EME and browsers

[labbe5]

A formal objection : https://github.com/w3c/encrypted-media/issues/379

Any new browser coming on the scene after the standardization of EME will enter a fundamentally different world than all the ones that have come before: for that browser to receive and display content that is defined by the W3C, it will have to enter into a commercial partnership with one of a handful of companies that have been blessed as being entitled to produce a CDM.

A browser that can't strike such a partnership -- either because all possible partners are in exclusive relationships with existing browsers, or because it lacks the commercial or structural ability to enter into a commercial partnership (say, because it is a community-based free software project) will be frozen out of rendering part of the standards-defined Web.

It would be a return to the bad old days of websites that advised that they were "Best viewed with Netscape" or "Best viewed with Internet Explorer," because the new browsers would be locked out of some of their content.

https://www.fsf.org/news/coalition-against-drm-in-html

"DRM restricts the public's freedom, even beyond what overzealous copyright law requires," and warns that for the W3C, "ratifying EME would be an abdication of responsibility; it would harm interoperability, enshrine nonfree software in W3C standards and perpetuate oppressive business models. It would fly in the face of the principles that the W3C cites as key to its mission and it would cause an array of serious problems for the billions of people who use the Web."

Security-wise, what Distrowatch says :
The W3C, encrypted media and software freedom
http://distrowatch.com/weekly.php?issue=20170925#news

On the security side of things, the W3C says having one central standard is better than multiple sites having their own, separate players. While it is true that each website having its own media player often leads to shoddy coding and poor security, the W3C's new standard is not better, it merely moves the problem. Instead of some people having insecure add-ons, each one different, requiring a different exploit from attackers, now everyone will have insecurity built directly into their browsers. Simply removing an insecure add-on to improve security will not be an option; the non-free code will be baked right into the web browser.

What you can do :
At this point it looks like people who value software freedom and an open web have just three options remaining. The first is to file a complaint with the W3C and ask them to reverse their decision. The appeal against baking DRM into the web failed, but perhaps enough protesters can get a vote to repeal the new web standard.
https://www.w3.org/Consortium/contact

A second option is to boycott web browsers which implement the new, non-free standard. If Safari, Chromium and other mainstream browsers implement non-free code, we should avoid them and promote free software browsers which do not include non-free blobs by default. We can also petition distributions to patch out the non-free parts of otherwise open web browsers. If Firefox includes a non-free decryption module Linux distributions should remove it as part of their build process.

Finally donate to EFF :
https://supporters.eff.org/donate

[Moose On The Loose]

A formal objection : https://github.com/w3c/encrypted-media/issues/379

Any new browser coming on the scene after the standardization of EME will enter a fundamentally different world than all the ones that have come before: for that browser to receive and display content that is defined by the W3C, it will have to enter into a commercial partnership with one of a handful of companies that have been blessed as being entitled to produce a CDM.

This is part of a tendency of the big guys to push out the little guy. Up until this week, nobody on the W3C represented the many smaller folk. They were all from something big so they couldn't even see the problem with going with EME. Perhaps now with Lunduke on the W3C, at least there is some chance that the issues will be at least pointed out internally.

The biggest danger to freedom in this is that somehow Google, Microsoft and Apple will work towards a case where those are the only OS choices for machines that can browse the web. It is not likely that you will see a "best viewed with". Instead it will be a "You are using a dangerous obsolete browser please upgrade". It will be presented to the user as though there is some risk to themselves for not using one of the big browser versions.

[8Geee]

I agree Moose.

I have long thought that Apple, Microsoft, and Google want the entire web for themselves... in some cases Apple has even shown such exclusivity as to make me think they want their own web using specific ports and protocols exclusive to Apple OS users only. And I used to get laughed at...

Regards
8Geee