Slashdot Mirror

← Back to Stories (view on slashdot.org)

MPAA Developing Digital Fingerprinting Technology

Posted by Zonk on from the following-in-your-tracks dept.

Danathar writes "The MPAA is looking to use digital fingerprinting technologies that in conjunction with legislation will enable and force ISPs to look for network traffic that matches the signatures. " From the article: " Once completed, Philips' technology--along with related tools from other companies--could be a powerful weapon in Hollywood's increasingly aggressive attempts to choke off the flood of films being traded online."

5 of 544 comments (clear)

  1. Computer = COPY by BoldAC · · Score: 4, Informative

    As long as you can get it onto a computer, people are going to figure out how to make it copy it.

    Just take the new napster mess where everybody is loading up on free music right now:

    Napster/Winamp hack to get unprotected free music

  2. Re:Encryption by CodeBuster · · Score: 5, Informative

    This wouldn't work with public key encryption.

    sure it would, that is the whole point behind the man-in-the-middle attack. It was discovered as a weakness in key exchange protocols such as diffie-hellman which rely upon exchange of public keys between previously unknown parties who do not use a trusted third party to manage public keys. The premise of the man-in-the-middle attack is that an intermediary intercepts the public keys (which must be transmitted in the clear) during the exchange protocol before they reach the intended recipients and substitutes his own public key instead. Then when the symmetric key is computed by the recipients during the key exchange (using the man-in-the-middle's public key) all three of them, both recipients and the man-in-the-middle, will have the secret symmetric key and the entire session will be compromised. Moreover, the recipients will have no idea that the man-in-the-middle exists because they had not previously exchanged public keys. The solution to this problem in practice has been to have a trusted third party repository for public keys, such as Thawte, which signs public key requests with its own private key to verify the origin of each public key. However, this requires central registration and management of keys, something which is unlikely to be palatable to P2P users for obvious reasons and thus the man-in-the-middle problem will persist when computing session keys for encryption on P2P networks. Man in the Middle is somewhat difficult to implement in practice, but not impossible (ISPs would make the perfect men-in-the-middle), so this is not merely a theoretical possibility.

  3. Re:Hmm, wouldn't... by thpr · · Score: 5, Informative
    No. If they take the 4 or 5 most significant bits across a song and perform (for example) an MD5 hash of them, then any encoding mechanism (MP3, OGG, etc.) would still result in the same hash. Same goes for video.

    The stupid part is that even trivial encoding changes (zip) much less encryption (DES, AES, PKC) render this useless. The way around that is actually doing application layer filtering on data, and I with them luck with that. Besides encryption still getting around this in many cases, the CPU time required to do near-real-time layer 7 processing of ALL of the packets going through an ISP is obscene. (remember this type of filtering requires persistence of those packets for a period of time in order to reconstruct the resulting media, because the few bytes in a single IP frame probably isn't enough to know if it's media). Such investment would drive every ISP except Microsoft bankrupt.

    What the MPAA is really pursuing right now is watermarking (mentioned later in the article). They have proposed altering each image that goes to different movie theaters or DVDs (especially previews that go to the MP Academy), etc. By watermarking the image against a master (of 'neutral' color, it is possible to determine which copy it came from even if it has been re-encoded.

    The alteration is of certain items in the image. It is not on the magnitude of a least-significant bit (which different encoding schemes would then garble). What these watermarking systems do is change it by a number of bits, and do so in a recognizable fashion. In a scene, this might change brightness of the clouds, or the brown of the ground, etc. The net is that a distinct watermark can be created on the image. By altering different items in different films (and at different times), the net result is indistinguishable to the watcher; yet when the 'master' is known to the MPAA, the patterns can be distinguished to determine the source of a pirated copy of a movie or song (regardless of how it might have been re-encoded - unless it's at REALLY low quality)

  4. Re:While You're Bitching ... by shark72 · · Score: 5, Informative

    "For decades they conspired on prices and you claim they "paid the price"?!"

    The price-fixing settlement was not as a result of "conspiring" for "decades." Here's what happened:

    1. A couple of "big box" retailers (Wal-Mart, Best Buy and the like) started selling CDs at a loss, or for extremely low margins, as an inducement to get people into the stores and buy other high-margin stuff.
    2. This started hurting a few music-only chains (Tower Records, TWE and one other that slips my mind), who didn't have an acre of high-margin children's clothing or computer equipment in the back of the store that allowed them to sell CDs at a price that competed with Wal-Mart and Best Buy.
    3. Tower Records, et al complained to the record companies (notably Universal) that Wal-Mart and Best Buy were putting them out of business.
    4. In response, Universal started a "MAP," or "minimum advertised price" program. Universal gave Tower, et al. funding for advertising (in newspapers and the like) with the stipulation that the advertised prices didn't fall below a particular point. In case this concept seems familiar to you... lots of other industries do it, including the computer peripheral industry.
    5. Best Buy and Wal-Mart noticed this and complained to the government.
    6. The government smacked Universal around a bit.
    7. Wal-Mart and Best Buy had the last laugh.
    8. Tower Records filed for bankrupcty.

    The winners here are Best Buy and Wal-Mart. The losers are the traditional record stores and indie stores that continue to get squeezed out of the business by Wal-Mart and their loss leader prices on CDs. The record companies probably don't mind; other than sending out some settlement checks and sending some crappy CDs to some libraries (as you've mentioned), this didn't hurt their bottom line. They were selling CDs to Tower Records for the same price that they sell to Wal-Mart.

    You should be happy about this if:

    • You don't mind buying your music in Wal-Mart (sadly, for many people reading this, Wal-Mart is the only place they know to get music, and they'll never know what it was like to have that cool indie record store in town before Wal-Mart put it out of business.) Can't beat those great Wal-Mart prices, particularly if you like Shania Twain!
    • You don't like MAP pricing programs. In that case, one industry down (the record industry) and lots more to go. This battle is fought one step at a time.
    • You subscribe to the "what's good for Wal-Mart is good for America" philosophy.

    You should be unhappy if:

    • You miss the old days when indie record stores and stores like Tower were more prevalent, and you wouldn't mind paying a few extra bucks for more selection and the opportunity to avoid going to Wal-Mart for your music.
    • It bothers you that the computer peripheral industry still uses MAPs. Doesn't bother me, as that's the industry I'm in. MAPs are great.

    The bottom line is that anybody who thinks that the price-fixing settlement was a strike against big business and a win for the little guy is mistaken. They're probably still chuckling about it at Wal-Mart headquarters in Bentonville.

    --
    Sitting in my day care, the art is decopainted.
  5. Re:Encryption by 42forty-two42 · · Score: 4, Informative
    Trivially broken:
    1. Alice sends her public key K(a) to Bob.
    2. Mallory intercepts K(a) and passes his own key, K(m) to Bob
    3. Bob sends H(K(a), K(b)), k(b) to Alice
    4. Mallory intercepts H(K(a), K(b)), k(b) and replaces it with H(K(a), K(m)), K(m)
    5. Alice computes H(K(a), K(m)) and sees that it matches.
    The problem is that neither Alice nor Bob know each other's keys, so they cannot differentiate between Mallory and each other. This is not circumventable. No matter what, Mallory can negotiate two seperate connections with each of Alice and Bob, and simply relay, unless one of the two knows the other's key.