Slashdot Mirror
MPAA Developing Digital Fingerprinting Technology
Danathar writes "The MPAA is looking to use digital fingerprinting technologies that in conjunction with legislation will enable and force ISPs to look for network traffic that matches the signatures. " From the article: " Once completed, Philips' technology--along with related tools from other companies--could be a powerful weapon in Hollywood's increasingly aggressive attempts to choke off the flood of films being traded online."
And ISPs are going to search for fingerprints in encrypted downloads how exactly?
It would be relatively easy for the next generation of P2P applications to add very basic encryption. Possibly based on a captcha (just a regular zip file encrypted against the random letters contained in a gif).
Or will the MPAA's next trick be to purchase legislation banning encryption.
Peer to peer encryption anyone?
Trying to make bits uncopyable is like trying to make water not wet. -- Bruce Schneier
As long as you can get it onto a computer, people are going to figure out how to make it copy it.
Just take the new napster mess where everybody is loading up on free music right now:
Napster/Winamp hack to get unprotected free music
And then P2P programs will start encrypting traffic. What's the point?
While I'm certainly no a fan of the **AA, and I don't believe we need any more legislation, this to me is the least offensive method of combatting piracy. Assuming the technology works properly, this stops the actual illegal activity (i.e., trading copyrighted material) rather than needlessly infringing upon your right to make a legitimate backup or degrading the image with copy-protection schemes.
I've long argued that such upstream measures are unfair. By moving the enforcement downstream to the proximate illegal act, we may be free to legally digitize our collections. Opinions?
that some of the scariest 1984ish stuff would be coming out of the fricking entertainment industry fer chrissakes.
Is it fascism yet?
The only Philips technology I use is CD-DA. Fingerprint this suckers!
Are they then going to just illegalize ssh, so that their fingerprints aren't totally obliterated?
This sort of thing has been around for several years, with Carnegie Mellon University being at the forefront. I've read several papers regarding this, the most interesting being its implementation on the 8255 using PicoJava. It's a shame that research like this ends up being perverted at the hands of the "bad guys".
Even if they managed to get the fingerprinting to work, it is dead easy to circumvent.
Instead of splitting a torrent they way it is done today, just put every N bytes in the first block etc.
Another approach can be to just encrypt each transmission from a peer to another peer with a key unique for that particular connection. XOR will work just fine. (Unless they extract the key of course, but that will require more sophisticated sniffing software).
Imagine the sheer amount of data that has to be processed...
Their war is futile. Lol, you could compare the P2P community to the borg.
"Resistance is futile, you will be assimilated."
All of their new 'tricks' end up being incorperated into nexgen p2p apps. So whats the point; do they really want to fund the nextgen p2p apps by releasing research/specs/documentation on this?
How many file transfers are there at any one moment? Let's say there are 2,000 for each ISP.
How many thousands of computers will the ISPs need? Probably 1 or 2 for each 4GB file transfer in progress, if you want to do it unnoticeably.
Dashboard Widgets
It is sort of amusing that this technology is being developed by Philips, makers of the Philips DVP-642, probably the most pirate friendly DVD player on the market today.
I mean, we all know the MPAA trash-talking is coming. I do seriously hope, however, that the MPAA is working on two fronts with respect to movies and the Internet.
Stopping illegal downloads and uploads of movies is certainly a fine goal, as the MPAA wants to make money. I understand that from a pragmatic, capitalist perspective.
The problem I have is that I have heard little from the MPAA about developing a content distribution mechanism through the Internet. Allowing people to pay for movies online (for a reasonable price) would certainly generate additional revenue. Let's face it, some nights you just want to stay in, and there's nothing decent at Blockbuster. Additionally, being able to pause the movie to take a break for some reason is worth money in sheer convenience.
In any event, the digital fingerprinting technology is a move to stem the file sharing, but unless the MPAA moves towards providing a service as well, it's doomed to failure.
As a side note, does this fingerprinting have uses in areas other than just stopping copyright infringing file transfers (e.g. security applications, firewalling, etc)? As a secondary question, would this mean (as I believe) that the MPAA would try to require ISP's to actively monitor every move I make online?
"legislation will enable and force ISPs to look for network traffic that matches the signatures."
Its a good thing the MPAA can essentially create legislation at will now.
is they think this will make us pay for something we wouldn't otherwise buy. be glad we even listen to the crap mtv produces these days.
All you need to do is encrypt the file with PGP in zip format with another file added in and there is no way to tell what is going across a network.
So they start sniffing networks for bits with the "acoustic properties" of music.
... why? I would not continue to do business with any ISP running this sort of software.
And just by coincidence-- maybe a glitch or something-- they happen to latch on to a VoIP phone conversation I'm having with a friend about a sensitive personal matter. Maybe the dryer's running in the background. And their algorithm decides it's "acoustically" music.
And they send out a subpeona, and they check, and they find oh no, you weren't trading music, you were just using the phone. And everything's dropped, and there's no problem.
But in the meantime my intercepted phone conversation is sitting on a computer at Verizon somewhere.
And this is acceptable
anti-gay-signature.sf.net was not shut down by the MPAA despite the continued erosion of peopels rights in the US.
The open source software removes the tracking that it says violates peoples rights to copy thier own music around with them using thier own networks.
in a pres release anti-gay-signature.sf.net said:
"Hahaha Pwned! How do you like that MPAA?"
I am glad I am not hooked up to an ipod life support machine 24/7.
#hostfile 0.0.0.0 primidi.com 0.0.0.0 www.primidi.com 0.0.0.0 radio.weblogs.com
To the tune of Phish - Reba
Zip it
Encrypt it
digital signatures work no more
There is no sanctuary. There is no sanctuary. SHUT UP! There is no shut up. There is no shut up.
Personally, I don't trade mp3's. But considering the extremist and blatantly arrogant posture that the **AA has adopted leaves me feeling no pity for any losses (real or imagined) that they may have suffered. With this in mind, I refuse to purchase any music or videos anymore... not that anything that gets released is worth a shit (let alone $20) anyway.
If they want to assume an anti-consumer posture, then they can just all go out of business. Screw em.
When all else fails, run.
...P2P apps add ROT-13 encoding of all files. When asked why the creators said "no reason in particular," and then began whistling innocently.
That information has a desire to be free?
We have 1TB disks coming up soon.
I don't know how many terrabytes of released music exist in the world, but I imagine it's a finite number.
We'll probably have 100TB disks, and then 10,000 TB cubes at some point in the future.
Perhaps all the worlds music will fit in the space of a cubic centimeter.
You visit your friend's house, put your cube-disk next to his cube-disk, hit "copy", and then walk home with your copy of the entire world's music.
Really, there's not a whole friggin' lot you can do about that.
Perhaps the possesion of world-music cube-disks will be the next marijuana possesion.
The end of copyright.
Piracy is not stoppable with legislation. They try over and over, but people just like free stuff too much for their silly ideas to work. It is time that a new system for rewarding the creative was invented. Our market economy's system of "buy it don't get for free" just ain't working. on the other hand who can blame them for trying? If there is no gain to be gotten in making stuff due to piracy then why create movies, software and games etc? Piracy could literally kill art-forms if it grew into the rule rather than the exception.
I hate seeing a sore loser with deep pockets trying to buy legislation that infringes on my rights just because it isn't dynamic enough to deal with a 'new' problem. It's clearly time for the MPAA and the RIAA to change their buisness models and stop suing their customers.
Hopefully the ISPs will have more influence than the MP/RIAA here. Some ISPs are spineless and cave in demands for personal information, but some (IIRC, Comcast) have actually taken a stand. Hats off to them, at least.
Yes, you can encrypt traffic over a distributed network, but this could damage most current networks. My question is: since all the extra cpu seconds will be used up by fingerprint detection, having to scan most traffic, are the *AA going to pay for the extra hardware, or is the cost going to be passed down to subscribers?
doesn't seem fair
Is it would be against the MPAA and RIAA backed DMCA to break the encryption and detect the fingerprint.
Read my short stories - You won't regret it.
First I read this story today, and I swear I still want my 5 minutes back from wasting my time reading it. Then comes along this story about the MPAA developing "fingerprinting" technology. I suppose that when someone rips a DVD using DVDShrink or DVDDecryptor or any number of other programs that said program is going to copy said fingerprint wholly intact into the resulting file even if it compresses said file. Then, after I convert it to DivX format, I'm sure the fingerprint is still going to be intact. Then after I transfer it with (Insert any of BitTorrent, WinMX, IRC, FTP, etc, etc, etc, etc) the fingerprint is going to be sent intact without using a fragmented TCP packet. Assuming all this to be true, my ISP is supposed to then pick out this needle-sized fingerprint in a galactic-sized haystick.
