Feeds

Mozilla CTO blasts WC3 plans to bless anti-piracy DRM tech in HTML5

Brendan Eich warns of 'The Bridge of Khazad-DRM'

3 Big data security analytics techniques

The co-founder and CTO of Mozilla Brendan Eich has issued a strongly worded statement decrying moves by the World Wide Web Consortium (W3C) to allow digital rights management plugins to be included in the specifications for HTML5 and future code iterations.

Last year Microsoft, Google and Netflix submitted a proposal to web standards overlord W3C to allow the use of Encrypted Media Extensions (EME) that would allow companies to build plugins for watching DRMed content in browsers.

The proposals are supported by the W3C and Sir Tim Berners-Lee – the web's daddy basically told users to get over it and accept that anti-piracy tech such as DRM was going to be in their future. But the Free Software Foundation and EFF have both objected strongly to the proposals, and have now been joined by Eich and, by inference, Mozilla itself.

"We see DRM in general as profoundly hostile to all three of: users, open-source software, and browser vendors who aren’t also DRM vendors," he said in a blog post titled "The Bridge of Khazad-DRM".

"What the W3C is entertaining, due to Netflix, Google, and Microsoft’s efforts, is the EME API, which introduces new plugins that are neither Silverlight nor Flash, called Content Decryption Modules (CDM for short), into HTML5. We see serious problems with this approach. One is that the W3C apparently will not specify the CDM, so each browser may end up having its own system."

Eich said Mozilla wasn't against any plugins using DRM, indeed Mozilla's browsers supported some such code. But the he feels W3C is making a major mistake in not specifying the exact form of DRM that can be used, which could leave browser manufacturers having to deal with competing and possibly incompatible systems.

He likened the situation to the bad old days when Microsoft's ActiveX was rife, and said that for the open-source community any move to DRM would cause massive problems in coding and implementation. Some plugins could even be dependent on having the right kind of operating system, and as such Mozilla is taking a stand against the proposed EME system.

"Here is a narrow bridge on which to stand and fight — and perhaps fall, but (like Gandalf) live again and prevail in the longer run. If we lose this battle, there will be others where the world needs Mozilla," Eich concluded. ®

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.