Skip to main content
 

Trust but verify (or why Firefox is my primary browser, & why we should be wary of h.264)

3 min read

This weekend, Mozilla CTO Brendan Eich called on the world to examine Firefox's source code to protect it from NSA intrusion:

Through international collaboration of independent entities we can give users the confidence that Firefox cannot be subverted without the world noticing, and offer a browser that verifiably meets users’ privacy expectations.

Firefox is the only major web browser that's fully open source; by extension, it's the only browser that can be publicly verified to be free of unwanted surveillance code (and other malware). This is a great example of how open source software is more secure, and can be more trustworthy than closed source platforms.

However, browsers are more than their core, so it's important to bring up the issue of plugins and components. These are not necessarily as verifiable, so users should proceed with diligent caution. (Perhaps a site could be established that verifies software and plugins in an auditable way?)

For example, the closed-source h.264 video codec has typically not been supported by Firefox's core code. Instead, the browser links to operating system libraries if they exist, or can use the Adobe Flash plugin to play these videos. In most cases, neither the OS libraries nor the Flash plugin are open source, and therefore are not verifiable. Additionally, you may remember that Cisco has released a component that will allow for cross-platform h.264 support:

We plan to open-source our H.264 codec, and to provide it as a binary module that can be downloaded for free from the Internet. Cisco will not pass on our MPEG LA licensing costs for this module, and based on the current licensing environment, this will effectively make H.264 free for use in WebRTC.

Note that it's the binary module, not the open source codec, that will be license-free, and this is what will be incorporated into Firefox:

We are grateful for Cisco’s contribution, and we will add support for Cisco’s OpenH.264 binary modules to Firefox soon. These modules will be usable by downstream distributions of Firefox, as well as by any other project.

This remains a great move by Mozilla, because it opens up sites like YouTube (and latakoo) without forcing users to install Flash, but it does mean that the h.264 codec component in Firefox will be unverifiable. In turn, this continues to highlight the importance of truly open source, license-free media codecs, not just to maintain a healthy software development ecosystem, but to protect all of our privacy, too.

The problem is not that there aren't any open source h.264 implementations; it's that the MPEG-LA issues licenses for the technology based on patents it controls, which effectively means that anyone who wants to create h.264 files at scale must build significant license costs into their model. Cisco's binary distributions include an agreement that they will pay for these license costs.

It's worth noting that Mozilla continues to work on Daala, its fully open source codec, and Google has made some strides into kind-of-license-free video with VP9. However, h.264 has established itself as a standard - we use it at latakoo for that reason - and is unlikely to be displaced in the near future.