Slashdot Mirror
SightSound To Distribute Films Via Gnutella
asonthebadone writes: "The online video firm SightSound.com plans to distribute feature movie content with Gnutella. The film content will be 'protected' by Microsoft's Digital Rights Management System. The article from CNET goes on to quote various security 'experts' as stating that Gnutella is "fundamentally insecure" and that its usage would sow the "seed of one's destruction". If you're looney enough to run a file of unknown origin with a .vbs extension, that would be referred to as Darwinism." (More)
Carnage4Life writes with more details: "Sightsound has put up for grabs on the Gnutella network a dozen encrypted movie files from Miramax Films, for which SightSound has secured online distribution rights. Once people obtain the file, they are required to rent or purchase a license to view the movie. [...] If this works this could spell the beginning of the embrace of online digital distribution of movies, music and other forms of IP by the entertainment industry. Maybe then all the Napster madness will be over."
So long as it's a greater inconvenience (or a large enough moral dilemma) to crack such files for a critical mass of people, it seems like everybody could win here.
This, and the hassles of filling out credit card info for a few dollars, will probably be the big roadblocks in distributing low cost or payment optional content on-line. I'd love it if artists could distribute their work on-line for "micro-payments" but actually doing it will likely be complex technologically, economicly, and of course socially (as this thread demonstrates).
-Kahuna Burger
...will work for Chick tracts...
So what you are saying (and apparently the moderaters agree with you) is that all the people that have been spewing about "If they make something easy to get and affordable on the net, we'll buy it instead of steal it" is a huge load of crap? Here is something that is distributed in the "great new way" everyone wants, yet no one is willing to pay for it, because it will be cracked and available for free. Once again, it is proven that high prices don't cause piracy, piracy is justified by bitching about high prices.
"Information wants to be expensive" - Stewart Brand, the same guy who said "Information wants to be free"
"Anyone who is on Outlook is potentially vulnerable and needs to be very careful and cautious," said Scott Blake, security program manager for Bindview. "It's very easy for someone to utilize the Outlook network to propagate a Trojan horse, a file that appears to be something useful but in fact is the SEED OF ONE'S DESTRUCTION!!!."
Blake added that Microsoft could possibly be at fault for encouraging people to use Outlook.
"It's somewhat irresponsible for (Microsoft) to be pushing a software that's fundamentally insecure as this," he said.
I love the smell of FUD in the morning. ;-)
Hey, by the way -- what's up with marking that last post "Troll"? Lame.
---
icq:2057699
seumas.com
Sightsound is not the only company to be banking on Microsoft DRM to be "secure enough". There's plenty of other people going that route.
For information on MS DRM, see the Microsoft Digital Rights Manager Overview which talks (in very general terms) about how MS DRM works.
Interesting excerpts from the FAQ include:
And...
There will probably be a CERT advisory talking about how to circumvent both within a few months. :P
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Informative: I have set up a mirror of this site as it appears to be /.ed already :(
Don't click on the link given in that statement if you're at work. I did, and it led to porn!
The reason why I ask is, I think if you take the entire population (of the world) and work out two variables, x number of people willing to spend y amount of dollars, you'll see that as y goes down, x goes up. The amount of money made by film producers (or distributors, or whatever) would be roughly x times y. Over time, however, x becomes more important. x is actually more along the lines of number of viewings rather than number of people willing to pay. But my point is, if you make y low enough such that an acceptable percentage of people are willing to pay, then they wouldn't have to worry about piracy.
Let me borrow, as an example, currency. The reason why printed currency works and why the government goes through all the anti-counterfeit stuff is because would-be counterfeiters would have to spend a lot more money than the value of the currency that they are trying to counterfeit. The government has the economy of scales on their side. They spend less than 10 cents printing each bill, but it would be much more expensive (though not impossible) for counterfeiters to produce counterfeits that can fool people. That's why counterfeit money is usually higher is denomination, because the lower denomination just wouldn't pay off. That's perhaps why the U.S. has, as it's highest denomination, the one hundred dollar bill.