This is pure science fiction.
I'm a big tall mofo.
Anyone who actually buys their product. Yes, that's right, the real paying customers will be the one penalized. Just like when you have to sit through an MPAA anti-copying ad at the theater... where you paid to see the movie.
Forget encryption. You could just ZIP or RAR the file and beat that kind of fingerprinting.
Behold, the power of fleas...
Please go fuck yourself. We don't want YOU or the technology YOU invent in our little world. Go fuck with the latest prosti^H^H^H^H^H^H Pop singer movie tie-in
I like muppets.
Your solution is too complicated. All you need to do is a slight file format transforamtion (just uuencode and then zip) will mask the watermarks. I suppose that this could be considered "encrypting" but it is almost the same as using ROT13 "encryption."
The dogcow says "Moof!"
Would this undermine anonymous, decentralized P2P?
If you can see it or you can hear it, it can be manipulated or copied.
I suppose they either think they can outsmart the rest of the world or they're obligated to put up some type of resistence instead of rolling over and playing dead.
Wouldn't this digital "fingerprint" just be erased/garbled when it is encoded in a different format, like, say, DivX or XViD?
And who exactly is going to pay for the Equipment to scan all IP packets? I'll be DAMNED if the government forces ISPs to pay out of their own pocket book which then has to be passed down to the consumer!!!
...
MPAA
1. Get government to pass laws.
2. Get government to force consumers to pay for equipment the ISP needs to enforce MPAA cartel.
3.
4. Profit WITH YOUR FUCKING TAX DOLLARS!
Life is not for the lazy.
I agree with someone else when p2p starts encrypting content and or using steganography this sort of technology is irrelivant.
Also irrelivant unless every ISP across the world adopts it. Interesting that RIAA, MPAA, Disney and all the others are so obsessed on this sort of thing, when they really know it's doomed.
I often wonder on the real cost of so called piracy anyway. Are these really lost sales ? I bet a huge amount are people who wouldn't pay anyway.
These sort of things are always unpopular with paying consumers too. Does anyone actually care about DVD region stuff anymore ? No. How many patches are out there to render your DVD drive region free ? Zillions. It's almost normal now.
Anyway apart from being intrusive and snooping, this new technology is a pointless idea. The sooner all content creators realize that the war against this sort of thing is effectively over and lost and just accept it and move on the better for them and the consumer.
I say that as a content creator myself who works very hard, but all this DRM and intercepting traffic with digital finger printing other shit is just really crap and creates a bad image for everyone who makes film/video/music/animation whatever.
It seems to me that the MPAA and RIAA are spending more time and money making the Internet and digital technology conform to their will than they are figuring out how they are going to exist in it. It's like traveling to another planet where animals, birds, fish, and other wildlife are already thriving yet insisting to not only keep your spacesuit on, but running around and trying to put one on everyone who's already figured out that you can breathe there.
I wonder if these fingerprints can be designed to be detectable in an encrypted file? Given that the MPAA knows the pattern of the data itself (the music) and the fingerprint, it seems possble that ghosts of that known data would be detectable in the encrypted data. I remember a cautionary tale of encrypting images with a particular implementation of DES. If the image contained large expanses of pixels of an indentical value, the outline of the image appeared in the bits of the DES-encrypted output.
Although good encrytion should make it impossible to recover unknown bits in the original file, it seems to make no gaurantees that one can't detect the presense of known data (of a sufficiently clever pattern) in the encrypted file.
IANAC, so any expert comments about why known data is made irreversibly invisible by encryption would be appreciated
Two wrongs don't make a right, but three lefts do.
It surprises me that no one has mentioned freenet so far. Although I believe that freenet itself is condemned to fail, it certainly sets a standard as far as privacy and encryption are concerned. http://freenet.sourceforge.net/
http://www.ourmedia.org/
http://www.unmediated.org/
etc... just google for it... Get involved in your public access TV today.
There is already concern about the nature of copywrite... now they will slow down the entire internet to suit their needs?
These guys going down!
A good use for ROT13 :)
- Adam L. Beberg - The Cosm Project - http://www.mithral.com/
If the MPAA stopped chasing people around, redeveloping obsolete technologoies as seen here, and throwing lawsuits at anybody within a 1500 miles radius, imagine how many millions of $ it could save. If I owned a movie production company, I would rather be given a portion of this hard cash, than have the MPAA (purporting to be acting in my interests) frittering away cash on lawsuits against P2P users.
Also worries me, that in this time when Bush harps on and on about "the threat of international terrorism", America's premier crime fighters, the FBI, have nothing better to do than to be the MPAA's personal army.
P2P is here to stay, no matter how many pathetically useless slogans the MPAA gets its PR company to think up.
"Illegal Downloading - Inappropriate For All Ages" or "You can click but you can't hide". Purlease. It would be a beautiful irony if they got sued for ripping off other people's mantras.
Wont someone figure out how to remove the finger prints? Isnt that law unconstitutional(invasion of privacy)? This hole thing seems like its going to fail horribly.
Musical Artists make most of their money from concert sales. Most of them have prohibitive contracts where all of the money ends up in the hands of others. If an artist is good, people go to their concert.
Read my short stories - You won't regret it.
If the ISP's are operating as common carriers how are they going to "Force" them to look for this type of traffic ? If this is the case how long will it be before every company that has "IP" (MPAA, RIAA, Proprietary software vendors) forces isp's to monitor for traffic that matches their fingerprint ?
How embarrassing... What hope do we have, when the MPAA/RIAA pushes these schemes that are so easily defeated by overlaying simple encryption. When you see the effort, time and dollars being spent on such frivolous plans, it really hits home how out of touch these organisations are.
I liken their plight to the alchemists trying to turn lead into gold. The only sure thing is, their being taken for a ride by law/anti p2p firms and companies like Philips Technology cashing in on their ignorance.
Sadly I don't expect them to see the light anytime soon.
Area51 - We are watching...
A lot of us who follow the scene are becoming increasingly inclined not to partake of the *AA's kool-aid at all anymore. How long before Joe Average Consumer follows suit?
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
"Or will the MPAA's next trick be to purchase legislation banning encryption."
You mean like what the NSA did with the exporting of encryption?
IANAL and IRECTAL, but why do ISPs have to then shoulder the responsibility of policing all this traffic and enforcing this proposed law? I don't think it could even be accomplished, considering how many ISPs are out there, and how hard it would be to make them all put in the same effort and follow the same procedures. It seems to me the only way to force such an internet-wide filtering scheme would be to pass all the data through a government server (or servers), and that's not going to happen considering how everyones so used to things being the way they are now, infrastructure-wise.
The MPAA/RIAA need to realize that these measures they keep proposing time and again are futile. Even if your ISP started policing your traffic, you could switch to a smaller ISP that's being more lax in its enforcement and is "below the radar".
And how does the MPAA propose getting these digital fingerprints onto ALL media? And how long would it take for someone to figure out how to strip the fingerprint from the file?
When it comes down to it, *any* DRM in audio files is defeatable by playing it back on a high quality speaker and re-recording it with a high quality recorder. A similar set-up could be used (with more difficulty) for video I suppose as well.
The MPAA/RIAA need to change their tactics in a big way and figure out how they can give the market what they want at a price they want, so that everyone who's downloading movies and music today decides that the MPAA/RIAA's new way is easier, and downloading isn't worth the hassle. I think one of the big things they're releasing is that people will pay more for special features and other things that add value to their product which are simply unavailable online.
The MPAA/RIAA's realization will come, I just don't know how many more years it will take and how many eras we need to go through (Usenet era, Napster era, Kazaa era, BitTorrent era) before they realize that people out there are innovative enough to come up with a new filesharing means, always. Maybe the current crop of CEOs and managers need to be gone before that will ever happen.
1984 was all about people who could not make any choices, were limited with who they talked with or what they did. 1984 was about government enterning the homes of people, following them on dates, and making sure the person did what government wanted. 1984 was also about re-writing history, changing history. i see lots of this 1984-esq happening today? call me a troll if you wish, but the parent has a point. bush attacks iraq because of wmd, not because saddam was a bad guy. one year later, the history books say we liberated iraq because saddam was a bad guy. back in the 1980's it was well known that aids was a homosexual disease, that spread to heterosexuals only because of drug use. yet because of what is considered politically correct, if someone mentions that aids was created by gays, that person would be labled everything but truthful. and something even more simple. i was talking with a person about how crack came on the street, it was common knowledge that hoover's fbi created it and distributed it to poor black neighborhoods. yet today, you won't find that truth anywhere. yes. it is 1984. it has come here. government will soon be putting that metal cage with the big rat around yourhead, and the rat will feast on the ears and eyes. i am paranoid because i know government can read these posts, and might come for me next.
