|
|
Subscribe / Log in / New account

*facepalm*

*facepalm*

Posted May 14, 2014 23:29 UTC (Wed) by moltonel (guest, #45207)
In reply to: *facepalm* by higuita
Parent article: Firefox gets closed-source DRM

I'm not sure how replacing the closed adobe flash plugin by a closed Adobe EME plugin gives much control back to the browser.

I guess an EME plugin has less features and therefore a smaller attack surface, but that's the only good thing I can think about it. Flash may be on everbody's tokill list, but it's a known quantity, it still has wider support than EME, and even has some open implementations.

I'd rather avoid DRM content. But when DRM is the only option, I don't mind using flash for it.

to post comments

*facepalm*

Posted May 15, 2014 8:33 UTC (Thu) by gerv (guest, #3376) [Link] (3 responses)

The new plugin can be sandboxed.

The open implementations of Flash are a red herring in this case, because they don't support DRM. If you are viewing DRMed content now, you will be using a (the) closed-source Flash player. So the new arrangements are no worse for you.

*facepalm*

Posted May 15, 2014 11:16 UTC (Thu) by gidoca (subscriber, #62438) [Link] (2 responses)

Flash is sandboxed in recent versions of Chrome, I'm sure Firefox could do that too.

*facepalm*

Posted May 15, 2014 12:10 UTC (Thu) by KaiRo (subscriber, #1987) [Link]

Flash is only sandboxed to a degree, even in Chrome. It still has full network access and it has disk access, and it has video hardware access, and from a few things I heard so far, the Chrome sandbox is quite leaky due to all the things they need to open to keep Flash working (and not just because of the design of PPAPI, which lets Flash directly access the innards of Chrome). The problem is that Flash is a huge, multi-purpose plugin that does tons of different things all over the computer, DRM being only a tiny piece of it.
What Mozilla is trying to do is getting rid of that huge multi-purpose proprietary thing that is hard to secure and replace it with a small for-one-purpose-only (that needs to have a nice ring for unix-lovers, right?) well-sandboxed-by-design module, so that this CDM module isolates the proprietary functionality better.

*facepalm*

Posted May 16, 2014 21:20 UTC (Fri) by kripkenstein (guest, #43281) [Link]

Not necessarily. Chrome sandboxes Flash through a partnership that includes source code, and a lot of engineering went into modifying Flash for sandboxing. A lot of effort and money went into that, and it would be up to Adobe to decide if it even wants to work with Mozilla on this.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds