back to article Google's browser security plan slammed as dangerous, terrible, DRM for websites

Google's Web Environment Integrity (WEI) proposal, according to one of the developers working on the controversial fraud fighting project, aims to make the web "more private and safe." Ben Wiser, a software engineer at the Chocolate Factory, responded on Wednesday to serious concerns about the proposal by insisting that WEI …

  1. Roger Greenwood

    Tracking...

    .. sometimes is useful. Example, I can be watching a youtube video on one computer and have to stop. Later I can fire up another computer, fire up youtube and press play, it carries on from the same place. Amazing to many, and relies on all the tracking stuff. Obviously not all will want or agree with this, but I think many users do and it gives them a benefit. The rest of us have ways of turning it off at the moment.....

    My wish list for browsers would include better methods to enable more users to spot dodgy websites not the other way around as this seems to propose.

    1. Hubert Cumberdale Silver badge

      Re: Tracking...

      Be that as it may, I'd sooner have to complete a CAPTCHA than for Google to act as a metaphorical (and potentially arbitrary) bouncer before I can even look in the metaphorical window of a metaphorical shop.

      As for tracking for advertising to target me or find out if I'm human, there's not a lot of point, because I block all the ads. The day I can't go to a website without blocking its ads is the day I stop going to that website (I'm looking at You, Tube: don't imagine I can't live without you).

      Finally, as far as I'm concerned, a website – or indeed a third party somehow contracted to that website – should be able to ascertain nothing about the device from which I'm accessing it without my permission (you can have my user agent, but that may or may not be spoofed), and it certainly has no business knowing what other software I might be running.

    2. BinkyTheMagicPaperclip Silver badge

      Re: Tracking...

      It's called a bookmark, *optional* synchronisation between browsers, and then reloading to the point you got up to.

    3. DS999 Silver badge

      Re: Tracking...

      You want that pick up where you left off on another computer there's an easy voluntary way to get it. Login to Youtube. They shouldn't be tracking anonymous visitors and claiming that stuff is the reason. Because we know that's a lie. They are doing it so they can get paid for shoving ads in your face.

    4. sabroni Silver badge

      Re: Tracking...

      Bud, that's a server side token linked to your account, it plays you that video because you're logged in to youtube as you.

      That's not what we're talking about here. We're talking about the fact Facebook and Twitter also know where you got to in that youtube video.

    5. This post has been deleted by its author

    6. Kevin McMurtrie Silver badge

      Re: Tracking...

      When corporate policy absolutely requires computers to be secured at all times, it generally means that pranks are OK for unsecured computers. A good prank is to search and browse for embarrassing fetishes and local stores catering to them. Now close all the windows. That's all you need to do. That tainted data now appears in the victim's URL auto-complete, search suggestions, in YouTube, in advertisements, in social media recommendations, in online Maps, ... everywhere. It can cross-contaminate personal and work accounts. If all goes well, the symptoms start appearing when the computer is used for a presentation.

      1. doublelayer Silver badge

        Re: Tracking...

        Aren't pranks fun when they mean that, should someone know what you did, they would hate you? Whether pranks should be done at all is subjective, but it's much less subjective when you've chosen a goal like that. The common prank of emailing out something as the unsecured user which announces their failure to follow procedure and often some common message is better because it informs the user what they did wrong and instructs others that the situation is taken seriously. In some situations, it might just be better to lock the computer concerned and give the user a lecture on their return.

      2. Grogan Silver badge

        Re: Tracking...

        Umm, is this before or after your broken fingers heal? (That's what happens to fingers when people touch my workstation)

    7. Woodnag

      users to spot dodgy websites?

      This isn't for "users to spot dodgy websites". It's for websites to dodge ad fraud by testing the client as real or a bot. And getting a much more reliable tracking/IDing of clients as a result. No thanks.

      1. ThatOne Silver badge
        Thumb Up

        Re: users to spot dodgy websites?

        Came here to say the same thing: It's all about fighting ad click fraud. How can anybody even suggest otherwise with a straight face?

    8. gandalfcn Silver badge

      Re: Tracking...

