Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Mozilla Firefox

Firefox 49 For Linux Will Ship With Plug-in Free Netflix, Amazon Prime Video Support (mozilla.org) 134

Reader LichtSpektren writes: Widevine, the media protocol that allows users to watch videos on Netflix, is supported in Firefox for Windows and macOS. But until now, its users on Linux were required to use a plug-in. That changes with v49, which offers out-of-the-box support for Netflix.Mozilla plans to offer plug-in streaming for Netflix as well as Amazon Prime Video and other similar services. The v49 will be available on Linux in September. Mozilla adds that it will be removing support for NPAPI plugins from its browser in the near future, plugins that some video streaming sites rely on for playback. "Mozilla plan to support the Widevine CDM on Linux, letting users watch Netflix without plugins," the company said.
This discussion has been archived. No new comments can be posted.

Firefox 49 For Linux Will Ship With Plug-in Free Netflix, Amazon Prime Video Support

Comments Filter:
  • Not plugin free (Score:5, Informative)

    by Carewolf ( 581105 ) on Monday August 15, 2016 @09:48AM (#52704441) Homepage

    If they switch from NPAPI to CDM, that does not make them plugin-free. CDM is based on plugins and Widivine is a plugin.

    • Re:Not plugin free (Score:4, Informative)

      by tepples ( 727027 ) <.tepples. .at. .gmail.com.> on Monday August 15, 2016 @09:50AM (#52704463) Homepage Journal

      It does, however, drastically reduce the attack surface of plug-ins. The CDM is a much narrower, more focused API than NPAPI. And it'll be easier to avoid: don't use any services that offer Hollywood movies for online rental.

      • by Anonymous Coward

        "the attack surface of plug-ins" oh fuck off. If processes can't be assigned fine-grained permissions then your operating system is shit. VMS had no problem with the concept in the early '80s. You should be able to write a plug-in that does nothing but attempt to scrape data from the user account and infect the whole system with crap, and the OS should be able to catch every attempt - or, rather, default deny.

        The virtual machine / cloud craze itself is a fucking retarded band-aid over the fact that operatin

        • CDM is sandboxed (Score:3, Informative)

          by tepples ( 727027 )

          "the attack surface of plug-ins" oh fuck off. If processes can't be assigned fine-grained permissions then your operating system is shit.

          Unfortunately, people have allowed themselves to become locked into incumbent operating systems that are, as you put it, "shit". But given the presence of "sandbox" in the titles of bugs listed at Media/EME [mozilla.org], it appears Firefox is at least trying to limit the permissions of the CDM.

        • Re: (Score:3, Insightful)

          by Anonymous Coward

          If processes can't be assigned fine-grained permissions then your operating system is shit.

          Let's ignore that there are entire operating systems built around the browser experience. The browser itself is the new thick client for a huge swath of user experience; you don't need to escape the browser's process to do real damage.

        • I completely agree that sandboxes are vitally important, this doesnt change the fact that binary blob plugins need to go, many other problems with them, since they often do not work on the BSDs and create a lock-in to Windows as which can be seen with Unity3D and Shockwave. The browser should be 100% open source with no binary blob native code plugins and the thing should be heavily sandboxed and multiprocess on top of that.

          • Re:Not plugin free (Score:5, Informative)

            by roca ( 43122 ) on Monday August 15, 2016 @03:36PM (#52706883) Homepage

            "The browser should be..." Sure! But it turns out that Hollywood won't let you play their movies in such a browser :-(.

            If you want Firefox to be that browser, just uncheck "play DRM content" in the preferences and you're all good.

          • I'd suggest looking at IceCat (formerly IceWeasel). Given that the whole reason the browser exists is because of the not-free-enough license for the Firefox trademark and artwork, I'm sure they'll also strip out any binary blob DRM schemes.

        • by jedidiah ( 1196 )

          VMS is dead. Get over it already.