Rosco: "If brains were gunpowder, Enos couldn't blow his nose."
Until someone invents something like ssl... oh...
^^
"Trying to make bits uncopyable is like trying to make water not wet. -- Bruce Schneier"
And yet the essence of the GPL'ers argument against using the BSD license is that bits can be locked up.
And don't give me the same, lame story about music being overpriced, crappy, one good song and twelve fillers on the CD, etc. etc. If you don't like it, don't buy it. It's not AIDS vaccine. It's music. You're not going to kak without it. In fact, it's all pap, so you'll be better off without it, right?
Yeah, yeah, the labels were nailed for price fixing. They paid the price. Two wrongs don't make a right. Move on.
No, I'm not a musician, and I'm not with the RIAA, and I have nothing to do with whatever other conclusion to which you're about to jump.
I think what the MPAA and RIAA wants to do with p2p is not to shut it down (because that will be an impossible goal), but to make it so hard to copy stuff that 99% of the people will not want to even try. People will get on-line, look for a few websites, try to make a copy, and when it fails, three hours later, they will say fuck it. They did it with napster when they flooded them with mp3's that had high pitched noises in the music, or worse, gave you a loop of 10 seconds of the song. It was not usable. Then they went after torrent websites, leaving a few left that you have to register with.
I suggest that everyone who wants music go to the library and copy it while you can. Who knows what the RIAA and MPAA have comming down the pike.
Rosco: "If brains were gunpowder, Enos couldn't blow his nose."
Just encrypt. Problem solved.
You are encrypting all your traffic now, right?
---- Booth was a patriot ----
"that some of the scariest 1984ish stuff would be coming out of the fricking entertainment industry fer chrissakes."
It's funny how a group of people so wed to the "evolution is king" philosophy, would then expect their crimminal actions to not have negative consequences.
Most big companies tend to get a little schizophrenic. They are so large and have so many divisions doing different things that literally the right hand doesn't know what the left is doing. Thus you can get seemingly contradictory situations like a company producing CD burners and technology to stop CD burners (Sony).
We have implemented a box at work that monitors all traffic for 'stuff', and its slowed us down significantly. Regardless if its Internet web traffic or simple SQL queries on internal servers.
Having this stuff mandated on our isp will just about kill our connection. ( and raise costs ) Between this and spam it will drive people off line ( which might be their ultimate goalanyway, cant download if you arent on the 'pirate-net' )
---- Booth was a patriot ----
Yes, they can.
The DMCA makes a whole lot of statements about copyright circumvention. But not much of anything about encryption. This is why CSS, with its laughably weak encryption, can be used, and anyone who pokes at the gaping goatse vulnerability-hole is then liable for horrible, horrible damages.
If you're not using encryption to protect your copyright---and if you're not selling all those "vacation" JPEGs and school papers, it's damn hard to show copyright damages---the DMCA is mute on this issue.
It is designed to protect copyright holders, not to protect anyone who uses encryption.
--grendel drago
Laws do not persuade just because they threaten. --Seneca
Man....tinfoil hat on too tight?
Why you do, dear consumer/taxpayer.
Who else always pays?
---- Booth was a patriot ----
Testing that against a known file is trivially simple. Simply take two blocks, and subtract them. You'll have (A+XOR)-(B+XOR) = A-B. If you're going to, use proper encryption. With OpenSSL it is fairly easy anyway.
Kjella
Live today, because you never know what tomorrow brings
I would think a way to go would be to use some low-grade form of encryption using random keys that aren't known to the end-user. Something that would be trivial to break on a user's home system, but would be impractical for the ISP to process on a large-scale.
Is this feasable, or would it just turn into an arms-race of "who has the bigger processor"?
i am paranoid because i know government can read these posts, and might come for me next.
It's not paranoia if it's true.
We're watching you buddy.
This would require massive amounts of computational power and an entire "sub-internet" devoted to tracking copyrighted material.
The ISP's would scream bloody murder.
And Comcast has as much pull with congress as the MPAA.
for an ISP to deal with the pressure behind the situation: "If we can't read it, we won't pass it across our portion of the Internet."
All too do-able in the hyper-paranoid post 9/11 US of A...
Afraid yet?
Take the 90-Day Challenge! http://rwmurker.bodybyvi.com/
"Its a good thing the MPAA can essentially create legislation at will now."
*shrug*
Why not? Crimminals obviously feel they can write vigilante defacto "legislation" for their agenda. The MPAA/RIAA is just more visable with their actions and agendas.
I am shocked by the lack of common courtesy and intolerance of dissent in this forum. So far I have been called stupid and deemed an idiot for not immediately jumping on the "MPAA is fascist" bandwagon.
So far, I have only been subjected to ad hominem attacks. No intelligent debate. I do not believe in this proposal. I am a member of the ACLU, LP, and EFF. However, I believe everyone has a legitimate right to invite discussion.
Well, they wouldn't catch DC++ transfers since those are already compressed nowadays...
The AACS key is NOT 0xF606EEFD628B1CA427BEA93A9CA9773F
There's no morality when dealing with corporations.
The MPAA/RIAA has proven they will do whatever they can to make sure they profit by buying laws, judges, and whatever else it takes.
Against that kind of opponent, the little guy has to do whatever it takes just to stay even.
Although it is for small groups, WASTE is an example of what can come. http://waste.sf.net/
I read the article and maybe I missed it but I didn't see anything that mentioned legislation forcing ISPs to use this software. It also seems that simply encrypting the file would render attempts at finger printing worthless.
"Perhaps they do, but the truth hurts and these organizations REALLY want to believe that it is possible to use technology to solve what is essentially a social problem (i.e. the Piracy Problem). So their judgment will remain clouded by their desire to achieve mutually exclusive objectives."
And that's different from all the articles on the latest "how to hide from the consequences" P2P technology, how?
Wow, is this a kind of an april's fool or something? I don't even think I need to comment much on the infeasibility of this...
Next thing you know, the RIAA will be solving NP-complete problems in constant time or something...
The AACS key is NOT 0xF606EEFD628B1CA427BEA93A9CA9773F
It's actually very loosely based on a Stephen King book (published as Richard Bachman)...but very loosely. The plot was heavily changed for the movie...the only real similarity is the character names. The book had the main character signing up because he was poor and they promised his family free money as long as he survived, and ended with him crashing a 747 into the building shown in the movie.
A thief, bitching and crying about the quality of the goods he steals.
This is where the other part of their tatic comes into play:
Embedded DRM features in all chips..
So even if you do goto a friends house, you wont be able to download his copies.
---- Booth was a patriot ----
Greedy men build new system to catch people who will never buy their products. Men with a differnt opinion break it. Personally if I pay to go see a movie one time I don't feel any need to pay for it again.
Hot diggedy damn. I agree. Personally I think all media should be illegal in out great country. It's too tempting and might corrupt young people. It might also give terrorists ideas. The RIAA and MPAA are good Americans. And we must outlaw all storage like hard drives and CD and DVDR in case a terrorist accidentally copies something onto it. Damn. And then we should round up all swarthy looking types and send em to Guantanamo Bay for torture just in case they ever heard of p2p apps which are illegal.
Let's nuke iran too.
Iran is in Mexico.
Either that's really fucking awesome, or you just figured out a way to make ten thousand Slashdotters all get baby powder on themselves.
I suppose I'll go acquire some baby powder and find out.
Either way, kudos to you.
--grendel drago
Laws do not persuade just because they threaten. --Seneca
I'd better hope that we evolve from the "buy buy buy" mindset. The downfall of corporate generated cookie cutter music/movies may actually generate more creative art, and indie stories. The true artists don't generate creative work for money .. they do it for self expression.
Anybody remembers SDMI and their watermarking? It was touted as a solution for everything in the same way and failed miserably. Obviously MPAA does not learn from the mistakes of others and Philips goes where the money is (even though the stuff is doomed from start, somebody pays the research, no?).
Expect "digital fingerprint remover" software to appear in the digital 'black market' as soon as this thingy is implemented.
:( :(
Then expect conversations like this to appear in bash:
[Joe]The MPAA is knocking at my house!
[1337-0]Hahahahahah you forgot to remove the fingerprint?
[PhantomZero]ROFL! Pwned!
