Feeds

EFF files objections with W3C decrying addition of DRM to HTML5

Will Microsoft, Google, and Netflix have their way?

SANS - Survey on application security programs

The Electronic Frontier Foundation (EFF) has upgraded to full member status of the World Wide Web Consortium (W3C), and as its first act has registered a formal objection to the proposed addition of DRM to the HTML5 specifications.

Its objection stems from the Encrypted Media Extension (EME) which was advanced to first draft earlier this month by W3C. The EFF contends that the purpose of the extension is nothing more than enforcing DRM, and says that existing web standards are capable of doing the job.

"This proposal stands apart from all other aspects of HTML standardization: it defines a new 'black box' for the entertainment industry, fenced off from control by the browser and end-user," said EFF international director Danny O'Brien.

"While this plan might soothe Hollywood content providers who are scared of technological evolution, it could also create serious impediments to interoperability and access for all," he argued.

The EME system proposed by Microsoft, Google, and Netflix adds a JavaScript system to allow a variety of DRM licenses, and the proposals have been dismissed by some as unethical. While the EFF acknowledges the code is technically as sound as can be expected, it says the system takes HTML in an unhealthy direction.

"The W3C needs to develop a policy regarding DRM and similar proposals, or risk having its own work and the future of the Web become buried in the demands of businesses that would rather it never existed in the first place," said EFF Senior Staff Technologist Seth Schoen.

"The EME proposal needs to be seen for what it is: a creation that will shut out open source developers and competition, throw away interoperability, and lock in legacy business models," Schoen said. "This is the opposite of the fair use model that gave birth to the Web."

It's a tricky situation. With Silverlight and Flash both looking long in the tooth, it's clear that HTML5 is the future – but whether or not that future needs to include DRM is up in the air. Netflix has said it won't switch without it (since DRM is essential to its business model), and Google wants similar controls for YouTube.

The W3C's chief executive Jeff Jaffe has defended EME's inclusion, and says it is needed to ensure that access to certain comment isn't limited to a variety of proprietary plug-ins. The result would be a dysfunctional two-tier web.

"It is W3C's overwhelming responsibility to pursue broad interoperability, so that people can share information, whether content is protected or available at no charge," Jaffe argues. "A situation where premium content is relegated to applications inaccessible to the Open Web or completely locked down devices would be far worse for all." ®

High performance access to file storage

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.