No, that is just an iteration of a cat and mouse game. It doesn't matter if the technically-weak position can be overcome when it is used by parties with exponentially more money and legal power.
Fighting this fight on technical grounds alone is a surefire way to accelerate the inevitability of locked down computing platforms that restrict what the owner is capable of.
Unless it's easier to break DRM than it is to build a new implementation... Then we're just causing the companies that invest in DRM to lose more money than the companies that respect freedom.
I can't say from experience how difficult it is to break and implement the DRM used on the web, but if it's anything like the DRM used in videogames, it should be doable in a couple weeks (with enough motivation).
The end game is that DRM companies aggressively lobby government to pass laws making it illegal to circumvent a digital lock. Then if you are found to have bypassed their trivial code they throw the book at you.
Wouldn't this violate the dmca? If it's not something people can get with minimal effort, then millions of people are not going to use it.
The ad-blocking plugins are so successful because their so easy to get. If something's illegal to distribute, then it's sufficiently inconvenient to obtain (tormenting, etc.) that most people won't bother.
But sir, DRM cannot and will not be the sole factor in determining what is worth buying. I will take DRM into account, but I'm not going to let my opposition to DRM cripple my access to Media as much as the worst case nightmare DRM scenario would do.
In some fields DRM is known to be bad and I have excellent competitors making top quality experiences without DRM.
Gaming, and particularly strategy games have a glut of amazing content like this.
In Film though my choices are pay-per-performance(Which I have gleefully several times for Ultron already), or accept that the best work in genres I enjoy is behind DRM.
In Music I've no idea, I honestly just rent access to music without ads from google, and play whatever the playlist generator comes up with.
Even if I make it a hard requirement, it cannot be the only factor. I choose to place DRM-free below "Will I enjoy it" and "Do I really want store a physical copy" in how I rank things.
It's clear you advocate a different set of priorities. That's fine, but pretending that differing priorities are the same as a lack of self-control is dismissive, and annoying. Particularly when you seem to advocate a complete boycott of all companies that make use of DRM at all.
I have a quite lovely bound set of game of thrones. It's totally DRM free ;)
You're quite right about hiking though, my sanity and health would both probably benfit from the increased activity and reduced screen-time.
>That's fine, but pretending that differing priorities are the same as a lack of self-control is dismissive, and annoying.
It is the same. You know that DRM is not a good thing. Your tolerance towards it is obviously better than mine (or you haven't yet invested and been bitten), but I have yet to meet anyone other than content company execs who says DRM is an objectively good thing.
If even 1 in 10 customers said "If a piece of content contains DRM, I will not buy it unless it is on sale", there would be no DRM. You don't even have to refuse to buy it, you just have to consider it defective goods with the associated drop in value that implies.
You're one of the vast majority who cannot, or will not, resist the urge to buy, buy, buy, even when you know that a little patience would kill a system that is actively hostile to you, and your justification is that you rank "would I enjoy it?" over "is buying it actively pushing an agenda that will harm me?" on importance.
You're a junkie, and like most junkies your habit is harming not just yourself but everyone around you, and only the dealer is better off.
DRM blob is probably already broken (and if not, it will be soon enough). Those who use DRM do it despite knowing that it's useless for preventing copying. So breaking that DRM won't help that. It's some kind of distortion of the mind, not the logical reasoning here. Of course there are those who use DRM for simply sinister control purposes (i.e. DMCA-1201 supporters and the like). Those wouldn't care even if you clearly show them that DRM has negative, not positive effect on reducing piracy.
And here is the end result of people leaving Firefox for Chrome. You neutered Mozilla. There is no longer a browser vendor which has both your interests in heart and sufficient power to direct the evolution of the web.
Who now gets to choose which features are built into the majority of desktop and mobile browsers? Advertising companies.
Come on. This is the same Mozilla that promoted installing Adobe Flash for internet video since its very inception. If you're really such a purist, they should have been your enemy all along.
Nothing has changed, and the conclusion is nowhere near as dramatic as you're making it sound. The suggestion that Mozilla implemented this for market share reasons is also incredibly unsubstantiated and ignores the very obvious practical reasons they will have had: dropping reliance on large propietary application runtimes (the DRM module is much smaller and has less functionality), improving user experience, and the fact that it's an actual web standard (albeit the most controversial one).
I don't disagree that Mozilla was never a purist organization, but I think the suggestion is well substantiated. From the post announcing it:
"With most competing browsers and the content industry embracing the W3C EME specification, Mozilla has little choice but to implement EME as well so our users can continue to access all content they want to enjoy. (…) We have come to the point where Mozilla not implementing the W3C EME specification means that Firefox users have to switch to other browsers to watch content restricted by DRM."
One could argue Mozilla was quite purist when they ejected Brendan Eich because his personal beliefs were not shared by fellow employees... but more on that later.
Perhaps the real reason Brendan Eich was thrown out of Mozilla was because he didn't embrace DRM and EME? Given his stature as founder of Mozilla and creator of Javascript, he could have posed a significant roadblock if he had decided to reject EME's inclusion in Firefox.
If you put on your tinfoil hat, recall that Brendan's donation to Prop 8 was public information for several years... before it suddenly became an issue.
>"So long as people want Hollywood movies, and Hollywood is used to getting its way, and DRM vendors are pushing to perpetuate this and codify it, and put it under a fig leaf from the W3C, we have a real problem.".
This is an interesting theory and given what we know how how hollywood works in the backroom, plausible, but there are no facts to support it.
Eich was not "thrown out of mozilla". The board knew about his donation and appointed him anyways - the pressure for him to resign came from the community and Mozilla employees.
Hollywood is great at fomenting outrage, but not that much and not in that way :)
If only company boards listened to their employees and "community" all the time!
I think it's about opportunism. A situation developed and by simply stoking the fires of social media outrage, a major obstacle to adoption of DRM in a popular browser could be eliminated.
Consider the Mozilla position as soon as Brendan had been forced out - coincidence?
>"With most competing browsers and the content industry embracing the W3C EME specification, Mozilla has little choice but to implement EME as well so our users can continue to access all content they want to enjoy. Read on for some background on how we got here, and details of our implementation."
- Mozilla CTO Andreas Gal, 14 May 2014
"Mozilla will be adding a way to integrate Adobe Access DRM technology for video and audio into Firefox, via a common specification called Encrypted Media Extensions (EME)."
- The Mozilla Blog, 14 May 2014
Given that Mozilla is a nonprofit, they've got more reason than most to pay attention.
I don't really buy that narrative that all of Mozilla really really wanted to accept DRM in the browser, but this one guy is such a pain in the ass about shooting it down that they'll promote him and hope that the outrage machine takes him out, and thus fulfill their evil plan to ??????! Muahahah!
Ahem. Made-for-TV movie plots aside, it fails occam's razor, it fails basic logic, and as mentioned there isn't a single shred of a fact to support it. The actual story is shocking enough without trying to read patterns into it that don't actually exist.
"On April 3, 2014 Brendan Eich voluntarily stepped down as CEO of Mozilla."
(I'm not going to, but) I can tell you to stop posting on HN every single day of the year indefinitely. But I can't make you. I don't have that power. If you choose to, it's your choice. Eich was not fired. He resigned of his own free will.
If a customer comes into your job, tells you that you should resign, and then your boss says, "ignore him, you can stay", and you resign anyway, can you really tell me that your boss fired you?
> Bigotry? What are you smoking?
Unlike you apparently, I'm not. Since I know what words mean.
