"Lesser of two evils". I prefer a nicely sandboxed and secured EME plugin over the insecure and clunkly silverlight pipelight trickery that was necessary before.
If Google was only implementing DRM to tick boxes, they wouldn't be implementing "extracurriculars" like hardware-based DRM on ChromeOS devices.
They wouldn't own the very DRM company whose product they're peddling, a company which advertises to the very industry which is supposedly forcing Google's hand. http://www.widevine.com/
Now, what exactly is the point in implementing a more secure DRM variant (which as far as I can tell uses remote attestation) if content remains available to more 'vulnerable' platforms? We even have a potential lockin motive by Google here, too. I can see it now: "Only available on ChromeOS."
Did you know that Netflix only supports up to 720p on Chrome and Firefox? Because the DRM in those is easy to circumvent. People want higher than 720p, so browsers implement better DRM.
True, but I was thinking more about the part where they sell music streaming services (Google Play Music, YouTube Red). Maybe I am wrong since they are not producers, but I considered this as being part of the media industry.
In order to confirm the plugin is in control of your computer, enough to prevent you from copying the precious bits, how sandboxed do you really think the DRM is? It has to have its claws like a rootkit into your machine in order to be "secure". How sandboxed can it be then?
I guess I just don't see the harm. If EME standardization did not take place at W3C, I think it would take place at another standards organization, or privately between content distributors and browser developers. Either way, it still happens and nothing is materially different.
If I go to a site that is "HTML5 Compatible" I should not have to worry if my "HTML5 Browser" has all the proper binary blobs and approvals to support the content.
If something is standard complaint it should work for all platforms that support the standard not just the Billion dollar corporations that paid to get their technology included into the standard
Why can't we? Do I really need that popup saying that 'developer mode' plugins are ZOMG HARMING ME? Because I installed ad nauseam that they removed because of the political BS?
Don't get me wrong, my beloved firefox is not better. It wants me to install dev edition to be able to install anything.
Both of those things (unsigned plugins causing permanent warnings and/or only being enabled for a developer edition) happen because not doing them means leaking open the one last (huge) hole malware can infect computers through
The modern browser 1. is its own OS, but 2. doesn't have any concept of a privilege-level separation. That means any random program running as user X is free to install an extension into user X's Chrome or Firefox profile without needing to ask permission. And then said extension can harvest your social-network profiles, replace ads with their own, etc.
> Both of those things (unsigned plugins causing permanent warnings and/or only being enabled for a developer edition) happen because not doing them means leaking open the one last (huge) hole malware can infect computers through
Modern operating systems have a concept of users, groups of users and dedicating one of these to the role of administrator. I see no problem in not enforcing signing rule for the extensions installed by administrator (at system-wide locations, not user profile) - they are read only for the rest of the users anyway, so they couldn't be installed by drive-by malware. Power users are happy, naive users are protected.
If there is a malware that looks like installed by administrator, you have much bigger problems anyway. That malware could patch the firefox binary in the same way as it could deploy the extension, so you gained exactly nothing.
But the current situation just makes power users unhappy. This policy killed some extensions that were shipped by Linux distributions.
Any random program running as user X, if malicious, can do far worse things to the user than install plugins into the browser.
Apparently the major browser vendors' solution to the problem of things running as users breaking the browser is to remove the ability for users to do things. This is a bogus solution.
See: Firefox's chrome-ification of the plugin system.
I get why both browsers require signed plugins unless you are using the developer branch, on Windows 7 a huge vector of attack was malicious files loading unsigned plugins in Chrome in particular (also saw it in Firefox, but rarer) that would create popups, inject ads onto sites that didn't have ads, steal passwords, etc.
That being said, I wish there was a way I could use unsigned plugins easily, without reinstalling firefox.
So instead it's just a fallout from an earlier plot that is no less evil than this one appears to be.