Become a fan of Slashdot on Facebook


Forgot your password?

Comment: Re:Stupid ... (Score 4, Insightful) 121

by Endymion (#49743959) Attached to: US Proposes Tighter Export Rules For Computer Security Tools

It is dangerous to assume stupidity - especially when the people in question are making threatening gestures in your direction. What you describe is one possibility. Another is that these lawmakers (or the people they work for) DO understand these issues, and the inevitable problems that arise are the expected outcome.

Yes, Hanlon's razor is a good heuristic most of the time, but in this case we have a pattern. Technology that empowers people (e.g. real crypto/security, better communications technology like the internet) has been attacked fairly consistently. Tools and methods have been criminalized in the past with alarming frequency. For this specific issue, there are a lot of people invested in the status quo of where computers ("ii.e. "most products", eventually) are easily monitored/tracked, and easily attacked if the need arises. Dan Geer described our situation very accurately in his outstanding talk last year: the current strategy of the US government (and others) with regards to network security is "all offense".

When proposals like this happen, people are tying to shape your future. Maybe they want to get an actual law passed. They just want to use a confusing topic in a show for the benefit of their constituency. Maybe the goal is propaganda or shifting the Overrton window. Whatever the purpose, we would be lucky to have stupid lawmaker which we can at least attempt to fix with education. Unfortunately, what looks like stupidity is often agenda, and underestimate their threat at your own peril.

Comment: Re:disable EME (Score 1) 371

by Endymion (#49687699) Attached to: Firefox 38 Arrives With DRM Required To Watch Netflix

Firefox tried to push open video formats, like webm, and refused to support H264.

I know - I argued against that stupid strategy at the time. part of my argument was the same one Mozilla is using now (give up the fight or risk of losing market share).

My solution is still the same: don't ever implement evil or you make the problem worse, do what you can to satisfy market demands by dodging the problem (leave the codec outside of the browser by calling standard OS support (even gstreamer/etc on linux supported h.264 at the time). By ignoring h.264 years ago, Firefox lost users. By adding DRM support, they lost their remaining moral high ground and ability to fight future industry demands. (if they accepted industry demands once, they will do it again in the future).

"plugin" that is very restricted on what it can do

It would be a hasty generalization to assume that this will always be the case. Describing the current implementation does not indicate how it will be implemented in the future. A better extrapolation is that the probability of Mozilla accepting even worse DRM into Firefox in the future is high, because the reasons for accepting it now only grow stronger with time. They wanted to avoid alienating users that supposedly demand Netflix support in the browser. That demand will only increase dramatically when everybody is accustomed to using Netflix in Firefox.

Do you really think Mozilla will put their foot down when the ebook industry gets together with the movie industry to enable text DRM? Or when the plugin changes and requires new holes in the sandbox (e.g. to support Intel's new SGX instructions to create a Trusted Execution Enviornment you cannot access)? You really think that Mozilla will reverse their current behavior, accept the even larger damage to their market share as the Netflix users move to "a browser that works"? No, they will keep paying the industry's demands for danegeld and we lose the free and open web. When lots of the web is wrapped in DRM, do remember that you helped create that future instead of fighting early when the battle was easier.

Comment: Re:CDM is sandboxed (Score 1) 371

by Endymion (#49687573) Attached to: Firefox 38 Arrives With DRM Required To Watch Netflix

The current implementation is sandbox; we know nothing about how it will be implemented in the future. Have fun when a new version of the plugin requires disabling the sandbox or giving the plugin access to more OS features. When the servers drop support for the old version for vague "security reasons" (or other excuse), good luck telling the people that are now used to getting Netflix that the new version won't be supported. No, the sandbox will be removed and the new version made to work, with the same justification they you short-sighted idiots are using now.

Even better: are you going to go out of your way to block the upgrade when the ebook publishing industry (which already uses a lot of DRM) demands the same browser DRM rights as the movie industry? When Amazon makes the same demands as Netflix, why won't the same justifications work? // non-DRM webpages were nice while they lasted

Comment: Re:Get cracking (Score 1) 371

by Endymion (#49686447) Attached to: Firefox 38 Arrives With DRM Required To Watch Netflix

in the end, the DRM'ed content has to be accessible


That's the key point - as long as you have the requirement that DRM content "must" be accessible, it the people that control that content can demand anything they want. You need to tell them the line you aren't going to cross, or the price you won't pay if you want the publishers to change. This is basic supply/demand economics. Infinite demand means the price can be anything.