[Joe]It's NOT funny! I have to go, bbs
[1337-0]bbs, or bbl... way l?
[PhantomZero]LMAO!
Anne_Caliguiri@mpaa.org Add to Address Book
Dear Oliver,
Thanks for your e-mail.
While Peer-to-Peer (P2P) networks allow for a great deal of opportunity
for distribution of entertainment, P2P networks unfortunately enable
massive amounts of pirate activity.
When people upload or download others' copyrighted works, that is, in
fact, illegal. There is nothing illegal about P2P technologies, if
you're sharing work that you have the rights to share. But, most
commercial works you find available on P2P networks (e.g., albums you
find in stores, movies you find in theatres or stores) were not posted
there legally.
It is only this illegal activity that the MPAA is fighting against. We
will continue to embrace technology and the opportunities it offers
responsible citizens using it legally.
Thanks again for writing, and please let me know if you have additional
questions.
Anne
thank God the internet isn't a human right.
They will find a way to strip the fingerprint just like they did the drm from itunes music.
No it is NOT! You're just funnin' me, ain't ya?
John, seriously..you are ill. Get help
It's a joke that I for once actually laughed out loud at.
These fingerprints would be in the raw DVD data, would they not? So when it's lossily compressed with DivX, the fingerprint will be gone.
MPAA negotiating with ISP's to do this is perfectly legal (if we ignore the 4th amendment issues involved). however, buying legislation to force ISP's to sniff everybody's bandwith (which by itself is bordering on violating the 4th amendment) is totally a violation of a fair political process. instead of congress being a representation of the people, it instead represents whoever has pockets deep enough to buy what legistation the moneybags want, screwing over John Q. Public
What I think this will boild down to at the end, is that fingerprinting technology would be simply used to identify the source of the copy. Most of the films are released by a relatively small number of groups which have to get the "original" somehow. When you know where the movie came from, it's much easier to identify the reponsible party. I think that the movie studios are beginning to realize that it is very very difficult to prevent idividual people from downloading movies etc..So they will try to eliminate the "supply". In any case this whole movie/music business reminds me of the US's drug war..
Huh what you talking about ? Damn. In Iran they eat dogs and small children. And Saddam created a dirty bomb that spread AIDS. It's all in the intelligence our wonderful and clever President had.
Now we must ban all p2p and file sharing. But first we must ban files. Files are dangerous. They could contain terrorist information. But then our wonderful companies like Microsoft work hard for the American people to make our files as safe as possible, but still you never know.
After Iran it's Syria. Syria is in Hawai like Iraq.
It'll be interesting to see how they'd manage to pic up a fingerprint in a file that has been chopped into tiny blocks, downloaded in any old order and paused and resumed dod knows how many times. Also, its wouldnt be hard at all to mangle any such fingerprint by simply re-encoding the video.
Right, assuming that there would be people daring to do it. That's the problem MPAA are fixing and probably in 10 years the punishment for though^H^H^H^Hcopyrightcrime would be so severe that nobody would risk.
Never thought I'd be so glad to be in Mexico. Hope my Lokitorrents downloads were done back in Michigan, though...
--Jim (me)
The opinion of the Supreme Court in the Betamax case (Sony v. Universal) was that Congress had the power to enact new statutes to make the Betamax precedent obsolete. No constitutional issue was found against banning time-shifting.
And no, the President can't stop a bill with bipartisan support. Not that he would, but people are too quick to blame President Clinton for the DMCA and the Bono Act when both bills clearly had enough support in both houses of the 105th Congress to override any presidential veto.
Well, it gets better... If you RTFA, you can see the quotes I posted on my other comment in this discussion:
r eshold=1&commentsort=0&tid=158&tid=126&mode=thread &cid=11663529
http://yro.slashdot.org/comments.pl?sid=139331&th
The AACS key is NOT 0xF606EEFD628B1CA427BEA93A9CA9773F
Until you produce a recording of the above compositions, the only space required to store them is the algorithm you've described above, which fits into the eminently finite space of one Slashdot post.
Even if we accept that computers can produce an infinite number of pieces of released music, the number already in existence at any moment in time is finite. The number of items of proper, human-created music that someone would conceivably want to listen to is still finite, and smaller.
Therefore, a sufficiently-large storage medium can hold all the music created and available at a given point in time.
If your comment title says 'Re: Foo', I'm not likely to read it.
Let's say, I compress a DVD (mpeg-2) to Xvid, and I share it with the world. My compress isn't going to have that fingerprint; So if the *AA downloads the compress I make, adds a watermark or fingerprint wouldn't they be publishing it to the world themselves? Isn't this refered to as entrapment?
till then it would be already illegal
NO THEY DON'T! They eat couscous and goats. I know - I saw it on TV once. And the Pro Bowl sucks anyway, so let them nuke Hawaii.
"spamming" their system with fake packets that match some/all of the fingerprint? Basically, just generate so many false positives that it becomes useless to them...
--- Asking inconvenient questions for over 30 years...
Bittorrent is 30% of internet traffic.
You mean BitTorrent transfers are reportedly 30 percent of Internet traffic. If ISPs can identify the content of a .torrent file or the tracker communication, they can detect contributory infringement by analyzing much less traffic.
You know that you have to show damages to be awarded money, right? You can't just demand mad cash money because "it's mine and he took it without my permission".
If you never had a sale or even an intent to sell your work, how do you propose to show damages?
--grendel drago
Laws do not persuade just because they threaten. --Seneca
"This topic is absolutely chock-a-block with discussions about which burglars' tools work best to fuck over and steal from our neighbors. What next, discussions on how to cut through school zones and take kindergarten-age hostages to elude the police during a high-speed chase? "
I look at it like this. A discussion on how to preserve the privacy and liberty of those of us that do not commit copyright violations. Allowing this is like allowing the cops to tap my phone becuase my neighbor was caught committing a crime. It's unacceptable.
Steve's Computer Service, Hobbs, NM
Wait, I'm a little fuzzy on this 'statutory damages' bit. You mean you somehow get automatic money, despite having no conceivable real damage to yourself? Not even the debatable damages of lost sales?
Damn. I'm going to copyright everything I own and leave it in a public place with a "do not take" sign on it, then sue people to the four corners of the earth. Thanks!
--grendel drago
Laws do not persuade just because they threaten. --Seneca
Meaning there will be more music.
There exist a finite number of distinct melodies in western tonal/modal music. (Pedants: Most xenharmonic musical scales map cleanly to one of the seven western modes.) After a point, every possible song that isn't a cover of a pre-1923 classical piece will be copyrighted to one of the incumbent multinational music publishers.
There's no stopping this type of online movie/song sharing. So they can fingerprint mpeg and avi formats? We move P2P servers offshore, change format, etc. So suppose they come up with some crazy encryption and DRM that nobody can break (yeah right)? So what? All audio/video has to eventually be played, and I'll be sitting right there with my computer hooked up to the audio and video out jacks of my player re-recording the copyrighted media to a more suitable format to share with my friends.
A "little" off my own topic since I submitted the story....but the result of this I would imagine would be that p2p will start using SSL to encrypt the traffic (I put this in my text blurb for the story...but slashdot editors chopped it). Anyhow...this will NOT only defeat the MPAA, but MANY universities use trafic shapers to fingerprint Bittorrent and p2p traffic to keep it from saturating their bandwidth to the Internet. SSL encrypted p2p will effectively make packet shaping these services impossible.
The number of items of proper, human-created music that someone would conceivably want to listen to is still finite, and smaller.
So what happens once all listenable melodies are already copyrighted? Then what incentive will songwriters have to create? Without such an incentive, will there be a reason for copyright anymore?
People that don't buy from [the MPAA and the RIAA] are not their customers.
Really? So what happens when I hear ASCAP/BMI/SESAC/RIAA-owned music in the grocery store? Don't my grocery dollars pay for licensing performance rights to such music? Is there a feasible way of avoiding funding the companies that license their songs and recordings to Muzak?
Maybe they should lower their prices. That would raise their sales (if a product is good enough(!)), while reducing illigal downloads.
/not/ continueing with all those copy protection schemes might actually net them more money. Those copy protection schemes won't work anyway.
If I walk into a shop and have to pay EUR 19,99 for a single music CD (quality doesn't matter for the price) and EUR 39,99 for a single game (again: quality doesn't matter), I'm more likely to download it. Simply because it's too expensive.
Lowering their prices and
The more drastic the solution the more it encourages customers to turn to more open offerings. That will encourage independent and low-budget filmmakers to release their movies without the draconian tagging in order to get wider distribution.
Unless you really enjoy watching the same unimaginative, forumla-driven dribble acted by the same faces over and over.
For every action like the MPAA wants there's an unforseen reaction. Bean counters keep painting themselves into the same dead end. There must be a class called How To Kill Mature Industries in business schools.
The MPAA is becoming the MSFT of entertainment.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Of course, my right to "fair use" will stand, so I can make backup copies and time and format shift for my own personal use.
You figure it out.
No, that's not it.
The RIAA and the MPAA want to crack down on P2P because they want to eliminate the only really serious alternative distribution channel that threatens the way they make money. (I.e. by shoving shit down our throats with aggressive marketing and control of popular culture; "all movies suck but since there isn't anything else I guess I'll go see alien vs predator") Real pirates, the ones that actually cause significant market effects with their goods, are the ones in east asia with the CD and DVD stamping plants. Hell, those ones don't even need to break any sort of encryption on a DVD to stamp out their wares -- data is data, after all.
These are the same ISPs who can't manage to do source-IP filtering, to keep forged packets from coming out of their networks.
I had a chat with someone who knows more about this than me. It seemed to me that with iptables, source-IP filtering is next to trivial. But "real" routers can't do it worth spit. They have all sorts of hardware assists for the destination packet, but very little for the source packet. As a result, source-IP filtering turns into a major CPU hog.
Even though it would be a "simple" thing to do to clean up the Internet, they can't do it. Others would argue that most ISPs aren't smart enough to even understand the problem, much less how to implement a solution.
And the MPAA wants them to institute universal man-in-the-middle?
The living have better things to do than to continue hating the dead.
Doesn't it occur to anyone that there are already about a billion (my guess) songs already copied and floating around. What do they think will happen to these?
Thanks of the link, it was very informative.
Even with CBC, I still see a vulnerability. If you inject a pattern in the file with foreknowledge that it will be encrypted with a CBC system, then you can probably influence both the encrypted pattern of bits on the output of the first block and the injected pattern of bits on the second block to create a knowable pattern of encrypted bits on the second block. Repeat as needed to propagate some detectable pattern all the way through. I suspect that stream cyphers might be susceptible to this too based on similar arguments. I suppose the encrypter could permute the blocks, pad them, or munge the data to break this, but I do wonder.
The key is that the MPAA has full access to the original file -- they are the creator of the file, after all. Also, the MPAA does not need to break the key or even reconstruct the file. They only need to determine, to some judicial court-decided level of probability, that the file is suspicious and provides probable cause of investigation. That seems like a condition not considered by traditional cypto proofs. Its like the fast Miller-Rabin algorithm that can detect prime numbers with some probability - it can't prove a massive number is prime, but it can make someone confident that it is.
Admittedly, file sharers could just create a moving target -- using one crypto method for a few weeks and then switching methods once the MPAA change the crypto-leaking fingerprint. This turns the system in to an arms race with the speed of designing, building, and installing the algorithms being the determining factor for victory.
Two wrongs don't make a right, but three lefts do.
Ever wonder why they call them "border" routers?-)
Routing isn't exactly a computationally cheap job when there's millions and millions of packets going through the interfaces on any given minute. Add to that attempted encryption detection (as opposed to detecting data that's merely _compressed_; the two appear very similar if you have no headers to look for and no time for a detailed statistical analysis [which tends to gobble up the RAM and CPU cycles real good]) and you're pretty much bogged down.
Besides the fact that this would also block things like electronic banking. It would never fly, especially with ISPs doing the bare minimum to comply with any law as it is.
Argument: any complex system that can be easily defeated by the enemy at much lower cost is a losing proposition. For example, if the enemy can overwhelm your expensive missile defense system with cheap decoys, it's not worth the effot. Or if simple changes in encryption can defeat your signature sniffing within days of deploying it, then it's a big waste of time and money. Wait a minute, on second thought you should go right ahead with that, MPAA. Yes, it's a great idea!
If they do read slashdot for a free technical review, they can hardly ignore the same points raised over and over again:
1. Technically infeasable and economically ruinous for ISPS to scan all network traffic (unless you want to pay them for their trouble, MPAA? you could indemify us all for the resultant Internet slowdown perhaps?). You've been told so many times, you can't be that stupid.
2. Copy-protection can always be broken. It's like King Canute live action when I go to see a movie and be insulted by MPAA movie-theft ads.
3. If you drive the people to encryption, a lot more than your precious assets will go byebye, it will bring down the gravy train for everyone else, and won't they thank you for it.
Using Occam's Razor I ask which is more likely: that they either don't read slashdot or do so in such a way as only read it for the pictures.
insecurity asks the wrong question irritation gives the wrong answer
I suppose you could always put some of your own copyrighted works on the same hard drive. :-)
Karma: It's all a bunch of tree-huggin' hippy crap!
So when someone is ripping a movie.... they are going to rip a digital signature which will survive: 1. Several file convertions and recodings 2. being split into 22mb piece and then compressed 3. being sent in tiny pieces in a random order
Like I've said before, the only way to stop people from copying the music is to prevent them from playing it. Ever.
Yes encryption would defeat the watermarking scheme... but wouldn't there be something even easier?
Specifically, wouldn't any watermarking be lost in the process of converting from MPAA licensed stuff (i.e. DVDs, stuff shown in the theaters) to the files people download? If there was a digital watermark, I believe it would be erased in the process of encoding the file with Divx, xvid, or [insert favorite video codec here]. If the watermarking were, say, a special frame of movie, it would look different digitally depending on which codec was used, even if it looked the same on the screen.
Granted, I'm not an expert in cryptography/watermarking, so I would love for someone with more knowledge to support or contradict my argument...
why don't these bastards go back doing their damn business? In the past 2 weeks I've seen 2 incredibly overhyped massively crummy films; this christmas season there wasn't one film one, good enough to get a couple buddies on the phone and arrange for a trip to the cinema. I'm not a compulsive thief, this week I've bought 3 albums online and guess what? None were RIAA and sound great, strange isn't it? I've wasted part of my disposable on shit, it burns, and I'll revert to extreme prejudice mode for as much as I feel necessary. My wallet is always open for quality stuff... they should appreciate if I get a taste of their product for free... (for them, mind you... it's self targeting free advertisement)
Mi domando chi à il mandante di tutte le cazzate che faccio - Altan
lets ignore the increase in computational power, MITM attacks require the attacker to _know_ the encryption alogorithm. If [insert your favorite p2p app] supports plugin type encryption modules, a select group could write their own encryption module and keep it in their little circle. This would effectively keep the ISP from MITM (unless the module gets leaked)
Second is the ISP has to recognize that the people are encrypting it, if someone engineered a different handshake protocol, then this could become troublesome for the ISP to MITM.
The MPAA will always go for the biggest targets, but people are dispersing onto smaller, closer knitt communities. I currently use two, one that uses IRC and another that not even google caches. The little groups could easily implement their own encryption methods thus keeping safe from the idiotic MPAA.
Will someone come out with a version so that I don't accidentally download the same albums again and again?
"Sometimes a woman is a kind of religion, she can save your soul & set you free from all your sins" - Bad Examples
along with related tools from other companies
What platforms are going to be supported? Are they going to mandate which OS I can run on my ISP?
What about the security implications of having someone elses code running on you server? What's the MPAA going to do if a bug in their filtering software is used to compromise a server?
What about performance? Privacy? How is this going to affect ISPs customers?
This is getting more and more ridiculous. I agree that 'piracy' (your definition may vary) is a Bad Thing and should be stopped, but there should be a line bejond which an indistry can't expect protections for it's business model.
Technology makes new industries, but it also destroys old ones.
For a long time proto-processing labs have had steady income processing 35mm film.
Now that digital cameras are becoming common-place, there is less need for them. Some are adapting, some are closing.
They are not, however, passing a law that mandates people make hardcopies of digital photos so that they can stay in business!
If 'piracy' is such a problem, maybe stop releasing movies and restrict customers to theaters. The only reason piracy is a problem is because they want to use the available technology to make more money, but then they complain when others use the same technology to save money!
[/rant]
Until one or more fingerprints databases leaks or get hacked. Knowing what they're looking for makes it easier to hide.
ROT13 all downloads. N times. De-Rot until file becomes valid.
:-)
Open your home wireless Network. Oops, someone else downloaded it
you filthy troll
The day Iran consumes your neighbors and relatives with an atomic weapon of mass destruction, will you regret having made such a ribald jest?
"The pestilence of file "sharing" (aka THEFT)"
You mean "copyright infringement." You can believe in the media conglomerates' hype all you like, but the law says otherwise.