      • Yes and no: the interactions between the browser and the CDM defined by the 'encrypted media extension' stuff are indeed pretty narrow; but the spec allows, and deliberately doesn't not define, what the CDM itself does, what privileges it runs with, and so on. There are a few plaintive encouragements to avoid incompetence or malice; but those are optional. It is less likely to be useful for attacking the browser than an NPAPI plugin is; but the security and behavior of the CDM itself are restricted only by
      • by Anonymous Coward

        it isn't easier to avoid, as as unlike NPAPI plugins CDM's have no click-to-play option (or didn't last time I checked)

    • Not my fault (Score:4, Informative)

      by LichtSpektren ( 4201985 ) on Monday August 15, 2016 @10:18AM (#52704627)
      My original submission said nothing about plug-ins, so I declare this "not my fault"

      :P
    • I am for getting rid of ALL native code plugins and instead providing Javascript APIs for audio, video and 3D. Replacing one native code plugin API with another would be a huge mistake. Native code plugins are just begging for binary blob plugins that run only on Windows and therefore keep applications unavailable to Linux users, like Unity and Shockwave has done. Unity, Flash and Shockwave needs to be killed off for good.

      • Unity, Flash and Shockwave needs to be killed off for good.

        Well, good news on one front: Unity Webplayer is officially end-of-life as of last year, and webplayer authoring is not supported at all in the recent 5.4 release of Unity. When it comes to browser gaming, Unity is focused 100% on cross-platform, open standard HTML 5/WebGL, and is working closely with Mozilla on bringing those technologies up to par with native.

        (Outside browsers, Linux is a first-class Unity target platform, and the Linux version of the Unity editor is coming along nicely, although it's sti

      • by roca ( 43122 )

        Browser vendors have been working very hard on that goal for a long time and are almost as close as they're ever going to get.

        DRM is "special" in that Hollywood won't let you play their movies in any full-open-source no-binary-blobs browser. You can opt out of DRM in the Firefox preferences and that gets you as close as you're going to get until you persuade Hollywood to alter their licensing terms.

  • ...controlled entirely by three major vendors for some reason is praised by the software development community.

    What is it about freedom and control of your own systems that makes even professionals so afraid?

    • This move from modularity to massive monoliths...controlled entirely by three major vendors for some reason is praised by the software development community.

      What is it about freedom and control of your own systems that makes even professionals so afraid?

      And I thought Firefox was a fat bloated pig before. Anyone have any recommendations for a lean browser?

      • Re: (Score:2, Interesting)

        Most Firefox memory use is due to memory leaks and caching of image data, rather than actual code. What the browser could and needs to do is allow for more on the fly decompression of image so off screen images are not stored in memory uncompressed and allow the user to set the maximum size of the image cache. Google Chrome seems to do a little better because each tab is a different process, there is more chance for memory to reclaimed by the OS when a tab is closed and the process killed. Firefox is one bi

        • I mostly concur.

          I was under the impression, anecdotal evidence based on experience, that Firefox leaded memory via it's Flash video player. I found that once I stopped using Firefox for YouTube it seemed to never really leak memory anymore.

          But yeah, Chrome's one tab = on process is a smarter design.

        • by roca ( 43122 ) on Monday August 15, 2016 @03:51PM (#52707003) Homepage

          Firefox does do "on the fly decompression of images so off screen images are not stored in memory uncompressed".

          When complaining about Firefox memory usage, make sure your understanding of the issues is up-to-date.

      • by roca ( 43122 )

        Removing NPAPI in favour of the much more limited CDM interface is a major net reduction in code and attack surface.

        Your hate reflex is definitely misplaced this time.

    • What is it about freedom and control of your own systems that makes even professionals so afraid?

      Freedom and control is ok to a point, but often times having stuff just work is of greater importance.

      I use Linux at home. I like it. I can setup cronjobs to automate maintenance tasks and write scripts to handle all sorts of neat tricks (ie, I had a ton of old TV series downloaded and discovered that my media player downstairs choked on anything encoded with the old "DivX" codec - in about 10 minutes I had a script written that would scan over the entire media directory, find stuff encoded in DivX, re-en

      • I'm in agreement. If Netflix wants to throw out DRM-laden video, well, I'm only paying like $12 a month, so I'm willing to concede them the point. I'm not buying the videos, as you say, so if distribution means DRM-capable infrastructure, then so be it.

    • by roca ( 43122 )

      Four, actually. (Five if you count Opera.) Three of which are open-source and have reasonably open development models. Plus the APIs are governed by an open-standards process that anyone can participate in.

      I'm not sure what the point of your message is actually. Are you arguing that NPAPI was a valuable extension point to let people democratically extend the Web platform? Because in practice it was not; the only NPAPI plugin developers could use in practice was Flash. And Flash was 100% Adobe, so did not le

  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Monday August 15, 2016 @09:58AM (#52704507)
    Comment removed based on user account deletion
    • I rather like Sync. It's one of the biggest draws to the browser for me.