Back to the encrypted movies. If they priced it so that it would not be worth anyone's time to pirate the movies, even though inevitably, a small percentage of the population will anyway, they can reduce the effects of piracy and actually make enough money (it's never enough, I suppose, and they want to get the money while they can), and the consumers will not complain about how expensive it is to watch a movie. Imagine if pay-per-view was only 10 cents? Take an average long-ish 2 hour movie, if you watched movies non-stop for a month, you'll average about $30, less than most utility bills and DSL fees. Would you do it?
Doesn't make any sense to embed next key in current msg because then next key will have to be = length of current msg, and eventually you will no longer be able to have a msg of any appreciable length. You might as well just use all the random bits in your key w/o having to transmit any new key info inside of the message.
At least as far as the recording industries are concerned, they could distribute demo/trailers of their movies @ 160x152 resolution (so you could get a taste of their stuff @ postage-stamp size, then get the "real thing" through their normal ordering process). I bet the porn sites would just LUUUUUVV this :)
A mindless ban on something typically doesn't work as well as decent education on the topic. Not that education seems to be valued very much any more anyway. I believe that if sex, even erotica, was discussed openly and sensibly from a young age then demand for pornography and prostitution would decrease dramatically. You always need to target demand, not supply.
The problem for artists is that their work is hideously undervalued. To survive they typically invest their money (and any "power" they do have) in power hungry little dictators that have no more interest in the actual art than the rest of the population. The result is the MPAA and RIAA - a marketing and legal machine with a choke-hold on popular art. It's no longer about the art, just the money.
I say, support local artists, buy stuff from independant labels, look up the word "patron". Sure, take in a mainstream movie every so often, but try to lose the false sense of need that's been implanted by immoral marketing practices. (I tell you, many of the complaints about DVD make people sound like they're hooked on drugs rather than home movies.)
I can't beleive I didn't mention American Beauty...
I had originally thought it was going to suck and had to be dragged out to see it. Afterwards, I liked it so much that I went to see it again.
As for The Matrix, I could have sworn that it was a 1998 movie... brain fart on my part I guess. Prolly what threw me was how fast it got out on DVD.
john
Resistance is NOT futile!!!
Haiku:
I am not a drone.
Remove the collective if
Imagine all the people...
Does anyone say "the bomb" anymore???
But yeah, I'd see a Kevin Smith movie any day. But seeing as Dogma was just out last year, and he typically has a 2-3 year interval between movies, and he just put a lot of effort into the Clerks cartoon, only to be fucked (again) by disney...
I don't think we'll be seeing a new View Askew production this year.
But, eh, I *DID* break the DVD boycott to get Dogma and Chasing Amy on DVD to complete my collection. Only two DVDs I've bought since the deCSS fiasco.... honest.
john
Resistance is NOT futile!!!
Haiku:
I am not a drone.
Remove the collective if
Imagine all the people...
Me, Myself, and Irene might be good, if it's more like Truman than Jim's older movies.
Any movie that confuses the difference between schizophrenia and multiple-personality disorder reeks of crap.
Last year Jakob the Liar was released, and it was excellent.
Trust me, the original (Jakob der Lüger, East German, 1975) version kicks Robin William's hiney any day. But someone who likes a remake rarely appreciates the original as much.
"If one is really a superior person, the fact is likely to leak out without too much assistance" -- John Andrew Holmes
I, for one, would not pay. In fact, I would immensly enjoy trying to crack this protection scheme. I would enjoy trying to crack it way more than I would enjoy watching the film. An I would enjoy watching a film I cracked (or recieved a cracked copy of) way more than watching a film I paid for.
I have a feeling I am not alone here.
In an attempt to raie my karma up from the current -15, I beseech any moderator reading this to help a down and out brother. Oh, how the tears will begone from my eye and a smile grace my face if someone would spare me some karma!
/.ed already :(
So to help you out, here are reasons why to mod me up:
Insightful: After reading this article I have a few questions. Mainly, what are the potential security ramifications to both the whitehats and blackhats? It appears as though security was not directly mentioned, so sadly I fear that the designers left this crucial part out. I would not trust my data with an insecure system, and I'm sure you wouldn't either.
