.
> But actually DRM is cracked anyway -- you can play anything over an HDMI cable
> and crack the HDMI cable.[1]  So we are not talking about an uncrackable system
> anyway. Just one where people will be more inclined to pay for the stream
> and less inclined to record it.)

Please see the part about HDCP in
http://lists.w3.org/Archives/Public/public-html-media/2013Mar/0066.html
.

> Can you imagine a system in which there is some protected code
> but it is is sandboxed so the open source operating system can talk to it?

Such a system is *imaginable*, sure.

> Can we while we are at it build a DRM system which is sandboxed so it can't
> call home, or is prevented from reading any data bout me from my system?

Technically possible. However, it seems that so far, when robustness
requirements and privacy concerns have been at odds, robustness
requirements have had a tendency to win. That is, at least so far DRM
vendors have had stronger incentives to address robustness concerns
than to address privacy concerns.

Please see the part about DRM running on a higher CPU privilege level
than even the browser-visible kernel in
https://groups.google.com/forum/#!msg/mozilla.dev.planning/4-svns_uEjA/Hc-eaIfAtUoJ
.

> One of the things I am worried about is that once we allow a EME vendor
> to install their own unreadable code, then that code could report on my media-watching activity,

With or without DRM, the streaming service gets to log your media
watching activity. Even if you managed to use Netflix through Tor to
hide the IP address your HTTP requests are coming from and used a fake
email address for the account registration, you'd still need a credit
card associated with the user account and credit cards are distinctly
not anonymous. To solve the problem of media watching you, you need
not only anonymous networking but anonymous payment, too, or a model
where the user doesn't need to pay and doesn't need to be identified
for other purposes (such as targeting ads), either.

-- 
Henri Sivonen
hsivonen@hsivonen.fi
http://hsivonen.fi/

Received on Monday, 28 October 2013 09:39:19 UTC