      Most of the users at my company don't use it. It harms nothing being there. I don't care for pocket, have never used it. It doesn't bother me.

      • by QuietLagoon ( 813062 ) on Monday August 15, 2016 @10:10AM (#52704591)
        I don't use Sync and would prefer if it were a plug-in for those who do like to use it. The concept of mandatory options, i.e., plug-ins that are permanently plugged-in, runs counter to good security practices. When they are not used, they do little more than increase the attack surface.
        • Re: (Score:1, Insightful)

          by geek ( 5680 )

          I don't use Sync and would prefer if it were a plug-in .

          It's all about you isn't it Kim Kardashian?

          • On the contrary, I am generally opposed to the "mandatory options" plug-ins because of the problems (security and otherwise) they can cause in instances when they are not wanted or used. I most specifically am not saying the plug-ins should not be available for those who do want to use them. Indeed, the abuility to choose what plug-ins you want in your browser is one of the great benefits of plug-ins.

            .
            In being concerned about security and other issues, I am looking at things beyond myself and this Kim Ka

      • It harms nothing being there.

        Technically speaking, it occupies your computing device's memory, which can be interpreted as a form of harm.

        • It harms nothing being there.

          Technically speaking, it occupies your computing device's memory, which can be interpreted as a form of harm.

          That and we have no idea what it is really doing while running, or if it really exits...

    • Re: (Score:3, Insightful)

      by houstonbofh ( 602064 )
      Firefox has lost the point and become a fat bloated monster. And Chrome is not far behind. (And this ignores the massive data gathering both do) So there is a fantastic market opportunity for a lightweight browser that can still render the bloated modern web... Any ideas?
      • by Anonymous Coward

        Pale Moon?

      • ...Firefox has lost the point and become a fat bloated monster....

        Have the people who are running Firefox run it into the ground yet, i.e., has its marketshare fallen below the magical 10% threshold? Once a browser falls below 10% marketshare, its relevance diminishes greatly.

      • by dmahurin ( 2128 ) on Monday August 15, 2016 @10:38AM (#52704785)

        > Firefox has lost the point and become a fat bloated monster. And Chrome is not far behind. (And this ignores the massive data gathering both do) So there is a fantastic market opportunity for a lightweight browser that can still render the bloated modern web... Any ideas?

        Well, you could create a minimal version of Firefox, stripping out all the junk, and call that Phoenix.

      • by Anonymous Coward

        Vivaldi for sure. Opera 12's successor, if only in spirit.

      • So there is a fantastic market opportunity

        I'd argue that there isn't.

        The number of people who care about the stuff you listed is generally trivial, and your statement itself touches on a key point - "market opportunity". If you want anything more than a hobbyist project (of which there are tons out there already), you have to have a product that will make money.

        Browsers can either make money by doing things like the data gathering you mention (and be of no cost to the users), or they can skip on things like that and charge the user directly. You

        • by retchdog ( 1319261 ) on Monday August 15, 2016 @11:45AM (#52705229) Journal

          "OMG these sites i don't pay to use are advertising to me and that's evil!"

          okay, use noscript.

          "but that's hard and there are other ways i can be tracked."

          okay, i'll build and maintain a secure browser for $5 a month.

          "i can't afford that."

          okay, $5 a year.

          "information wants to be FREE, man!"

          okay, then i guess i'll go to work for an online advertising company.

        • I would argue that there is for a traditional FOSS project. One where a few people contribute the the browser they want to use. A project like Security Onion where people contribute to the tool they need.
      • by guises ( 2423402 )
        What is the massive data gathering that Firefox does? This is a serious question, the fact that they seem to be the only browser maker who's cares about privacy, even a little, is the whole reason why I use Firefox.
        • Right now, less than they used to since they've stopped the idea of sponsored tiles targeted based on your browsing habits. However read their privacy policy. When you find the page have a dig back in the wayback machine and see how they seem to change this policy more often than an average person changes underwear. Then laugh at the comments that they claim this is opt-in, yet they have systematically changed defaults away from the privacy of the user over the years, and on a fresh install of Firefox all c

    • And let's make HTML support and the ability to zoom plugins too, while we're at it /s. No, seriously, some features are popular enough that they warrant being standard.
    • for netflix viewers: ignore this update, you already likely see netflix on an embedded linux television.

      Speak for yourself. Netflix is the only reason I fire up Chrome. Otherwise, Firefox is my browser of choice.