Interesting: After reading this article, I see that it is very similar to what is already on the market. Do they plan on setting this product outside of currently existing technology, or embrace what already is there?
Informative: I have set up a mirror of this site as it appears to be
Funny: Can you imagine a Beowulf cluster of these?!?!?!
Underrated: Come on. I post at 0 now, hook me up. Look at these Insightful, Interesting, Informative, and Funny reasons!
Here are reasons why to NOT mod me down:
Overrated: Come on. I post at 0 now. This is not worth of -1, if at least for the novely value.
Troll: Nowhere am I suggesting this is a "FRIST PSOT D00D!" or that "Natalie Portman" is "naked and petrified."
Flambait: Nowhere am I suggesting that "Taco sux!" or "Signal11 blows!" or "linux sucks me"
Thank you for reading, now spare me some karma.
,
faeryman
Post hoc ergo procter hoc.
Religions like Christianity have always been popular for a bunch of reasons, and the Romans had very little to do with it. Drugs have been popular since before homo sapiens sapiens was evolved, as humans aren't even the only species to use them. You're closest to the truth when you cite rock music, but there's hardly anything unique about that movement.
And by the way, the correct idiom is "forbidden fruit", not "forbidden apple".
"If one is really a superior person, the fact is likely to leak out without too much assistance" -- John Andrew Holmes
What's to stop someone buying the licence (which is presumably some kind of program or file), and Gnutella-ing that too...?
What else is illegal? Suicide is. The rates are rising, but I don't know if it is "popular" by any means. Bank robbery is illegal. I just got back from robbing one myself, actually. I think that Christianity, rock music and drugs all have other draws than just being forbidden.
Now, music becomes illegal to download. Downloading music becomes popular.
Yes! Down with the establishment! I'll download music I hate! That'll show them!
Wait, no, I download music, when I do, because I like the music. The legality of it has nothing to do with it, except that it makes me LESS likely. I believe it's a deterrent. I certainly don't think it increases the chances of my downloading.
So Microsoft goes out and builds this standard. Then they say it's impossible. Then, to top it off, they make it illegal to crack it. Who shall be the first to taste the forbidden apple? Good idea! Me me me! I want to taste it!
Wait, no I don't, I don't care.
And what's with criticizing MS for developing the standard? Believe it or not (hold on to your seat here...) they're a SOFTWARE company. They make software. It's how they put food on their tables. If they didn't come up with software, they'd go out of business. (it would take a long time, but that would be the upshot) And what are they supposed to do? "Oh, here's our new encryption software... Um, it's not terribly secure." No. Of course they have to promote it as being secure.
Honestly.
If this works at all, it will go a long way towards the acceptance of gnutella/napster w/ wrapster/freenet style data exchange programs (peer to peer with gnutella and freenet, private with freenet).
OK, hands up for everyone who believes this won't get cracked?
Don_Negro, put your hand down, I said "get cracked", not "be smoking crack"
OK. No hands. No surprise.
I mean, Stephen King's ebook got cracked within hours, and he wasn't even charging for it the first day.
So, next possibility, this will get cracked, and gnutella will be demonized along with the computer cr/h/ackers.
Conspriatorial-think, is MS testing it's DRM software, PR repair can be handled later, and SightSound is helping the MPAA and RIAA to demonize gnutella and the like.
Returned Peace Corps IT Volunteer
Here is why you can't reuse your pad, even to send the next pad. In this case, we will assume that you encrypt your data using XOR with the pad. We will have the following variables:
O1 and O2 = OTP one and two.
P1 and P2 = Plaintext one and two
C1, C2, and C3 = the three ciphertexts.
Send the first encrypted message:
C1 = P1 XOR O1
Send the first pad encrypted with the second pad:
C2 = O1 XOR O2
Send the second encrypted message:
C3 = P2 XOR O2
Your opponent has C1,C2,C3, since that's what you transmitted.
So, your opponent performs the following:
C1 XOR C2 XOR C3 =
(P1 XOR O1) XOR (O1 XOR O2) XOR (P2 XOR O2)
The way XOR works, duplicated variables cancel out, so the above is equal to:
P1 XOR P2
because the two O1's and the two O2's each cancel out.