"a person who is utterly intolerant of any differing creed, belief, or opinion."
Eich was so intolerant of people who held a difference of opinion on what constitutes marriage, that he donated his own money to a cause whose sole purpose was to strip existing legal rights and protections, rights that he enjoyed himself, from a minority class through force of law. There is zero ambiguity here: I cannot possibly think of a clearer case of outright bigotry.
If you disagree, you might want to take a good, long, hard look in the mirror. Per the dictionary; I am selfish, tactless, and many other negative things. I don't pretend those words mean something that don't apply to me, just so I can feel better about myself.
This is madness. Have you ever heard of constructive dismissal?
California Supreme Court:
"the employer either intentionally created or knowingly permitted working conditions that were so intolerable or aggravated at the time of the employee's resignation that a reasonable employer would realize that a reasonable person in the employee's position would be compelled to resign"
Wikipedia:
"In employment law, constructive dismissal, also called constructive discharge, occurs when an employee resigns as a result of the employer creating a hostile work environment. Since the resignation was not truly voluntary, it is in effect a termination. For example, when an employer makes life extremely difficult for an employee, to attempt to have the employee resign, rather than outright firing the employee, the employer is trying to effect a constructive discharge."
Tell me again how Eich's employer made it a hostile working environment for him, please?
Given that he had no boss (being the CEO and all), we can only assume you mean the board members. Please point out to me a single board member who was in any way hostile toward him.
Even the two board members that resigned said it had nothing to do with Eich.
I don't think the parent's point was about purity of not having DRM in firefox, but rather that since Firefox's user base has decreased so much in recent years, Mozilla no longer has the leverage they used to in terms of browser features. In other words, if Firefox had 50% share of browser usage, they would be in a position to prevent EME from becoming an industry standard -- but since they have a much lower percentage (10% I think if you take mobile into account), they felt forced by pragmatism to include it.
And here I am heading towards Firefox from Chrome specifically because I can't watch DRM content in Chrome anymore (need silverlight to be able to watch GoT and Comedy central)
I actually do have Netflix running via Silverlight on Firefox on Linux. Winodws Silverlight is running in Wine, with Pipelight to display the Windows plugin in the Linux Firefox (actually Iceweasel) process.
I don't know what to tell you. My school uses an exchange server and I can't add attachments to emails on the online portal unless I use the old lite version on Chrome whereas I can on other browsers.
agreed. i try to explain to people that firefox is an open source program created by an organization that is trying to keep the web free, while chrome is created by one of the world's biggest advertising companies, but they don't seem to care enough to use firefox.
i feel like mozilla should give up on the soccer mom users and focus on being the power user browser. this is already the case to an extent, but they don't market firefox's advantages (like better extensions) well enough, and they don't quite focus on power-user-type features as much as i think they could.
I don't know a single non-technical user who equates freedom with their choice of a web browser. The tech community is in such a big bubble when it comes to this.
> And here is the end result of people leaving Firefox for Chrome.
Mozilla brought that on themselves by racing as fast as possible to become Chrome. If I'm going to be forced to use the Chrome UI, why would I settle for an inferior copy of it named Australis?
Then there was the Awesomebar, Hello, mandatory signed extensions, ads on your newtab page, forcing the retention of download history, and on and on. DRM is just the next step in a long, sad succession. Mozilla has been trying as hard as possible since 4.x to get us to stop using their browser. No surprise it's working.
I for one am pretty decided to move to Firefox once Mozilla integrates Servo into it (granted the performance benefits really are significant).
But I'm also waiting for Mozilla to implement its multi-process sandboxing system. Microsoft seems to be doing some interesting things on that front as well - I hope Mozilla is watching. I like the idea of having each tab in an secured app container, which sounds even better than Chrome's tab-in-a-process system.
Of course this will only work on Windows 10, but I don't think that's any reason to wait on implementing such a system (unless it has some major issues I'm not seeing, of course).
> I for one am pretty decided to move to Firefox once Mozilla integrates Servo into it
Hooray! I'm excited to have you back. :)
If your switch is gated on Servo, you might be in for a long wait: we're moving small, modular components into Firefox as we're able, but completely changing implementation languages for parts of a browser used by hundreds of millions of people is a slow, deliberate process which involves pretty significant changes not only to our codebase, but also to our build infrastructure.
Right now the immediate goal is to share either an image decoder or the URL parser between Servo and Firefox. Quite likely by the end of the year.
Follow these bugs to find out more when things land:
> I'm also waiting for Mozilla to implement its multi-process sandboxing system
I believe we're uplifting multi-process into the Dev Edition 40 release in a week or so. If not, it'll be in 41. Goal is to have it on by default in the release channel by the end of the year: https://wiki.mozilla.org/Electrolysis#Schedule
Are there any plans to build a completely new browser from Servo? Is there even any worth in that? (A firefox-esque "normal" one, not like that experimental html browser thing.)
No concrete plans. We hope to get a new mobile browser out. For Desktop we're hopeful about browser.html. As a research project we aren't really worrying about any of this yet.
browser.html is intended to be a "normal" browser, though in it's current state it isn't quite there yet :P (It's not pure web HTML, there is a small set of "mozbrowser" APIs which it uses to get sandboxing and the other necessary things)
Firefox's UI is anyway written in XUL (an html-esque xml thingy), so browser.html isn't too far from what Firefox does.
Thanks for the response. With browser.html, I think I meant functionally, like isn't it supposed to be marketed as a simple, out-of-box, no configuration browser for those who just want no hassle simple web browsing? (Because otherwise I might be confusing it with something else, although I was sure I saw that Mozilla research was doing something like this.)
Because if it is, I obviously don't want that... I "just" want a free software html/css/js spec compliant browser (obviously without the drm, or an option without that part, because that's not free software), but the catch is that I sort of need it to be quite customisable...
By which I mean something akin to the current firefox, which allows addons, a great powerful addon api, unlike chrome, allows modifying the ui (via userChrome.css), modifying display of web pages themselves (via userContent.css), developer console, setting configuration options via a config file, view page source etc.
This seems off-topic and almost like a personal feature request for Servo or whatever, but my point is that I know my "setup" isn't exactly 'mainstream', hence why I basically require powerful customisation options. For example, I'm on firefox (37), but it looks like this: http://i.imgur.com/L9P8XhC.png. And it's not exactly a whole heap of fragile customisations which are destined to break, it's "just" one userchrome file and one addon, so it's actually fairly reliable too.
I care about the ui in that I want the power to change it to what I like. If I can do that, I don't care what the default ui is. But I don't think browser.html's purpose is to be powerful like current firefox is it?
I guess normal isn't the right word. If anything, you're right, browser.html is normal, but not in the way I've grown accustomed to with the feature-filled firefox. If you're familiar with zsh and the fish shell, I mentally labelled browser.html as the special "fish shell" of browsers the first time I saw it, hence why I was quick to dismiss it as a future option. I should probably go and embed servo in emacs or something.. :)
I don't think there's a fixed end goal for browser.html; it's also a research project.
Spec compliance is Servo's problem. Customizability -- well, browser.html should be just as customizable as Firefox once it gets polished. Like I said, browser.html uses HTML, and Firefox uses XUL, both in mostly the same way. Firefox largely uses XUL because HTML wasn't so powerful in the past, but now it is, and technically we could replace a lot of the XUL with HTML5. Which is sort of what browser.html does. Many firefox UI components are slowly being replaced by html variants these days too.