They can't do it with what's in place today.
Most large P2P content comes in a zip files, which have 40 RAR volumes of 3 Ripped CD ISO's, which, even in the completely unrealistic scenario of being all decipherable by any commercial product, will be stripped of all CSS, Macrovision and future watermarking or any other annoyance bits in the first place by the guy who ripped them.
All that, of course, on P2P protocols such as donkey and torrent, that most commercial products such as Checkpoint FW-1 don't yet scan on application level (and I'd wager new protocols will arrive sooner than app-level scanning implementations for existing ones in these products). P2P does NOT use HTTP and FTP.
*WHAT* precisely are the ISP's expected to scan for that will successfully differ legal from illegal content on any modern network, and using what tools?
These attempts to control information by dinkhead suits who watch too many episodes of NCIS is amusing in a pathetic way.
They just don't get it, you cannot control information with the Internet around. No more than you can control the consumption of oxygen on the planet. It is completely unenforceable.
And even if all of this was remotely and conceivably close to somehow being financially, politically and legally feasible to enforce (which it is a long long long way from), even if encryption was somehow moved out of the way, FreeNet is always lurking in the darker shadows underneath the mainstream P2P networks, always waiting for people to be forced to use it...
-
Quote frankly I'm having way too much fun with books at the moment. Real, Dead Tree Format books. There's some great stuff being produced, not like the pap that is a "blockbuster" movie.
I walked away from new music ages ago. I neither buy new stuff nor download anything. Because I also don't listen to the radio (*shudder*), I have no idea what music is out there. Thus I don't buy any. I'm watching less and less TV, I don't download movies and I don't go to the cinema. Movies are coming out now, I don't know what they are. When I do finally find out about them, I wonder why anyone pays money to see them, apart from being able to say they paid money and saw them.
Heaven knows no self-respecting slashdotter would ever want to get WET! :)
Mal-2
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
Sheesh- What a dumb thing to do. So what, they have _yet ANOTHER_ digital signature they can use. Big deal. People will just strip it, zip it, or stuff it in a wrapper and it will fly right on by without anyone the wiser. Those idiotic, bone-headed lawyers are just gonna hafta wake up sometime and smell the Internet-- just like it rolled over half-a-dozen other industries (uh, publishing, software, IT, porn, you name it) its gonna roll right over them too. And I say "HA"-- in fact, I'll say it twice more "HA HA". Screw 'em. To slightly paraphrase Carly Fiorina-- there's no GOD-GIVEN RIGHT to be RICH AND POWERFUL in America anymore.
But anyone notice this crap happened right after Bush took office? Napster was shutdown and had to go ligit, alternative P2P programs pop-up, and now **AA is trying to make laws so they can control their copyright content at the expense of our privacy. If their music/films were so important to them and they want profit, why not lower prices on DVDs, stop giving actors upgodly high salaries, and stop annoying their customers?
Site seems to be gone. Was it a joke (which would suck, I'm looking for just that so I can move legal files to an MP3 player), or did you just speak too soon?
soon I won't be able to send my calculation of the value of Pi to my friends..............
Why don't they just have advertising in the movie and charge the advertisers on how many people watch the movie. The MPAA thinks they know all so they should know exactly how many people go to the show, purchase & download the movies to charge accordingly. Then we all win :)
Instead of going on for a hundred messages about the miniscule details of P2P, encryption, and the rest, let's assume that the MPAA can stop P2P and think of what the effects would be and the unintended consequences.
So... Assume that someday,
Super DRM is in place on Hollywood movies. When you download a Hollywood film, they have a record of the film and the PC address that it went to.
Now what are they going to do? Will they just have an automatic robot prosecutor (like the photo-radar that automaticly sends you a speeding ticket)? What will the fine be? $100,000 per movie? And what if no one pays? Do they automatically link to your bank account and deduct $100,000; or $10,000; or maybe just 50% of whatever's in the account? Will they have the ability to automatically garnish your wages so that 35% of whatever you earn for the rest of your life goes to them before taxes?
And just exactly how many people do they think that they are going to do this to in a country that has more guns than people before the leader of MPAA gets his pointy-little head blown off?
There are millions of people out there trading movies. Not one thinks that there is anything wrong with doing it. Not one thinks that the movie that they just spent hours downloading for a crappy little image is worth paying hundreds of dollars for, never mind hundreds of thousands of dollars. If they did, then they would pay $20 for the DVD. Or ten dollars to go to the theater and watch it.
So, what are they going to do? Have a lottery?
They gather data on 100,000 movie downloads and then pick one at random. Throw every lawyer in Hollywood and this poor schmuck, destroy his life, and require you to watch a five minute summary of it in the theater between the Pepsi ads and movie previews?
And if they did do this? Would it make their basic product any better? Would you be more willing to shell out $12 to go see White Cop, SmartAss Black Cop XXXIV and the local 12 screen multiplex? Or the latest braindead-on-arrival CGI cliche-ridden mess from a film industry on auto-pilot?
There are thousands of movies made each year. Hundreds of them are good and some are mind-boggling excellent. Most will never get seen by the people would be willing to pay real money for the opportunity to enjoy them.
P2P is the only way that Hollywood is going to get this vast reservoir of good movies together with the willing and eager audience. Frankly, P2P is the only way that Hollywood is going to be around fifty years from now.
I wish I could say to these people to just take their head out their ass, stop trying to fight the future, and start paying attention to all the people who are seriously interested in keeping the Hollywood entertainment industry in good health through this period of epic change.
But I don't really have much hope for them anymore. Hollywood is its own worst enemy, not the P2P film freaks.
Every dictionary I can find lists "feb-yoo-airy" as *at least* as common as "feb-roo-airy". I suppose you also pronounce sword with a W, almond with an L, and often with a T? There's a such thing as "silent letters" in English you know, genius.
Dlugar
Computer Go: Writing Software to Play the Ancient Game of Go
- Forward compare against known encoders output. Take a song, run it through a decoder and then compare the mp3 with byte for byte, or a hash over parts of it.
- Basically, run the decoder backwards and output a wav file. This is then hashed over various parts and checked.
Now if they are really smart about it, they will embed differing water marks in the music and then insist on sale company DB access (with the right lobbying (or maybe it has already happened), the PATRIOT ACT will be used to force open corporate DB's and the company will not eb allowed to tell you). The encoding/decoding will destroy some of the water mark, but not all of it. If there is enough, then they can start tieing uploads to ppl. Yeah, it will be groups of ppl, but it will allow them to narrow the ppl list and ultimately use this info to approach the ISP via PATRIOT ACT and force open the communication.If you are an encoder AND a trader, you would be wise to pay cash and to use varying servers/protocols.
I prefer the "u" in honour as it seems to be missing these days.
When I see stories like this, I don't understand why people can't understand what's happening in the USA: fascism. Monopolistic companies buying (read: bribing) laws to cover their asses to avoid doing real work and truly compete in a marketplace. The most likely problem is that most people don't know what fascism is. Benito would be proud. Orwell would just say "figures".
When you look at the state of the world, how can you not become a radical, liberal anarchist?
some 16 yr old "foreign" kid will break this, get sued and yet another multi-million dollar technology will fall.
Instead of wasting all this money on "technology" like that and useless super-rich actors [who just don't know the value of a dollar anyways] get studios to hire real talent, at realistic salaries and not go through millions of dollars for a face.
The truth of the matter is if the "scripts" that are sold today were of any substance it wouldn't matter that much who played the role as to the quality of the story. Take XXX [the one with vin diesel or whatever his name is...]. Any 6 ft tall well built person with a shaved head could play that role. Fucking Steve Austin could have played it...
Why did it have to be "Mr. Sir. Knighted. Greater than thou. Vin Diesel?" oh that's right, cuz the script was shite and they're relying on some stupid half recognizable face to play the role.
So instead of investing the money in questionable DRM companies [watermarking is a form of DRM in my books] that are fly-by-get-attacked-and-change-their-name companies and stupid faces who can't act pay to get REAL stories that are of substance.
The problem is essentially it's a business. A studio may only get 2-3 really decent scripts a year but they feel they must pump out 20 movies to saturate the market mind-space with their corporate logos and shit. Sometimes you gotta face reality and just do a good job.
Whatever... I can't wait till the DMCA is applied to someone from europe again...
Tom
Someday, I'll have a real sig.