Now, your opponent has your two plaintexts XOR'd with each other, which is easily solvable. You may as well use ROT13.
Er, how could that possibly work? Even if somehow they kept me from running any video capture programs on my monitor, i can still just pipe it to my TV instead of my computer monitor, run it in fullscreen, and record onto a tape (or, soon, DVD).
Dreamweaver
"If a man hasn't discovered something he will die for, he isn't fit to live" -- MLK, Jr.
I think a judge would probably toss a suit against Gnutella and Freenet out on its ass - it's "bad people", not bad technology.
Excellent analogy! I hope to hell you are right, but alas, I lack your faith in our justice system, and have even less for our lawmaking bodies.
The Future of Human Evolution: Autonomy
Murder, plunder loot and burn
But all in moderation
If you do the things we say
you soon will rule the nation
First kill your foes and enemies
and then kill your relations
Murder, Plunder loot and burn
but all in moderation!
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
They should be able to track you down pretty easily and break your fingers.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Some folks here are already screaming "Gimmick". That's almost certainly true, but I imagine there's another reason for doing it.
Serving up video takes up a lot of expensive bandwidth. Why not let someone else do the serving for you? As an added plus, should SightSound's movies actually become popular, the number of people willing to host the files will increase, thus automatically scaling up the bandwidth accordingly.
And I don't know why you're saying incest isn't very fun. I'm assuming that it wouldn't happen at all if that was the case. Someone has to be enjoying it. And in this age of safe sex and legal abortion, it causes fewer and less obvious problems. Man. What a great way to flaunt authority!
Anyway, my point is that I don't see pirating music and movies as being popular because it's anti-establishment. It's popular because people want to listen to/watch music and movies for free.
OK, this is back to my general DRM (Digital Rights Management) speech.
GIVEN: The entirity of the user base will not accept a technology that restricts or degrades their experience with a medium they previously had greater rights on.
given that, let's explore the possibilities here.
Anything you can view can be copied. Remember the BetaMax suit. That's been solved by some tricks which don't noticably degrade the movie but do degrade any copies, if you don't have tech know-how or some low-grade video editing software.
Computers make copying data much easier--no degradation that can't be fixed. In a perfect, trusted computing environment where the OS, nay, the hardware, was working in concert with DRM software, the data could not be copied digitally.
Firstly, there are no such environments. Secondly, even in the perfect possible case, it doesn't solve the problem--if something can be viewed, it can be copied. Whether it involves getting a video-out from your video card and stereo from your sound card, (let's presume they're also working with DRM), or simply getting a dark, soundproofed room and setting up a video camera, it can't be stopped.
DRM in the digital world will be no better than the real world. Does the existence of VCRs manufactured for mass copying, copier machines, cameras, audio-out and -in jacks, and camcorders ruin the film/tv/music industry? no. When the dust settles, the digital world will be similar. Pirated data will be more available. Vendors will have to deal, or find better business models. Blockbuster and Xerox seem to be doing just fine on their business based off of technologies once thought to be the doom of their respective areas.
Returned Peace Corps IT Volunteer
You're not dowloading the actors and movie sets to your computer, are you? no.
Of course not, but you know that, and that's not what you meant anyway. The actor's labor is scarce, the other capital involved is, of course scarce. What we're doing is paying them for their labor, right?
After a fashion. What it basically amounts to is that the production houses provide these movie-making services to the public at a loss, and then trying to make it up by playing toll collector to the resulting information in perpetuity.
i.e. the movies are being made for free (or worse), and then subsidized later. That seems kind of bass-ackwards to me, although it's been the only practical way of doing it for a while.
The thing is, I think particularly as micropayment schemes become more widespread, it's going to become more and more practical to actually pay production houses/groups/what have you _directly_ for the service of making the movie in the first place.
At least movies are an example of where the artists are actually treated somewhat decently. It's certainly not true of the music industry -- you know this big thing about artists being able to eat? There's no way in hell 90% of the signed musicians in the US would be eating if they tried to live on the money they got from their record company.
I'd rather see artists paid for what they do, and how well they do it, rather than expecting them to work for what almost amounts to free.
