Slashdot Mirror

← Back to Stories (view on slashdot.org)

MPAA Developing Digital Fingerprinting Technology

Posted by Zonk on from the following-in-your-tracks dept.

Danathar writes "The MPAA is looking to use digital fingerprinting technologies that in conjunction with legislation will enable and force ISPs to look for network traffic that matches the signatures. " From the article: " Once completed, Philips' technology--along with related tools from other companies--could be a powerful weapon in Hollywood's increasingly aggressive attempts to choke off the flood of films being traded online."

11 of 544 comments (clear)

  1. Encryption by Odo · · Score: 5, Insightful

    And ISPs are going to search for fingerprints in encrypted downloads how exactly?

    It would be relatively easy for the next generation of P2P applications to add very basic encryption. Possibly based on a captcha (just a regular zip file encrypted against the random letters contained in a gif).

    Or will the MPAA's next trick be to purchase legislation banning encryption.

    1. Re:Encryption by mickwd · · Score: 5, Insightful

      Maybe the MPAA's next trick is to publicise some scheme they're thinking of using, letting it get published to Slashdot, reading what Slashdotters have to say, and using this to help decide on its viability, before investing any serious amount of money in it.

      Free technical review.

      Doesn't anybody else here think that occasionally someone from the "usual suspects" (Microsoft, RIAA, MPAA, etc) might read what some of their "opponents" are saying about them ? Especially when people here openly post how they will get round what the organisations concerned are trying to achieve (rightly or wrongly).

    2. Re:Encryption by CodeBuster · · Score: 5, Informative

      This wouldn't work with public key encryption.

      sure it would, that is the whole point behind the man-in-the-middle attack. It was discovered as a weakness in key exchange protocols such as diffie-hellman which rely upon exchange of public keys between previously unknown parties who do not use a trusted third party to manage public keys. The premise of the man-in-the-middle attack is that an intermediary intercepts the public keys (which must be transmitted in the clear) during the exchange protocol before they reach the intended recipients and substitutes his own public key instead. Then when the symmetric key is computed by the recipients during the key exchange (using the man-in-the-middle's public key) all three of them, both recipients and the man-in-the-middle, will have the secret symmetric key and the entire session will be compromised. Moreover, the recipients will have no idea that the man-in-the-middle exists because they had not previously exchanged public keys. The solution to this problem in practice has been to have a trusted third party repository for public keys, such as Thawte, which signs public key requests with its own private key to verify the origin of each public key. However, this requires central registration and management of keys, something which is unlikely to be palatable to P2P users for obvious reasons and thus the man-in-the-middle problem will persist when computing session keys for encryption on P2P networks. Man in the Middle is somewhat difficult to implement in practice, but not impossible (ISPs would make the perfect men-in-the-middle), so this is not merely a theoretical possibility.

  2. Forget it by Karamchand · · Score: 5, Insightful

    Trying to make bits uncopyable is like trying to make water not wet. -- Bruce Schneier

    1. Re:Forget it by Anonymous Coward · · Score: 5, Funny

      Analyzing humor is like dissecting a frog: Nobody really enjoys it and the frog generally dies as a result. -- E. B. White

    2. Re:Forget it by tfoss · · Score: 5, Funny
      Only on slashdot would you find someone arguing against 'water is wet.'

      -Ted

      --
      -=-=- Quantum physics - the dreams stuff are made of.
  3. This will work.... by russint · · Score: 5, Funny

    Until someone invents something like ssl... oh...

    --
    ^^
  4. Re:Hmm, wouldn't... by thpr · · Score: 5, Informative
    No. If they take the 4 or 5 most significant bits across a song and perform (for example) an MD5 hash of them, then any encoding mechanism (MP3, OGG, etc.) would still result in the same hash. Same goes for video.

    The stupid part is that even trivial encoding changes (zip) much less encryption (DES, AES, PKC) render this useless. The way around that is actually doing application layer filtering on data, and I with them luck with that. Besides encryption still getting around this in many cases, the CPU time required to do near-real-time layer 7 processing of ALL of the packets going through an ISP is obscene. (remember this type of filtering requires persistence of those packets for a period of time in order to reconstruct the resulting media, because the few bytes in a single IP frame probably isn't enough to know if it's media). Such investment would drive every ISP except Microsoft bankrupt.

    What the MPAA is really pursuing right now is watermarking (mentioned later in the article). They have proposed altering each image that goes to different movie theaters or DVDs (especially previews that go to the MP Academy), etc. By watermarking the image against a master (of 'neutral' color, it is possible to determine which copy it came from even if it has been re-encoded.

