Firefox on Linux is now playing Netflix, but not everyone is happy about it.
The streaming video service recently announced that anyone running the latest version of Firefox on Linux can now stream Netflix videos. Previously, only Chrome on Linux worked with Netflix—and unofficially at that.
For several years, Netflix has been moving away from plugins like Microsoft’s Silverlight to HTML5 video on Windows and Mac. The idea was that HTML5 freed Netflix streaming from reliance on browser plugins and made it easier for users to get Netflix on their computers without taking any extra steps.
But Netflix and other companies looking to use HTML5 brought more to the open web standard than just user convenience. These companies also started pushing to standardize digital right management (DRM) as a part of HTML5, known as Encrypted Media Extensions (EME). Mozilla announced in August 2016 that Firefox 49 would support EME.
The story behind the story: Not so coincidentally, Netflix announced that it had landed on Firefox for Linux around the same time that the World Wide Web Consortium said that EME would enter the final stage before standardization as an official part of HTML5. Netflix and other content providers want EME to become a web standard due to the commitments they’ve made to to protect movies and TV shows from unauthorized copying. Open web advocates, meanwhile, oppose the move as fundamentally bad for the web.
DRM is generally opposed by open standards advocates since it imposes restrictions on users and has never really done much to thwart piracy anyway. DRM also brings in a troubling aspect of the Digital Millennium Copyright Act. The DMCA makes it illegal to break DRM even if it’s for the purpose of finding security flaws inside the software—a dicey prospect when that DRM's baked right into web browsers.
To help mitigate the issue, the W3C is working on a voluntary best practices policy that would allow security researchers to disclose security flaws without getting sued or investigated by law enforcement.
Even so, open standards advocates are not happy. The Electronic Frontier Foundation called on the W3C to require companies to promise not to take action against security researchers as a condition of participation in the W3C instead of rolling out a voluntary framework.