Mozilla to implement Encrypted Media Extensions in Firefox

Encrypted Media Extensions is a new technology to control the playback of protected contents in HTML5.  Plugins like Adobe Flash or Microsoft Silverlight have supported DRM for quite some time and are used by streaming services such as Netflix or Amazon Prime currently.

The move towards a plugin-free Web and the rise of HTML5 posed a problem which Google, Microsoft, Netflix and others tried to resolve by proposing Encrypted Media Extensions (EME).

With support from both Google and Microsoft it was clear that EME would be implemented in Google Chrome and Microsoft Internet Explorer.  Content Provider such as Netflix are moving away from plugins to a solution that uses Encrypted Media Extensions as well.

Organizations such as Mozilla criticized the use of a proprietary Content Decryption Module that was not described in the specification itself.

This raises a big problem for Mozilla. The organization prefers different approaches to protecting content but since major web browsers and streaming providers are moving ahead with the integration of EME, it is problematic not to implement the feature as well.

Considering that streaming video is highly popular and that major providers such as Amazon, Netflix or Hulu will make use of it in the future, it would prevent Firefox users from accessing those contents in the web browser.

While that is an option, it would likely mean that users would use other browsers for the streaming, and maybe for all other web activities as well.

That's why Mozilla decided to implement the W3C EME specification in Firefox as well. EME will be implemented in Firefox for desktop first, but users are given a choice and the implementation will be different from that in other browsers.

For Mozilla, it is an awkward step considering that the organization promotes an Open Web and that DRM is everything but, especially since a proprietary module is used.

While there is no way around this, Mozilla decided to make this as transparent and open as possible. The organization selected Adobe to provide the CDM, but instead of loading it as a module directly in Firefox, it will be wrapped into an open-source sandbox.

This means that the module does not have access to the user's hard drive or network but only with options to communicate with Firefox "for receiving encrypted data and for displaying the results".

The CDM uses fingerprinting to identify systems. This usually means a fingerprint for the computer system. Mozilla's implementation on the other hand creates a unique identifier without revealing information about the underlying system or the user. In addition, that unique identifier is modified across sites.

It is interesting to note that users will be in full control. According to Mozilla, the feature won't activate or run on its own, so that the user is always in control in this regard.

Some users who have commented on Mozilla's official announcement on Mozilla Hacks dislike that Mozilla is giving in and adding this feature to the browser while others have expressed appreciation for the way it is implemented.

Mozilla will release a technical FAQ in the next 24-48 hour period that will answer several questions that users may have about the implementation.

What's your take on this? What would you have done if you were Mozilla?

Update: A blog post on Mozilla.com provides additional information and answers to some questions.

1. EME will be integrated into all Firefox for desktop versions including Linux.
2. Each user will be able to activate the DRM implementation or leave it turned off.

Resources:

• Can This Web Be Saved? Mozilla Accepts DRM, and We All Lose (EFF)
• Driven by necessity, Mozilla to enable HTML5 DRM in Firefox (Arstechnica)