Can P2P Filter Copyrighted Content?
scubacuda writes "DRMwatch reports that technologists acting on behalf of porn publisher Titan Media reported to Congress that P2P networks could (if they wanted to) use "fingerprinting" (aka "hashing") to detect copyrighted works and then filter them with the "spyware" installed on all nodes in the network."
Did common sense go on holidays?
Load a fingerprinted file.
Change one bit.
It has a new fingerprint.
The eDonkey/eMule network already identify files by an MD4 hash to ensure you get what you ask for. For instance: if a file has many sources then that means they have the same hash, you can be quite sure that it isn't a bogus loop of a pr0n flick when you really wanted that latest DVD rip.
If this goes through you'll see a new kazaa-compatible P2P client appear that pops a few random bytes into the ID3 tag of an MP3, the comment section of a JPG or in the headers of a video file. Each one will then have a new hash. Oops.
Oh, the new KazaaDRM(tm) ignores comments & tags and only looks at the actual data? OK, the new client toggles a bit that won't cause any visual or audio degradation of the file. Oops.
That all said if 100 people rip an MP3 or DivX file they won't generate the same byte-identical file. This is doomed to fail at the expense of your computer's CPU cycles as it generates these useless hashes.
Trolling is a art,
For every man hour of time that's put into 'protecting' their work, there's a thousand man-hour's worth of effort that will freely be contributed from the "public" to try and break it. All encryption like this can and will be broken over time, the only way to beat it seems to be for the companies to try and repeatedly adapt and stay one step ahead. Unfortunately that's very expensive and can't be maintained for long. Regardless of your stance on the argument of p2p, this is the way it looks like continuing for the near future.
There are two fallacies with the proposal:
Spyware on the nodes? Even if you could somehow ensure that all compatible clients comply with the spying requirements, how long will those clients be left unmolested? Any P2P "server" is really just a client of many other "servers."
This depends on a mathematical hash performed on a given rendering of a copyrighted sample. Resample and the hash is broken. Hell, even a second-rate email spammer knows how to avoid hash detection: just tweak an unused ID3 field.
[