AVS Forum banner

Status
Not open for further replies.
1 - 20 of 22 Posts

·
Registered
Joined
·
4,129 Posts
Discussion Starter · #1 ·
A broadcast flag can limit the distribution of so-encoded digital media by capture within the Internet backbone or its tenticles. Even though this is a very large undertaking it is clearly easier than modifying and monitoring every end-user device for compliance (logically, physically, and politically). There are also numerous financial opportunitues with such an alliance/police state, but this is an implementation thread.


Shrouding flagged material (e.g., encryption of a file containing flagged material) while a threat, does not completely break the security. First, in the bigger market (the one they are really after) JSP does not have the wherewithal to do such things. Still, a market of simplified tools to handle the dirty work could/would develop, much the same as Macrovision devices have found prominence today. This would take many, many years to reach critial market mass, but we/they assume it could eventually be an issue and ask, to what extent does shrouding bend/break the flagging in the longer term?


In a manual system, I (clearly a member of the conincident sets named consumer and pirate) capture all of season 1 of "The Catz Azz" series*, de-commercialize it, and want to ship it off to my friend who doesn't get the Kitty Porn Network (KPN). Well, he can, but it is sooo expensive. Anyway, I'm a smart thief and I know that the thought police will easily capture the files if I send them, so I call my friend (well, maybe 3-4 friends) and tell them that I will e-mail it or put on my website in an encrypted form (thus shrouding the flag) and I tell them that the password is the name of the second episode ("Frisky and the Big Snake"). Sure enough, unless they happen to tap one our phone lines and mail, four... ok, six, copies make it out to KPN non-subscribers. But the size of the "kitty click" remains relatively small. The larger the click, the better chance that it will be discovered.


Digital exchanges of this nature will in all likelyhood bear some "signature", generic or specific, for which the e-police can watch (e.g., very large binary transfers, known risk access points, etc.). Further, in an automated system shared by large numbers of people, the means by which the key required to unlock the flagged material is known by all participants (or their software) is by subscription to the group, content interogation, or other means (that's how the technically naive JSP gets access to it). There are "games" that can be played by the traders (e.g., file splitting, etc.), but their inner circles can be easily, and stealthily, penetrated (the larger the group, the easier the task). Combined with a "scanning signature" profile, much of the content could be captured, sender logged, etc. An entire management system can be built to monitor ISP compliance (sending test files through access points that should be secured), etc.


It would be expensive to do this because of the compute power required to perform these scans. But this is easily remedied with an Internet Tax. That's right, we all get to help ensure the safety of their material. Look for it on your phone, satellite, or cable bill, because if you have one of those, you might have Internet access... and you're definitely a thief... or will be.


Comments?


*Seriously, just as I had to think of a name to put there, I looked toward the window and there was my cat's azz! Ha!
 

·
Registered
Joined
·
56 Posts
There is no way to prevent distribution of digital data on the net, short of shutting down the system altogether.


No matter how the material is encrypted, you can always re-rencrypt it in a way that it becomes undetectable by any filter, no matter how smart.


File size limits are not enforceable either. A file sharing network like gnutella splits the file among thousand of users, so no single big size transfer ever happens.


The "broadcast flag" is wishful thinking. There is no possible implementation for such a thing, unless they require that all digital equipment includes detection of such flag (which is what the CBDTPA tries to do).
 

·
Registered
Joined
·
4,129 Posts
Discussion Starter · #3 ·
Quote:
Originally posted by pcostabel

There is no way to prevent distribution of digital data on the net, short of shutting down the system altogether.
Agreed. My statement starts with "A broadcast flag can limit the distribution...". The speed limits, while viewed in Michigan as advisory, need not be 100% enforced to be effective. You simply throw the book at the idiot doing 90 in a 50. That's actually a pretty good metaphor. I'll have to work on that.

Quote:
No matter how the material is encrypted, you can always re-rencrypt it in a way that it becomes undetectable by any filter, no matter how smart.


