Originally posted by Chewi
View Post
Announcement
Collapse
No announcement yet.
Pipelight: A Way To Get Netflix On Linux
Collapse
X
-
Originally posted by smitty3268 View PostThis is complete bullshit as far as i can tell.
Don't take my word for it, hear it from a member of the HTML working group: http://manu.sporny.org/2013/drm-in-html5/
Please provide your source that shows where websites will be able to upload their own binary blobs which will execute arbitrary code. I don't see that anywhere in the spec here: http://www.w3.org/TR/encrypted-media/
This specification does not define a content protection or Digital Rights Management system. Rather, it defines a common API that may be used to discover, select and interact with such systems as well as with simpler content encryption systems. Implementation of Digital Rights Management is not required for compliance with this specification: only the simple clear key system is required to be implemented as a common baseline.
Look at the part "Content Decryption Module" or CDM for short. This is exactly the binary blob that runs arbitrary code and interacts with the platform. It's basically a browser plugin, just implemented in a way that lets the browser to download and execute it on-the-fly, without installing it via the usual channels (browser extension installer, system package manager etc.)
See the part where it says "CDM may use or defer to platform capabilities"?
If you go to the part about CDM's, it explains the term as:
The Content Decryption Module (CDM) is a generic term for a part of or add-on to the user agent that provides functionality for one or more Key Systems. Implementations may or may not separate the implementations of CDMs and may or may not treat them as separate from the user agent. This is transparent to the API and application. A user agent may support one or more CDMs.
Basically, each browser will have to implement certain DRM APIs. Like the HTML5 video spec, they will be able to pass this off to the underlying OS if they don't want to support it directly, so that OSS browsers will be able to use it.
The netflix html5 support, for example, uses MS's PlayReady DRM system (since only IE11 has support so far). Apple has their own system, and so does Android. My guess is that Netflix will end up supporting all 3 DRM systems, so that their videos can play on any device. The question then, is whether linux will support any of those 3 systems. PlayReady and Apple's DRM are probably out of the question. It's possible Google might allow someone to license support for their system, but I wouldn't count on it anytime soon.
Comment
-
All interesting stuff. I'll look a little closer next time I hear news on this subject.
Since it seems that no one has posted that they got this thing to work on a real site yet, I just thought I'd let you know that I got Blinkbox working on Gentoo. I had to install Silverlight 5.0 and fake the version as 5.1. This is a little fiddly so I'll see if I can come up with a way to make it a bit easier.
Comment
-
Originally posted by dee. View PostAnd these APIs include downloading and executing binary blobs, or, CDM's.
Originally posted by dee. View PostIt is not complete bullshit. It's exactly what it is: a standard for loading arbitrary plugins to the browser.
Don't take my word for it, hear it from a member of the HTML working group: http://manu.sporny.org/2013/drm-in-html5/
From your own link:
Scroll a bit down, look at the diagram on the page: http://www.w3.org/TR/encrypted-media/stack_overview.png
Look at the part "Content Decryption Module" or CDM for short. This is exactly the binary blob that runs arbitrary code and interacts with the platform. It's basically a browser plugin, just implemented in a way that lets the browser to download and execute it on-the-fly, without installing it via the usual channels (browser extension installer, system package manager etc.)
See the part where it says "CDM may use or defer to platform capabilities"?
If you go to the part about CDM's, it explains the term as:
Now, to be fair, a CDM doesn't have to be a binary blob. But in practice, it will have to be, because DRM cannot ever be open-source or transparent. It would go against the very purpose of DRM, which is to restrict user freedom. You cannot lock someone in a prison, then give them detailed instructions how to escape.
And these APIs include downloading and executing binary blobs, or, CDM's.
Yeah, so any way you look at it, this is just going to end up as something that divides the web into islands, where parts of the web run only on certain devices, and other parts run on other devices...
This view is born out by the only existing implementation I'm aware of so far. Netflix. They don't try to roll their own security, because that's idiotic. They just use IE to plug into the pre-existing DRM on windows so it works out of the box. Just like they use h264 video instead of creating and distributing their own netflix codec.
There may be porn sites out there that try to prompt you to download some plugin to view their videos - but they already do that, and they already try to serve you .exe files. If you're stupid enough to run those you deserve to be rooted, and nothing is any different than the current status quo. It's certainly not going to download that stuff without prompting you to install.Last edited by smitty3268; 18 August 2013, 07:03 PM.
Comment
-
Originally posted by smitty3268 View PostObviously a CDM could be implemented in a browser plugin you download from the site. The same way a HTML5 video codec could be implemented that way. But no one does that, because it's stupid. Getting the DRM security stuff working is even more complicated than a video codec, so there is strong incentive NOT to do it that way, and instead use the pre-existing solutions already present on systems that are known to "work".
Comment
-
Originally posted by Bernard Swiss View PostAre you suggesting that such a DRM scheme wouldn't be pushed out simply because it's "stupid" to do it that way? Considering the history of DRM, I can well imagine (in fact I would expect) that the "content industry" would insist upon it -- they'd see it as a superior approach, that intrinsically offers them much more control.
They haven't because DRM schemes are incredibly complicated and easily defeated in most cases. They realize they are better off letting Apple and Microsoft spend a ton of money making those systems, and just being assured they work. They don't have the expertise in creating such systems anyway.
Furthermore, it's not certain the browsers will even allow such a thing. The spec says they need to support "a" CDM, meaning at least one. But it never specifies they need to allow multiple systems. That's the same as with html video, where it turns out browsers were incredibly tight about exactly what they allowed to run. Instead of allowing any codecs, they very carefully only allowed specific ones. There's no reason to believe IE will even run any CDM except for their own Fairplay system. It'd be extremely easy for them to claim security when asked why.