      Anyone who claims to support, trust or believe anything coming out of G00gle is either out of touch with reality or a shill.

    9. Blackjack Silver badge

      Re: Tracking...

      So... you prefer to be spied upon because you are too lazy to take note of the time the video was at, or to copy a url or a playlist? I hope the robot that wipes your ass never has any problems.

    10. mpi Silver badge

      Re: Tracking...

      > Amazing to many, and relies on all the tracking stuff.

      No it doesn't. Never did.

      The feature is called synchronization, and it relies on authentication, not tracking.

    11. ecofeco Silver badge

      Re: Tracking...

      Spot dodgy websites?

      Firefox has been doing that for years.

    12. Groo The Wanderer Silver badge

      Re: Tracking...

      How long have you been working for Google?

    13. jmch Silver badge

      Re: Tracking...

      That is functionality that can / should be implemented based on a login of an authenticated user id. Can and should be done without tracking

  2. jonha

    The web has turned into a playground for Google and a select band of other miscreants, either spreading good ol' FUD and/or inventing yet another great scheme to make it all so much better but... cui bono? Not the users, I suspect.

    In other words, the web is broken, possibly beyond repair. The good thing is that the internet, aka TCP/IP, is a "simple" transport mechanism and so it will always be possible to create alternatives. Whether these succeed on a grand scale, given among other things the ever raging battle between security/privacy et al on one hand and convenience/laziness et al on the other, is another matter.

    1. Groo The Wanderer Silver badge

      I'm just as concerned by the proliferation of companies that want you to install their insecure and poorly written apps to access their data streams. The number of shoddy apps that didn't live for more than two hours on my phone is astounding, and even more have made the short list on the desktop over the years. Even big players like Apple and Microsoft have been guilty when rushing to markets that someone else opened up for competition.

      What is wrong with using standardized protocols like most of the internet?

      I want your cesspool IT departments as far away from my WORK system as possible!

  3. nematoad Silver badge
    Mushroom

    Leap of faith.

    "...a trusted third party, like Google,

    Trusted? Google? Are you mad?

    I trust them and their ilk as far as I can spit them.

    This is all backwards.

    I was not put on this earth to provide revenue for the likes of Google, Amazon or Facebook. If they want to shove adverts in my face then prove you are who you say you are. If not then go and piss up a rope.

    Not that I take any notice of such abuse. if I want something I will go and do my research and find that which best meets my needs.

    Truly, the lunatics have taken over the asylum.

    1. CowHorseFrog Silver badge

      Re: Leap of faith.

      Google is many things but they are not mad, they are however greedy on a psychopath level.

      Please use the correct label.

      1. nematoad Silver badge

        Re: Leap of faith.

        No, no, no not Google.

        I was questioning the sanity of people that think Google can be trusted in anything they do or say.

        1. Groo The Wanderer Silver badge

          Re: Leap of faith.

          Why not?

          Seriously. They're produced a lot of good, solid technology that they made freely available and which I use on a regular basis. Is that not "trusting" them? Many of those modules and packages are the underpinning of the modern internet, and not because of the browser markets or advertising.

    2. sabroni Silver badge

      Re: I was not put on this earth to provide revenue for the likes of Google, Amazon or Facebook.

      Uh oh, we've got another pinko.....

    3. gandalfcn Silver badge

      Re: Leap of faith.

      "I trust them and their ilk as far as I can spit them." As far as that? It amazes me that any sane person trusts G00gle in any way, and yet here we are with G00gle seemingly in charge.

  4. StrangerHereMyself Silver badge

    Scraping

    "web scraping (still largely legal, though often disallowed under websites' terms-of-service)"

    I don't think prohibiting web scraping through Terms of Service is legal or enforceable since it's public information that can be obtained by anyone. But nothing prohibits websites from limiting the number of pages one client (or IP address) can retrieve. AFAIK no one has done so.

    1. hayzoos

      Re: Scraping

      I generally agree with WEI being a bad idea. A very bad idea.

      I do disagree with the concept that anything posted to the web is public information and anyone can do anything they wish with it. IP/Copyright laws are to allow one to make their content publicly releasable and retain control of the use of said content.

      Going to extremes such as "information just wants to be free" or "DVD regions" just sets up a situation where compromise cannot be achieved.

      Do not forget that open source relies on copyright in order to be free.

      1. eldakka

        Re: Scraping

        I can't speak for the OP you are replying to, but I think it is more like:

        anything that is on the public internet, i.e. not hidden behind a login, is available to be scraped.

        I woldn't think the "as long as the data is legal" would need to be stated, e.g. copyrights, legality (kiddie porn, etc.)

        If you have stuff you want to protect, require a user to create an account and login.

        1. hayzoos

          Re: Scraping

          You do not need an account to download the Linux kernel. The Linux kernel is copyrighted (held by numerous contributors). It's components are generally licensed under GPL2 or a compatible license. You cannot simply download it and do with it as you please, you must follow the license. Copyright laws are what make the licenses' restrictions legally binding. It is protected without a login. And it is publicly accessible.

          What you are proposing is that things that need to be protected can only be by restricting access from the public. I want to share some of my creative works publicly, with limits. Copyright and other IP laws allow me to do so and place those limits.

          Being publicly visible and being in the public domain are entirely two different things.

          1. Groo The Wanderer Silver badge

            Re: Scraping

            Agree completely. However the freetards don't respect the idea of anyone owning ANYTHING that they've created if they choose to share it any size, shape or form. Even ONE copy made available that they get their hands on is deemed "public information" in their eyes.

          2. eldakka

            Re: Scraping

            And everything you just said comes under what I already said:

            "I woldn't think the "as long as the data is legal" would need to be stated, e.g. copyrights, legality (kiddie porn, etc.)"

      2. unimaginative

        Re: Scraping

        There is a difference between using in particular ways, and anything you wishc I have worked on multiple scrapers and they were all for legitimate purposes such as niche web search, or extracting particular data for internal use. Scrapers are even used to find breaches of copyright and to spot plaogarism.

        1. Bearshark

          Re: Scraping

          Then what is archive.org for? Aren't they one of the biggest scrapers?

      3. doublelayer Silver badge

        Re: Scraping

        It's not as much that anything you can download can be used for any purpose you like. That is clearly against the law and, in my opinion, it should remain so. What I'm less convinced should be made a legal issue is how you go about downloading data that is public. In short, it should be easy to successfully sue someone for violating your copyright and impossible to sue them for using a bot to download content, whether that content itself was illegal for them to have or not. They can take technical measures against people who use bots. They can disable accounts for that if they like. I don't think they should be able to pursue criminal charges for it. Copyright is unrelated to this topic.

      4. mpi Silver badge

        Re: Scraping

        > IP/Copyright laws are to allow one to make their content publicly releasable and retain control of the use of said content.

        https://technomancers.ai/japan-goes-all-in-copyright-doesnt-apply-to-ai-training/

      5. Norman Nescio

        Re: Scraping

        I do disagree with the concept that anything posted to the web is public information and anyone can do anything they wish with it. IP/Copyright laws are to allow one to make their content publicly releasable and retain control of the use of said content.

        Going to extremes such as "information just wants to be free" or "DVD regions" just sets up a situation where compromise cannot be achieved.

        Do not forget that open source relies on copyright in order to be free.

        IP/Copyright laws do not allow you to control use of content. They control who can (re)distribute/publish content and derivative works. There's a rather large difference.

        If you've bought a book, you can use it as toilet paper, put it under a leg of a wobbly table, burn it, give it away, resell the physical book, or even read it and write a review of it. What you can't do is make copies and distribute them - that's for the copyright holder to do.

        Content can be put behind paywalls and/or 'clickwrap' agreements (where there are pitfalls in different jurisdictions). This is a separate legal instrument to copyright. Content owners can apply contractual restrictions separate to copyright - restrictions which you might or might not agree to, and if you don't agree, you don't get access to the content. The clickwrap agreement has to meet local jurisdictional requirements for a valid contract, and they vary between say, the USA and the EU.

    2. FF22

      Re: Scraping

      "I don't think prohibiting web scraping through Terms of Service is legal or enforceable since it's public information that can be obtained by anyone."

      That's like arguing that anyone should be able to legally drive your car, because when parked on the road it can be approached by anyone. Or that people should be allowed legally to post private pictures of you when you're in the house, since they can see you through the windows. Etc.

      What you mean is not that something is "public information", but that it's "publicly available" (ie. not behind closed doors), which however doesn't mean that people can do it whatever they want. Just like you can't publish a book written and published by someone else as your own, just because anyone could obtain a copy of the book.

      1. danbi

        Re: Scraping

        You probably meant to say "look at your car" when you park it in public place.

      2. Jimmy2Cows Silver badge

        Re: anyone should be able to legally drive your car

        Not sure you thought that one through.

        Parking my locked car in public does not mean I expect any arsehole to take it for a joy ride. Anyone can see my car parked in public, but you can't (legally) get into it without my keys.

        The car's locks and my keys are analogous to a website user account. Anyone can see the site, but you don't get into the private areas without an account.

        If site owners don't want everything scraped, park the site in public so people can find it, but then lock the doors, and don't leave the keys lying around for anyone to find.

        Ahh yes, who doesn't love mixed metaphors...?

    3. steviebuk Silver badge

      Re: Scraping

      The problem is arsehole like Elon are in the process of attempt to sue some Twitter scrappers. And the problem with that is even if not fully legal etc, he has enough money to burn to make the scrappers just break.

      1. Hubert Cumberdale Silver badge

        Re: Scraping

        Scrapping is exactly what should happen to Twitter.

        1. SuperGeek

          Re: Scraping

          And FarceBook, and TikToxic! Down with them into the crusher! Make paperclips and tincans with them!

    4. captain veg Silver badge

      Re: Scraping

      The massive irony is that Google's entire business is based on scraping the entire web. They call it "spidering", but the technique is exactly the same.

      -A.

  5. Anonymous Coward
    Anonymous Coward

    Funny that.......I haven't heard the "protect the children" excuse.....

    .....yet!

    Yup.....provide children with a "child attestation token", then:

    (1) We (the masters of the universe "MOTU") will automatically know that the user is a child.....

    (2) And then the MOTU can do various things: only supply "children approved material": and only supply "children appropriate adverts"

    ....problems being that the MOTU :

    (3) can HAVE NO IDEA AT ALL who is at the client-side keyboard

    (4) have no possible way of classifying "children approved material"

    (5) might have a vested interest in "children appropriate adverts"

    (6) might have problems with the age of the supposed child....since children get older over time

    Next we will hear that people WHO ARE NOT CHILDREN will need an "adult attestation token"......and so on.....

    Of course these upcoming schemes will have NOTHING AT ALL to do with tracking people.....no.....NOTHING AT ALL!!!!

  6. Mishak Silver badge

    If it's from Google...

    Is it for anything other than monetisation of "my" data?

  7. b0llchit Silver badge
    Stop

    A monopolist suggests to monopolize the monopoly just a bit more. That is what you'd expect. Control, squeeze, more control, more squeeze, etc..

    Time for the monopolist to be dismembered.

    1. M.V. Lipvig Silver badge

      Yes - with a wood chipper. Let's all go to the C-Suite and start chucking in some bodies. Feet first, so they can enjoy the show too.

  8. devin3782

    Hmmm Wiser, there's no nominative pre-determination there. So is this the foreshadowing of how the internet ends? hopefully not. I can see some of the news outlets and indeed Google committing further self harm implementing this out of intergalactic stupidity. Interestingly though I suspect there will be whole load of website owners who don't do this and they will gain the advantage from remaining open.

  9. Anonymous Coward
    Anonymous Coward

    How likely is Google to implement this?

    1. breakfast

      If they follow the standard pattern...

      Google are very likely to implement this, give it just enough time that a bunch of people have to figure out how it works, and then deprecate it with barely any warning.

      1. Anonymous Coward
        Anonymous Coward

        Re: If they follow the standard pattern...

        Do want to say there huge opposition so Google may backtrack.

  10. aerogems Silver badge

    It's like the spam problem

    If there were a simple solution to it, someone would have implemented it years ago.

    While I think there may be some merit to the broad idea Google's pitching, the devil would be in the details of how it is implemented. I also have to say that Mr. Tetzchner raised an excellent point about how Google's approach seems to be aimed more at spying on people and less about reducing fraud around bots. The rot from the DoubleClick acquisition is still festering it seems.

    1. Anonymous Coward
      Anonymous Coward

      Re: It's like the spam problem

      There is a simple solution: kill all the spammers.

      It isn't particularly easy, not is it particularly practical, but it is very simple.

  11. The Spider
    Windows

    The Good Old Days of Opera

    This makes me wish that Jon had not decided to go down the Chrome route - back in the gold old days of the original Opera, they had their own rendering engine. This, plus tabbed browsing, was wonderful.

    These kind of tricks from the Chocolate Factory do make me wish Jon and his team had created their own, new rendering engine.

    1. Kevin O'Rourke

      Re: The Good Old Days of Opera

      The problem was that it was an enormous battle to keep Opera's rendering engine compatible once websites decided that all they needed to support were Chrome and Safari. For a small company (relative to Google and Apple) it really wasn't sustainable to keep up with both accidental (bugs) and deliberate (browser sniffing) incompatibilities.

    2. sabroni Silver badge

      Re: The Good Old Days of Opera

      MS tried that and Vivaldi would've had the same problem.

      As soon as it got popular Google would change the code of youTube to work well for Chrome and badly for Vivaldi. Vivaldi panic, find the problem area, rush a fix out. Google revert the change and implement something else that again works fine on Chrome but causes issues for Vivaldi. Rinse and repeat until Vivaldi give up and start using the Chrome rendering engine.

      You all understand how evil MS were bundling IE with Windows. You seem to have no idea that Google owning the web and the browser is far worse monopoly abuse.

      1. Ken Hagan Gold badge

        Re: The Good Old Days of Opera

        I think the fact that *Microsoft* gave up trying to maintain a non-Chromium browser engine tells you how much leverage Google have in this area.

    3. captain veg Silver badge

      Re: The Good Old Days of Opera

      I think it's a shame that Opera ASA couldn't make a go of charging money for the browser. I gladly paid my 40 dollars for version 6, because it was so much better than the "free" alternatives. In return they didn't try to stuff advertising down my face. Moreover, in order to compete with free they had to keep innovating and improving the user experience. These days most browser innovation concerns worsening the user experience to the benefit of advertisers.

      -A.

  12. CowHorseFrog Silver badge

    The UN already has a human rights declaration, they need to add third party advertising to this list of un-acceptable practices. This needs to end here before these psychopaths get more power.

    1. Anonymous Coward
      Anonymous Coward

      LOL, UN? That bunch of puppets who are only allowed to act against countries without support from US/China/Russia? That UN?

      1. captain veg Silver badge

        You'd be surprised how many UN bodies are responsible for international regulation. The ITU, for one example, or (more locally specific) UNECE.

        -A.

  13. Speeednet

    Quis custodiet ipsos custodes?

    1. M.V. Lipvig Silver badge

      I DO!

      - Sam Vimes

  14. Fred Daggy Silver badge
    Devil

    By negative tests

    So, there is a test for cheating tech for online games ... what is to stop a web site using a test against all known software to determine what the user is actually running? Not only is that a fantastic way to fingerprint a system, but also determine if a system is running vulnerable software. Basically, a way to allow root kits and other undesirable software. (Oh, god, I hope they don't make me down the WIn32 or Win64 virus!). Virus writers don't even have to scan the net now, cost effective malware delivery, just target systems using Google (I assume it will be virtually the only gatekeeper here).

    Who is going to determine if a particular piece of code is cheating tech, or not. Border cases and false positives abound. Not to mention assistive technology for the less well abled.

    1. Fred Daggy Silver badge

      Re: By negative tests

      ... and geofencing just became a whole lot easier.

      This idea needs to be given the "old yella" treatment, toot sweet.

    2. Anonymous Coward
      Anonymous Coward

      Re: By negative tests

      Your comment about access software is a good one, as they've already tried that. A few years ago, it was suggested that users of accessibility software, especially screen readers for the blind or visually impaired send an indicator of this or provide an API for the purpose. This was strongly opposed among users of that software. I should say at this point that I am one of those, being entirely blind, and I opposed it as well.

      Most sites that chose to check that would be doing it to switch to a more accessible version of the site. By the way, don't do this, just make it right in the first place. It's not hard to do it and many people who follow standards manage to do it without thinking about it at all. What we were afraid of was that others would use it to set a flag that could be used to identify us. Not only would it be a fingerprinting technique that is particularly strong against all people with visual impairments who didn't know how to block it because there is no option not to use the software, but we are occasionally the targets of discrimination. I have been refused jobs based on my disability, so I have reasons not to automatically hand that information out to any site that asks for it. WEI may not be as targeted as that proposal, but it is similar in that it wraps fingerprinting in a thin veneer of providing some other service, a service that in both cases provides no benefit to a user and puts them at risk. Sufficient argument from the community and having an open source screen reader which could be modified to prevent detection saved us from that version, but we're going to need more than that to prevent WEI from getting in there.

  15. The Central Scrutinizer

    It's getting really tiring ...

    and irritating and scary how much those arsehats at Google keep wanting to fuck every single Internet user, over and over again.

    Just no, no and no ... ffs

  16. seven of five Silver badge

    not "like", "or"

    [...]with a trusted third party, like Google,[...] should read "with a trusted third party, or Google,"

    No need to thank me.

    I'll have to arrange myself with them and their services provided, yet I do avoid them wherever possible. They are as thrustworthy as amazon is a benevolent employer.

  17. Anonymous Coward
    Anonymous Coward

    A good idea, or not?

    My rule of thumb is always that if Google (or any other large Corp) think it's a good idea then it's bad for end users.

    1. Jimmy2Cows Silver badge

      Re: A good idea, or not?

      And that's Googe's image problem in a nutshell.

      It might be a good idea (it's not) and they might be perfectly benevolent in their implemenation and handling (they won't be), but it's Google so no one outside Google will trust them. Ever. Probably most people inside Google don't trust them either (but they have to say they do, otherwise they'll be fired for disparaging the company).

  18. fraunthall

    Surveillance State is Fascism in disguise - beware

    What too many people are afraid to say is that we are NOW overwhelmed by "the Surveillance State" and the "Surveillance Economy", which are key factors in modern Fascism.

    While Hitler and his National Socialists were Fascists, even had he succeeded, current history shows that the entire Western World would have eventually turned into a Fascist World.

    The Surveillance State is composed of Fascist Corporations and Fascist Governments and their fascist Bureaucracies.

    There has also been a continuing failure by many people to realize and recognize the fascist nature of the Marxist/socialist States with their fascist Bureaucracies.

    The murderous regimes of Stalin in the Soviet Union, Mao and Xi in China, Kim in North Korea and other mini-fascist countries peppered around the world very clearly demonstrate that.

    The same, although not so violently, or so tyrannically (yet) applies to the States and governments of the Western World. The "Pandemic" experiences and the "Net-Zero Climate Alarmist" experiences demonstrate that.

    1. Anonymous Coward
      Anonymous Coward

      Re: Surveillance State is Fascism in disguise - beware

      I shouldn't be surprised this obtained so many downvotes. Lots of (current) incumbent supporters on El Reg.

      Wire tapping of every citizen used to be the wet dream of security outfits. Today, you have search engines to do the job for you!

  19. fraunthall

    Reply to the thumbs down brigade of of Marxist/Socialists

    I know the UK is loaded with labourites and other members of the Marxist/Socialist Brigades. If a thumbs down is the best you can do, you may as well hang yourself as well as your pencil.

  20. Grunchy Silver badge

    Aw man

    Just the other day I finally loaded up “Brave” browser, and eliminated Chrome - no matter how cool it looks on Lando “Calrissian’s” McLaren.

    Then I loaded up Noxplayer so I can run Newpipe on my workstation and escape all that crappy Google advertising.

    I’d already switched to DuckDuckGo for internet search.

    What’s next to go, probably gmail…

  21. TeeCee Gold badge

    So, to summarise:

    The Apple version "just works", but they won't tell anyone how it works, or why it works, or what it does, or whether space aliens have all your data.

    The Google version is a data grab in a very poor disguise.

    Other news: Leopards can't change their spots.

  22. Anonymous Coward
    Anonymous Coward

    Nobody wants your stinking adverts, fuck off

  23. SammyB

    The last 3rd party that I would ever choose as the trusted 3rd party would be google.

  24. Anonymous Coward
    Anonymous Coward

    Never clicked an advert

    Actively DONT click on any advert pushed to me

    I know what I want and I can find where to buy it

  25. roeltz

    I hate these proposal that have these particular words, like "attestation" or "cohorts". It's like Google just wants to look academic while trying to fuck with us.

  26. Anonymous Coward
    Anonymous Coward

    I work for a big streaming company and its getting to the point that we're going to start strongly capping the quality we can give to clients we cannot attest are secure.

    Media DRM is now so fragmented within Widevine that it's pretty trivial to crack now on some devices. So the solution is to hamstring any client we cannot trust to keep the keys safe and only offer them SD.

    You can cry 'DRM is evil' all you like, but people are stealing our content and hundreds of thousands of people are leaching off our big investment. It's not like streaming is stunningly profitable either, Disney is believed to be losing money hand over fist at the moment on Disney+ and I am not sure Amazon Video fairs any better. People are always doom saying about Netflix's business model, saying it'll collapse at any moment.

    So stop treating companies who rely on DRM as evil corps, we're people, developers and engineers trying to protect our hard work!

    I'm interested to see what WEI brings.

    1. doublelayer Silver badge

      If you want us to stop treating you as evil, stop treating us as criminals. I do not pirate content. I don't consume that much of it anyway, but when I do, I pay the asking price for it. After I've done so, I might choose to consume that on a number of different platforms, including on my own computer through the web client that your company made. If you don't want me to have that, discontinue the client with sufficient notice for me to stop paying you. Just because I chose to buy access to the content you have doesn't give you the right to have control over all the software I run, nor to cause damage to my privacy in the search for more confidence, but still no certainty, that I'm not going to copy it. If you do, I will just stop choosing to use your service, but others will start looking for pirated copies. I won't support that decision, but neither will I be surprised when it happens.

      It's the same thing with other systems. I used a piece of software once which had a hyperactive license check system. It was tightly bonded to a computer. This was a major problem if that computer ever broke, but that's at least understandable. What was less understandable was the frequent decisions to cancel the license in response to system updates, installation of other software, configuration changes, etc. You'd do something else with the computer, and when you next launched the software, sometimes days later to add the extra "I don't even know what I did" factor, the software would announce that your free trial had expired. You couldn't even register it again. You had to uninstall it, purge some files it left behind, install it again, and license it again. Since you couldn't revoke the previous registration either, you were also subject to the opaque process that decided how many licenses were in use but wouldn't tell you the answer, so there was a chance that you'd have to call support and try to convince them that it was all fine. You know what I learned from this? I learned that I needed some other piece of software to do this job, even though I'd paid plenty of money for this one. I found one. They lost a customer.

    2. M.V. Lipvig Silver badge

      Disney has... other problems, related to their being a "family friendly" company but pushing a decidedly anti-friendly agenda. What adults do is their business, but kids are not adults, and parents WILL have the last say. Thumb me down all you like, but it changes nothing.

      Parents that don't want their kids to see your alt-sexualization of children will simply not spend the money on your content.

  27. v13

    DRM enabled things

    I fought against DRM and still don't like some of its side effects. However DRM enabled video and music streaming. All video and music streaming nowadays is because DRM exists, like it or not.

    Major movie companies enabled streaming because DRM existed. Otherwise they wouldn't have. And because they did, I can stream on my Linux desktop that doesn't support DRM, even if sometimes it's just SD quality.

    I'll probably get downvoted to hell about this but this has the potential to enable even more things. Anything that has multiplayer goes into extreme lengths to prevent client tampering and cheating. Ensuring the validity of the client is a very common in gaming but also in enterprise.

    So, yes, there's a need for that. There are things that aren't happening today because this feature doesn't exist.

    1. doublelayer Silver badge

      Re: DRM enabled things

      "However DRM enabled video and music streaming. All video and music streaming nowadays is because DRM exists, like it or not."

      I disagree. I think that piracy enabled streaming. When the producers of media realized that people wanted to view their content on computers, they tried for years to pretend that nobody wanted that and they could get away with not providing it. This was the time when people who weren't willing to break the law had a lot of difficulty finding somewhere to legally purchase access to something without a huge hassle, and those who were willing to violate copyright had an easy time locating almost anything. That's what made the sources understand that, if they didn't provide the service that people were obviously interested in, they'd have to do a lot more against all the people who were pirating it, which would have been a bit difficult.

      DRM is quite weak. I have never made any pirated content in the past. I'm not sure where I could start posting it if I did. Yet, I can think of several ways that I could obtain the content to post in the first place, even if it required running a cable and copying the content on it. I've done that before for legal uses. There's some work involved, but it's not a big problem. DRM is there because producers demanded it, and it does make the task of pirating content a little harder, but not so much harder that it can't be done.

      "I'll probably get downvoted to hell about this but this has the potential to enable even more things."

      I won't downvote and I entirely agree. The only difference is that I think the things will all be bad.

      "Anything that has multiplayer goes into extreme lengths to prevent client tampering and cheating."

      That's fine, as long as that only applies to people who use the thing. They can make their client, and gamers can install it. The client can check that it's signed on every start. Or if they want to be really secure, they can make their own game-specific hardware and only allow players to use that. What I don't think they should be able to do is insist I run locked-down software because, if I decided to play their game at some point in the future, they want more control over my system than I have.

      "Ensuring the validity of the client is a very common in gaming but also in enterprise."

      In enterprise, the enterprise owns the computer and does the verification. Outside of enterprise, I own the computer and I can verify it if I want, but that doesn't give you the right to verify every machine or decide what can be running there. Neither should the enterprise need to use someone else's system to verify what's running on their machines; they can do that with their own tools, just as I can now.

      1. Anonymous Coward
        Anonymous Coward

        Re: DRM enabled things

        @doublelayer

        There are other types of corporate attempts to control MY computer....other than DRM......controls that have everything to do with marketing...and nothing to do with technology!

        (1) I wrote lots of stuff in the early 1990's using MS Word. Current MS software does not support these old DOC files. Funnilly enough, today, LibreOffice works fine.

        My point: Microsoft want me to buy new licences......and then abandon me when it suits them!

        (2) I wrote lots of stuff for FoxPro up till FoxPro v6. Around FoxPro v9, Microsoft abandoned the product. Funnilly enough, today, Harbour v3.2 runs most of the code fine.

        My point: Microsoft want me to buy new licences......and then abandon me when it suits them!

        (3) I have a complex (and useful) speadsheet written in Lotus 1-2-3. This worked fine in IBM Symphony till around 2012, when IBM abandoned the product.

        In this case, the spreadsheet uses 1-2-3/Symphony internal functions which are not supported anywhere else...see previous points, but this time IBM.

        (4) Apple have regularly changed their technology (sometimes hardware, sometimes OS), and in order to "upgrade" the software licence you paid for......you have to buy a new computer!!!

        A relative of mine has got so incensed by this that the technology they use today is not Apple but Linux (elementary OS).

        (5) Paywalls often don't work. You see a headline, but can't read the article. You do a Google search on the headline....and voila....the article is freely published somewhere else!!

        More manipulation by corporate marketeers!

        Funny isn't it that in three of these cases, open source tools frustrate corporate attempts to move software (and hardware) choices to suit that corporation.....

  28. Cincinnataroo

    I'd like lists of those who do this, should it continue. I imagine detection won't be too hard.

    Then search engines that exclude such web sites.

    Then lists of those who're involved.

    Assuming this is a further move in the surveillance for everybody, all the time, no choice, movement.

    I'd also like to know about anybody who considers Google a trusted source.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like