In the long run, I think systems that don't pay the artist for creating art (and instead indirectly subsidize them by placing onerous restrictions on IP) are wrong, and destined to fail.
DNA just wants to be free...
The protocol has been fully reverse-engineered but only released with the windows client. Basically gnutelladev.wego.com deals with current generation clones and gnutellang.wego.com deals with extending the protocol to add new features. Capnbry did all of the reverse-engineering and he hangs out in #gnutella on EFnet so if you want to talk to the guy that did it he is the one to ask.
Your machine crashes half-way thru viewing. Must you buy a new liscence? What if you get disconnected? When you dial back up and re-run the liscence their servers would say you already used your activation.
Somewhere out there, there is a Microsoft developer thinking "Nah. We'll just code the SQL so that each download is a transaction. With a long time-out parameter. Yeah, that's the ticket! Lessee, 30,000,000 AOL users at 56K dropping carrier an average of 6.8 times per download... <shrug> should work! We'll use ASP on IIS!"
======
"Rex unto my cleeb, and thou shalt have everlasting blort." - Zorp 3:16
Sacred cows make the best burgers.
As much as it pains me to say it, Microsoft is barking up the wrong tree with this software-based "intellectual property" protection mechanism. As others in the thread correctly point out, you can always intercept a transmission in the clear at some point on your machine. The packaged music or video may be owned or obfuscated by somebody else, but the output of its decryption is 100% within my control. It has to be translated, and immediately afterwards I can snag a copy. This form of protection will always fail in the long run. Its only hope is to render the cost of buying a legitimate copy less than the inconvenience of ripping the output stream. Before IP can be protected commercially (if indeed it should be) the hardware makers must collude with the owners of intellectual property. This is precisely what the MPAA is attempting to accomplish. If they own the players, then they can ensure that at no point is the clear stream electronically accessible. At best I can place a microphone in front of my speakers or try to do a video capture and re-record the output of a movie. But in either case, I will have at best a lossy copy. Personally I wish they would all just give up and go home, and stop treating a non-scarce resource like a precious, scarce one.
-konstant
Yes! We are all individuals! I'm not!
-konstant
Yes! We are all individuals! I'm not!
But given the quality (or actually, the lack therof) of the absolute crap that's been dished out into the theaters this year, it *IS* the literal truth that I'd enjoy trying to hack the encryption more than watching the movies themselves.
Really! What movies have been worth seeing this year? The only one I've seen and enjoyed was High Fidelity. I might give Road Trip a try, just cause I'm a big Tom Green fan. But what else???
Battfield earth? gag... I only regret that I didn't fall asleep earlier. Actually I regret going at all, but I'm too bloody-minded not to stay for my whole $8.50s worth of 2 hours.
U571? The bastard stepchild of Das Boot and The Hunt for Red October, but with neither the direction of Wolfgang Peterson, nor the acting talent of Sean Connery.
Rules of Engagement? Knockoff of "A Few Good Men" but without Jack Nicholson.
Gag, gasp and more gag...
I'd *MUCH* rathar spend two hours hacking at whatever encryption mirimax has put in place (Hell, or even just playing CivIII) than subject myself to any of the tripe that has been released THIS year again.
Seriously? WTF is up? Last year we had some aweosme movies...
Dogma
Being John Malkovich
American Pie
Enemy of the State
Toy Story 2
South Park: Bigger Longer and Uncut
Austin Powers 2
And hell, even the oft maligned Star Ware Episode I, The Phantom Menace easily beats the snot out of anything I've been subjected to THIS year.
Have the powers to be decreed that 2000 will be the year that the movies suck?
john
Resistance is NOT futile!!!
Haiku:
I am not a drone.
Remove the collective if
Imagine all the people...
But as far as I know, ANY software encryption is breakable. If you can see how the decode process works, you can duplicate it.
True, any process can be duplicated, however any data cannot be. If any encryption algorithm is good you won't be able to break it even if you have the well-commented source code.
What encryption does is merge two peices of information, the plaintext and the key into one. If you have any two of those things, then you can get the 3rd. but if you only have one, you can't get anything else.