Now with Firefox's addon API, you write addons using XUL/XPCOM. With browser.html it would be HTML/JS, and you'd be able to hook into any part of the chrome[1] you want. Addons would basically be like userscripts, except they would be for the whole browser chrome. So for example you could write a simple CSS addon that colors the location bar yellow, or write a more complex one that moves the tab strip to the side, or whatever.
Of course, since browser.html is still researchy, I don't think there are plans for an addon api yet. I'm just saying that an addon api for browser.html sounds like something that could be done. I haven't worked with browser.html, so I could be very wrong here.
Actually, fwiw you probably can write your own browser UI (right now!) from scratch using the same APIs that browser.html uses. Instead of fixing an existing UI by totally rearranging everything, write your own! Check out https://github.com/glennw/servo-shell to see what APIs work in Servo and how to use them.
Servo has a usable-ish embedding API, you might actually be able to do the emacs thing (it might help if you chat with zmike in the #servo Mozilla IRC room)
[1]: browser chrome = the stuff outside the layout engine; the UI (location bar, bookmarks, history, devtools, etc)
Wow thanks for the taking the time for the comprehensive reply! :) Really, my comment turned into a half-rant, and I wasn't expecting such a response!
Well honestly, if it does become "hackable" (i.e. ui, addons), then that invalidates all of what I said. But yes it is still experimental as you say of course, so I understand.
This is a bit off topic, but one thing that's really deterring me from firefox lately is the signed extensions thing. [1] To cut to the point, I'm not sure how credible random tweets are, but just as a light example, I got someone (from mozilla security) to admit it's a mistake [2]. (Sort of, I'm twisting the words I think, english actually not my native language, so I still have trouble expressing myself sometimes.)
My comment is just that I hope that servo/browser.html doesn't make the same "mistake". I.e. implement proper addon security, sandboxing etc. Because, if you guys do plan for an addons api, and if you give it the power ("except they would be for the whole browser chrome"), then you should also plan ahead on the security implications of that too, if any. I guess I should watch the servo project for any addon plans and bring it up there! But other than that, I'm not a security guy, so I cannot say what exactly to do.
If you're wondering why... yes extension signing is great of course, just not when only Mozilla has the power to do so imo: [3] (Not my blog, but iirc I think I agree with most of the post.)
And funny that you mentioned servo-shell by glennw, I actually remembered that when writing my previous comment and had a tab open on it! See my screenshot, top left! :p
Preface: I am not a Mozilla employee -- I'm a volunteer and don't speak for Mozilla. I also haven't ever written a Firefox addon, though I have contributed to Firefox in the past and roughly understand how addons work.
> I'm not sure how credible random tweets are, but just as a light example, I got someone (from mozilla security) to admit it's a mistake
Yeah, dveditz is calling it a mistake (and I have great respect for his opinions -- he's very frank about them and is very thorough when it comes to security matters). I believe he is calling the original design of addons (years ago) to be the mistake, though.
I personally wouldn't call it a mistake though. Not exactly. There are many options, and each would cause significant backlash. The blog post talks of the sandboxing that Chrome and Safari provide; but Chrome's extension API is very limited (I've used it). It's basically a userscript API with a small number of hooks.
A large chunk of Firefox's user base uses Firefox just because of the power of addons. There are many addons that would just not be possible in other browsers. Restricting the addon API would irreplacably break all these addons and many users would leave because their favorite addon just isn't possible anymore.
A proper permission based sandbox that exposes all the original features sounds easy, but isn't. The blog post seems to oversimplify things. The original API was to simply expose all the browser internals to the addons (with a bunch of extra utility methods). Creating a well-structured, sandboxed addon API with the same capabilities is a really, really hard problem. We can't just selectively expose functions -- browser internals were not designed to be secure in such usage, so we need to provide a whole new shim over the internals and take a lot of security things into consideration. This is a lot of work, and cannot be done in a reasonable timeframe. In the meantime, people are getting their browsers hijacked by rogue addons, which is much worse.
Same thing goes for transparency. You need a proper shim to get that, otherwise you need to turn on logging for the whole of the browser -- there's no way to tell if a request originated from a method call by a browser internal, or a method call by an addon (except for a direct request). There might not even always be a clear distinction!
The review experience could be improved; but Mozilla has limited resources and with reviewers mostly being volunteers, this is also very nontrivial.
Sideloading will always be possible unless addons are encrypted with the user's master password. Firefox's source code is public, so the format of the user data dir is public, so anyone can add stuff. Master password encryption for the full data dir is an interesting idea (it might already happen actually; never tried it), but I don't think it will fix the bulk of the problem which has to do with non-security-aware people getting their browsers filled with crap.
Making code signing optional -- It's a tossup here. I was quite annoyed when Chrome did that for their addons since it made it hard for me to share userscripts. But the sad thing is that people will just write instructions to flick that switch. I personally think that we should draw the line there, really[1] -- if we can't stop users from clicking through warningy warnings it's mostly a lost cause. Besides, attacks can always be through direct exe downloads in that case. I personally hope that Mozilla adds the option to bypass this in the future like Chrome did, but I don't think that's going to really solve the larger problem.
I think the best way to handle this would be to use signing as a stopgap measure, and slowly roll out a permission-based sandbox API that has limited functionality but doesn't need signing. It can start out with a Chrome-like API with the most commonly used features, and expand a bit into more APIs until eventually mostly everything is covered. I do believe that it was a mistake to not plan to do this, however note that this solution is still possible.
But overall I find it to be a case of "you can't please everyone" here.
> yes extension signing is great of course, just not when only Mozilla has the power to do so imo
FWIW the reviewers are volunteers, so it's not as closed a situation as it's made out to be. Still not perfect though.
> My comment is just that I hope that servo/browser.html doesn't make the same "mistake"
We don't plan to. No idea about browser.html, but Servo plans to have proper sandboxing and other things. See [2] for a library Patrick wrote to help for this (i nfact its use cases in Servo extend beyond plugin sandboxing). Plugins are on our mind, and sometimes come up during meetings/discussions, though we haven't done anything about them yet (no immediate plans either). Too many other priorities :)
Of course, servo plugins would be for stuff like Flash (ick) which need to interface with the browser engine itself. I'm not sure how browser.html plugins could pan out. It should be possible to provide a sandboxed API via the mozbrowser extensions, but I'm not sure.
> And funny that you mentioned servo-shell by glennw, I actually remembered that when writing my previous comment and had a tab open on it! See my screenshot, top left! :p
> Right now the immediate goal is to share either an image decoder or the URL parser between Servo and Firefox
Interesting, it seems like there would be an order of magnitude (or more) difference in effort to write these two things. The third link you gave links to mp4parse-rust, is that what you mean by image decoder?
Media Source Extensions (MSE)[1] were added for YouTube HTML5 video, and is different from Encrypted Media Extensions (EME)[2], which is what allows DRMed videos.
MSE allows things like adaptive bitrate while streaming and programmable video buffering without a plugin.
This is ridiculous. In every other example, we say "innovate or die" (think taxis and Uber). In this case, Mozilla did not innovate as quickly as Chrome, and made a number of bad decisions, which led to their loss of market share. Consumers should not be blamed for picking a new product when it outpaces the old.
Mozilla itself deserves to shoulder at least as much of the blame due to a number of decisions that range from mediocre to downright terrible. And I'm not even talking about what happened with Brendan. I'm talking about the organization's downturn during the years that directly correspond with the tenure of people like Gary "JavaScript rendering engine" Kovacs and the years that saw Sullivan at the height of his influence.
