Encryption, DRM, and the Web Cryptography API
Resistance
These efforts have met with some resistance from the Electronic Frontier Foundation (EFF). The US organization for digital civil rights has fought DRM for years. In May 2013, the EFF submitted formal objection to the statutes of the HTML Working Group to the W3C: In the opinion of the Foundation, the Encrypted Media Extensions contradict W3C's vision of an open web and excludes certain browsers and platforms from the World Wide Web. EME obstructs interoperability and the participation of any interested party in the web.
The Free Software Foundation (FSF) has added its voice to this criticism, having always fought against "Digital Restrictions Management" (Figure 2). Activists have coined the term "Hollyweb" for the current threat, referring to an Internet that is based on the ideas of the movie corporations in Hollywood [11]. On May 3, 2013, they celebrated anti-DRM day and handed over a letter of protest to the W3C with tens of thousands of signatures.

A formal objection to EME has also been filed by software developer Andreas Kuckartz [12]. Kuckartz has been an Invited Expert in the W3C's HTML Working Group for two years. He sees problems with open source software licenses in EME: "Since GPLv3, DRM, and free software are no longer compatible." In his opinion, there is no obligation for the W3C to comply with the entertainment industry's desire for digital rights management. The standardization process still has several stages to go through, he says, and the output is unclear. "If the W3C leaves DRM out of the standards, anybody interested in doing so could design it on their own," he cautiously predicts.
W3C CEO Jeff Jaffe, on the other hand, argues that DRM will be present on the web anyway (through technologies such as Flash and Silverlight) regardless of whether the W3C throws its weight behind a technology standard. In an interview with CNET, Jaffe points out, "There is going to be protected content on the Web … . We should have one Web with as much commonality as possible, where one is able to access free content as well as protected content. The other approach is to say if someone wants to have DRM content, that should be its own walled garden, cordoned off. We don't want the Web to be a bunch of cordoned-off apps" [13].
The EFF counters that building restrictive technologies into an open standard is unworkable and contrary to the spirit of the W3C. "Accepting EME could lead to other rightsholders demanding the same privileges as Hollywood, leading to a Web where images and pages cannot be saved or searched, ads cannot be blocked, and innovative new browsers cannot compete without explicit permission from big content companies" [14].
As of now, the W3C seems committed to continuing the development and adoption of the Web Cryptography API, but even if the controversial API isn't accepted as an official W3C standard, you can bet the entertainment industry's effort to build DRM into the Internet isn't going to go away anytime soon.
Infos
- "HTML5 Video at Netflix": http://techblog.netflix.com/2013/04/html5-video-at-netflix.html
- BBC support for DRM: http://lists.w3.org/Archives/Public/public-html-admin/2013Feb/0153.html
- Web Cryptography API: https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html
- Encrypted Media Extensions (EME): https://dvcs.w3.org/hg/html-media/raw-file/tip/encrypted-media/encrypted-media.html
- Implementation in Chrome: http://www.chromestatus.com/features
- Crypto API in Mozilla:https://wiki.mozilla.org/Privacy/Features/DOMCryptAPISpec/Latest
- PolyCrypt: http://polycrypt.net
- Netflix WebCrypto: https://github.com/Netflix/NfWebCrypto
- AES: https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
- RSA: http://en.wikipedia.org/wiki/RSA_encryption
- Formal objection to the EFF: https://www.eff.org/pages/drm/w3c-formal-objection-html-wg
- Formal objection by Andreas Kuckartz: http://lists.w3.org/Archives/Public/public-html-admin/2013May/0138.html
- "W3C Proceeds with Web Video Encryption Despite Opposition": http://news.cnet.com/8301-1023_3-57583619-93/w3c-proceeds-with-web-video-encryption-despite-opposition/
- "EFF Makes Formal Objection to DRM in HTML5": https://www.eff.org/press/archives/201305
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Direct Download
Read full article as PDF:
Price $2.95
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Find SysAdmin Jobs
News
-
The Next Major Release of Elementary OS has Arrived
It's been over a year since the developers of elementary OS released version 6.1 (Jólnir) but they've finally made their latest release (Horus) available with a renewed focus on the user.
-
KDE Plasma 5.27 Beta is Ready for Testing
The latest beta iteration of the KDE Plasma desktop is now available and includes some important additions and fixes.
-
Netrunner OS 23 Is Now Available
The latest version of this Linux distribution is now based on Debian Bullseye and is ready for installation and finally hits the KDE 5.20 branch of the desktop.
-
New Linux Distribution Built for Gamers
With a Gnome desktop that offers different layouts and a custom kernel, PikaOS is a great option for gamers of all types.
-
System76 Beefs Up Popular Pangolin Laptop
The darling of open-source-powered laptops and desktops will soon drop a new AMD Ryzen 7-powered version of their popular Pangolin laptop.
-
Nobara Project Is a Modified Version of Fedora with User-Friendly Fixes
If you're looking for a version of Fedora that includes third-party and proprietary packages, look no further than the Nobara Project.
-
Gnome 44 Now Has a Release Date
Gnome 44 will be officially released on March 22, 2023.
-
Nitrux 2.6 Available with Kernel 6.1 and a Major Change
The developers of Nitrux have officially released version 2.6 of their Linux distribution with plenty of new features to excite users.
-
Vanilla OS Initial Release Is Now Available
A stock GNOME experience with on-demand immutability finally sees its first production release.
-
Critical Linux Vulnerability Found to Impact SMB Servers
A Linux vulnerability with a CVSS score of 10 has been found to affect SMB servers and can lead to remote code execution.