File size limits are not enforceable either. A file sharing network like gnutella splits the file among thousand of users, so no single big size transfer ever happens.
I never suggested an e-police enforced file size limit. Mearly that some (less sophisticated) transmissions of such files would be considerable in size and a candidate for review. But even splitting the file is not necessarily going to guarantee that the flag is wiped. They would have to be utter morons to use a "single bit" or whatever at the beginning of the program to serve as the flag, right? It must be consistently presented throughout protected material. As many negative things as I have to say about them, they are not that dumb.


The "pirate" applications can encrypt all they like. They must share the key with their "johns" somehow and, as I stated, any sizeable operation's keys can be ascertained, used to decrypt packages that fit the profile, and "deal" with those that come up positive. Flag "hits" could result in a sender (or its ISP) being logged as an untrusted access point to be monitored more closely, legal enforcement taken against parties involved, or the package just dropped.


Given that, as many pieces of the puzzle that are transferred that contain the flag are candidates to be caught. They will not get 100%, but then they don't need to. What is your irritation level? VCD? Less? Really choppy and unpredictable playback? What is the irritation level at which JSP says, "Awe screw it. I'll just pay!"?


It is a system that needs to be trained and will take some time to be "smart" and will never be any smarter than those cases it has caught or that its administrators know that they should catch. Again, they don't even need to get close to 100%.

Quote:
The "broadcast flag" is wishful thinking. There is no possible implementation for such a thing, unless they require that all digital equipment includes detection of such flag (which is what the CBDTPA tries to do).
In fact, that's the beauty of what I suggest. They need not involve themselves in our domiciles. They can do it remotely for significantly less (in many ways).
 

·
Registered
Joined
·
702 Posts
However, one could encrypt the file so heavily that the time to decrypt the file would make decrypting all large files sent over the internet (granted they would just pick some people to prosecute) difficult.
 

·
Registered
Joined
·
4,129 Posts
Discussion Starter · #5 ·
They need to be very selective, especially at first, in the candidate selection process. Likely, they would test using the same system that all of their adversaries would be using.


The processing power required to be successful would vary based on the volume of illicit transfers, the required "hit" rate, the required "irritation threshold", the effectiveness of the scheme to meet those goals, the limits of the Internet Tax or other monitary sources, and, as you indicate, the amount of effort required to evaluate each candidate. But this is largely just an issue of throwing hardware ($) at the problem and fortunately (for them) would not involve breaking the encryption - they would already have the keys.


An additional source of revenue to fund this, regardless whether their Congressional purchases work out or not, is a product price increase. How many times have the minidish companies blamed pricing in part on the cost of combating pirates?
 

·
Registered
Joined
·
380 Posts
Man E.. I don't know why you're bothering with this, to do all this would require the cooperation of the ISP's, who wouldn't do anything to alienate their customers who would very quickly jump to a startup ISP which *didn't* cooperate. This will never happen.
 

·
Registered
Joined
·
4,129 Posts
Discussion Starter · #7 ·
I'm bothering with it because everyone keeps saying that it is impossible and it is not clear to me that all of the facts were considered in making such a sweeping statement, because it is being actively pursued by industry interests even as we speak, because we need to understand it to be critical of it, and because I am a computer architect of very large systems and find the complexity and scale of the problem interesting - and solvable.


"ISP hoping" is really quite futile and solvable in a number of ways.
  1. It will become widely known throughout the Internet which ISPs are not in compliance. This is an administration issue and these ISPs would be scrutinized more closely. Remember, this is an constantly evolving system. This is really no different than locating the keys, and would actually assist in improving the accuracy rating of the system by focusing efforts in those areas with higher non-compliance levels. It doesn't necessarily stop any traffic, but it does take notes and names which can be used as evidence later. At some point, a decision is made to block some or all of this traffic.
  2. Not all ISPs need be monitored. This too could be a daunting task. In fact, if the problem is attacked top-down, lots of this traffic could be located at the biggest pipes of the Internet, and those "flag hits" will lead the system to hot spots. True, a fidonet-like culture could evolve, but it too is susceptible to exposure the larger it gets. It would also be bandwidth limited.
  3. Given the level of political might purchased by these groups, their ability to force compliance on those ISPs desiring to stay in business is significant. I mean they actually have other legislation in the Congress that would effectively mandate "big brother" in the bedroom (HDCP, et. al.). Any required new legislation that doesn't even come close to our homes should be a piece of cake.
  4. It terms of scale of complexity, contrast this to the CIA's Carnivore. This is doable.[/list=1]
 

·
Registered
Joined
·
4,129 Posts
Discussion Starter · #8 ·
This could actually turn out to be Hollywood's most reasonable approach for protecting their content, which I believe is important and needs to be done, but their right ends where it infringes my rights - which previous suggestions woud clearly do.


The system to which I refer would not infringe on fair use. It would not prevent archival. It would not prevent the transfer of material from aging or extinct media onto newer or the latest media. It would allow me to tape in the living room and watch in the bedroom, van, or airplane via laptop. The buffer zone between fair use rights and their right to protect (monitor and prosecute) begins when you transmit their flagged material onto the Internet. Don't do that and there is no problem (well, ok snail mailing duped DVDs is still wrong but is a problem of a significantly smaller scale).


This could actually be a solution to satisfy both sides. Dare I say "win-win"? The real drawback is the funding. They won't want this to cut into their bloated sales revenue, and they've already been proven to be scamming, colluding, greedy ... Sorry, I don't have a solution for this yet :)
 

·
Registered
Joined
·
55 Posts
Let's work on this. There have to be a less onerous alternatives to what MPAA is proposing, or we can get stuck with that. I think MPAA should be made to examine ideas like the above before consideration is even given to mandating hardware protection.


Another idea: how about Herbivore which identifies sites with intermittant but very large file activity. You can check off institutional sites (including professional ISP's) who would run Herbivore to protect themselves as they do against pirated software use by employees.


Illicit traffic would be hidden in a large ISP, so you won't find unusual patterns of activity there, but the ISP is not the end (pirate) user. Herbivore watches for suspicious smaller sites, and de-encrypts enough to determine if copyrighted data is there. I think one e-mail from MPAA on my screen threatening to prosecute would end my pirating.


They shut down Film88 in two days, so professional on-line piracy doesn't seem a big deal. DVD's aren't under control, but HDCP etc will only slow them down, and not for a long time.
 

·
Registered
Joined
·
9,884 Posts
It is probably not possible to catch all casual transfers of copyrighted material by average users. P2P file sharing programs could easily for instance use public key encryption technology to exchange keys and encrypted material, generating different keys each time. All a watcher would know is that large binary data streams were being exchanged.


But it is probably possible to imbed enough of an audit trail to catch the worst offenders, and this may already be being done now. For instance, all Microsoft Word (Office?) documents used to contain the serial number of the network card where they were created. Microsoft reportedly removed this 'feature' once it was discovered.


And playing a DVD or a CD will contact a database for disc info. Combinations of things like these can make it possible to create an audit trail of how things are moving about, and catch the worst offenders.


And there are already companies and services that track the flow of file sharing on the Internet, including on P2P networks.


The problem is that it is expensive and very bad public relations to be prosecuting or even threatening very many end users. And to do so you have to make it obvious how much audit trail already exists.


So they would like some way of discouraging the average user from even trying it.


The bigger problem is when they invest some money in technology and legislation and it doesn't work. Then they feel justified in adding the extra patches which require even more intrusion onto our equipment, and are much more annoying. So think of some of these plans as sort of a legislative Trojan Horse that open the door very predictable 'maintenance legislation' to correct the very predictable shortcomings.