So they add watermarking? They'll catch the average person with a digital camcorder, but sophisticated pirates? No way. Technologies can be developed (and probably exist) to find the difference between two or more video sources, so all you'd have to do is get two or three people filming the same movie from approximately the same angle, then you merge them and figure out which ones are different.
the *iaa can cram it.
they started treating EVERYONE like thieves.
So why not act like it? Live up to our label.
Until the riaa/mpaa bends over and literally kisses my ass. I say screw them. They started pissing off REAL customers who never pirated anything ever. Once they did that i said screw them. And started "stealing" all my media.
If they are gonna treat everyone like a thief. You might as well download everything. The outcome is the same. And its for free.
If the CEO is worried about getting his pointy-little head blown off, then they ahould just sue the european file sharers.
MPAA: "We're the MPAA, nobody move!"
Europeon:"What? Who? Never heard of you, get out!"
MPAA: "Lower your trousers, bend over and brace yourself!"
Europeon: "Oh, so you're the government! Why didn't you say so? Okay!" (complies)
MPAA: "Whoo, yeah!"
Europeon: "Thank you sir, may I have another?"
They whose government reduces their essential liberties for temporary security, receive neither liberty nor security.
there will be folks who produce files with the requisite filemark such that the XXAA will be required to show in court that they have no rights to the material produced. If the "hacker" community has an IQ over 40, this will amount to much more than 50% of all files published on those "evil" networks.
So, what on Earth are you waiting for?
RHCE; are you certified? Karma: ambiguous.
At the first of being told "this is old news", the other day I stumbled on a company in the business of running "Listening posts" for digital watermarking of music and commercials. This is a service that sends daily reports back to ASCAP, BMI, MPAA, RIAA, advetisers, etc indicating every time that some watermarked media was detected (and royalties are due or confirming that purchased advertisements have really been run)
http://confirmedia.com/index.cfm
It sounds like what they are asking for (without necessarily understanding the technology) is to expand this concept to IP based traffic.
Final 2006 "Proof of Global Warming" US Hurricane Count -> 0
It's not a waste of the movie industry's time, as they won't be the ones coding.
The people who code it will be paid for their time, so it won't be wasted effort for them.
The movie industry has $millions to piss away so they won't miss money they would otherwise piss away on coke/advertising/'actors'.
They whose government reduces their essential liberties for temporary security, receive neither liberty nor security.
Either use a fairly weak encryption key (64 bits might do, I don't know) or send every other byte in the file, seek back to the beginning and send the remaining bytes. I don't see how this is an effective tactic against piracy, the days of unencrypted p2p will be ending anyway.
Mute (google for 'mute p2p') is one good example of a next-generation file sharing network (there's a range of 512-4096 byte keys available) and it doesn't link to a central server, doesn't give out your ip address to mute routers. The only problem is it just doesn't seem to have much content.
If you want to start at ISP level to look for fingerprints... sharing programs will move towards traffic encryption. Good luck with the outlawing of encryption, others tried it before.
Yeah, how are the MPAA et al going to watermark the pirated copies? They'd have to watermark every version (true there are only a few out there) and then get it uploaded onto the P2P networks. But the P2P software would recognise the file as being different from the original.
Ooh - If they do manage to corrupt copies of files with this watermarking - what's to stop the P2P networks searching for it and not allowing that content to be uploaded?
I suppose that when someone rips a DVD using DVDShrink or DVDDecryptor or any number of other programs that said program is going to copy said fingerprint wholly intact into the resulting file even if it compresses said file.
Yep.
Then, after I convert it to DivX format, I'm sure the fingerprint is still going to be intact.
Yep.
Then after I transfer it with (Insert any of BitTorrent, WinMX, IRC, FTP, etc, etc, etc, etc) the fingerprint is going to be sent intact without using a fragmented TCP packet.
Yep.
Assuming all this to be true, my ISP is supposed to then pick out this needle-sized fingerprint in a galactic-sized haystick.
Yep.
Seriously. Fingerprinting and watermarking is some really groovy shit. It can always be removed eventually, but it takes serious effort.
I bet they'll just inspect packets and flag filesnames that contain *xvid*, *divx*, *screener*, *.avi, *.bin, *.iso, *vcd*, etc.
"digital fingerprints" my butt.
The US government keeps extending copyright to keep Mickey Mouse in copyright.
The ISPs will be legally required to do man in the middle attacks. When you start up an SSL connection they will accept it as if they were the destination and then make a request to the destination for a connection. They will then pipe all info between the two connections through their fingerprinting program, and then pipe the approved data to you and to them. None of this will ever happen.
This will never happen, for many reasons, not the least of which being that it wouldn't work (the destination URL and encryption keys would not match - the ISP cannot intercept the communication). Politically, you must remember, the MPAA would have to wage a war against the banks to get this through. And I don't care how tough the MPAA is, when they go up against financial institutions they will loose.
The reason that it can be true that 1+1 > 2 is that very peculiar nonzero value of the + operator
I am glad the MPAA is doing this and I hope legislation is passed forcing ISPs to add sniffers to their networks.
Why? Because the amount of encrypted traffic on the Internet will explode and we will get closer to a truly private Internet network (as apposed to our very PUBLIC Internet today).
The reason that it can be true that 1+1 > 2 is that very peculiar nonzero value of the + operator
I believe the digital fingerprinting in this case may be more of an individualized watermark that uniquely identifies an individual purchaser. So, for instance, if you buy a copy of Star Wars online, it will watermark the movie with a unique identifier that links in some database to you. This watermarking may be noticed by network sniffers, but the more important aspect of this is that if a copy of Star Wars with your id in it shows up all over the place, the MPAA knows who to sue.
If all this were was a tagging on movies to tell they were movies, it would be a PHB joke because it would take the movie swapping public exactly 10 seconds to add encryption. I'm sure the MPAA knows this.
The reason that it can be true that 1+1 > 2 is that very peculiar nonzero value of the + operator
Ack, change " any connections connecting to "
to " any NOT connections connecting to"
Dang it, don't know why I skipped over that, although I think most would figure what I meant.
I read your comment with a sense of awe that you know both so much and so little simultaneously.
When establishing an SSL session, the first thing that happens is the receipt of the certificate of the destination party (e.g. I am the client, I request the certificate of the server).
The certificate is signed by a certificate authority, such as Verisign, who has presumably done some basic research on the company - the idea is that Verisign has verified that the target company is real. Inside of the certificate is the URL of the destination server and the public key of that same server.
At this point, I (the client), know three things for sure that could not have been faked (unless Verisign was tricked into creating a bad certificate): I know the URL of the destination server, I know the public key of the destination server and I know the identity of the controlling party of that server.
When establishing an encrypted session, I use the public key of the destination server to encrypt my own communications to establish a session key. The address I connect to is the URL found in the certificate. There is no opportunity in this exchange for a man in the middle attack, unless that man in the middle has the private key of the destination server.
So, sorry, you are just wrong.
The reason that it can be true that 1+1 > 2 is that very peculiar nonzero value of the + operator
Wikileaks, no DNS
needs to be slain. Is anyone with me?
GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation.
this 'posting less on slashdot' new years resolution is not going well. Anyone else have any ideas?
Slashdot requires you to wait 2 minutes between each successful posting of a comment to allow everyone a fair chance at posting a comment.
It's been 1 minute since you last successfully posted a comment
GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation.
Hasn't she given me legal advise (all be it incorrect).
and isn't that against the law in the USA if you haven't taken the passed the bar.
How do I know she must be wrong... well these two sentences contradict each other...
"When people upload or download others' copyrighted works, that is, in
fact, illegal."
"There is nothing illegal about P2P technologies, if you're sharing work that you have the rights to share. "
thank God the internet isn't a human right.
The logic of this is just wacked... I want some of this super mega ultra crack there smoking in Hollywood.
Even simpler than that, Alice is Mallory from the MPAA.
ok so rat on your frinds and neighbors.... don`t be suprised if you see more and more how people are encouraged to "do the right thing" (obey blindly) and turn in those who aren`t .....
Encryption is not impossible to break, so their is a flaw straight away that they can store ur packets and un-encrypt them, and ur caught. Using very large keys can make it practically impossible in the current era of un-encrypting the data, however this will place more load on both processors at each end. But with current CPU's this should be achievable, however if you had a network card (firewall) with built in encryption that could take the load off the personal CPU. But till they start producing network cards with options to set algorithm encryption and the key for particular ports then the personal CPU will be taking this load.