The engineers aren't blameless either, having allowed themselves and the engineering culture to become the target of whatever neutering that did occur. "But I mean, these are business people; this kind of stuff is what they should know, right?" Sure, right. Totally let 'em go ahead and pursue those useless fucking partnerships at the costs they're coming with. After all, that's what real businesses look like.
What happened with Brendan may be very relevant. See my post further up in this thread.
Brendan did not like what the W3C was doing with DRM and was quite vocal about it. His prop 8 donation was public knowledge for years and nobody had a problem with it... but then suddenly the board, the employees and the community were outraged.
As soon as he was forced out the other execs at Mozilla announced they would be implementing DRM and EME. Coincidence?
You forget that another significant event happened at the time; he was nominated for CEO. That puts a person under a lot of scrutiny in the first place. I would say that it was indeed a coincidence.
I left Internet Explorer for Firefox because I was unsatisfied and jumped to the first viable alternative. I left Firefox for Chrome for the same reason. I'll jump to the next viable alternative as soon as it's available.
You would think that but chrome is much more insidious than other browsers. I can log in to chrome on all my devices and share bookmarks, apps, sessions, passwords, etc. That makes me a sticky chrome user because I lose all that functionality if I ever switch.
You really don't. I switched a few months ago because Chrome was crashy, it took all of two days, and a few more until I stopped using Chrome completely.
What irks me about Firefox is that tabs aren't separate processes, so one sticky tab will make everything sluggish, but that's about it.
Firefox absolutely does that for you [1]. You can even run your own sync server if you are into that sort of thing [2]. Works on all desktop platforms and mobile platforms that firefox runs on.
I guess if you consider the new DRM integration a potential attack vector it removes that possibility.
But, if you're going to install this in the first place you won't be consuming DRM content - so you probably won't even be visiting the sites that have it anyway and using the feature.
You might worry that you wouldn't notice which sites are using it. Or you might want to send a message to sites, or to Mozilla, that you think DRM is bad and that you don't want to have DRM implementations installed.
One of the worst things about each browser vendor's decision to support DRM is that it makes the choice to require DRM less costly for new web sites that are considering it. So even if you think Netflix could never have been budged, random site X might now say "cool, we can control what people can do with video on our site, at a surprisingly low interoperability cost to us!". If you want to avoid that outcome as an end-user, you have to do whatever you can to increase potential DRM adopters' view of the market share they will put at risk.
Also, if you do visit a site that uses DRM and your browser doesn't support it, it will show up in the server logs, so just using it is sending a message.
This end does not seem to be served by niche browsers which will be used only by the EFF-card-carrying subset of the tech community, people who are most able and least ethically inhibited from piracy anyway.
This is a good reason to keep the functionality out of mainstream browsers, but it doesn't seem to work if it's just us using deliberately hobbled browsers.
How typical of the DRM/closed-web subset of the tech community to justify their collaboration with accusations of piracy at those of us trying to create a free and open web.
Resisting any type of DRM from the very beginning is important, because the fight will be a lot harder once there is an established community of users. Educating people about DRM is hard enough; it is almost impossible when it also requires convincing people to give up some service (i.e. netflix) that they have grown accustomed to.
This is the latest battle the ongoing War On General Purpose Computing[1], and a lot of people that should know better are choosing movies and the dream of short-term profits over long-term freedom.
Wow, when I clicked to see the comments section here on HN it was kind of the other way around in my head. I thought "Yes! Finally good news from Mozilla!" I don't need this binary blob on my computer and therefor I don't want it because I can never know what it does. Why use Linux if you end up running closed source binary blobs anyway? (I understand that somewhere down there I still am using some propriatary nvidia driver or something but if I can avoid it then I would like to be able to.)
The DRM plugin is downloaded and installed automatically with the "normal" version of Firefox. So if you don't want to be downloading purposely-obfuscated proprietary Adobe binaries, you have to install this version.
Also, by default, EME activates on any webpage that requests it.
If you disable EME (in the Firefox Preferences menu by unchecking the "Play DRM content" checkbox), Firefox will delete the Adobe CDM binary if it has been installed.
I bet "how many people downloaded the DRM-less version" is an important statistic for Mozilla - Having FF in the middle of an automatic update, I'll be getting the other version however, and I wonder if having disabled this feature, will the browser call home to count towards it...
> I wonder if having disabled this feature, will the browser call home to count towards it...
It will not. Currently the only telemetry related to EME is the VIDEO_EME_PLAY_SUCCESS histogram, which counts successes/failures of playback. It's only enabled then EME itself is enabled, though.
Doesn't EME imply a kernel component? To safeguard the encryption keys and to generally complicate an access to the raw media? If so, does it mean that this Firefox update touches the kernel?
It does not imply a kernel component. From the point of view of the browser, EME is an API to a sandboxed binary (the CDM) that decrypts video frames and sends them back to the browser, which then presents them to the user. The CDM might use kernel facilities for storing encryption keys.
Does this update add Adobe's stuff into kernel or does it not (e.g. if Adobe is just piggy-backing on Windows PMP)? Can anyone from Mozilla comment on this?
This is a principal question, because if there is an Adobe's kernel DRM driver in this update, then it makes sense to go with the "EME-free" update instead of adding and then, hopefully, removing 3rd party junk from the kernel as per that Mozilla KB linked elsewhere in this thread.
Neither Firefox nor the Adobe CDM install any kernel code. The Adobe CDM is, conceptually, the Flash Player's DRM code repackaged to work with Firefox's CDM API. And the Flash Player doesn't need to install new kernel drivers. Studios have different DRM requirements for video quality levels like HD, non-HD, "Studio HD", and "Ultra HD". For higher quality video, studios might require secure hardware path. Even this level, AFAIU, doesn't require new kernel drivers because Windows already has APIs for this.
If you're morally opposed to DRM, then it's a surefire way to ensure you don't unknowingly use a service that requires it, thereby encouraging its proliferation.
"We very much want to see a different system. Unfortunately, Mozilla alone cannot change the industry on DRM at this point. In the past Firefox has changed the industry, and we intend to do so again. Today, however, we cannot cause the change we want regarding DRM." https://blog.mozilla.org/blog/2014/05/14/drm-and-the-challen...
Without getting too preachy about DRM itself... the need for computing tools that exist outside of the fictitious corporate-goverment-legal structures dominated by power and money are essential to ensuring human freedom in a digital world. As we choose and are forced to have more of our lives moved into this realm, it becomes more relevant every day.
Many people do not care about those things, and prefer Netflix et al over such matters, or perhaps have never looked closely at the issue. Mozilla has (had?) a tradition and reputation for caring about this. I suspect that many of us would prefer them to go even further, such as not implement the feature at all in protest.
Publishers who want to protect their content against piracy and don't want to use cumbersome expensive solutions. Traditionally DRM has been a hassle for legal users, expensive to publishers, and complex to encode and host video. Having a browser standard would make it convenient to users and publishers.
The original commenter was asking why people would want to prevent their browser from having DRM support, rather than why publishers would want DRM. (For DRM opponents, having convenient and standardized DRM is worse in many ways because it is more likely to be adopted in more circumstances.)
I can't think of a good reason to deliberately remove it from your browser.
Why would it be worse if more companies used DRM? I can think of some edge cases on obscure devices or if you are pirate but other than that it seems like legal users would be unaffected and not even notice it.
> it seems like legal users would be unaffected and not even notice it.
Yes, just like Sony said in response to the rootkit scandal – "Most people don't even know what a rootkit is, so why should they care about it?"