- Tom
 

·
Registered
Joined
·
380 Posts
Man E - You're assuming that legislation is passed which makes this law. I don't think that will ever happen. Congress is pretty stupid, and I wouldn't put it past them.. but it won't make it past the courts, as the DMCA won't once there is a real challenge to it. So far the DMCA has stayed out of court for the most part, just the threat of it has kept people from doing it - which is pretty dirty business imho as well. Think about it.. people think cameras on red lights are too invasive of their privacy, you want to examine their data file sharing on a wide basis? Laugh..
 

·
Registered
Joined
·
92 Posts
ManE

What your suggesting is perfectly reasonable and accomplishable if everyone (or a majority of people) agree to the following ideas:


1. create an Internet spy squad with the authority to spy on all Internet data traffic due the possiblity it may contain trademarked material. Even though it would be impossible to actually look at all of it, you do have to establish that the group has the right to look at anything if it's going to look at part of it. Also inherent in this is the idea that it will eventually be abused for polital or capital interests.


2. spend countless millions, if not billions, of dollars to fund such a spy squads personnel, equipment, software development, etc.


3. accept the fact that despite spending those billions of dollars, the actual success rate would be around 10

to 20 percent.


4. be happy that I'm spending an extra 100 to 1000 dollars a year in taxes so I don't have to spend a 100 to 1000 dollars in buying extra video hardware or software and I can tape HDTV Friends in the living room and watch it in my bedroom three days later.


5. Studio executives feel adequately protected from the "napster" threat of trading digital copies of their material while the billion dollar Asian pirating business keeps churning out copies of the latest movies - albeit not in digital form.


As sad as it makes me, I have no doubt your approach is being avidly advocated and pursued by all sorts of interests.
 

·
Registered
Joined
·
380 Posts
Yea the might as well go ahead and establish a counterpart agency to stop real crime, with no limits to where they can go and what they can look at, and who they can accuse..


oh wait, this is America, not the Soviet Union. My bad.
 

·
Registered
Joined
·
55 Posts
OK, if we go along with MPAA, were saying we're ready for any kind of personal controls such as car speed limiters Do a Google search - this ia an active subject. The car insurance industry and government would love a hardware solution- you can't blame me! However meritorious, it reduces us to the lowest common denominator.
 

·
Registered
Joined
·
92 Posts
onemoretime-

No, I'm not saying I'm for car speed limiters or for any kind of "personal controls". I'm suggesting that the idea of a 'Net-based "War on Piracy" - the type of agency that would be created and the activities it would be involved in - is more onerus, intrusive, expensive, and potentially hazardous to our essential civil liberties than any of the current copy protection schemes currently being discussed by the MPAA, broadcasters, or the 5C companies.
 

·
Registered
Joined
·
55 Posts
OK, but I think a hardware scheme that can temporarily or permanently degrade and disable equipment is also unacceptable. Especially for a problem they can't demonstrate worthy of such a solution.
 

·
Registered
Joined
·
4,129 Posts
Discussion Starter · #17 ·
Thanks for all of the input. Collaborative and constructive dissenting comments are welcome. Actually, there were a few other members that I had hoped would chime in. Anyway...


I am not contemplating building such a system. I am merely discussing the technical feasibility and technical requirements for such a system to succeed, and what "success" means. This discussion may well end with the dismissal of such a concept, but at least it will have been thoroughly examined before dismissing it, rather than just saying that it is impossible to do so let's not even think about it. Let us examine what can be done and the effects of each opportunity on privacy, freedom, functionality, and convenience. Plus and minus. When I say "the system", "we", "they", etc. I am in general referring to the technology being discussed or those who would devise such a scheme (though please take context into account). These object of reference might be a program, human, device, etc. I think everyone knew that, but wanted to make sure.


I read a comment from the EFF that should be implemented in the system. The fair-use distribution of protected media clips must be maintained. This would otherwise degrade the potential of future research that may well legally include such clips. This would continue to be highly opposed by the industry. The system would have to distinguish between such a clip and one that is part of a protected-media distributed system (more on this below).