    The alteration is of certain items in the image. It is not on the magnitude of a least-significant bit (which different encoding schemes would then garble). What these watermarking systems do is change it by a number of bits, and do so in a recognizable fashion. In a scene, this might change brightness of the clouds, or the brown of the ground, etc. The net is that a distinct watermark can be created on the image. By altering different items in different films (and at different times), the net result is indistinguishable to the watcher; yet when the 'master' is known to the MPAA, the patterns can be distinguished to determine the source of a pirated copy of a movie or song (regardless of how it might have been re-encoded - unless it's at REALLY low quality)

  5. Wow! by rbarreira · · Score: 5, Insightful
    The trick is to make that identification process work even if the file is compressed, turned into a different computer file format or otherwise changed slightly. For a song, this means basing the fingerprint on the music's acoustical properties, rather than on the ones and zeros that make up a given digital file.

    The video process is similar, but would use visual characteristics of individual video frames instead of audio qualities.

    A good fingerprinting technique must be able to identify the movie even if parts of it are being downloaded out of order, or if some bits have been cut out, Maandonks said.


    Wow, is this a kind of an april's fool or something? I don't even think I need to comment much on the infeasibility of this...

    Next thing you know, the RIAA will be solving NP-complete problems in constant time or something...
    --

    The AACS key is NOT 0xF606EEFD628B1CA427BEA93A9CA9773F
  6. Re:Made by Philips? by chris_eineke · · Score: 5, Funny
    probably the most pirate friendly DVD player

    Yeah, it's used to play DVD-Arrrrrrrr's. :-)
    --
    "All you have to do is be fragile and grateful. So stay the underdog." Chuck Palahniuk, Choke
  7. Re:While You're Bitching ... by shark72 · · Score: 5, Informative

    "For decades they conspired on prices and you claim they "paid the price"?!"

    The price-fixing settlement was not as a result of "conspiring" for "decades." Here's what happened:

    1. A couple of "big box" retailers (Wal-Mart, Best Buy and the like) started selling CDs at a loss, or for extremely low margins, as an inducement to get people into the stores and buy other high-margin stuff.
    2. This started hurting a few music-only chains (Tower Records, TWE and one other that slips my mind), who didn't have an acre of high-margin children's clothing or computer equipment in the back of the store that allowed them to sell CDs at a price that competed with Wal-Mart and Best Buy.
    3. Tower Records, et al complained to the record companies (notably Universal) that Wal-Mart and Best Buy were putting them out of business.
    4. In response, Universal started a "MAP," or "minimum advertised price" program. Universal gave Tower, et al. funding for advertising (in newspapers and the like) with the stipulation that the advertised prices didn't fall below a particular point. In case this concept seems familiar to you... lots of other industries do it, including the computer peripheral industry.
    5. Best Buy and Wal-Mart noticed this and complained to the government.
    6. The government smacked Universal around a bit.
    7. Wal-Mart and Best Buy had the last laugh.
    8. Tower Records filed for bankrupcty.

    The winners here are Best Buy and Wal-Mart. The losers are the traditional record stores and indie stores that continue to get squeezed out of the business by Wal-Mart and their loss leader prices on CDs. The record companies probably don't mind; other than sending out some settlement checks and sending some crappy CDs to some libraries (as you've mentioned), this didn't hurt their bottom line. They were selling CDs to Tower Records for the same price that they sell to Wal-Mart.

    You should be happy about this if:

    • You don't mind buying your music in Wal-Mart (sadly, for many people reading this, Wal-Mart is the only place they know to get music, and they'll never know what it was like to have that cool indie record store in town before Wal-Mart put it out of business.) Can't beat those great Wal-Mart prices, particularly if you like Shania Twain!
    • You don't like MAP pricing programs. In that case, one industry down (the record industry) and lots more to go. This battle is fought one step at a time.
    • You subscribe to the "what's good for Wal-Mart is good for America" philosophy.

    You should be unhappy if:

    • You miss the old days when indie record stores and stores like Tower were more prevalent, and you wouldn't mind paying a few extra bucks for more selection and the opportunity to avoid going to Wal-Mart for your music.
    • It bothers you that the computer peripheral industry still uses MAPs. Doesn't bother me, as that's the industry I'm in. MAPs are great.

    The bottom line is that anybody who thinks that the price-fixing settlement was a strike against big business and a win for the little guy is mistaken. They're probably still chuckling about it at Wal-Mart headquarters in Bentonville.

    --
    Sitting in my day care, the art is decopainted.