Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Movies Media

SightSound To Distribute Films Via Gnutella 234

Posted by timothy from the no-possible-use-but-pernicious-wrongdoing dept.
asonthebadone writes: "The online video firm SightSound.com plans to distribute feature movie content with Gnutella. The film content will be 'protected' by Microsoft's Digital Rights Management System. The article from CNET goes on to quote various security 'experts' as stating that Gnutella is "fundamentally insecure" and that its usage would sow the "seed of one's destruction". If you're looney enough to run a file of unknown origin with a .vbs extension, that would be referred to as Darwinism." (More)

Carnage4Life writes with more details: "Sightsound has put up for grabs on the Gnutella network a dozen encrypted movie files from Miramax Films, for which SightSound has secured online distribution rights. Once people obtain the file, they are required to rent or purchase a license to view the movie. [...] If this works this could spell the beginning of the embrace of online digital distribution of movies, music and other forms of IP by the entertainment industry. Maybe then all the Napster madness will be over."

So long as it's a greater inconvenience (or a large enough moral dilemma) to crack such files for a critical mass of people, it seems like everybody could win here.
This discussion has been archived. No new comments can be posted.

SightSound To Distribute Films Via Gnutella More

SightSound To Distribute Films Via Gnutella

Comments Filter:
  • Here is the description of Microsoft's DRM System: http://www.microsoft.co m/windows/windowsmedia/en/wm7/drm/drm.asp [microsoft.com]

    There are very few details (no information about the encryption algorithm, for example) but my assessment of it is that it's absolutely useless in a Gnutella-like environment.

    Basically, the file is encrypted with a symmetric (single key) encryption and you are then required to buy that key to decrypt the file. It is not clear whether Microsoft's media servers encrypt the file with a different key for each person requesting that stream (which would be the only way to do it to have at least SOME protection against piracy), but it is clear that even if it does that, it would be impossible to duplicate this behavior on Gnutella. You would be able to share only one file for each movie, so only one unique key can decrypt it. Thus, keys for such movies offered on Gnutella would start popping up on IRC channels, FTP and Web sites in no time, IMHO.

    In fact, it would probably only facilitate piracy, since its a lot better to download a large movie from a fast connection from this company then from some warez FTP site that might go down at any time. Then you would need to go on that FTP site only to download the key.

    People (or more importantly these companies) need to understand that encryption is NOT a solution for copy-protection (in fact, the only solution is not to give it away to anyone, if you don't want people to copy it) because it can only protect your information from unwanted eyes ONLY if both parties agree not to share it with anyone. If that is not the case, it is irrelevant whether you encrypt it or not - people are still gonna copy it.
  • Proof for that assertion, please? Have you been keeping logs and running statistics against them, or are your extrapolating your personal experience, hmmm :>?

    I agree that people with technical expertise will find a way around whatever. However, that isn't what the intellectual "property" goons are worried about--they fear the day when non-technical users can avoid paying.
  • The problem with pricing things online is that everything has to be on a credit card. Credit Cos usually charge per-transaction fees. For all the talk of the (very real) cost cutting advantages of direct on-line business, the "cashless" nature of the e-connomy can actually set a minimum cost per transaction to avoid losing money to bring in money. (this is why most small businesses take MC but not AMEX. AMEX can offer no-annual fee cards because they charge higher fees to the businesses that take it. Its also why some places have a minimum charge for a credit card order.)

    This, and the hassles of filling out credit card info for a few dollars, will probably be the big roadblocks in distributing low cost or payment optional content on-line. I'd love it if artists could distribute their work on-line for "micro-payments" but actually doing it will likely be complex technologically, economicly, and of course socially (as this thread demonstrates).

    -Kahuna Burger

  • Highlander 4: Endgame [imdb.com] comes out this August, and you say this year is crap? HAH!

    And no, just because Highlander 2 and 3 were written by crackheads doesn't mean this one will suck; it's based on the series (which was kicking ass toward the end), and includes both Connor, