User: Password:
|
|
Subscribe / Log in / New account

open source

open source

Posted May 14, 2014 19:09 UTC (Wed) by ballombe (subscriber, #9523)
Parent article: Firefox gets closed-source DRM

So according to the specification, the CDM has no access to the world except through an 'open source' sandbox.

But then:
> Adobe and the content industry can audit our sandbox (as it is open source) to assure themselves that we respect the restrictions they are imposing on us and users, which includes the handling of unique identifiers, limiting the output to streaming and preventing users from saving the content. Mozilla will distribute the sandbox alongside Firefox, and we are working on deterministic builds that will allow developers to use a sandbox compiled on their own machine with the CDM as an alternative.

So this seems to imply that actually Adobe can prevent users of the CDM to replace the 'open source' component by another that save the content.

This is a strange use of open source, indeed, when modification are not allowed.

I hope the Mozilla developers will be smart enough to include some DRM-security hole masqueraded as fat-finger. (No reason to give the NSA the monopole of this useful technic).


(Log in to post comments)

open source

Posted May 14, 2014 19:36 UTC (Wed) by eternaleye (subscriber, #67051) [Link]

> This is a strange use of open source, indeed, when modification are not allowed.

It's a perfectly normal use of 'open source', although it is arguably not 'free software' - in fact, it's _exactly_ what the 'Tivoisation' clause of the GPL-3 was intended to prevent.

Of course, Firefox is not GPL-3.

open source

Posted May 14, 2014 19:52 UTC (Wed) by LightBit (guest, #88716) [Link]

According to Open Source Initiative this is not open source.

open source

Posted May 14, 2014 20:36 UTC (Wed) by JohnLenz (subscriber, #42089) [Link]

So what's going to happen to security issues in firefox (not the CDM, but firefox itself)? Say mozilla finds a seecurity issue in firefox active in the wild and creates a patch. But now the CDM fails, because when it attempts to verity the sandbox it sees a new sandbox. So mozilla can either release an updated firefox which will piss off all the users where an update to firefox breaks all their video sites, or can delay the security update to firefox until someone at Adobe can update the CDM. Companies like this are not known for their quick response, so mozilla might be forced to leave a vulnerable version of firefox for quite a while.

Or what about what happens when a year from now Adobe says: "We are not going to allow the CDM to run with future versions of firefox unless you put an addvertisement link to Adobe in the upper-left corner." Mozilla is just opening themselves up to future pressure from these companies, once users get used to video being available and will be mad when an update breaks it.

open source

Posted May 14, 2014 22:36 UTC (Wed) by KaiRo (subscriber, #1987) [Link]

The security or other Firefox update issue is another reason why the Adobe CDM is running inside an (open-source) sandbox that runs in a different process than Firefox itself - the main Firefox code can be changed and updated independently of the actual sandbox code/installation and the binary CDM, so the security updates to Firefox are not an issue. The things that is more critical is the sandbox, of course, so it must be kept small in code and well-audited.

open source

Posted May 15, 2014 8:43 UTC (Thu) by roc (subscriber, #30627) [Link]

We haven't worked out all the details yet but the intent is that the CDM does not try to verify the entire browser stack, mainly just the sandbox. If there's a security issue in the sandbox, then we'd probably need to coordinate an update with Adobe.

As for the second paragraph --- preventing that is what contracts and laywers are for.

open source

Posted May 14, 2014 21:51 UTC (Wed) by fandingo (subscriber, #67019) [Link]

> This is a strange use of open source, indeed, when modification are not allowed.

The strangeness only comes from lumping Mozilla and Adobe into one entity. Mozilla is developing an open source CDM, which users are allowed to modify to their heart's content. Adobe is developing a closed-source EME and has decided to only make that work with approved CDMs and approved versions of those CDMs.

Even if Firefox were GPLv3, the anti-tovization clause wouldn't provide any protection because the entity releasing the open source code is not the same one preventing modifications to continue using it's closed-source plugin.

open source

Posted May 15, 2014 8:51 UTC (Thu) by gerv (subscriber, #3376) [Link]

Wrong way round. Adobe is developing a closed-source CDM. Mozilla is developing an open source sandbox, plus an implementation of the EME API in Firefox. The closed-source CDM only works with sandboxes it likes, and the sandbox only works with CDMs it likes.

open source

Posted May 15, 2014 19:59 UTC (Thu) by mathstuf (subscriber, #69389) [Link]

> and the sandbox only works with CDMs it likes

Hmm? It only provides an API. Why would it care about which module it loads that calls those APIs? Is this mentioned somewhere?

open source

Posted May 19, 2014 7:19 UTC (Mon) by Arker (guest, #14205) [Link]

"The strangeness only comes from lumping Mozilla and Adobe into one entity. Mozilla is developing an open source CDM, which users are allowed to modify to their heart's content. Adobe is developing a closed-source EME and has decided to only make that work with approved CDMs and approved versions of those CDMs. "

They are acting as one entity. The only purpose of the CDM is to facilitate the EME. So it's certainly not Free Software and it really sounds like a violation even by the considerably less strict Open Source definition as well.

open source

Posted May 19, 2014 16:12 UTC (Mon) by fandingo (subscriber, #67019) [Link]

No, they aren't. Mozilla distributes the sandbox, and Adobe distributes the closed-source plugin.

open source

Posted May 19, 2014 17:50 UTC (Mon) by lsl (subscriber, #86508) [Link]

What practical difference does that make? Even the Mozilla people seem to acknowledge that this situation is much more due to legal requirements than being a philosophical decision of "we don't ship proprietary software or DRM". Firefox is still going to nag you to download and install that blob.

I'm highly curious to see the actual dialog.

open source

Posted May 19, 2014 18:47 UTC (Mon) by fandingo (subscriber, #67019) [Link]

Do you have the same problem with NSAPI that's been used for ages to allow Flash to work? It's the exact same sort of open source "sandbox" (not really a sandbox but an API plugin).

Firefox will only nag users to install Adobe's CDM if the user visits a site that has content that requires a CDM. That's exactly how it currently behaves with Flash. This situation doesn't strike me as any different than how it currently works, and if it means a more focused, smaller blobs, that seems like a good thing. Not the best thing, but better than now.

open source

Posted May 19, 2014 20:14 UTC (Mon) by lsl (subscriber, #86508) [Link]

EME's sole purpose is to facilitate DRM. That's not the case for NPAPI which has other uses. In fact, on the computer I'm writing this the only NPAPI plugin installed is free software (IcedTea-Web).

Please note that I'm not saying I know better what Mozilla should or shouldn't have done. I don't. But let's be honest here: Mozilla shipping DRM infrastructure amounts to major defeat.

It's obvious that proliferation of EME leads to competitive disadvantages of non-mainstream platforms for which no CDM will be made available. I still have my doubts that even in Mozilla's/Adobe's implementation Linux will be a fully supported (read: can play HD content) platform, to not even mention other, less widely used, operating systems. What about other future user agents developed by teams other than the established few? Now all the major browsers (including Firefox) ship with DRM, giving it the appearance of an universally supported (and accepted) "feature".

The W3C even considering something like EME in its current incarnation is just ridiculous.

open source

Posted May 20, 2014 11:32 UTC (Tue) by mathstuf (subscriber, #69389) [Link]

> The W3C even considering something like EME in its current incarnation is just ridiculous.

Considering? Didn't they already give it a stamp of approval?

open source

Posted May 15, 2014 18:27 UTC (Thu) by glisse (guest, #44837) [Link]

I would love to learn how the sandbox could block capturing the stream on Linux. Damm with a gdb script i could capture it. So please explain how in hell one can believe this to be doable on linux ?

My guess is that linux will never have access to HD content and only low resolution with bad sound will be allowed to be playback on linux.

open source

Posted May 15, 2014 20:24 UTC (Thu) by KaiRo (subscriber, #1987) [Link]

It's up to Adobe and their agreements with the content industry, but AFAIK Mozilla is pushing for having Linux enabled. We'll only be able to tell once we see the actual software and not just the announcements of intention.

open source - platform-agnostic

Posted May 16, 2014 13:17 UTC (Fri) by ndye (guest, #9947) [Link]

It's up to Adobe and their agreements with the content industry, but AFAIK Mozilla is pushing for having Linux enabled. We'll only be able to tell once we see the actual software and not just the announcements of intention.

I thought (part of) the point of the contract was Mozilla forcing platform-agnosticism on Adobe, by every Mozilla implementation of the CDM being trusted (as opposed, possibly, to forks of Mozilla).

What did I miss?

open source - platform-agnostic

Posted May 16, 2014 18:25 UTC (Fri) by KaiRo (subscriber, #1987) [Link]

I don't know the contract, so I can't talk about it, but there's different levels of platform-agnostic. I'm pretty sure it's not agnostic of execjtable formats and processors, but that's just what I think. We'll know more when we see actual code (and binaries).

open source

Posted May 15, 2014 20:01 UTC (Thu) by mathstuf (subscriber, #69389) [Link]

> So this seems to imply that actually Adobe can prevent users of the CDM to replace the 'open source' component by another that save the content.

It reads to me like Adobe can audit the source. They can try to verify the resulting binary at runtime, but that would probably have an unacceptable high false positive rate (though one option is to not care about that I suppose).


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds