(For the browser part of the DRM setup, I use Chrome/Chromium, the violate-me-all-the-ways browser. For all other browser purposes, I use both Firefox, the violate-me-fewer-ways browser, and Tor Browser, the draw-fire-of-state-actors-but-thwart-techbro-actors browser.)
But broadly yeah, same
>or a new opensource browser
Brave browser fulfills that role.
https://news.ycombinator.com/item?id=44294402
So they use Firefox 99% of the time and then if they encounter the rare thing that requires DRM they treat it like toxic waste that has to run in an isolated sandbox, which doesn't need to be the same browser they use for anything else.
The only other sensible option is to get out the reversing toolkit and break the DRM.
What Signal is doing is trying to get the system to restrict the content from the rest of the system. Which might work as a transient hack but doesn't actually work to protect the user when the system is adversarial, because Microsoft (the adversary) has the DRM private keys. Even some hypothetical DRM system which is effective in oppressing the user wouldn't prevent Microsoft from purloining the user's data whenever they want because they're the ones who make the DRM.
This is similar to HTTPS certificate chain of trust. The root signing authority needs to be trusted, but once you break that trust there's no going back. It is a self-regulating system.
Plus, what is Netflix even going to do? Stop supporting streaming on Microsoft platforms and then lose a bunch of subscribers for no benefit to themselves?
Also, the issue is that somebody is going to copy a ~30 fps video using screenshots without audio taken at an interval of ~0.2 fps? Nobody is going to do it that way.
This is a bit different to encrypted video where it is actually being encrypted off device.
Let's be clear here. That's a fine point in the generic sense, but in the Signal situation there are no private keys and it's not really DRM.
Suppose a third party app wants to make screen captures. Windows prevents it, because otherwise it could do the same thing to Netflix and capture the video. The thing preventing the app from bypassing that constraint is DRM.
Whereas suppose Microsoft wants to distribute an update to the video rendering code in Windows. It will have access to the data on the screen because it's the thing converting it into pixels, so Microsoft signs the new code with their private keys and distributes it to your PC and it gets access to what's on your screen. Which they could also do with code designed to exfiltrate it.
Also if Microsoft wanted to bypass it they could just ignore the function call, they wouldn't have to do any clever workarounds.
I don't know what exactly causes this, since it's intermittent (the same web site doesn't always do it) and happens even with various ad and tracking blockers in place.
Simpler software could satisfy web users.
Could reduce potential for surveillance and annoying distractions. Easier to audit and control.
exceptione•6h ago