canopic jug writes:
Molly de Blanc writes at that it has been one year since the World Wide Web Consortium (W3C) sold out. It was then they, including Tim Berners-Lee himself, decided to incorporate Encrypted Media Extensions (EME) into web standards signalling an end to the open Web. She covers how it happened, what has transpired during the last year in regards to EME, and what steps can be taken.
Digital Restrictions Management exists all over the world in all sorts of technologies. In addition to media files, like music and film, we can find DRM on the Web and enshrined in Web standards. As a Web standard, its use is recommended by the World Wide Web Consortium (W3C), making it not only easier, but expected for all media files on the Web to be locked down with DRM.It's been a year since the the W3C voted to bring Encrypted Media Extensions (EME) into Web standards. They claimed to want to "lead the Web to its full potential," but in a secret vote, members of the W3C, with the blessing of Web creator Tim Berners-Lee, agreed to put "the copyright industry in control" of media access. The enshrinement of EME as an official recommendation is not how we envision the "full potential" of the Web at the Free Software Foundation (FSF).
Digital Restrictions Management exists all over the world in all sorts of technologies. In addition to media files, like music and film, we can find DRM on the Web and enshrined in Web standards. As a Web standard, its use is recommended by the World Wide Web Consortium (W3C), making it not only easier, but expected for all media files on the Web to be locked down with DRM.
It's been a year since the the W3C voted to bring Encrypted Media Extensions (EME) into Web standards. They claimed to want to "lead the Web to its full potential," but in a secret vote, members of the W3C, with the blessing of Web creator Tim Berners-Lee, agreed to put "the copyright industry in control" of media access. The enshrinement of EME as an official recommendation is not how we envision the "full potential" of the Web at the Free Software Foundation (FSF).
how about we hijack this thread to post how-tos on ... err... how to bring back the right-click menu in all browsers on all embedded media files, especially the right-click-menu entry: "save as..."?
Simple: use an older browser (in addition to a new one).
Using an old browser is a bad idea considering the numerous security holes in browsers of a few years ago.
Using Windows is a bad idea. In a normal OS, one runs browser under a separate user and then hijacking it cannot do squat.
No idea about OSX or BSD, but running a browser as a different user under Linux is a massive PITA. You cannot run another X program in the same X session without sharing your session key (which is a security hole since X trusts all local applications by default), running it into it's own screen and switching (which is all kinds of inconvenient) or creating a dummy X session for the browser and streaming it somehow.
On the plus side, what Linux does have is apparmor and selinux, which can lock down a browser quite well without account-based isolation, but unfortunately they need to be manually configured for most user-friendly distros.
Not that Windows is any better mind you, at least X has the decency to secure access to itself since it doesn't secure running applications from each other, the win32 API has no internal security whatsoever and doesn't even warn you about the security risks if you try to spawn a GUI application as a different user. No idea if the new toolkit is any better, but knowing modern Microsoft, most security development time has probably gone in securing the toolkit against the user.
You cannot run another X program in the same X session without sharing your session key
You know that you can also use ssh with another account on your local machine? And that SSH knows how to forward X sessions?
Yes, I did allude to remoting into an X session. Did you even read my comment?
This still suffers from all kinds of integration issues such as not getting audio without some pulse voodoo and not having access to downloads by default and a plethora of other discrepancies compared to running it in the same user session. My argument is that it's a PITA and a very atypical user experience, not that it cannot be done.
You should also investigate firejail [wordpress.com] (namespace sandbox, Linux only) and Xpra [xpra.org] (X11 version of screen/tmux and sandboxing). That way programs should be unable (or have it hard, exploits will always be there) to access unrelated files or poke at other X11 clients.
It's not that big a pain. This works for me:
user$ sudo xhost+user$ su otheruserotheruser$ firefox
It's not 100% secure-- it is possible that instance of firefox can do a screen scrape. But I figure that in combination with making sure nothing sensitive is on any display is good enough to defeat 99.99% of attempts to breach it.
Never use xhost+, that gives front door access to everything X controls for everyone on your entire network. At least use "xhost +localhost", which still gives access to all input and display devices to every local process, but at least it keeps everything that can reach your local network from doing so.
Either way, ssh tunneling or sharing the X cookie is far safer.
Eh, funny how you could do this in XP. Guess XP wasn't Windows.
well, the trick of it is: what are you trying to save?
The background of current element? The background of an ancestor? The content of ::before selector? The content of an img tag(this one should still be easy)?
Your browser assumes most of that is extraneous and devs exploit that fact to make hard to save web pages. Maybe a "choose media from page" browser extension could be a useful thing to write.
For video, youtube-dl, despite the name, can download from over a thousand different sites [github.io].
And really, the only solution is the death of google, facebook, amazon, twitter, reddit, and every other dungheap that just "wraps" the internet's core design in a proprietary, walled-garden cocoon.
And since that's not gonna happen, the misery will continue forever.
WTF are you complaining about in terms of twitter and reddit? Both have APIs. Reddit doesn't require an account to read for even its NSFW sections. Both have TBs worth of archives online anyone can download and play around with. They are two of the most open sites online. No one is hosting archives of SoylentNews articles. Here, go download all of Reddit nicely packaged by month: https://files.pushshift.io/reddit/ [pushshift.io] How is that a walled garden?
I've had good results with Video Download Helper plugin in Firefox. Even works with the latest (post 56) versions.
There are several such extensions but none seem to work very well.
Something tells me you've never used youtube-dl much, or at all? youtube-dl is the king when it comes to saving multimedia from the web. Just keep it up to date, which is simple.
I don't disagree about browsers.
I've tried that extension several times in the past, but not recently as I've no interest in coming within smelling distance of the newer versions of FF.
It's not an extension. It is not an addon. It has nothing to do with Firefox.
It is powerful. It can be used with mpv, smplayer, and so on. It's cross platform, it's open source.
AND IT HAS NOTHING TO DO WITH FIREFOX.
A local News site was running like a dog. Open umatrix. Over 99 cookies being set. More than 50 scripts. Just by the news site without counting third party. Block scripts and xhr and cookies. Page loads in second.
how to bring back the right-click menu
Shift+Right click should work.