Announcement

Collapse
No announcement yet.

Cisco Open-Sources H.264 Codec, Pushes WebRTC

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Originally posted by shmerl View Post
    Is Cisco the only holder of H.264 patents? I thought there is a whole cartel of those.
    From http://xiphmont.livejournal.com/61927.html: "Cisco's license hack is obvious enough if you have the money: There's a yearly cap on total payments for any given licensed H.264 product. This year the cap is $6.5M. Any company that pays the cap each year can distribute as many copies as they want. There are still terms and restrictions on how the distribution gets done, but Cisco will be handling that (and only Cisco will be allowed to build and distribute these copies without a separate license)."

    Comment


    • #17
      Originally posted by stikonas View Post
      Indeed! And what a convenient way for NSA to include some backdoors in those binaries. You are downloading binaries instead of source, you can't check whether they correspond to the published source.

      Let's just use VP8/VP9 with Opus for WebRTC.
      Unless Mozilla is really stupid about their implementation... This is a plan C, at best:

      On Windows and Mac, Firefox already supports h.264 because Microsoft and Apple ship a codec for it themselves, and pay the royalty fee themselves.

      On Linux, Firefox is getting support for Gstreamer 1.x (already have 0.10) and can use the h.264 codec from Gstreamer.


      So in order for Firefox to download the codec from Cisco, you are going to have to NOT be on Windows, NOT be on Mac, and be on Linux WITHOUT Gstreamer, THEN it'll have to download from Cisco.

      Comment


      • #18
        Originally posted by shmerl View Post
        Is Cisco the only holder of H.264 patents? I thought there is a whole cartel of those.
        There are hundreds/thousands of patents for it and most of them are owned by a handful of companies, including Cisco.

        Comment


        • #19
          Originally posted by stikonas View Post
          Indeed! And what a convenient way for NSA to include some backdoors in those binaries. You are downloading binaries instead of source, you can't check whether they correspond to the published source.
          Yes you can. Download the source, compile it, download the blob, make a checksum of both. Of course, you do need to know what compiler and what flags Cisco is using, but that's not that big of an issue.

          Comment


          • #20
            GCC is not deterministic: timestamps, build order, and so on. Further, Cisco could compile a static library in (one compiled by them and not distributed), and then you'd never get an exact match.

            Comment


            • #21
              as people have said, just because something is open source it doesn't mean you can use it without paying for the patents which are embodied in it.

              you could study the source code and learn how Cisco did their implementation, but then you could taint yourself if you contributed to a different codec project (h264 based or other) because then you are opening yourself up to deliberate patent violations!

              so your choices might boil down to...

              * use the Cisco codec code as-is (you could build it from sources or using a pre-compiled binary),
              * use x264 (and hope any patent work-rounds will save you),
              * use a fully licensed h264 codec from the mpeg-la
              * use an alternative codec which has been announced to be free of patent encumbrance and shelter under that umbrella (vp8?)

              Comment


              • #22
                I don't like this move.
                This announcement comes from them just one week before an important decision ... mmmm
                If they choose the H.264 codec for WebRTC now, then will be pretty logical continue in the same way for its successor and so we will continue to stay under a license problem (and its relative payment) in the future.
                If they do so, It will be a very idiot decision but, you know, the money's power can be very strong...

                Comment


                • #23
                  Originally posted by GreatEmerald View Post
                  Yes you can. Download the source, compile it, download the blob, make a checksum of both. Of course, you do need to know what compiler and what flags Cisco is using, but that's not that big of an issue.
                  There are ways to produce deterministic builds to be checked.

                  Tor, Bitcoin, and several others security package use such an approach: the build environment is precisely defined. Anyone can download the source, replicate exactly the build environment and check if they obtain similar binaries or not.
                  (It was also suggested as a possible improvement for TrueCrypt)

                  To appease the "NSA / FSB / MSS is spying on my calls" crowd, you need to use a similar deterministic build approach, so anyone can test if the source code matches official build by Cisco.

                  Comment


                  • #24
                    Originally posted by DrYak View Post
                    There are ways to produce deterministic builds to be checked.

                    Tor, Bitcoin, and several others security package use such an approach: the build environment is precisely defined. Anyone can download the source, replicate exactly the build environment and check if they obtain similar binaries or not.
                    (It was also suggested as a possible improvement for TrueCrypt)

                    To appease the "NSA / FSB / MSS is spying on my calls" crowd, you need to use a similar deterministic build approach, so anyone can test if the source code matches official build by Cisco.
                    I find it hilarious that people are worried the NSA might slip a backdoor into some video codec, while they are continuing to use the internet whose entirety from your home to the backbone is wholly controlled by big business and government. Codecs aren't even encrypted - they'd still need to break SSL or some other encryption system this is running under, just like any other communication going on.