Overall this is quite possible, but the middle-man problem with them being able to read keys passed back and forth will make all the effort useless. The solution to this is to either to go through a third party for the keys OR to mask/hide/increase complexity/make uncomputable the key. Masking it would be to mask your IP and port when sending the message so when the server does not think the packet came from you and hence lets it got through. Another way is to make it look like other data, however if it's a standard of hiding then this is can easily be predicted by the servers. You next option is to send an encrypted key within an encrypted package and so forth back and forth 10 or more times such that for a server to keep up with a packet enrypted 20 times could be unfeasable, or even using random keys of short length which the computers have to hack, or even using both techniques. Finally your last option is to make it so a computer can't read the key. This can be done using an image where the key is written in the image with other words and letters and dots making a computer even with OCR unable to figure out the key from the image, however this means every time u start a new encryption with someone you will need to be physically at the computer and type it in.
There are other examples to the main ways of securing encryption, the best method is obviously using a combination of all of the above, however the most feasable may use just a couple.
So using these methods you can make encryption over the internet as secure as the keys you are passing and the only way to be caught out is if they target you and brute-force and hack the encryption key, or make sure they catch all your data to catch the key. But if your being targeted unless you have seperated hidden lines of internet connection there is no way around this, and hence we are able to make encryption over the internet as secure as the encryption itself.
But realistically for anyone to monitor the internet completely across international barriers and country wide, is currently not feasable and highly illegal.
Secondly as far as watermarking information, unless you have the original to remove such insignificant watermarks can be very difficult. Even using a filter to make all colours in appropriate, the water mark could be hidden as an extra thick line, or anything. The only solution to this is too avoid the copy ever reaching the MPAA to check using encrypted memorykey harddrives such that all data in and out is encrypted to a point that only the top super computers could un-encrypt it within insignicant time.
Finally the internet is the only place where freedom to communicate to the world is allowed, and should be maintained hence if we need to break protection to keep the roads of the internet free for driving whateva cars we want whether it be legal, illegal or just a bunch of conspiracy theories. As far as copyright laws are concerned, they only slow down progress and grease people's pockets, and should be removed and replaced by a system where a small tax amount is sub-divided into royalties to each person's creation relative to it's impact, and everything is not copyrighted or charged or restricted for use/sharing.
P.S. Finally to note that the MPAA is actually cutting their own throats as the people that I know that actually use the internet to get illegal movies, actually have some of the biggest paid for legal DVD collections, and use the internet to view before they buy. This might not be the same worldwide, but this is what I have found and 'BETA' has proved.
Who'd a thought that the MPAA would actually become the technology arm of the FBI. Goodbye 4th ammendment.
Mallory must use the same public key every time, otherwise Alice or Bob will notice something fishy when they reconnect in future.
For this reason, Mallory must either keep a database of every user and the corresponding fake key to use, or always use the same fake key on all connections.
If Mallory always uses the same key, then that key could become known, also all Alices would share the same key which would become suspicious to the Bobs.
The database idea is big and all Mallorys would have to share the same database.
Otherwise Mallory must rely on Alice and Bob not looking too closely at keys, or their software not looking too closely at keys, or communications between an Alice and a Bob being one offs and not repeated.
Of course, in the latter case perhaps the MPAA/RIAA have good cause to go after you. For communicating between friends, the man in the middle attack is far harder. You can always check fingerprints in person and build up a PGP like tree of trust. Currently too much trouble for many users, but if the MPAA/RIAA push harder, I expect many users will find themselves becoming far more competent in applied encryption.
Time to go buy a gun... .357 mag has about 500).
A 12 gauge slug in a 3" shell will penetrate most bulletproof vests at short range. Even if it doesn't, the 2500+ foot pounds of kinetic energy will break bones, put down your target and keep it down for a while (a
If that doesn't work, get a 10 gauge.
I reccomend the "Christian's Guide to Small Arms" for mre information.
1q2w3e4r5t6y7u8i9o0pqawsedrftgthyjukilo;p'azsxdcf
There's no such thing as "privacy laws", just like there's no such thing as "free speech laws".
The default condition, at least in a (putatively) free society, is freedom. This includes one's right to privacy. It's only necessary to create laws in order to limit or erase these rights away.
So when you see a bill with a corny name like "USA PATRIOT", ask yourself, "Why do I think I don't already have this right? If I don't have it, where did it go to?"
Us, and them..
We're all missing the point because the *AAs really, really do _know_ that fingerprinting can't possible be made feasible (and that copyprotection is a way off being cleaver enough to be unbreakable). Really - some of you are on their payroll. You told then it can't work, and they're not ignoring you! But - P2P / any and all other evil file share systems are the domain of the few - and music sales are the result of the many. Most people don't download illegal music / movies. The *AAs are just trying to keep people out of the scene. My (legal!) Kazaa usage dropped right about the same time as the RIAA suits came out.
This latest piece from them is another scare tactic designed to keep the uninformed (i.e. nobody reading this..) from delving into the realms of illegal music(TM).
They (*AAs) also missed the point - on two scores:
1) As much as they scare, they also raise the profile; not out of sight, not out of mind.
2) The money and time spent of this line of attack is a waste, and is also burning their credability with record companies (hey - they aint getting the job done) and with the rest of the world. Ops - Two stones, one bird.
Really - calm down - there will be no fingerprinting, ISPs will not be real-time scanning all our precious data, and even if the do introduce watermarking - whos gonna care? Knowing the source of a pirate version does not make it *poof* disappear..
Companies may be uniform, collective beasts - but they are made from people and where there are people there is chaos and passion and a whole lot of 'fuck you too' which guarantees anyone who wants pirate movies until they have to move to a bigger house with more storage space.
The whole thing is like prohibition - we just need somebody with some sense to come in and change the viewpoint so we can see the blindingly obvious solution. (it's not me. stop waiting.)
it is simpler than alot of people thing, i remember reading a long time ago about a digital watermarking that survived not only compression and distribution, but also physical caming in the theater. That having been said, i call the last two yups out. Lets say we have a rar compressed divx of a movie ( a faily common distribution). if your downloading over bittorrent for example, and your getting say 256k chuncks from each seed. the isp would need to construct enough of the rar file so that SOME video could be extracted (depending on rar methods this is a good size) then extract some of the video from the rar file, and THEN using visual recognition software go through the actual image formats and detect the watermark. Yes this is possible, HOWEVER, this would require a very statefull packet analizer, capeable of gathering parts of the rar files ariving far out of order and from multiple sources. now think about the scale of media downloaded on the internet by users, think about the ram overhead of that would be required to achive this, and then look at isp's bottom lines. something doesnt match here.
Remember, those folks were sued for distributing. Say they sent pieces of a movie to a hundred people. (Yet they get sued for the whole thing; bear with me.) Now, the idea is that those hundred people clearly wanted the movie, and would have paid $24.99 retail for it. Thus, the record company has just lost sales of $2499. So there's their 'actual damages'.
This may sound silly, but Bob publishes a book and puts it on sale for $4, and you copy it without permission and sell a printed copy for $3... well, clearly you're making money that Bob has a right to.
--grendel drago
Laws do not persuade just because they threaten. --Seneca
"they started treating EVERYONE like thieves."
I've asked this question on every single "we hate the riaa/mpaa" story and NO ONE HAS GIVEN AN ANSWER!
Which came first. The piracy and then the crackdown, or the crackdown, and then the piracy?*
*And I'm not just talking about music either.
Do what I do when it comes to dealing with replies to my commentary: ignore those that you deem unworthy or irrelevant. You are not required to respond, you know, and taking offense is fruitless. There are many who are willing to be reasonable (like me, most of the time.) Interact with those, and pay no attention to the conversationally inept types with the jerky knees.
Just FYI, hereabouts it's generally assumed that your opening remarks are indicative of your actual position on the issue. Playing Devil's Advocate on a hot topic will generally get you in trouble unless you make it clear that that's what you're doing.
The higher the technology, the sharper that two-edged sword.
You could use the interlock protocol.
..)
It works as follows:
(1) key exchange -> ISP is man-in-the-middle, so he gives Alice his own poublic key instead of Bob's.
(2) Alice encrypts the message she wants to send, but only sends half of it, so that a attempt to decrypt it without the other half results in gibberish (How this is done depends on the cipher, whether it's a stream cipher, etc
(3) Bob sends one half of a message he wants to send Alice.
(4) Alice sends her 2nd half, so that Bob is able to decrypt her message.
(5) Bob sends the 2nd half of his message, so that Alice can decrypt his message.
If the ISP is man-in-the middle he can't read the message, so he has to invent a new message which he sends to Bob, because he has to reencrypt it!
That way, if the ISP decides to switch the public-keys, he has to invent _new_ message all the time, so Alice and Bob won't even communicate with eachother during the session!