I guess if you consider the new DRM integration a potential attack vector it removes that possibility.
But, if you're going to install this in the first place you won't be consuming DRM content - so you probably won't even be visiting the sites that have it anyway and using the feature.
You might worry that you wouldn't notice which sites are using it. Or you might want to send a message to sites, or to Mozilla, that you think DRM is bad and that you don't want to have DRM implementations installed.
One of the worst things about each browser vendor's decision to support DRM is that it makes the choice to require DRM less costly for new web sites that are considering it. So even if you think Netflix could never have been budged, random site X might now say "cool, we can control what people can do with video on our site, at a surprisingly low interoperability cost to us!". If you want to avoid that outcome as an end-user, you have to do whatever you can to increase potential DRM adopters' view of the market share they will put at risk.
Also, if you do visit a site that uses DRM and your browser doesn't support it, it will show up in the server logs, so just using it is sending a message.
This end does not seem to be served by niche browsers which will be used only by the EFF-card-carrying subset of the tech community, people who are most able and least ethically inhibited from piracy anyway.
This is a good reason to keep the functionality out of mainstream browsers, but it doesn't seem to work if it's just us using deliberately hobbled browsers.
How typical of the DRM/closed-web subset of the tech community to justify their collaboration with accusations of piracy at those of us trying to create a free and open web.
Resisting any type of DRM from the very beginning is important, because the fight will be a lot harder once there is an established community of users. Educating people about DRM is hard enough; it is almost impossible when it also requires convincing people to give up some service (i.e. netflix) that they have grown accustomed to.
This is the latest battle the ongoing War On General Purpose Computing[1], and a lot of people that should know better are choosing movies and the dream of short-term profits over long-term freedom.
Wow, when I clicked to see the comments section here on HN it was kind of the other way around in my head. I thought "Yes! Finally good news from Mozilla!" I don't need this binary blob on my computer and therefor I don't want it because I can never know what it does. Why use Linux if you end up running closed source binary blobs anyway? (I understand that somewhere down there I still am using some propriatary nvidia driver or something but if I can avoid it then I would like to be able to.)
The DRM plugin is downloaded and installed automatically with the "normal" version of Firefox. So if you don't want to be downloading purposely-obfuscated proprietary Adobe binaries, you have to install this version.
Also, by default, EME activates on any webpage that requests it.
If you disable EME (in the Firefox Preferences menu by unchecking the "Play DRM content" checkbox), Firefox will delete the Adobe CDM binary if it has been installed.
I bet "how many people downloaded the DRM-less version" is an important statistic for Mozilla - Having FF in the middle of an automatic update, I'll be getting the other version however, and I wonder if having disabled this feature, will the browser call home to count towards it...
> I wonder if having disabled this feature, will the browser call home to count towards it...
It will not. Currently the only telemetry related to EME is the VIDEO_EME_PLAY_SUCCESS histogram, which counts successes/failures of playback. It's only enabled then EME itself is enabled, though.
Doesn't EME imply a kernel component? To safeguard the encryption keys and to generally complicate an access to the raw media? If so, does it mean that this Firefox update touches the kernel?
It does not imply a kernel component. From the point of view of the browser, EME is an API to a sandboxed binary (the CDM) that decrypts video frames and sends them back to the browser, which then presents them to the user. The CDM might use kernel facilities for storing encryption keys.
Does this update add Adobe's stuff into kernel or does it not (e.g. if Adobe is just piggy-backing on Windows PMP)? Can anyone from Mozilla comment on this?
This is a principal question, because if there is an Adobe's kernel DRM driver in this update, then it makes sense to go with the "EME-free" update instead of adding and then, hopefully, removing 3rd party junk from the kernel as per that Mozilla KB linked elsewhere in this thread.
Neither Firefox nor the Adobe CDM install any kernel code. The Adobe CDM is, conceptually, the Flash Player's DRM code repackaged to work with Firefox's CDM API. And the Flash Player doesn't need to install new kernel drivers. Studios have different DRM requirements for video quality levels like HD, non-HD, "Studio HD", and "Ultra HD". For higher quality video, studios might require secure hardware path. Even this level, AFAIU, doesn't require new kernel drivers because Windows already has APIs for this.
If you're morally opposed to DRM, then it's a surefire way to ensure you don't unknowingly use a service that requires it, thereby encouraging its proliferation.