However, when you are talking about copy protection its different. In order to get the plaintext, you need to have both the cyphertext and the key. That means that the key has to come with the plaintext (or in this case, plainvideo). You should be able to see the problem here...
ReadThe ReflectionEngine, a cyberpunk style n
I hate to tell you this but some form of encryption are uncrackable. Read some books and you can find the proof. Basically a single pat random key is uncrackable as it can produce any results.
That works as long as the key is not available for the cracker. With "encrypted" movies key is ALWAYS available -- if someone paid for viewing once, he has a key. The idea of "protection" is to obfuscate the process to make it impossible to re-use the key if it will be transferred to someone else or used by the same user more than once. This obfuscation will be the target of cracking, not the key itself.
Contrary to the popular belief, there indeed is no God.
ZDNet seems to be relatively computer illiterate between their staff and policies. I like them, some of their people are pretty good. I would, however, have to say, that unless it's marketted by Microsoft or has never had an attack of any type even attempted on it, they really don't support it. They will say that they do, but the inner rung support from them just isn't there. It's a shame.
Eh...
I think you're overlooking rubber-hose cryptoanalysis here.
Daniel
Hurry up and jump on the individualist bandwagon!
1) Eve can't eat the apple.
2) Adam can't eat the apple.
3) Eve can't copy the apple.
4) Adam can't tell Eve about the ATI (Apple Tree Interface).
5) Eve can't inform Adam about the ATI because of the click thru EULA (Eden User Licence Agreement).
6) Adam can't use the trademarked word apple without the expressed writen consent of god and monday night football.
7) Eve can't walk around eden with the apple in her hand without first ataining the exclusive distrubution rights from AAE (Apple Association of Eden).
8) Adam is prohibited from making apple sauce or using any other "compression algorithm" on the copyrighted apple.
9) Eve is prohibited from telling Adam about the apple sause maker because it would be contributing to the use of compression tools in order to facilitate piracy.
10) Neither Adam ore Eve are permitted to make caramel apples as that would be using encryption and obfuscation on copyrighted materials with the expressed intent of unauthorized distribution.
11) The snake can only sell the apple at a minimum advertised list price of $17.99.
___
Well, try doing it with PGP :)
You can't handle the truth.
I think the actual truth evidenced by these examples is this: You can't legislate morality. In other words, you can make something illegal and therefore (perhaps) deter people through the consequences they face. But that won't convince people it is wrong. I know it's naive but I believe that most people have a relatively well-balanced sense of morality, and they can sesne when someone else makes a law that contravenes it. They might obey such a law but they don't respect it.
In counterpoint, consider the experience with drunk driving in the USA. Although it's still a problem, the astonishing thing is, rates of DUI (for young drivers) have been falling for almost a decade. (See, for example, http://w ww.nhtsa.dot.gov/people/injury/alcohol/promdrunk/G ENERALFACTS.HTML for data on trends.) This has happened in part due to enhanced enforcement but largely due to education and a shift in perception. I teach high school and my kids are increasingly of the opinion that drinking and driving is more than illegal ... it's stupid. No amount of laws seem to reach them, because they don't take their moral bearing from laws. Insteasd, they evaluate laws based on interactions with their moral sense.
To bring this back to slashdot ground, I think the MPAA and RIAA and all the other evil acroynms are fighting a losing battle, because their methods don't deal with the morality of the issue. By relying on technological mechanisms (backed by draconian laws), they seem to be ceding the ground over the "rightness" of copying. And because they treat all digital distribution as morally equivalent to mass-producing bootlegs, they create an essential disconnect with their consumers.
The Mongrel Dogs Who Teach
Bandwidth suckage for Sightsound and those who are downloading the movies will be enormous, due to gnutella's design. Even a poorly designed web page would be more efficient.
gnutella is (generally) much less stable, and noticeably slower than Napster. The only advantage I see of gnutella over Napster is that gnutella is unlikely to be sued out of existance anytime soon.
Using gnutella requires a moderate amount of computer literacy, unlike clicking on a button on a web page. This limits the audience by a large margin.