DRM is a declaration from the publishers that they distrust you so much that they must be granted absolute control over your machine. You can't retain higher privileges over your own machine than they have, or else you would be able to circumvent their system and it wouldn't work.
Why would you trust someone who has declared themselves your enemy to run arbitrary code with root privileges on your machine?
That highlights the need for standard DRM rather than having each company using their own code that runs on your computer.
With a standard DRM solution, the only person you would need to trust is the browser vendor. This seems like a better alternative than having a company force you to use their DRM.
But that can cut both ways. If having DRM on a computer at all is offensive to a user, than having a standard DRM method can make it all the harder to avoid.
And I don't think it's a very strong argument that fewer companies rolling their own DRM will be such a great thing, and I'd be surprised if DRM opposers would be relieved that fewer companies are rolling their own DRM if it means its harder to avoid ANYONE putting DRM on their machine. It's like a choice between letting independent, small-time thieves into your home, or having the Mafia allowed to organize, with the blessing or apathy of the general community. The first may be a more dispersed, less coherent adversary, and it might be harder to be confident that their crimes are high quality. The second will act like they already own your house and that they are affording you the privilege of living their under their "protection". But at least with the first, when everyone's not already used to them owning the place and aren't intimidated into accepting them, you can rely on some widespread denunciation of the robbery.
Standardized, widespread DRM is much more like these companies and committees acting like they already own our computers, that how we use them and how we connect them to internet is a privilege we enjoy only at their direction.
The insinuation that opposing DRM has mainly to do with wanting piracy to be easy is a common straw-man. There are many who oppose piracy who also oppose DRM, for very compelling reasons that aren't just limited to edge cases or using obscure devices. For such people, it would be worse if more companies used DRM because it would mean losing the fight against DRM. More and more people who don't care about the issue will be used to dealing with it, and it will be seen as harmless when it's more widespread and ordinary users aren't bothered by it. That is very disheartening to those of us who find DRM seriously threatening to the kinds of grass-roots technological and social innovations that make us so excited about the internet.
oh you can't watch this video your paid for on your computer because reasons.
You need to use this crappy video player instead.
Oh you can only watch this on 3 computers and you have hit that limit.
the license for this content has been lost, you can't watch it anymore.
Compare that to the pirates life:
Click play -> watch movie.
There was actually an interesting article a while back about DRM not being about preventing piracy, but rather enforcing methods of watching (so 100% to control legitimate customers).
Apparently DRM doesn't work on Linux, yet - but either way: how can DRM even work with Free software? If I can modify the source and build my own version, surely I can [make a version of the software that] strip out the DRM? Would that make Mozilla liable as facilitating breach of the DMCA?
Or is the DRM bit really in a binary blob supplied with the gpu/audio driver? [And support in the browser is just to facilitate shipping the data to the correct api entry point]
This is obviously the main issue. The DRM component itself is nonfree, downloaded from Adobe's servers (iirc).
With this DRM section in the official html specification, it is impossible to implement a fully html spec compliant, free software browser, which personally I think is outrageous.
At the end of the day, it's still "just" a spec, but I don't think someone (like the WHATWG previously) can just come along and "fix" this and get everyone on their side. At the very least, this almost feels like a betrayal by the w3c.
The plain truth is that no one cares about free software, even when the software (a web-standards compliant web browser) is concerning one of the greatest technological revolutions in human history so far (the internet), which is just honestly sad in my opinion.
On the topic of firefox though, I hope Mozilla keeps the DRM part of the browser an opt-in to download, rather than coming directly with the firefox package itself. Anyone know if this is still the case or not? Also, does anyone know if this DRM component is in the linux packages? (The article mentions only windows vista+.)
DRM is not free software. EME itself is not DRM. It's an API to interact with DRM module. Which doesn't make it any better. It should have no place in HTML standard.
Aside from everything else (NOT that I am happy with the context), I am simply disgusted that Adobe is being "rewarded" with a role in this.
Not just their ongoing security fiasco, but also having had to deal with their tremendously incompetent technical support, have left me permanently opposed to their company.
Yes, the design allows for an arbitrary party -- I guess, although ties to / use of TPM and whatever mean that, in practice, there will be a much smaller field of... "mainstream" providers. In practice, though, meet the new evil, same as the old evil.
Netflix are hypocrites (and all this is primarily their fault). They claimed that this DRM garbage in the standard wasn't their desire, and they did it to oblige obsessed publishers. Yet, where is their own content DRM-free?
Yes, it's important to keep in mind that while Netflix is fighting bad people and we like them for that, many things they do are against consumer interests. Like Steam. It's just that the alternatives are so worse, we give them a pass.
You're right: Someone should corner them on why "Netflix Original" content isn't DRM free. (Or why they still restrict access and subtitles based on region, for "Netflix Original" titles.)
DRM for Netflix is about putting up barriers. Just like Amazon convinced publishers to go with Kindle DRM, giving Amazon the power in the end. By encouraging DRM, it's harder to compete as it is one more thing to do that Netflix already has. It's not as powerful as Kindle's lockin - content licensing is a bigger deal. Apart from that? Well, Popcorn Time provides a much better experience than Netflix. (Proper subs, force HD, use better player to normalize audio ("night mode") or otherwise tweak viewing, no messing with proxies, etc.) My wife and kids are already starting to use PT, even when the same content is on Netflix. Yikes. (Torrents + put.io was already pretty slick, but slightly more difficult (2 apps, one extra click).)
Popcorn Time though goes against the principles of distributed network like BitTorrent. I.e. it prioritizes first data blocks most and as such it's not network friendly, since network is built on assumption of equal prioritization. So while it's an interesting idea in general, it doesn't sound like the right solution technically.
Anyway, it's going a bit off-topic here, except may be it's a good reminder that DRM should never be used since it only punishes legitimate customers and does nothing good.
It's possible to dislike DRM but also understand that it is necessary for your business to function. I imagine the majority of their content comes from sources which demand DRM.
If I were Netflix, I would use my own content (such as House of Cards) to demonstrate that it's possible to go DRM-free.
> If I were Netflix, I would use my own content (such as House of Cards) to demonstrate that it's possible to go DRM-free.
That's primarily my point, but I don't agree that DRM in necessary for business. Music is sold DRM-free, games are too (GOG). So there is no reason why video can't be. Someone just have to break the sick status quo.
I don't want to be off the normal firefox release cycle, but I also don't want my browser to have DRM.
Why couldn't this be an install option and a preferences setting in the normal firefox version? It could even be enabled by default. Then people who care about DRM when they install have the option of disabling it, and people who care about it later once they realize the evils of DRM could disable it in their preferences. If someone installed without DRM but wants it later, the preference could download the DRM at that point instead of automatically.
The interesting part of this is the "sandbox" intended to keep the DRM module out of parts of the system you don't want it messing with. Some general commentary here:
Will in-browser DRM prevent someone from running some screencast software? I dunno... it just seems like if I can see it with my eyes and hear it with my ears, then software can do that also, DRM or not.
"That DVD you bought? The one from a different region? It won't play and the reason it won't play is because of DRM. You think you can just put it in your laptop and use VLC, but you forget that your laptop DVD drive is probably region-locked in firmware, so although yes VLC ignores region coding the drive doesn't, and will enforce the region coding and refuse to play your DVD. I can fix it for you. Here's the list of stuff we need to do:
1) Find out the drive name and model number.
2) Find and download a firmware file for that drive.
3) Patch the firmware to turn it either into RPC1 or into auto-restarting RPC2.
4) Flash the file.
5) Carefully never ever use certain software and always cancel out of certain dialog boxes.
All this just because rights-holders want to stop you buying a new DVD from outside your region."
The amount of people buying off-region DVDs is awfully low. There are a thousand betters reasons to reject DRM such as not owning your product anymore ("That iTunes music ? Yeah, they can revoke your access at any time.").
The ability to do something does not hold any weight with the people you're trying to convince.
"Oh sure, Apple can revoke my access time, but they never would!"
It's the same thing as "Oh I'm sure the government COULD access all my data, but why would they want to?"
Region-locking affects more people than you might think, just not with DVDs anymore. Most of the world using reddit/hackernews/the internet is constantly faced with the frustration of clicking on a youtube link and seeing the copyright notice that says the content is restricted to US-only.
The US gets that, too. We get it a bit less because so much is produced here; but I've definitely had my share of "Sorry, the owner of this video has not made it available in your region" notices.
It would be nice if it told me which regions were allowed, so I knew which VPN I should use :P
When Google, Microsoft and Netflix specced, implemented and shipped EME, there was no significant pushback. Of course, as you say, average users don't care - they don't even understand the issue. But tech people didn't care enough either.
Instead, tech people flocked to products made by at least 2 of those 3 responsible for EME. And they kept installing those products for their non-techie relatives and so forth.
The real reason EME was not stopped is that people in the tech industry didn't care. A few of us did, of course, but the majority of us simply didn't. Most tech people agree that DRM is bad, but as a group we did not decrease our usage of Google, Microsoft and Netflix products containing EME.
Right on it. Most users use the things they do because they're either easy or there is no other feasible choice. Will a user download a plugin when a browser can now "guarantee" most forms of content to play without one? I know I probably wouldn't.
Surely there was, at least, some kind of open-source alternative for getting/fetching/caching these keys? Or does it truly rely on blackbox obfuscation?
The client ultimately has to decrypt the data somehow. So the key is there on the client. I take it obfuscation is the only thing standing between the user and that key. Am I correct about that?
Which makes me wonder: How much security does HTML5 DRM really provide? Security through obscurity is a very weak defense, and one that is almost invariable defeated sooner or later. Will this really prove a hindrance to piracy in the long run?
This isn't security through obscurity, unless the DRM implementation being a secret actually does provide security. I doubt it does, beyond the fact that an audit of the source could probably find a load of security issues.
I don't necessarily disagree. But how, other than through obscurity, does HTML5 DRM inhibit copying, given that the client possesses the decryption key? (Let's assume the would-be attackers aren't dissuaded by any laws that might apply.)
Yep - when they asked why the online service that they bought DRM ridden content from closed, and now their purchases were lost (they were asking what to do/how to do it).
There have been a plethora of these. I don't remember much because I'd NEVER pay for DRMed media that I wasn't sure I couldn't get around. E.g. DVD is OK since there are plenty of rippers.
Here are a few cases I recall:
Microsoft screwed a bunch of people with PlaysForSure. Even the brown bar of turd wouldn't play it:
The Zune and PlaysForSure music are both
Certified for Windows Vista, yet the Zune
cannot play PlaysForSure music purchased
from the MSN Music Store[1]
MLB did the same thing:
Some hardcore baseball fans have been left
stranded on third base by Major League Baseball
after it decided to change DRM systems. As a
result, game footage purchased under the old
DRM scheme are no longer viewable, leaving fans
with unwatchable footage—and no refunds.[2]
How many people is that, though? 10 out of the 7 billion people on Earth? That's a very small fraction.
Unless the world population suddenly decides to become digitally literate enough to understand the web in a programmer's context, these patterns of bad unwritten standards will continue out of convenience for the "soccer mom" end user.
You know, I'm sick of people making such a big deal just becasue Mozilla lost its CEO in such an awful way that he didn't even return to his CTO role. Just because he literally wrote JavaScript, co-founded Mozilla and worked on Firefox since it was called Netscape Navigator it doesn't mean he should be able to take part in America's political process in a way that some find offensive.
It is possible for someone to be a brilliant technologist and an otherwise awful person. And before someone takes me to task for the words "awful person" - sorry, that's my evaluation of someone who'd rather lose their job than say sorry for the prejudice.
That's the only thing I respect him for. That he wasn't willing to lie about his position and say his views had changed. Because if he had, it would have knocked all the wind out of the opposition's sails. Yes, he's absolutely an awful, vile person who thinks he's better than other people and entitled to special rights. But at least he's not also a liar.
What bothers me more is the way everyone perpetuates the lie that he was fired. Nobody forced him out. The Mozilla board were completely tone-deaf to the outrage it caused. He voluntarily resigned because he realized the harm he was causing the company; but if he wanted to, he could have stuck around anyway.
But if some fantasy narrative exists where the board gave him a secret ultimatum, then I take back what I said about respecting him for not being a liar.
Please stop posting your nonsense that Brendan Eich voluntarily resigned. Everybody knows that he was forced out and to pretend otherwise is insulting to anybody reading.
But Eich did not have to resign. The board never even so much as asked him to step down. He chose to step down because he realized how toxic he was to his company's reputation as CEO.
The owner of Chik-Fil-A has taken a lot of flack too for his hateful views, but he sticks around anyway. And as a result, I don't eat there. Eich could have done the same if he wanted, and I would have just not used Firefox at all anymore. And now if you don't want to use Firefox because he chose to resign, then don't. That's your right. If you want to complain about others who protested his promotion, do so. That's your right. But don't claim he was fired when he clearly wasn't. Mozilla's own press release states very clearly that it was voluntary.
The tech community tends to be more progressive than fast food consumers, so the pushback was a bit louder. But Eich had plenty of bigots on his side of this, too. After all, roughly 45% of the country still believes gay people are not deserving of equal treatment under the law.
Maybe you didn't; I also wasn't directly referring to you alone.
I don't know what you want, some kind of world where people are forced to be tolerant of intolerance?
Regardless of which side you are on, or which side the public was clamoring for, it's basic free speech going on here. People can say whatever they want. And Eich could have done whatever he wanted in response.
Exactly! He managed to put the company's best interests before his own, and chose to resign. But he wasn't fired: the Mozilla board did not ask for his resignation. He could have stayed if he wanted to.
It's terrible if it was for being offensive. What it should have been about was a lack of elegance and logic. Marriage should be a legal/tax/etc contract between 2 or more consenting entities that can legally enter into contracts. Anything else is a hack, and en engineer should know better.
(There's also the minor issue of running an org with policies directly against your own. While not technically a blocking issue, one must wonder about a person's commitment to something when they are actively against it in their personal life.)
Well allow me to extend thanks to you and everybody like you for damaging a very important Open Source project at a very important time. I understand it would have been difficult to sit down at the negotiation table with Eich and set an example for everybody of how to work with people you have disagreements with, but it would have been the right thing to do.
How do you foresee a negotiation with someone's core values progressing? There's a fundamental incompatibility there, not just something that can be talked and reasoned around.
You personally, the guy typing the letters into this box, what do you think the outcome of such a "negotiation" would be if it were as successful as humanly possible?
At the end of the day, Mozilla's entire mission statement is contrary to Eich's stated beliefs.
Were we talking about peons rather than C-levels, the words would be "bad culture fit".
There's nothing in Mozilla's mission statement[0][1] incompatible with Eich's personal beliefs.
> You personally, the guy typing the letters into this box, what do you think the outcome of such a "negotiation" would be if it were as successful as humanly possible?