Could content providers eventually demand more? Sure. They're stupid, and who knows what they'll demand next. But that doesn't really have anything to do with the browser EME extensions. It could happen just as easily with or without them.
I'm sympathetic towards those who think DRM sucks, I really am. I'm also sympathetic towards people who think the EME specs suck. They really do. However, the real point of the spec isn't to be a good spec, easily implementable by all parties involved. It's to allow web apps direct access to MS's DRM, Android's DRM, and Apple's DRM. That's the entire point of the spec, and all the generic language and extendable blah, blah, blah, 3rd party CDM's, etc. are all nonsense tacked on to try and make it more palatable as an open spec. No one is going to bother implementing that part of things in reality. The exact same way the html5 video specs were left annoyingly vague because no one could agree on a single standard - and yet each browser did 1 specific thing that was exactly what everyone knew was going to happen from the start. The specs are really only being made to describe what the browsers were doing anyway, not some kind of catalyst that caused things to happen a certain way. Which kind of brings up the point of whether there's any reason to make this an HTML spec at all, rather than just allowing the browsers to define their own API - but whatever. Open standards is the buzzword of today, so a W3C spec had to be made, and now here we are.Last edited by smitty3268; 19 August 2013, 01:36 AM.
Comment
-
You don't actually need all these hacks and to jump through all these hoops in order to watch the content that's on Netflix. Until Netflix addresses the issue and makes it easy for Linux users to watch their stuff, all you need is a simple BitTorrent client. Works like a charm. No need to mess with NPAPI plugins or Wine DLLs.
Comment
-
Originally posted by Chewi View PostAs I said, I currently only use Lovefilm through the mail. If I had an online subscription, I could use the Wii. I only used Blinkbox once and for that, I booted into my Windows 8 on my wife's laptop. She normally uses openSUSE. I like Blinkbox because it is PAYG rather than subscription-based but they don't have a Wii app. I do have an Xbox 360 too but you need a Gold subscription for both services (and Netflix?) and that pisses me off. Why do you have to pay for one service just to access another completely unrelated paid service? I used to have a Gold subscription but I don't have time for console games these days.
Originally posted by ModplanMan View PostHere's a novel concept:
How about not giving money to the people who are actively working on DRM to stop you watching things on the platform you use, who actively lobby for stronger enforcement and longer copyright terms, who are demanding DRM be made a part of html standards and so on and so forth. At the very least get this stuff on DVD or Blu-ray second hand if you can.
Comment
-
DVD also inherently has DRM. Blu-ray not only has DRM, but has insanely paranoid DRM with layers upon layers upon layers of keys hidden in various places that decode one another, not to mention that some even require a secure connection all the way to the screen. So buying DVDs and especially Blu-rays is supporting DRM, second-hand or not.
Simply don't pay for services that actively make it difficult for you to use them when you know it's going to the same person trying to make it difficult for you.
Comment
-
Originally posted by smitty3268 View PostIf that were true, why haven't they already insisted on such things from existing DRM providers? They could insist Silverlight DRM followed their own model. They could insist iTunes used their model.
They haven't because DRM schemes are incredibly complicated and easily defeated in most cases. They realize they are better off letting Apple and Microsoft spend a ton of money making those systems, and just being assured they work. They don't have the expertise in creating such systems anyway.
And do you think Apple and Microsoft will just let anyone use their DRM systems for free? This whole thing just smells like a power-grab. Netflix is now a big deal, they want to prevent future market disruptors and raise entry barriers by making it harder for others to become online distributors. Hollywood, MPAA and the rest demand DRM, and this means new distributors will have to either create their own DRM schemes that satisfy the demands of the copyright mafia, or they will have to pay royalties to Apple/Netflix/Microsoft/Google for using their DRM-schemes.
Furthermore, it's not certain the browsers will even allow such a thing. The spec says they need to support "a" CDM, meaning at least one. But it never specifies they need to allow multiple systems. That's the same as with html video, where it turns out browsers were incredibly tight about exactly what they allowed to run. Instead of allowing any codecs, they very carefully only allowed specific ones. There's no reason to believe IE will even run any CDM except for their own Fairplay system. It'd be extremely easy for them to claim security when asked why.
Could content providers eventually demand more? Sure. They're stupid, and who knows what they'll demand next. But that doesn't really have anything to do with the browser EME extensions. It could happen just as easily with or without them.
I'm sympathetic towards those who think DRM sucks, I really am. I'm also sympathetic towards people who think the EME specs suck. They really do. However, the real point of the spec isn't to be a good spec, easily implementable by all parties involved. It's to allow web apps direct access to MS's DRM, Android's DRM, and Apple's DRM. That's the entire point of the spec, and all the generic language and extendable blah, blah, blah, 3rd party CDM's, etc. are all nonsense tacked on to try and make it more palatable as an open spec. No one is going to bother implementing that part of things in reality. The exact same way the html5 video specs were left annoyingly vague because no one could agree on a single standard - and yet each browser did 1 specific thing that was exactly what everyone knew was going to happen from the start. The specs are really only being made to describe what the browsers were doing anyway, not some kind of catalyst that caused things to happen a certain way. Which kind of brings up the point of whether there's any reason to make this an HTML spec at all, rather than just allowing the browsers to define their own API - but whatever. Open standards is the buzzword of today, so a W3C spec had to be made, and now here we are.
Comment
Comment