Perhaps Sightsound thinks the giga-huge file will be stored on other computers on the network, so that Sightsound's servers won't be the only ones burdened with transferring, but that's pretty unlikely.
My mom is not a Karma whore!
Whatever, let's assume the code uncrackable (yeah, I know no code is, just run with it for a second).
But with the frequency of incomplete files on services like Napster and Gnutella *ahem* so I heard *ahem* I believe I would go a littel crazy registiring movies and then finding out their incomplete.
I wondering what protection to this problem is being handled.
Currenting missing the ending of End of Days, or whatever, is no big deal - it was free.
How will they deal with this when I have to pay?
Malk-a-mite
Come on, people.
They are using gnutella to distribute digital versions of their movies.
They are grossly overcharging for the privelege, with one viewing priced at $9.95, more than a seat at the cinema.
I think we must consider the possibility that this is a ploy to completely discredit distributed file sharing technologies such as gnutella and, by association, much of the free software / hacker (not cracker) community. They know $9.95 is an unreasonable price, and as others have pointed out this makes it a strong incentive for cracking and unauthorized copying.
Imagine the following testimony, either before congress while lobbying for a new bill, or before the supreme court in upholding a new law banning FreeNet, gnutella, etc. outright:
"We have tried using this technology for distributing our intelletual property, providing users with an easy method of legitimate payment, but recorded only 6 legitamate sales in over 21,000 downloads. We need this legislation to protect our rights -- these people are ruthless vultures and steal from us no matter what we do, or how reasonable we are!"
By cracking and making unauthorized copies of this, you play into their hands. Hell, we're probably playing into their hands simply by not buying their overpriced product "we had zero sales using gnapster - there is no legitimate ecommerce capability there whatsoever."
These people aren't stupid. They are amoral, libelous, monopolistic thugs, but they are not stupid.
The Future of Human Evolution: Autonomy
Aren't these the clowns that held one of those really vague patents? If I recall, it was for the distribution of audio and video over the Internet.
They've got an enemy in this corner...
I further wonder by posting this (off-topic as it is), am I suffering the same fate in terms of my Karma?
Now, music becomes illegal to download. Downloading music becomes popular. As any sysadmin who has made the claim that their system is "uncrackable" will tell you, saying that something is impossible is a very good way of drawing engineers in - like moths to fire.
So Microsoft goes out and builds this standard. Then they say it's impossible. Then, to top it off, they make it illegal to crack it. Who shall be the first to taste the forbidden apple?
Maybe I'm dead wrong here, and if so just tell me =)
...well, I'll leave the problems up to you) just hack the code (hex editors are your friends!) to tell the proggy that the code is authentic no matter what.
It seems to me sending encrypted data over utilities such as Naptster etc could be a good or bad idea. Well, we all know the good so I'd like to point out some problems I see *grin*
1) Liscence creation/distribution. To ensure that the liscencing scheme is sound, I would think the best way to do it would be to have two classes of liscences. Type A would be a one-view liscence, and Type B would be a constant liscence. Each would be encrypted via a different scheme. With this, however, comes some inevitable problems. To make this work right, it would be assumed that one must be connected to the internet to check the liscence with an ever-growing online catalog (to make sure nobody has broken the scheme or is giving away their liscence code to everyone else). So....let's say you bought a one-view liscence. You're running winblows. Your machine crashes half-way thru viewing. Must you buy a new liscence? What if you get disconnected? When you dial back up and re-run the liscence their servers would say you already used your activation. Any other method besides online auth could be easily cracked.
2) How many people would downloading it not realizing they needed a liscence and jam tech support lines?
3) Why not stop spending time cracking the encryption method (which almost HAS to be stored in the viewer program and not online; else
Nothing is secure. Nothing. Sorry, but everything can be cracked. You'll spend so much time and money trying to stop it that you wonder when it just won't be worth it anymore.
God...WHEN is this whole Intelectual Property shit going to go away!?
DranoK
That is not dead which can eternal lie, and with strange eons even death may die.
Shh! Nobody knows I'm gay!
You just have to consider the target audience. The fact of the matter is, that just now, people who use Gnutella are almost all there to get copyrighted materials without paying for them.