I think it would have been adults acting like adults and accepting you don't have to agree with somebody in order to work with them. Eich already demonstrated he was willing and able to do just that.
From 1998 when Eich co-founded Mozilla to 2005, after seven years as the chief technologist and member of the board, how did he misuse his power? From 2005 to 2014 while Eich was Mozilla's CTO, was Mozilla hostile to the LGBT community? How many discrimination lawsuits did Mozilla have to settle because of him?
Eich spent 16 years at or near the top of the Mozilla, yet there's no pattern of discrimination, not only is there no pattern I've been unable to find any evidence whatsoever that he was unable to set personal differences aside. Worse yet for your case is that Eich helped build a very inclusive company where LGBT persons have always been, from what I can tell, quite welcome.
The question here is not "Did Eich's presence cause an exclusionary atmosphere at Mozilla?", which is what you appear to be arguing. As you mention, the answer is no.
The question is actually "Is it appropriate for someone who takes active steps to treat some people as undeserving of basic rights[1] to take the ultimate leadership role in a diversity focused company?"
That answer is no.
Going back to your "negotiation" statement - he was given that option! The pichforks didn't truly come out until the number of his non-answers on the issue. Someone saying "we support diversity" doesn't sound right when that can be instantly rebutted with "Then why is your company run by someone who donated against LGBTs?"
It looks bad for Mozilla, and there's no good answer for that question - really!
Eich had three valid options from that point on:
* He could repudiate the donation and this would have evaporated overnight. Those views were apparently important enough to him to prevent such an option.
* He could not do so and stay, and Mozilla would suffer due to the volume of people who stated they would not work for or with someone who did what he did.
Two things to keep in mind: People are/were angry at Eich for his actions, not his thoughts. His thoughts are not conclusively knowable, his actions are.
Also remember that Prop 8 passed, and it took another 6 years for equal marriage rights to clear in California as a result - were I living in California during that time, I'd have felt pretty scandalized too, moreso if I were actually working for Mozilla at the time.
* He could not do so and move on. This was the chosen option.
>He could repudiate the donation and this would have evaporated overnight. Those views were apparently important enough to him to prevent such an option.
So for you the best course of action would be to hypocritically pretend to be sorry in order to appease the clamour of the crows? And as he didn't, as he stayed true to his positions not flipping like a coward because he was pressured to do so, he deserves what he got?
That's irrelevant. What you think of his principles is irrelevant. He did nothing wrong or illegal except take a position that did not coincide with that of a very loud and mean crowd. Even if you or I do not agree, it's indeed admirable he had the courage not to flip to save his skin.
> The question is actually "Is it appropriate for someone who takes active steps to treat some people as undeserving of basic rights[1] to take the ultimate leadership role in a diversity focused company?"
First, it's not a "diversity focused company" it's a company focused on building a Free and Open internet. Being socially inclusive in their internal culture is secondary. Moreover Eich's definition of inclusivity was perfectly in line with Mozilla's which is that not only are sexual orientations protected but so are religious views as long as the person interacts constructively with the community. He had his personal religious views and by all accounts he didn't let them prevent him from interacting constructively with the Mozilla community.
> "...and Mozilla would suffer due to the volume of people who stated they would not work for or with someone who did what he did."
It was less than 10 employees who asked him to step down, none of them were his direct reports, how many threatened to leave?
There's absolutely no reason that he should be forced to apologize for his donation. I don't agree with the donation but I'm an American and I think it's extremely dangerous to go down the road of persecuting others for taking part in political campaigns, etc.
I agree with you that Eich's actions are to a large extent known, so I again challenge you to provide me with a single shred of evidence that in his 16 years at Mozilla Eich treated even one member of the LGBT community unfairly from his position of power.
I again challenge you to provide me with a single shred of evidence that in his 16 years at Mozilla Eich treated even one member of the LGBT community unfairly from his position of power.
But again, we're not worried about Eich's impact on Mozilla, which was, as you say, positive. I don't think he did abuse his power or hurt anybody by his actions at Mozilla - at least not from the 90's to 08 which is when the first inkling of his views became public.
More importantly, Mozilla does not exist in a vacuum - and in my mind, accepting this without protest equates to putting the success of a single company over the rights of untold numbers of people.
Let me try this another way. Put yourself in the shoes of an LGBT working there. Your boss appears to be a nice guy, very professional, a technical genius. He's up for promotion to C-E-frickin-O!
..and then you find out via the outrage machine that he's donating to groups whose /one and only/ reason for existing is to marginalize you.
Imagine how that would hit you.
What do you think that will do to your working relationship with that person?
Would you be proud to say you work at Mozilla after he becomes basically the guy running it? "Mozilla now run by a bigot" - and worse, that wouldn't even be an exaggeration!
Your boss apparently isn't such a nice guy after all.
Does it make at least little more sense now?
This role playing exercise aside. I really, truly, do not understand how you (the collective HN readers "you") can on one hand be upset at the community for expressing their displeasure at Mozilla (and sure, there were idiots that took it too far, but the consensus was loud and clear), and on the other hand, be perfectly okay with Eich reaching into his own wallet to help marginalize people (and having looked at the website again, linking Mozilla's name to it!![1]).
This view is fundamentally alien to me - I'm a geek, but at the end of the day, the people are more important than the computers. I cannot see the justice in placing Mozilla's well being over millions of people's basic rights.
You're moving the goalposts here--you initially wanted to paint Eich as this evil bigot, and then when presented with the "Well, in 16 years, where's the proof", you hem and haw.
Imagine you were a staunch socialist, and your boss is friendly, supportive, and competent. Then, she gets promoted to CEO. And you find out the CEO of your company donated massive bucks at a fundraising dinner for, say, Mitt Romney. What do you think your working relationship?
Hint: you shouldn't be a single-issue person. If they've done well by you and others, even if you disagree with them or function differently than them politically, you should treat them with courtesy and kindness.
I think I conceded that point in the previous post.
I think your example sucks, because as previously mentioned above, a person is not an issue. Donating to a guy and donating to a cause are two different things
you initially wanted to paint Eich as this evil bigot
With that, I am not participating further in this conversation. Either I am not communicating clearly, or you have some other reason for choosing to ignore things I've already covered. Either way, this is no longer constructive and we're both wasting our time.
Yes, I can handle working at a company where I think the CEO is a piece of crap because to me that's part of being an adult.
I've worked with people who endured things like metal holding their bones together because the people who managed them couldn't be bothered to look out for their safety. So do I care that somebody might have their feelings hurt by their CEO's social views? Not really, not when there's zero evidence he created a hostile or unfair workplace.
> and then you find out via the outrage machine that he's donating to groups whose /one and only/ reason for existing is to marginalize you.
This is just ridiculous, it's like you never took the time to understand why people supported Prop 8. They were afraid their churches would be forced to marry same-sex couples and when they expressed that fear they were called bigots so they sought legal protections. I'm not religious and I don't go around apologizing for them very often, but I think calling them bigots it's going too far.
My edit's not showing up on my other post, sorry for double-replying.
> ....The pichforks didn't truly come out until the number of his non-answers on the issue. Someone saying "we support diversity" doesn't sound right when that can be instantly rebutted with "Then why is your company run by someone who donated against LGBTs?"
> It looks bad for Mozilla, and there's no good answer for that question - really!
I think this accidentally hits the nail right on the head. Eich had to go because people couldn't handle the complexity of the situation and so they chose a simplified version where everybody involved was either good or evil. The reality was Prop 8 wasn't so great, but that's a lot of baby to throw out with a very small amount of bathwater.
