Mozilla breaks our hearts, adds DRM to Firefox


For months, I've been following the story that the Mozilla project was set to add closed source Digital Rights Management technology to its free/open browser Firefox, and today they've made the announcement, which I've covered in depth for The Guardian. Mozilla made the decision out of fear that the organization would haemorrhage users and become irrelevant if it couldn't support Netflix, Hulu, BBC iPlayer, Amazon Video, and other services that only work in browsers that treat their users as untrustable adversaries.

They've gone to great -- even unprecedented -- lengths to minimize the ways in which this DRM can attack Firefox users. But I think there's more that they can, and should, do. I also am skeptical of their claim that it was DRM or irrelevance, though I think they were sincere in making it. I think they hate that it's come to this and that no one there is happy about it.

I could not be more heartsick at this turn of events.

We need to turn the tide on DRM, because there is no place in post-Snowden, post-Heartbleed world for technology that tries to hide things from its owners. DRM has special protection under the law that makes it a crime to tell people if there are flaws in their DRM-locked systems -- so every DRM system is potentially a reservoir of long-lived vulnerabilities that can be exploited by identity thieves, spies, and voyeurs.

It’s clear that Mozilla isn’t happy about this turn of events, and in our conversations, people there characterised it as something they’d been driven to by the entertainment companies and the complicity of the commercial browser vendors, who have enthusiastically sold out their users’ integrity and security.

Mitchell Baker, the executive chairwoman of the Mozilla Foundation and Mozilla Corporation, told me that “this is not a happy day for the web” and “it’s not in line with the values that we’re trying to build. This does not match our value set.”

But both she and Gal were adamant that they felt that they had no choice but to add DRM if they were going to continue Mozilla’s overall mission of keeping the web free and open.

I am sceptical about this claim. I don't doubt that it’s sincerely made, but I found the case for it weak. When I pressed Gal for evidence that without Netflix Firefox users would switch away, he cited the huge volume of internet traffic generated by Netflix streams.

There's no question that Netflix video and other video streams account for an appreciable slice of the internet’s overall traffic. But video streams are also the bulkiest files to transfer. That video streams use a lot of bytes isn't a surprise.

When a charitable nonprofit like Mozilla makes a shift as substantial as this one – installing closed-source software designed to treat computer users as untrusted adversaries – you’d expect there to be a data-driven research story behind it, meticulously documenting the proposition that without DRM irrelevance is inevitable. The large number of bytes being shifted by Netflix is a poor proxy for that detailed picture.

There are other ways in which Mozilla’s DRM is better for user freedom than its commercial competitors’. While the commercial browsers’ DRM assigns unique identifiers to users that can be used to spy on viewing habits across multiple video providers and sessions, the Mozilla DRM uses different identifiers for different services.

Firefox’s adoption of closed-source DRM breaks my heart

Notable Replies

  1. I thought that the FA made all this clear.

    I don't care about how you want to listen to music or watch TV.

    I care that DRM comes with laws that make it illegal to report vulnerabilities, and that this means that DRM technologies are long-lived reservoirs of vulns that can be exploited by spies, creeps, and identity thieves.

    I care that DRM treats its owner as an untrusted adversary, so DRM-crippled media can't be played on free software, endangering its use in the field.

    How people while away the dismal hours between cradle and grave are their own business. The corruption of the electronic nervous system of the 21st century is all our business.

  2. I wonder what the about:mozilla blurb will be once they do the deed.

    Currently it's

    Maybe it will be something like: And the beast decided to become somewhat like Mammon because it was afraid Mammon was going to win.

  3. One of Mozilla's mission statements is "openness". By adding DRM so as to allow access to Hulu, Netflix, etc., they're catering to users who do not agree with its mission. I understand the desire to maintain its userbase, but by doing this, Mozilla is undermining one of its reasons for existing in the first place.

    I'm especially disappointed because it prevents me "voting against DRM" via my choice of browser. Hulu, Netflix, etc. are all desperate for as many users as possible. If they attain 90% marketplace adoption, the question burning in their minds is: "How do we reach that last 10%?". If those last holdouts are using a browser that refuses to employ DRM, they will absolutely consider dropping its requirement. By knuckling under, Mozilla has spared them from having to consider this.

  4. On the plus side, this may only be temporary?

    From the FAQ:

    Isn’t DRM counter to the open Web principles Mozilla stands for?

    DRM requires closed systems to operate as currently required and is designed to remove user control, so Mozilla is taking steps to find alternative solutions to DRM. But Mozilla also believes that until an alternative system is in place, Firefox users should be able to choose whether to interact with DRM in order to watch streaming videos in the browser.

    And another plus side, apparently it's optional:

    What impact will this have on Firefox users?

    It will be easier for Firefox users to play DRM-enabled videos because they will not have to download Flash or Silverlight first. Firefox users will be able to choose whether to activate the new DRM system before it is accessed.

    Still sucks, but there's hope this is just a temporary thing.

    @albill, do you know if this is just going to be a temp deal?

  5. Yes, and it's taxable... but.... the Mozilla Corporation is a wholly owned subsidiary that serves the non-profit, public benefit goals of its parent, the Mozilla Foundation, and community.

    And, it's guided by these priciples:

    http://www.mozilla.org/en-US/about/manifesto/

    Mozilla Foundation Pledge

    The Mozilla Foundation pledges to support the Mozilla Manifesto in its activities. Specifically, we will:

    • Build and enable open-source technologies and communities that support the Manifesto’s principles;

    • Build and deliver great consumer products that support the Manifesto’s principles;

    • Use the Mozilla assets (intellectual property such as copyrights and trademarks, infrastructure, funds, and reputation) to keep the Internet an open platform;

    • Promote models for creating economic value for the public benefit; and
    promote the Mozilla Manifesto principles in public discourse and within the Internet industry.

Continue the discussion bbs.boingboing.net

140 more replies

Participants