Feeds

Who's adding DRM to HTML5? Microsoft, Google and Netflix

Tag team's copy protection plan 'unethical'

Choosing a cloud hosting partner with confidence

With tech companies abandoning the proprietary Flash and Silverlight media players for HTML5, it was inevitable somebody would try to inject DRM into the virgin spec.

Microsoft, Google and Netflix are that “somebody”, having submitted a proposed modification to HTML5 to the World Wide Web Consortium (W3C) for “encrypted media extensions”.

Their proposed addition, detailed here and picked apart here, has drawn a flat rejection from HTML5 editor and Google employee Ian Hickson, who’s called the encrypted media extensions unethical.

Hickson wrote in response to Microsoft’s Adrian Bateman who floated the proposal on Monday: “I believe this proposal is unethical and that we should not pursue it.”

Bateman drew fire by revealing Microsoft, Google and Netflix had been working on an API to enable encrypted media in HTML “that we think can be implemented in all browsers and support any container/codec and content encryption without making major changes to the HTML Media element specification”.

Batemen said “many” content and application providers reckon they can’t use the <audio> and <video> elements in HTML5 because they “lack robust content protection”.

Hickson responded that the companies’ proposal doesn't provide robust content protection either, so it would not address this issue “even if it wasn't unethical”. Hickson didn’t elaborate on what he meant by unethical.

The video and audio tags in HTML5 offered the prospect of delivering media online in a vendor-neutral format. Traditionally, video and music were added to a web page via a plug-in, such as the proprietary Flash, QuickTime and Silverlight from Adobe. Apple and Microsoft use compression and decompression codecs such as the equally proprietary and patent encumbered H.264, co-authored by the two firms among others. Open sourcers fell back on the patent-free Ogg Theora.

The benefit of players such as Flash, QuickTime and Silverlight – to media companies, at least – has been it's possible to control who sees your stuff based on factors including region and payment. When it was developing Silverlight, Microsoft made a big deal about adding DRM and when shunting Silverlight aside for HTML5 a lack of similar controls was raised as a source of concern.

The attempt to claw back the safety of DRM - digital rights management aka copy protection - should come as little surprise.

But what about the presence of Google and Netflix? Google is no friend to Microsoft or H.264, and in 2010 open sourced the VP8 video codec to free the web from H.264. Netflix, meanwhile, is a tech vendor and is what’s known in “the biz” as a customer and is also far smaller than Microsoft or Google.

Google’s problem is YouTube and Google TV. Google might like VP8 philosophically, but - to our best knowledge - hardly anybody is using it.

Instead, the majority of content on YouTube is built for Flash and this will be played via Google TV. If Steve Jobs was right, HTML5 will supplant Flash. Google can’t afford to upset the corporate makers of film, TV and music on YouTube by making it impossible to let them control the distribution of their content.

Netflix, meanwhile, is trying to grow an online streaming business out of its original DVD rental service. Netflix was an early Silverlight adopter and must now recognise the future is HTML5 thanks to Microsoft’s acceptance of the Jobsian vision. It, like Google, will want to stay on the right side of media producers.

As an interesting footnote, Netflix chief executive Reed Hastings also sits on the Microsoft board.

Microsoft’s Bateman has tried to bulletproof the encrypted media extensions proposal by saying: “No ‘DRM’ is added to the HTML5 specification, and only simple clear key decryption is required as a common baseline.”

It’s typical for IT vendors to adopt standards and then extend them in their own software. However, the extensions Microsoft, Google and Netflix are proposing, though, could become enshrined as an official W3C standard that’s supposed to be vendor neutral. ®

Business security measures using SSL

More from The Register

next story
'Windows 9' LEAK: Microsoft's playing catchup with Linux
Multiple desktops and live tiles in restored Start button star in new vids
Not appy with your Chromebook? Well now it can run Android apps
Google offers beta of tricky OS-inside-OS tech
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn
Merger will lead to mainframe and COBOL powerhouse
iOS 8 release: WebGL now runs everywhere. Hurrah for 3D graphics!
HTML 5's pretty neat ... when your browser supports it
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
NHS grows a NoSQL backbone and rips out its Oracle Spine
Open source? In the government? Ha ha! What, wait ...?
Google extends app refund window to two hours
You now have 120 minutes to finish that game instead of 15
Intel: Hey, enterprises, drop everything and DO HADOOP
Big Data analytics projected to run on more servers than any other app
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.