Believe it or not, chrome is also sandboxed, and has been for years.
I'm not familiar with how chrome sandboxes it's CDM. Nobody cares, because nobody expects privacy from chrome.
But I know Mozilla won't expose cross-site unique identifiers to the CDM module, so that's something.
By the way, I use both Chrome and Firefox.
I will move into your place then. I am less invading than a whole family, so obviously it is ok.
I'm currently not invaded by a whole family, but if I were, I would happily take the trade
A "lesser evil" is still an evil and we are free to voice our disgust at this bending over to profit and popularity at the cost of the freedoms they claim to protect.
Absolutely, by the way thank you for also mentioning "popularity"... After all, even the best of us want netflix
Most likely this is just like flash plugin, except the API surface will be smaller, the module will be better sandboxed, there will be real security and work to ensure users privacy
What about support for all platforms, including ones Mozilla doesn't ship binaries for and need to be built from source?
I don't know... I hope that there will be linux support
In fact I suspect that because of the sandboxing, it'll be a lot easier to port it to other platforms and there will be no platform dependent libraries to link against...
From what I read the binary CDM module will be locked down, and by that extend likely not have access to platform dependent functions.
DRM in Firefox will download a binary module from adobe
What could possibly go wrong?!
Plenty of things... But it will be sandboxed.
In sandbox provided by Mozilla. So adobe doesn't have to do anything security related. See the picture here:
https://hacks.mozilla.org/2014...
Compared to binary plugins like flash, which isn't sandboxed, this is much better.
Real security from Adobe? Bwahahah! Name an Adobe security success in the past decade!
Check out the picture here: https://hacks.mozilla.org/2014...
Then notice the open source sandbox around the CDM module
I have confidence that the CDM can be locked down in a sandbox where regardless of how stupid the code is, it won't hurt the user experience or user privacy...
This is better than flash, where adobe made the sandbox. This time Mozilla will be making the sandbox, not adobe. Adobe will only be playing with the sand
As you suggest, it's probably best that adobe sticks doesn't do anything security related, in this setup, Mozilla will do the security, and adobe will do the "obscurity" (which we from flash that they are good at).
Will this 'lesser evil' have a unique ID?.. Based on your hardware?
Nope. Read the blog post by Andreas (CTO at Mozilla) on the topic, he says:
By contrast, in Firefox the sandbox prohibits the CDM from fingerprinting the user’s device.
(Source: https://hacks.mozilla.org/2014...)
So contrary to other DRM infested browsers and other DRM delivery mechanisms, CDM is sandboxed and the sandbox will provide the CDM module with a unique identifier. The unique identifier will be different between sites, etc.. In order to ensure users privacy.
So, no super-cookie for you.
Websites could demand you run ads and use the DRM to make damn sure you don't disable them.
Websites could also demand that you run silverlight... They don't do that...
Also note, that the CDM module won't be downloaded without user consent.
All in all this is better than Flash and friends, and Mozilla is actively tasking steps to lock down the CDM module and restrict what it can do.
More, better DRM is never a good thing.
Agree, but if netflix goes CDM then silverlight is finally dead. So in terms of lines-of-code and API surface we'll have less DRM.
Long copyright terms need to die and DRM needs to die with it.
Copyright terms is a political issue, but regarding DRM, I think it'll change when the content industry makes most of revenue from online streaming. It's not cheap to encrypt every stream and license DRM technology from various providers. I'm sure netflix will work hard to kill DRM.
And they certainly have to power to do this.
But Mozilla's scheme may be:
1. Implement DRM to make sure the users don't massively ditch Firefox. 2. Attract more users, get >90% market share 3. Ditch DRM
Not for from it... From what I hear the idea is that when the content industry makes the majority of it's revenue from online streaming, they'll likely reconsider DRM. Most likely it'll go away on it's own, because it's complicated and expensive to implement on the server side. And it provides a buggy user experience.
I suspect that eventually netflix will be ones with the power to kill DRM. Imagine how much cheaper their distribution would be, if they didn't have to encrypt every stream individually.
The fact that I actually agree with the FSF's position is irrelevant. Why is it that, the only time the FSF gets into the news
Yeah... Of all the evils out there why does FSF choose to target Mozilla.. Instead of condemning the other players who implements DRM without any concerns about their users privacy...
I'm no DRM fan, but a practical approach is usually better than closing your eyes and pretending not to see anything...
There was a time when one used IE, but along came Mozilla. Mozilla proved more successfull because it was DRM intollerant. I guess I have to find a browser that is DRM intollerant; any suggestions?
If you want flash or silverlight (netflix) I suspect you might just have to drop that idea...
I would recommend Firefox, as the CDM module still has to be downloaded post-install and you can choose not to use EME.
This is nothing more than special plugin support, only better isolated than flash and it's friends...
One of the best Tweets I found on the issue was somebody threatening to switch to Google Chrome because of this. I think the irony here is clear.
If we're going to use a browser that promotes DRM it might as well be the one with an objectively superior code base. Mozilla can't compete with Google on technology alone and there's really no reason for them to exist if they're just going to be another corporate whore.
So did you read the blog posts by Andreas (CTO at Mozilla) where he writes about how the CDM module will be less privacy invading and not have access to everything on the system, like flash, silverlight, and various other binary plugins.
Flash is a well understood protocol and there are plenty of tools out there to strip the security from flash video streams. I'm inclined to think it's better the evil we know than some html DRM that we don't.
It's not just flash, it's also silverlight and googles DRM infected videolan plugin that this avoid...
Things like flash have giant codebases and can spy on users, Andreas, CTO at Mozilla did promise in his blog post that he would ensure privacy of users and so that adobes DRM thingy can't spy unhindered.
IMO this is the lesser evil.
Either way, the majority just want to watch netflix, they don't care. And this will provide a less buggy experience than flash or silverlight.
Personally, I think that when the revenue stream from online distribution becomes the primary source of income for the movie industry, then DRM will go away. Because DRM will always provide an inferior experience, more bugs, less stability and it is more expensive to stream... Than some static stream which can be distributed using a simple CDN. I think we have to be patient, DRM will die on it's own.
So?
Mozilla have always had a practical approach... This is nothing more.
This is no worse the binary plugins like flash, silverlight and Googles VLC-based (I think) DRM infected plugin (used by HBO in Europe).
Seriously, this is the less evil.
Many successful FOSS projects
So doesn't this mean that someone could just fork Firefox without the DRM?
DRM in Firefox will download a binary module from adobe, and it can be enabled/disabled by the user.
No need to fork... that's way too much work...
Most likely this is just like flash plugin, except the API surface will be smaller, the module will be better sandboxed, there will be real security and work to ensure users privacy (Andreas CTO at Mozilla promised this in his blog post on the topic).
With some luck this will allow us to kill flash and silverlight... a well encapsulated module is certainly less evil.
Truly, we got an offer we couldn't decline.
That is not true. Please, don't make accusations like that without evidence!
>are moving away from finite fields altogether in favor of elliptic curves Umm, what about all the elliptic curves in finite fields?
It may have been 6 years since I played with the discrete logarithm problem over elliptic curves, but aren't all the fields finite?
The sum of the Universe is zero.
