OpenH264 in Fedora
Gregory Maxwell
gmaxwell at gmail.com
Mon Nov 4 19:15:52 UTC 2013
On Mon, Nov 4, 2013 at 11:03 AM, Bruno Wolff III <bruno at wolff.to> wrote:
> I was thinking more of the non-commercial use restrictions you might end up
> agreeing to when you accept the license of the binary. In the places where
> software patents didn't apply, you'd probably either use x264 or build
> openh264 from source to avoid those restrictions.
"Non-commercial" language is part of the MPEG-LA standard license, I
believe it dates back to MPEG-2 or even before. AFAIK, no H.264
product is licensed for commercial use (whatever that means! the
license doesn't define it)... including things like Final Cut Pro (
http://bemasc.net/wordpress/2010/02/02/no-you-cant-do-that-with-h264/
).
Personally I think its just one more of the horrible mess of codec
licensing, it's just one of many ways to violate the complicated
licenses for the licensor to extract more rent from you if its in
their business interest to do so... But in this case the problem is
not specific to OpenH264.
(Though an unwillness to accept a non-commercial license compared to
no license at all is an interesting argument. Though, considering that
OpenH264 somewhat undermines (the least important part of) the revenue
model here, it's not likely that anyone is going to get MPEG-LA to
change their long standing license terms over complaints arising from
that discussion. :)
> codecs process data provided provided by untrusted sources, for security reasons you don't want these bundled with apps.
Codecs have generally had a long track record of security disasters.
This is one of several reasons several major browsers either haven't
used system codecs at all or only by white-listed exception... as many
codecs that get installed on systems have never even been fuzz tested
and, in the past, have been trivially exploitable.
More application embedding for this stuff is probably not a great
plan. A few major applications that have dedicated security teams can
keep up with this stuff, but that doesn't apply generally to all
applications.
More information about the devel
mailing list