views:

826

answers:

4

Since Flash is losing ground I would like to know if there are ways to protect html5 videos with DRM (H264, .ogg and WebM).

Update

Found out that safari supports HTML5 drm hinting with .mov files. Which stops users from directly saving the files. Still leaves all other browsers. http://www.apple.com/html5/showcase/video/

+1  A: 

This question was actually asked recently at Google's I/O conference a couple weeks ago, after a talk called Developing with HTML5 (link is to the specific question being asked).

The answer, from Chrome engineer Arne Roomann-Kurrik, was

As far as I know I don't have an answer for your regarding that. So, sorry.

So, yeah, nobody really knows. HTML5 is a pretty nascent set of tools anyway, and I think most people are focusing on getting the <video> element to work properly across all browsers in the standard case before focusing on how to deliver DRMed content.

Sorry this answer isn't more helpful.

Jason Hall
Thanks, it's good to hear that there are more people pushing for this technology.
Joost van Doorn
A: 

You could implement some kind of encryption scheme with public/private key - I recently heard about http://www.widevine.com/ who seem to be doing something like that for html5 and h.264 . But I am not aware of anyone having applied to web video in general.

Silvia
They don't seem to offer anything html5 related. It's mainly a flash implementation. Also Netflix uses Widevine but isn't moving to HTML5 anytime soon because of the DRM concerns.
Joost van Doorn
I recently saw a presentation where they claimed to be supporting HTML5 (i.e. H.264 probably)
Silvia
+1  A: 

No.

In theory there could be a plug-in that provides custom protocol used via <video>:

<video src="drm:…">

In practice there is none, and it would be dumb to replace Flash with another plugin that has same downsides and none of the benefits.

Consider abandoning idea of DRM, as it's more likely to backfire than protect the content.

If you really, really have to do something, you could generate video element and URL with hard-to-debug JS, serve file with specifically-crafted server that refuses to send same URL twice (will kill seeking though), and overlay <div> or transparent image on top of video to make "Save As" harder to reach,.

This is of course pointless cat-and-mouse game, and you'll be in losing position, alienating your users.

porneL
Out of general interest in HTML I thought this was interesting to ask, maybe test some hacks.Your suggestions seems easily fooled with a simple plugin.One 'hack' I found out is a way for video to be impossible to completely download. I do this by letting the download not complete by infinitely delaying/sleeping the process when it's almost finished downloading. This will still allow the video to be viewed but not downloaded using only html5 and a server side hack. This hack is of course not 100% safe and bad for the resources on the server side, but there should be a solution for that.
Joost van Doorn
Of course these tricks can be easily worked around. Hack with server never completing download won't stop anyone either – in most browses user can simply click "stop" to stop download and keep data that's been downloaded so far.
porneL
A: 

Sure you can stop someone from downloading the file simply by not giving them permission to download anything from certain folders on your server. Maybe there is something I am missing here. Seems like that would be a relatively easy solution.

AdonisSMU
The idea with DRM is that the user can access a file under certain conditions. You would be able to let the user view the video, but not to download it. Silverlight and Flash provide DRM video for the web but it's of course better to use native HTML elements.
Joost van Doorn