I'm not judging that.
But these same people will almost always have a level of technical expertise which will enable them to get the crack as well. Sightsound should aim more at the website distribution model they have just now, which is targeted at a different audience. The Gnutella idea is just as silly as setting up an iRC fserve, or putting it on some l33t ftp.
Also, what's to stop people putting the crack (for there is no doubt in my mind that there WILL be one) on Gnutella with the same or similar filename as the movie, so users searching for the movie will get the crack in the search results at the same time? At the end of the day, I do like this endorsement of Gnutella as a legitimate distribution medium, but it's just not going to work!
--Remove SPAM from my address to mail me
Maybe there wouldn't be a stupid licensee mistake, but inevitably, all encryption can be cracked...
At least these guys have the right idea about one thing: it's impossible to stop the copying of digital content, unlike the DVD guys and the RIAA, who believe that they can control the distribution of all content forever, rip-off artists and consumers, and make tons of money to pay lawyers and lobby congressman to pass laws like DMCA to allow them to keep making tons of money. What a cycle.
2) If the encryption is cracked, we will see another legal maelstrom like we have around Napster and DeCSS.
3) If the encryption isn't cracked, then what happens to fair use? Fair use effectively ceases to exist if you can excerpt films because of encryption measures.
---
This sig has been temporarily disconnected or is no longer in service
Depends on what you mean by 'being cracked.' True, there is no way to recover a message encrypted with a one-time pad given only the ciphertext. That does not, however, mean that one-time pad-based encryption schemes are uncrackable. OTP systems in fact are notoriously hard to do properly because you must be absolutely sure 1) that your OTP is shared onlybetween the two parties involved and 2) that there is no way that anyone else could have that pad. 'Cracking' is still possible, it just means figuring out what the pad is (though you're far deeper into Mission: Impossible territory here than distributed.net typically gets).
In fact, all forms of encryption that I can think of at all are crackable, because they all work by creating some kind of secret (a one-time pad, a private key, shared session key, etc) and attempting to make it as difficult as possible to figure out what the message is without knowing the secret while making it as easy as possible to figure out the message given the secret. Which implies that cracking a security system is at most as difficult as figuring out what the secret is. You can make that tough, but you can't make it impossible, because somebody knows the secret because he/she can decrypt the messages.
By the way, somewhat off-topic:
can anyone tell me why, in an OTP scheme, you can't use your pad once for data, and then once for transmitting a new pad? I'm no crypto expert, and I'm sure there's a problem with that, but I can't figure out what it is.
--
-jacob
-jacob
What's to stop someone writing a program that simply captures everything displayed to the screen to a massive mpeg? (and there are programs that do this already...)
Or, if there's some sort of detector for this kind of thing built into the special viewer, what's to stop someone running VMware or wine under linux and then changing a few lines of code so that instead of displaying output to screen, it writes it to a file?
The simple fact of the matter is that no matter what you do to try and prevent piracy, there is ALWAYS a way around it at a low software/hardware level.
That's my 2c.
this is going to fail the same way microsoft's secure music codec did. if grabbing the unencrypted output of a sound device is really the work of "hackers", then i can't wait to h4x0r the temporary file the movie streams to after decryption.
--BlueLines "The cost of living hasn't affected it's popularity." -anonymous
IF you can run a debugger on the code, then you can break any encryption that any program can come up with. I believe this is a variant of the class of problems known as NP-Hard. I have only heard about this in passing (I'm not really a programmer, I just dabble a bit occasionally), but as far as I know, NP-Hard is jargon for 'provably impossible'.
No matter what a program attempts to do, if you can sit on top of it and watch its internal functioning and code, you can duplicate its responses, spoof the other side, and crack the encryption. All encryption does is protect data IN TRANSIT.
Basically, to make this kind of file-sharing work, SightSound will need to go to some kind of tamper-proof hardware encryption/decryption. This can certainly be done (and often is), but it is very expensive. Intel is in the process of designing tamper-proof encryption into its next generation of video cards and digital display devices. Those will be HARD to crack.
But as far as I know, ANY software encryption is breakable. If you can see how the decode process works, you can duplicate it.