                    Comment


                    • #25
                      Originally posted by valeriodean View Post
                      I don't like this move.
                      This announcement comes from them just one week before an important decision ... mmmm
                      If they choose the H.264 codec for WebRTC now, then will be pretty logical continue in the same way for its successor and so we will continue to stay under a license problem (and its relative payment) in the future.
                      If they do so, It will be a very idiot decision but, you know, the money's power can be very strong...
                      It's a battle that's already been lost, though. People have been arguing over this stuff for years, trying to promote open codecs like Theora, or VP8 or VP9 - and they've gotten nowhere. H.264 may not be open, but it *is* a defacto standard - much like MS Word, it's what the world is actually using. How do you convince people not to use H.264, when they go out and buy a phone or camera, and the videos it produces are in H.264 format? And they don't know what a codec is, and why you're making a fuss about it, when all the software they use can open them just fine...

                      Comment


                      • #26
                        Originally posted by timofonic View Post
                        Is this just a promise or it's legally secure? They can say "we aren't evil", but act like bastards later as many other corporations do. Anyone remember Google Talk and the Hangouts transition?

                        MPEG LA mafia technology isn't something to trust about, anyway...
                        Ummm, the hangouts transition to webrtc? Yeah, that was evil...


                        I don't know why cisco is doing this. H.264 is an old codec. H.265/VP9 is here, now. ASICs are starting to come out that support those formats.

                        Comment


                        • #27
                          Nothing open about this

                          All this boils down to is Cisco giving out freeware binary codecs so American Linux users can get their codecs from Cisco instead of breaking US patent laws and getting the "European" or "non-US" version of their distro which has the patented codecs already. And of course they can decide to stop doing giving these out at any time, and they might do that because it costs them money.

                          Oh and they'll release their implementation under BSD license, yippee. But it's still patented so if you actually compile and use that implementation you're a criminal. This is why Brendan Eich carefully says Cisco's release is "gratis" and "open source" but never says "libre" or "free". Most non-US users can now legally compile or modify that codec, but they already have another libre H.264 implementation available so why should they care?

                          Comment


                          • #28
                            Open source != Patent free. don't confuse things.

                            Open source != Patent free. People living in one of those 5 or 6 countries with the abomination of software patents, beware.

                            For the rest of us, it means basically random company released the source for their (yet another) implementation of an h264 encoder/decoder. By now, i don't think there is any h264 codec better optimized than the (already opensource) x264 project, simply because its been in (open) development and optimized for much longer. The same occurs to mp3 with the Lame project, there is simply no better encoder out there; so everyone else might as well open source or abandon theirs. Of course, maybe a trick or two could be learned from the source of Cisco's but at this point in time its a rather boring announcement.

                            Of course Cisco does not own all the patents involving the format. In those forgotten places where such a thing matters, nothing has changed. Pay your dues to the corporate overlords or abolish software patents... Good luck.

                            Comment


                            • #29
                              Originally posted by smitty3268 View Post
                              I find it hilarious that people are worried the NSA might slip a backdoor into some video codec, while they are continuing to use the internet whose entirety from your home to the backbone is wholly controlled by big business and government
                              The thing with the internet is, no matter through where your data go, as long as it is correctly encrypted, it's secure.
                              As long as end-to-end encryption is used, it doesn't matter in whose hand the internet is.

                              Thus, the best point of attack wouldn't be the actual internet traffic (The privacy conscientious people would be using ZRTP/SRTP to transfert the video over an encrypted channel). As the encryption it self, if done correctly, can't be broken, it's much more easy to attack communication at steps en either side of the encrypted channel itself.
                              Compression and decompression are points where the video data is in clear and are potential attack points.

                              A binary-only codec could either be compromised or simply be broken.

                              In Cisco's case, at least we can check the source-code to make sure there are no exploitable bugs in there.
                              But then we need a way to make sure that the downloaded binary matched the audited code.

                              Otherwise, no matter how many layers of encryption you stack underneath, there's no point in it if the codec leaks data before encryption.

                              Comment


                              • #30
                                The whole h264 binary/open whatever shit should not be part of the internet. And i truly hope google will abuse its power to get vp8/9 in.


                                And why on earth we don't already have a webrtc based open service (ie jabber).

                                Comment

                                Working...
                                X