      • by jedidiah ( 1196 )

        The only time I ever bother with video streaming on a PC is when I am away from home and I've got enough room to stretch out in and have a laptop setup with the screen so I don't have to hold onto it (like a tablet).

        Beyond that very particular use case, pretty much ANY OTHER device is much better for dealing with those services. Video in browsers has always sucked and required far more resources than necessary on a PC. Choice of OS doesn't help this.

        • by lgw ( 121541 )

          The UI is better on PC, because you have a mouse and keyboard. Easy to search, easy to jump to any point in a video. Why would I care how much resources the video player is using? That's the only job of my HTPC.

      • I do exactly the same thing. I'm looking forward to this.
    • hustle up and get that godforsaken voice chat program out of the browser

      Are you asking a Mozilla the king of standard compliance to to implement a part of HTML5?

      • by roca ( 43122 )

        What are you talking about? Firefox already implemented the relevant WebRTC standards; they're what Hello was based on.

    • by roca ( 43122 )

      > enjoy your free, mandatory DRM in the browser.

      Not mandatory. Disable it with one checkbox in preferences.

      > get rid of pocket

      Being moved to a disable-able extension.

      > please work on fixing the bugs youre assigned

      Of course they're always doing that. To insinuate they don't is just gratuitously insulting.

      > hustle up and get that godforsaken voice chat program out of the browser

      Already done.

      > quit mandating signed plugins to curtail adblock users

      No connection between signed addons and adblock.

  • This makes me wonder if "App Neutrality" will become a thing in the future the same way "Net Neutrality" is today.

    Imagine a conversation like, "I really only watch anime's that are on Netflix because that site 'just works'. I don't want to have to do the extra steps that I need to do for Crunchyroll."

    Although for all I know this will affect Cruchyroll too. I just picked them out of the air as an example.

  • by gQuigs ( 913879 ) on Monday August 15, 2016 @09:59AM (#52704521) Homepage

    I do support this move by Firefox, but can we please actually call it DRM on this site?

    We were just talking about how we want to call it out as being anti-consumer, etc.
    https://yro.slashdot.org/story... [slashdot.org]

  • There's one thing really holding my HTPC back from sheer awesomeness.

    The fact I can't navigate Netflix with a keyboard. Sure there's some rough scrolling and what have you, but it sucks. I want full screen arrow navigation. I know a webpage CAN do it, but why it won't do it is beyond me. The fact it CAN be done on commercial boxes with dedicated apps just annoys me so. I've tried to get copies of the apps meant for Blu-ray players, I even tried installing Dolphin to see if I could get the Wii version t

    • by tepples ( 727027 )

      Netflix is a service you pay for, making you the customer, not just "the product" as with ad-supported services. When you asked Netflix support how to use the service with a PC keyboard, what was the form letter?

      Do you have a disability advocate organization near where you live? Perhaps a support request from such an organization might carry more weight than one from an individual.

      • by ausekilis ( 1513635 ) on Monday August 15, 2016 @12:13PM (#52705463)
        Dear Sir/Ma'am,

        Our client, pecosdave, suffers from the debilitating disease of Laziness wherein he cannot be bothered to use a mouse or mouse-like interface to use your service, "Netflix". Our client has sent not zero, but exactly 1 (one) email to your customer support asking for proper keyboard support for your services web browser client. As described in his email, he is able to use arrow keys and the space bar without problem, and mashing his hand down on a keyboard as a response to your "Are you still watching?" prompt. However, anything that requires our client to sit up and move his arm around causes him considerable pain and mental anguish. We politely ask for your assistance in aiding our client and others stricken with Laziness in providing proper keyboard support for your platform.

        Sincerely,

        Real-life Lawyer
        Association of Lazy People
        • Laziness != Convenience && Laziness != WAF [wikipedia.org]

          You can map keyboard keys to IR remote presses, making it work like an easy to understand consumer electronic device.

          • EXACTLY

            WAF is a very heavy considering in my HTPC. Putting all my movies, music, and photos on KODI has a high WAF, however having to go to the Wii or use a clunky touchpad for Netflix is very low on her tolerance list. She will generally switch to the Wii so she doesn't have to deal with the stupid browser launcher and touchpad.

            • Definitely see my recommendation for Roku in my other post, then. I was a one-device guy before Roku. Great UI, even if Netflix subverts it a bit too much. https://www.roku.com/how-it-wo... [roku.com]

              • I've seriously considered getting one of those TV's that has built in Roku. If I'm not mistaken it will play back the media on my Kodi box anyways.