Yes, this might mean some sacrifice from you, such as not getting to see the latest popular movie. Are you going to pay that cost now, or are you going to keep paying the publishers that demand more and more, so you have to sacrifice even more when the fight happens in the future?

Comment: Re:Get cracking (Score 2) 371

by Endymion (#49686405) Attached to: Firefox 38 Arrives With DRM Required To Watch Netflix

Maybe you should start paying attention to what's going on in the world. Major power-grabs are happening and you think it's about movies, simply because the people trying to grab power said so. I don't give a damn about movies or Netflix. What I do care about is legal precedent, the establishing of standards that will be used in other areas, the erosion of rights like the 1st-sale doctrine, and businesses that demand you weaken your computer security.

If this looks like a dystopian SF novel to you , maybe you should start doing something about it instead of accepting whatever price the publishing industry (not netflix) asks for just so you can see the latest movies. Welcome to the War On General Purpose Computing. Some of us have been fighting that war for over 20 years now, trying to prevent the "dystopian SF future". It would be nice if other people joined the fight once and a while, because we're losing the war; a decade ago Mozilla would have never caved, but the pressure has gotten a lot worse.

Anybody discussing movies isn't looking at the larger situation, where some people are asking you to hand your computer's root access over to them, and you do it because thy promise not to abuse that power while threatening to take your toys away.

Comment: Re:Disableable (Score 1) 371

by Endymion (#49686323) Attached to: Firefox 38 Arrives With DRM Required To Watch Netflix

What ligament legal way is there of getting DRM free movies and shows.

Excluding the occasional independent publisher that caters to that market, there isn't any. That's the point: in a society based on capitalism, you have to deny them revenue if you want a business to change. As long as these publishers know that you are willing to do anything to get their product - including risking legal and civil consequences by turning to piracy - then they know they can get away with demanding anything they want.

Right now, there are many publishers demanding that you install rootkits and backdoors ("DRM") if you want access to their products. Technology is being used to confuse the situation so you don't notice that they are trying to reverse the first-sale doctrine and the concept of ownership in general. The end game is that you never own anything while getting nickel-and-dimed every time you press "play", while the people that own copyright (NOT the creators) get rich. If we let it happen completely, it will effectively be a return to feudalism, with the ownership class and everybody else who pays for it.

Many people in this thread and the developers at Mozilla are choosing to let this future happen. Some of us are saying that we shouldn't let Hollywood get away with rewriting the way ownership works. We are trying to point out that publishers are trying to scam/con you when they offer to give you more convenient access to movies in exchange for your first-sale right to own your copy of a creative work and installing their badly written backdoors (at best) or explicitly malicious rootkits (e.g. Sony XCP).

It would have been nicer if we had stopped this problem earlier, but people like you decided toi give the publishers money and expand their popularity with piracy. Fixing it now will unfortunately require sacrifice in the form of not using their products. If we let EME gain a foothold in the web, fighting this problem in the future might require doing without certain websites as well. If you think the restrictions on the current plugin are going to prevent that, consider that those restrictions just went from "no DRM allowed" to "some DRM for movies is allowed". Is it really that big of an extrapolation to suggest that other industries - such as those currently feeling left out, like the book publishing industry - will force a change to "slightly stronger DRM for movies and text (books) is allowed"?

So no, there is no legal way to get most movies DRM free. Are you going to keep accepting the larger and larger demands of the publishers, or are you finally going to tell them "no, that cost is too high"?

Comment: Re:Disableable (Score 1) 371

by Endymion (#49678109) Attached to: Firefox 38 Arrives With DRM Required To Watch Netflix

You are trading your future freedom for a few movies. Worse, you could get those movies in other ways, so you're really trading your future freedom for slightly more convenient access to movies. When DRM is even more entrenched in the future, be sure to remember that you made this trade and helped that DRM become established.

Comment: Re:sandboxing (Score 1) 371

by Endymion (#49678057) Attached to: Firefox 38 Arrives With DRM Required To Watch Netflix

He's talking about security.

So am I. I'm sorry you don't seem to understand that. DRM is insecure by design. The entire point is make sure the owner of a computer doesn't have root access. This is really basic, so I assume most people know this.

More importantly, the fallacy you are stuck in is that you are looking at the current plugin. I was talking about future updates that no longer follow this model. Or do you think that won't happen? Will you refuse to update when it does? The properties of a future plugin are not restrained to what the current plugin is limited to, and it will be easier to extend the plugin once the current plugin has a lot of users.

Of course, you're posting as annymous, so I assume you salary depends on DRM and therefor there is little chance that you will actually listen to what I have said here. If you want to respond, try to actually address the topic at hand (Firefox's new EME plugin) , instead of parroting useless off-topic facts like the popularity of other DRM schemes or the number of netflix users in general. Of course other types of DRM exist; the question is if you're going to fight this encroachment into a new area or if you're going to give this new plugin it the market share it wants.

Comment: Re:Get cracking (Score 1) 371

by Endymion (#49677985) Attached to: Firefox 38 Arrives With DRM Required To Watch Netflix

You're talking about "standard" tools and protocols as if they are some holy relic that is known and defined for all time. The entire fscking point is that these standards are currently in flux, with new standards trying to gain a foothold, while collaborators and useful idiots fight try and convince people that they should adopt it.

You choose to be a collaborator and support DRM by giving it market share. I choose to deny that protocol, because this isn't about movies. Are you going to also accept DRM when the upgrade happens and the current protocol no longer works? Or were you a fool, thinking this particular version of EME was the final version? Would you fight a new version, after everybody has become used to using netflix? No, you support DRM now, so you'll do what you're told and support it again in the future. Oh, of course - you think you're just going to pirate whatever you want!

A huge power grab is being attempted, and you (and many other's in this thread) choose to give DRM the foothold it's looking for. In the future when businesses use DRM for far more than just video - which many industries have been trying to accomplish for years - and you have to turn to piracy for things you use "save as" for right now, do remember that you asked for those restrictions instead of fighting when the threat was smaller. After all, those future publishers will simply be using the new "right tool" for the job.

Comment: Re:Get cracking (Score 1, Insightful) 371

by Endymion (#49676423) Attached to: Firefox 38 Arrives With DRM Required To Watch Netflix

instead their job is to write down what the big vendors are already doing, so that everyone else can interoperate

We call people who work with the enemy collaborators, which is one of the faster ways to get your former allies to see you as a traitor.

There is a fight for freedom going on here, and many of you are talking about movies. Anybody that things this is hyperbole or "crazy" hasn't been paying attention.

(actually, given that the target audience of this post is nerds that like netflix, I suppose these links would be more appropriate)

Comment: Re:Disableable (Score 0) 371

by Endymion (#49676313) Attached to: Firefox 38 Arrives With DRM Required To Watch Netflix

The DRM isn't a closed source part of *firefox*.

That is a disingenuous game of semantics, and you know it. Firefox is enabling it, and any sane person see that firefox (the package they downloaded) is what is playing the DRMed video. The specific technical nature of sandboxed processes, plugins, and dynamically loadable object files are mere implementation details.

These implementation details can change in the future, too. Remember, anybody that uses this is literally asking for a non-free (as in freedom) internet, and is making any future fight against DRM significantly harder. Once this crap is established and you have to fight people that USE the DRM, you're going to have a lot harder time fighting updates. The fight is hard enough already; good luck when you have to also convince users that they should give up their netflix instead of installing some rookit-style update.

Comment: Re:sandboxing (Score 0) 371

by Endymion (#49676245) Attached to: Firefox 38 Arrives With DRM Required To Watch Netflix

It can't...

You think it will stay that way? You've never heard of the foot-in-the-door technique? Once this is established, it will be a lot easier to force through "updates" that fix those trivialities. Those updates will be accepted because it will be a lot harder to get people to give up a service they are used to using (e.g. netflix using this DRM) and reject the update, compared to the fight right now where this DRM is still new and largely unused.

Comment: Re:disable EME (Score 3, Insightful) 371

by Endymion (#49676185) Attached to: Firefox 38 Arrives With DRM Required To Watch Netflix

Because mozilla decided to promote DRM instead of a free web, we can look forwards to lots of sites (which used to work) displaying a nag screen with a link to download the "proper" version of firefox, specifically because the DRM version is a free download. They will assume everybody has support available, so there is no penalty to using this crap everywhere.

Or have you not been paying attention to how businesses work these days?

When the fight for freedom is hard, there are many potentially useful strategies. Giving up without a fight and simply handing victory to the enemy is not one of them.

Don't hit the keys so hard, it hurts.