What EME code is in official SeaMonkey builds?

Discussion of features in Seamonkey
Post Reply
barbaz
Posts: 1504
Joined: October 1st, 2014, 3:25 pm

What EME code is in official SeaMonkey builds?

Post by barbaz »

(from viewtopic.php?p=14085059#p14085059 )
patrickjdempsey wrote:Also, just a bit of a casual recommendation (which I need to follow myself): some of us really need to start testing pre-release builds of SM. SeaMonkey has a very small testing base, which directly impacts the discovery of new bugs. When a bug like the print failure is immediately noticeable, that's generally due to a lack of testing. I'm not saying that the people testing SeaMonkey aren't doing a good job, I'm saying that everyone has different habits and different areas they focus on. Especially for Linux and OSX which not only have smaller user bases, but are different enough from Windows that bugs often occur in only one OS. Even if a bug cannot be fixed before a release, at least that bug can be listed on the Known Issues section of the release notes, and here in release announcements.

In addition to testing and filing bugs, SeaMonkey needs help in triaging (sorting) bugs that are already filed. After all, Unconfirmed bugs don't get fixed! This is something that SM devs are well aware of and has been a topic of the StatusMeetings for some time now:

"IanN thinks it would be useful to remind people on the newsgroups / forums that they can contribute by triaging. Tonymec will post a reminder to newsgroups / forums. See bug 1092632 (Sm_tri_HowTo) Document how to triage SeaMonkey bugs."

IMO SeaMonkey devs have made great strides in the last few years and the product is stable and competitive. They've done a pretty remarkable job in not only keeping up with changes that Mozilla is making to the Core, but in improving native features! They just need more help from us in the community to keep things running smooth. And the same thing applies for all of those extensions that busted this go around. A wider testing base might have discovered those bustages earlier and workarounds could have been available by the time of the release.

I used to test Nightlies but ever since the inclusion of EME and lack of enough information for SeaMonkey devs to decide whether not to build EME in official releases, I've felt obligated to self build (well, hey, that does have the benefit of another tester of the build system). Sadly, for personal reasons lately that would be too much effort. Sorry guys :(

However, I should probably ask: what portions of EME/DRM are in core and what's unique to Firefox? Official SeaMonkey does have some EME code - if you go to about:config and set media.eme.enabled to true, html5test.com will detect EME support. However, I've noticed that official Firefox will create a folder in the profile called "gmp-clearkey" (and try to download something into it in the background?), but I don't think I've seen official SeaMonkey do that...

So my question is: in relatively plain English, what part of EME/DRM code is in the shared backend and thus ends up in official SeaMonkey in its current state, and what part of it is Firefox-specific?

(If the answer is that official SeaMonkey only has EME capabilities, but it does *not* support *DRM* OOB, I'm very willing to consider testing official Nightlies on Linux i686 regularly again.)
User avatar
patrickjdempsey
Posts: 23686
Joined: October 23rd, 2008, 11:43 am
Location: Asheville NC
Contact:

Re: What EME code is in official SeaMonkey builds?

Post by patrickjdempsey »

I was under the impression that EME is disabled in Firefox right now anyway... but I don't follow that stuff at all... IMO it's all just a huge confusing mess. I'd rather video *just works*, so I'm using Flash for as long as it's supported.
Tip of the day: If it has "toolbar" in the name, it's crap.
What my avatar is about: https://addons.mozilla.org/en-US/seamonkey/addon/sea-fox/
barbaz
Posts: 1504
Joined: October 1st, 2014, 3:25 pm

Re: What EME code is in official SeaMonkey builds?

Post by barbaz »

patrickjdempsey wrote:I was under the impression that EME is disabled in Firefox right now anyway...

So was I but it's not looking to be completely disable-able in Firefox except at build time. I've custom built Firefox Developer Edition with ac_add_options --disable-eme and the clearkey stuff I mentioned doesn't happen with those custom builds AFAICT - but then again, I don't use it much.
barbaz
Posts: 1504
Joined: October 1st, 2014, 3:25 pm

Re: What EME code is in official SeaMonkey builds?

Post by barbaz »

Well I am back to self building Nightlies at least for the moment... but I just remembered that if I encounter a crash, any crash reports generated with my self builds are useless, and I never could get my head around gdb to grab crash report info manually.

So in that sense, it would be more helpful for the project if I could test with the official builds at least some of the time - so an answer would still be appreciated. TIA
barbaz
Posts: 1504
Joined: October 1st, 2014, 3:25 pm

Re: What EME code is in official SeaMonkey builds?

Post by barbaz »

Talked with cpearce and k17e in IRC in #media... and the answer is that at this moment the EME code in SeaMonkey only supports clearkey, which is simply an open source decryption plugin, not DRM.

However this may change later in time:
k17e wrote:We have plans to find a solution for downstream which would include SeaMonkey but we're not there yet.
NanM
Posts: 182
Joined: September 16th, 2008, 1:04 am
Location: SW WAustralia

Re: What EME code is in official SeaMonkey builds?

Post by NanM »

barbaz wrote:EME code in SeaMonkey only supports clearkey, which is simply an open source decryption plugin, not DRM.


Thanks for that update.
I have about this {zero} much time to research the rapid DRM isation of the browser and your digging around will help us to work out if we have to move on to learning to roll our own. Or when.
barbaz
Posts: 1504
Joined: October 1st, 2014, 3:25 pm

Re: What EME code is in official SeaMonkey builds?

Post by barbaz »

NanM wrote:Thanks for that update.

You're welcome :)

NanM wrote:I have about this {zero} much time to research the rapid DRM isation of the browser and your digging around will help us to work out if we have to move on to learning to roll our own. Or when.

I use EME-less self builds most of the time anyway, and it works well.
Thankfully, they made it relatively easy to do: just add

Code: Select all

ac_add_options --disable-eme

to your mozconfig.

(The rest of the instructions for building should be on MDN. And since you are using Windows see viewtopic.php?f=42&t=2910509 as well)
NanM
Posts: 182
Joined: September 16th, 2008, 1:04 am
Location: SW WAustralia

Re: What EME code is in official SeaMonkey builds?

Post by NanM »

Some more directions on Fx for the record.

Update on Digital Rights Management and Firefox | The Mozilla Blog
https://blog.mozilla.org/blog/2015/05/1 ... d-firefox/

Watch DRM content on Firefox | Firefox Help
https://support.mozilla.org/en-US/kb/enable-drm


What's the difference between this and any other plugin so far?
The installation of the plugin within the Mozilla install, rather than in the OS appears to be the only difference.

We also recognize that not everybody wants DRM, so we are also offering a separate Firefox download without the CDM enabled by default for those users who would rather not have the CDM downloaded to their browser on install.


a separate complete download simply to have the EME config switched off by default?
Why not a separate download *without EME at all*?

All I want is a way to permanently disable EME and not have it switched on by some badly formed update or by some fingerpoken in the plugins UI or in prefs...like Flash and Silverlight and MS's egregious one-click plugin (a standalone case actually, but in principle nothing different from any plugin) had always been until I completely removed them from the OS.

IOW, an EME-free global install.
Lemon Juice
Posts: 788
Joined: June 1st, 2006, 9:41 am

Re: What EME code is in official SeaMonkey builds?

Post by Lemon Juice »

NanM wrote:
We also recognize that not everybody wants DRM, so we are also offering a separate Firefox download without the CDM enabled by default for those users who would rather not have the CDM downloaded to their browser on install.


a separate complete download simply to have the EME config switched off by default?
Why not a separate download *without EME at all*?

All I want is a way to permanently disable EME [...]

I'm wondering - what are the benefits of having a browser without EME? Do EME pose any problems? I thought EME are necessary for playing certain types of (protected) media - a user might simply not visit sites with such media. But if a protected video started playing by accident then would that have any negative consequences? I'm trying to grasp why disabling/removing this feature is such a big deal.
*** SeaMonkey — weird name, sane interface, modern bowels ***
Mouse Gestures for SeaMonkey/Firefox
Convert Fx and TB extensions to SeaMonkey
NanM
Posts: 182
Joined: September 16th, 2008, 1:04 am
Location: SW WAustralia

Re: What EME code is in official SeaMonkey builds?

Post by NanM »

Lemon Juice wrote: I'm trying to grasp why disabling/removing this feature is such a big deal.


Sony's venture into DRM with a root kit didn't come to your notice? It was fairly big news at the time. Sony was a trusted content provider.
The education page
https://stacy.makes.org/thimble/MTUxMzI ... hat-is-drm
linked to in the Moz blog may be useful for anyone interested to read for a fair introduction to the debate - which I think unfortunately has long been lost by those who'd like the Web to be that ideal public street where a person (with the minimum set of cautions) can browse without getting hooked by this or that commercial interest, or being mugged.

My own dismay at the move? It's got nothing to do with "protected" content, which as you say is easy enough to avoid. It's a little harder to avoid "protected" software.
I spent a fair bit of money and time learning how to navigate the scripted Web with some confidence that the hardware and software I'd invested in wouldn't get owned or damaged by someone else, either by fraud or by misrepresentation. I've learned how to best avoid getting mugged.
If I only know one thing, it's that closed software is dangerous to both security and the other software with which it is installed. So is open software but I've decided to place my trust in code that has the best chance of being called out.
The management of DRM/EME is, as the Moz blog admits, black box tech.
Moz Corp's decided to look after those who want to trust the black box.
I don't want to trust it. I've seen no evidence that it is ever worthy of trust. It's been developed only in the copyright owner's interest and by definition cares very little about the user's interests, Moz Corp's valiant efforts to ameliorate it via sandboxing etc. notwithstanding.

By the way, my User Agent string has been Win for a while now because it's a lot easier for most financial and government sites than the live Puppy I use. I did keep up with Win until recently but happily ditched the home router and all Win updating that went along with adminning a home LAN. That's freedom! Now if I can just find out what those HDD manufacturer's protected sectors are doing .......
barbaz
Posts: 1504
Joined: October 1st, 2014, 3:25 pm

Re: What EME code is in official SeaMonkey builds?

Post by barbaz »

You all might want to read https://forums.informaction.com/viewtopic.php?f=18&t=17288

Lemon Juice wrote:I'm wondering - what are the benefits of having a browser without EME? Do EME pose any problems? [...] I'm trying to grasp why disabling/removing this feature is such a big deal.

Well, it's far more indirect than "we have a problem with EME".
EME is just a set of APIs for communicating with a decryption CDM. EME itself is just fine as long as it's only used to talk to things like ClearKey that just do decryption. The problem comes when the CDM does DRM - especially since when you're dealing with DRM you probably have a rootkit on your hands (how else will it surely enforce that the Digital Restrictions are properly Managed?). I REALLY don't want a rootkit coming from my browser because that's the piece of software that accesses the most untrusted content, to the point that it seems insignificant that in exchange for REALLY disabling that, I lose the ability to play back some video that's "only" encrypted.

Plus, when you are dealing with "untrusted" content there is no place for true black boxes IMO.


Hope that helps.
Post Reply