                (I'm still on a CRT for now, long story)

                • I'd recommend not. If you can avoid a TV with Smart functionality, you can have a box that's easily replaced to upgrade even after the TV warranty is over.

                  Also, if you want a Roku TV, you have to buy one made by TCL. Their TV's aren't terrible, but having a choice is worth the extra money for a separate box.

            • Get her a FireTv/Roku and call it a day. I have several fire breathing HTPCs, with badass GPUs, but the wife only sees the FireTV for Amazon, Netflix and Kodi. She has her own remote and input, I even labeled the input with her name. This lets me go as crazy as i want with my HTPCs without worrying about accommodating normal users.
    • Just get a Roku for your streaming services. It may not integrate into your HTPC, but it's always-on and low-power. If you have a universal remote already, it supports IR even if it comes with a Bluetooth remote.

    • I use Chromium as basically my HTPC with a simple custom web app (runs locally on the machine) to tie a bunch of services together in Fullscreen Kiosk Mode.

      I use a Mele F10 Deluxe air mouse/keyboard, purchased on Amazon for $30US [amazon.com]. You can bind certain keys to certain devices (it has both RF and IR transmitters). I only use IR to turn m TV on and Off, but you can program it to control volume as well.

      In Chromium I use the following extensions to make the experience a little cleaner:
      - No Scroll Bars Please! [google.com]
      - S [google.com]

  • NPAPI has started acting strange under FireFox for me. I currently have a crisis on my hands where in Linux, I cannot load Okular Plugin, or nspluginwrapper Acroread plugin and I need them.

    I get errors like the following:
    From Okular:
    (msgtype=0xAA0006,name=PPluginInstance::Msg_NPP_SetWindow) Channel
    timeout: cannot send/recv
    Error: (msgtype=0xAA000C,name=PPluginInstance::Msg_NPP_GetValue_NPPVpluginScriptableNPObject)
    Channel timeout: cannot send/recv

    From NsPluginwrapper
    wrapper.c:2228):invoke_NPP_SetWindow: asse

    • Currently the plan is to make non flash npapi plugins disabled by default on firefox 52, and by firefox 53 support will be removed entirely. So better change to pdf.js, or open the pdf files that pdf.js has problems with externally.

      Source: https://bugzilla.mozilla.org/s... [mozilla.org]

  • by Eravnrekaree ( 467752 ) on Monday August 15, 2016 @11:34AM (#52705149)

    Removing NPAPI is actually a huge improvement, this has only been an invitation for companies to make a fleet of closed source, proprietary plugins that only run on Windows and which contain tons of security problems. Good riddance! Instead, if app developers need to do 3D and and video, they can use the built in browser APIs to do this, like WebGL, implemented better audited open source code available on all the platforms.

    It is Netscape/Mozilla that is primarily to blame for Flash, Java, Unity, Shockwave plugin junk, because Mozilla for a while did not include built in Video and 3D capability for a long time despite enormous demand for this, but did provide plugin APIs which were just an invititation for Windows only plugins that would lock out FreeBSD and so on. There are still too many applications, often corporate custom apps used in corporate and education environments, and online games, that still use the Flash, Unity, and Java junk despite Flash disappearing from many sites like YouTube. We have Mozilla to blame for this plugin mess. Hopefully it will now go away for good and take all of its binary blogs, crappy proprietary code and so on with it.

    Now, Firefox finally needs to get sandboxing and multiprocess to work to further security and safety, something that should have been done eons ago like Google Chrome has done.

  • Widevine (Score:3, Informative)

    by GrievousMistake ( 880829 ) on Monday August 15, 2016 @01:13PM (#52705985)

    This is the same buggy piece of crap that led to root exploit on many Android phones, since of course a media player needs privileged access to the kernel.

    http://bits-please.blogspot.co... [blogspot.com]

    But don't worry, that was a fluke, I'm sure the opaque blob for the PC is written by their best men, and not the scum of the earth who failed their McDonalds job interview.
    The complete loss of security to all their users is a small price to pay to eradicate unlicensed copying of movies once and for all!

    • of course a media player needs privileged access to the kernel.

      It does in a world where DRM-laden video is possible. Unless you have a secure path to HDCP, you'll have no streaming services like Netflix. Do you remember before? There wasn't unencumbered video. There was nothing at all.

  • Sounds like we will have to back track?

    Not sure how this plays out?

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...