In another thread someone also raised the issue of theater copies made by camcorder. If these do not have the flag they cannot be detected. Not much can be done for this without getting really extravagant (if we aren't already - I know many of you think I already am ;)).


The efforts of the system would be greatly improved if the flag included information relative to where in a given protected media a given piece resides. This would be especially helpful in monitoring smart distributed systems where we would only see individual pieces, but could then track the assembling of the whole puzzle (or that percentage required to trigger attention). This would also help in the distinguishment and allowance of legally quoted clips from the transmission of the entire presentations.


Tom - It's not clear to me that the use of public/private keys is of any use to those attempting to push data under the radar. Infiltration of a "click" is, in general, simple (the larger the click the easier it is). The system simply registers an an interested consumer and provides a public key to the distribution mechanism. Once a distribution mechanism begins sending protected content to the system, law enforcement can be used to shut it down. We only hope to catch small clicks by accident, dumb luck, or exceptional stupidity on their part. Offshore transmissions are more difficult, maybe impossible, to stop depending upon their origin.


zeitgeistdr - I have never been under any delusion that any unencrypted transmissions by me were anything but public. Given the number of hands through which each message passes it would be easy to examine them - and a miracle if they weren't occasional perused. Carnivore is a perfect example. In fact, using the words 'piracy' or 'Carnivore' probably causes a minor hit on this page. Passive examination is not really a new idea nor is it necessarily an invasion of privacy. It is clearly open to abuse, but if the system examines transmissions for a sequence of bits (the flag), potentially using publicly known keys to decrypt a transmission for this purpose, and does not otherwise review it, how have them invaded anyone's privacy? This is akin to a police officer looking through the window of a car looking for a bong, gun, stolen property, etc. They then use that information to gain legal access to the car. There is no attempt made to crack a private key (the door lock in our example). Also, your cost and success rate estimates have a "pulling a number out of thin air" feel to them. If you have taken this concept further than I have (which you must have to come up with realistic numbers), please do share your research (well, unless you're one of "them" ;) :D).


Dylan - Yup, I think that "they" have enough Congressional ownership, oops, I mean, support to get the legislation through. Done properly, it might even stand up in court. They key would be a ruling as to whether or not it actually is an invasion of privacy. To pass a message (or portion of one) from one machine to another, part of the content must be read. Well, technically the entire thing is read, and the head and tail are processed. Where these begin and end and whether or not you have any rights to privacy of the message body after publicly releasing a message are critical to the decision. Again using the police example, if they peek in the body and see something illegal, they can take other legal action.
 

·
Registered
Joined
·
4,129 Posts
Discussion Starter · #19 ·
That would be the irony of a lifetime... and the thought had crossed my mind. They're probably already well beyond this point though... much to our chagrin.
 

·
Registered
Joined
·
4,129 Posts
Discussion Starter · #20 ·
Quote:
By Me!

It is clearly open to abuse, but if the system examines transmissions for a sequence of bits (the flag), potentially using publicly known keys to decrypt a transmission for this purpose, and does not otherwise review it, how have them invaded anyone's privacy? This is akin to a police officer looking through the window of a car looking for a bong, gun, stolen property, etc. They then use that information to gain legal access to the car. There is no attempt made to crack a private key (the door lock in our example).
As I was out mowing the lawn (an hour+ in these parts with a 52" deck in fourth gear !), I realized that the above may not be completely true. If the transmission is In The Clear (ITC) or directed to the system, this would likely be true. However, if a key was used to peer into data sent to someone else it is more like the police using x-ray glasses to find the bong. They didn't tamper with the vehicle, but it's not "plain view" doctrine either. Well... what would an adventure be without a great trial scene ;)
 
1 - 20 of 22 Posts
Status
Not open for further replies.
Top