"We very much want to see a different system. Unfortunately, Mozilla alone cannot change the industry on DRM at this point. In the past Firefox has changed the industry, and we intend to do so again. Today, however, we cannot cause the change we want regarding DRM." https://blog.mozilla.org/blog/2014/05/14/drm-and-the-challen...
Without getting too preachy about DRM itself... the need for computing tools that exist outside of the fictitious corporate-goverment-legal structures dominated by power and money are essential to ensuring human freedom in a digital world. As we choose and are forced to have more of our lives moved into this realm, it becomes more relevant every day.
Many people do not care about those things, and prefer Netflix et al over such matters, or perhaps have never looked closely at the issue. Mozilla has (had?) a tradition and reputation for caring about this. I suspect that many of us would prefer them to go even further, such as not implement the feature at all in protest.
Publishers who want to protect their content against piracy and don't want to use cumbersome expensive solutions. Traditionally DRM has been a hassle for legal users, expensive to publishers, and complex to encode and host video. Having a browser standard would make it convenient to users and publishers.
The original commenter was asking why people would want to prevent their browser from having DRM support, rather than why publishers would want DRM. (For DRM opponents, having convenient and standardized DRM is worse in many ways because it is more likely to be adopted in more circumstances.)
I can't think of a good reason to deliberately remove it from your browser.
Why would it be worse if more companies used DRM? I can think of some edge cases on obscure devices or if you are pirate but other than that it seems like legal users would be unaffected and not even notice it.
> it seems like legal users would be unaffected and not even notice it.
Yes, just like Sony said in response to the rootkit scandal – "Most people don't even know what a rootkit is, so why should they care about it?"
DRM is a declaration from the publishers that they distrust you so much that they must be granted absolute control over your machine. You can't retain higher privileges over your own machine than they have, or else you would be able to circumvent their system and it wouldn't work.
Why would you trust someone who has declared themselves your enemy to run arbitrary code with root privileges on your machine?
That highlights the need for standard DRM rather than having each company using their own code that runs on your computer.
With a standard DRM solution, the only person you would need to trust is the browser vendor. This seems like a better alternative than having a company force you to use their DRM.
But that can cut both ways. If having DRM on a computer at all is offensive to a user, than having a standard DRM method can make it all the harder to avoid.
And I don't think it's a very strong argument that fewer companies rolling their own DRM will be such a great thing, and I'd be surprised if DRM opposers would be relieved that fewer companies are rolling their own DRM if it means its harder to avoid ANYONE putting DRM on their machine. It's like a choice between letting independent, small-time thieves into your home, or having the Mafia allowed to organize, with the blessing or apathy of the general community. The first may be a more dispersed, less coherent adversary, and it might be harder to be confident that their crimes are high quality. The second will act like they already own your house and that they are affording you the privilege of living their under their "protection". But at least with the first, when everyone's not already used to them owning the place and aren't intimidated into accepting them, you can rely on some widespread denunciation of the robbery.
Standardized, widespread DRM is much more like these companies and committees acting like they already own our computers, that how we use them and how we connect them to internet is a privilege we enjoy only at their direction.
The insinuation that opposing DRM has mainly to do with wanting piracy to be easy is a common straw-man. There are many who oppose piracy who also oppose DRM, for very compelling reasons that aren't just limited to edge cases or using obscure devices. For such people, it would be worse if more companies used DRM because it would mean losing the fight against DRM. More and more people who don't care about the issue will be used to dealing with it, and it will be seen as harmless when it's more widespread and ordinary users aren't bothered by it. That is very disheartening to those of us who find DRM seriously threatening to the kinds of grass-roots technological and social innovations that make us so excited about the internet.
oh you can't watch this video your paid for on your computer because reasons.
You need to use this crappy video player instead.
Oh you can only watch this on 3 computers and you have hit that limit.
the license for this content has been lost, you can't watch it anymore.
Compare that to the pirates life:
Click play -> watch movie.
There was actually an interesting article a while back about DRM not being about preventing piracy, but rather enforcing methods of watching (so 100% to control legitimate customers).
I guess if you consider the new DRM integration a potential attack vector it removes that possibility.
But, if you're going to install this in the first place you won't be consuming DRM content - so you probably won't even be visiting the sites that have it anyway and using the feature.