There is nothing whatsoever in the Mozilla Foundation statement of values that is incompatible with whatever political stance Mr Eich had personally. Flushing such an important person out the door because you find his position bothersome is nothing short of repulsive.
But I'm sure you know this already. If you still don't give a damn, it's because you firmly believe that anyone that doesn't share your values on such a (fashionable) issue as gay marriage is a horrible person who deserves to be scorched clean off the company he founded.
"Mozilla-based activities should be inclusive and should support such diversity."
Okay. If Eich was still there, this must logically be followed with:
"..Nevermind that one C-level guy over there who took positive action to deny some of you rights, this absolutely will not impact anything in any way and we as a company still hold these views of diversity and openness."
Having someone with his beliefs at such a high position makes the entire "diversity" thing ring rather hollow. No matter what you think of the whole situation, I think you can see the dissonance that would cause.
My experience with human beings is that precisely nobody can silo their beliefs like that.
So we need to stop discrimination before it happens? How do you feel about implementing some pre-crime measures nation-wide? As soon as he started advocating some anti-gay hiring policies, or rejecting pull requests from transvestites, then the consequences would've made sense to me.
Though that's an idealist view, in reality letting him stay would've been interpreted as an endorsment by all the people making a huge fuss about it, in my ideal world no one would've cared to begin with.
Instead of adding to their CPG you should've actually read the parts that don't agree with your view
> Some Mozillians may identify with activities or organizations that do not support the same inclusion and diversity standards as Mozilla
Diversity and inclusion should mean including people who don't agree with diversity and inclusion.
I'm having a really hard time writing this without snark, so forgive me if any of it comes through:
In reality letting him stay would've been interpreted as an endorsement by all the people making a huge fuss about it
Those people "making a huge fuss about it" were denied equal rights for an additional six years thanks, in part, to Eich. Are you suggesting they should have just shut up? Where do you draw the line?
Diversity and inclusion should mean including people who don't agree with diversity and inclusion.
We're going to have to disagree on that. Rights are rights - I don't see how tolerating someone who thinks gays are inferior is one whit different than tolerating someone who thinks blacks or women are inferior.
> Those people "making a huge fuss about it" were denied equal rights
> Where do you draw the line?
At "anger doesn't justify actions that hurt others". I'm not sure what your point is, getting him fired didn't help... A guy was denied the first amendment and mozilla lost a talented engineer, a net loss.
> Rights are rights - I don't see how tolerating someone who thinks gays are inferior is one whit different than tolerating someone who thinks blacks or women are inferior.
Provided they do not act on those beliefs, I agree, people should not be persecuted based on some beliefs ingrained in them from childhood. Looks like I'm more tolerant than you are.
For what seems like the third time this thread, Eich stepped down. He was not fired, he was not asked to leave by the board. He quit. This is not a trivial distinction and it smacks of dishonesty that you continue to repeat it.
Provided they do not act on those beliefs,
But he did act on them. Eich didn't get people mad at him because he thought gay people were icky, he got people mad at him because he took action to strip away their rights.
> Diversity and inclusion should mean including people who don't agree with diversity and inclusion.
This is basically a variant of the argument that is used by religious business owners who don't want to serve gay people... "you are infringing on our right to practice our religion!" they say.
The point being, you have rights, but you don't have the right to infringe on other people's rights.
Does donating to a thing imply anything other than support for the thing?
Does someone who donates to a presidential campaign envision any other outcome than election of the donate-ee?
Does someone who donates to a political lobbying group envision any other outcome other than fulfillment of the lobbying group's goals?
It's not like he donated to someone who just happened to have an odious belief, he donated to a group who's entire reason for existing is straight-up bigotry.
Speaking generally, rather than about Prop 8, I suspect the answer to your question is "actually, yes a donation to a campaign could imply any number of alternatives".
We like to think of politics as a simple matter of supporters and opponents for the cause at hand. But in practice it seems people can be prompted by all sorts of things -- being irked by some aspect of the other campaign, a tangential issue (such as it coming from the people rather than parties), a friend or relative being involved in the campaign -- there are potentially rather a lot of reasons why someone can be prompted into donating to a campaign they might not even vote for.
Fair enough on the general statement, but in this specific case, if any of these options were true, it makes his decision to not dismiss the donation and throw another $1000 at GLAAD or some other group be all the more questionable.
I absolutely guarantee, had he said something like:
"That was 6 years ago, I did it for $rational_sounding_reason, I don't hate gay people, I'm donating to $LGBT_charity as a token of good will"
..then this entire issue would have been discarded in minutes.
Believe me, I don't want to believe that the guy who wrote JavaScript simultaneously holds backwards beliefs like this. That alone is hard to reconcile, given how inclusive the tech community generally is. But every time I approach this issue, I can't arrive at any other sensible conclusion. The confluence of:
* The donation
* His refusal to repudiate the donation 6 years later
* His refusal to directly address the issue
..does not lend itself well to any other explanation.
If you don't see the difference between donating to a politician who has an entire constellation of beliefs, and donating to a single purpose lobbying campaign, we've nothing further to discuss.
So, again, I tend to be charitable towards others. There are several other explanations for the donation: maybe he was drunk and did it on a dare, maybe he was bored, maybe he needed to spend the money to piss somebody off, maybe he actually does respect LGBT folks but believes that marriage should be clearly defined, maybe he wanted to force the issue because he found it so odious he wanted to see it properly overturned, who knows.
The responsible thing is to say "Well, that looks odd, but he hasn't said anything else, so let's give him the benefit of a doubt, as he's done well by the people over whom he has direct authority."
Any one of those explanations could have been offered when he was asked about the matter and it would have almost completely defused it.
That's what I'm trying to get through to you.
It's not just the donation.
It's not just the fact that he'd rather quit a CEO position rather than answer a direct question about it. (Which is pretty damning all by itself - but.)
It's not just the fact that he still hasn't addressed it.
It's all of those things taken together, that paint him in a very poor light. Every defense you can possibly come up with makes no sense in light of one of those three facts.
And on a more personal note, my charity for Mr. Eich ran out when he took a shot at me and a few million others and didn't even have the fortitude to own it or apologize for it. There it hangs in the air like the scent of rotting meat, unaddressed, maybe people hope it'll go away if it's ignored long enough. People have been killed, driven to suicide, and otherwise treated as second class citizens thanks to the lies of the organization he chose to directly support. (You should look at the ads sponsored by the Prop 8 people - they're really something else!)
My charity stops well short of that point.
Perhaps it's not rational to place someone in the same mental bucket as Cathy and Robertson and Phelps, especially since Eich actually had a positive impact on the world via JS and Mozilla, unlike a fast food magnate, a megachurch preacher, and a hate speech spewer.
You know what else goes beyond Mozilla? The work they do, the open internet they've spent over 15 years fighting for. The problem in this case is the LGBT community apparently feels like the most special of the snowflakes with the most important problems. Be honest, forcing Eich out didn't do anything for the LGBT community outside of a hollow victory and a blatant showing of power to intimidate its enemies.
Solidarity used to mean that you look at the bigger picture and don't torpedo groups who are on the same side as you over personal feelings. For 16 years Eich fulfilled his own and his employees' contracts. For 16 years he was completely in line with Mozilla's inclusivity policy. For 16 years he fought for one of the most important social causes and he had that taken away from him because he felt that in supporting the personal beliefs of others he deserved personal beliefs of his own. Not only that, those of us who care about what he fought for had him taken away from us and I am yet to hear one good reason why.
Those were funny days.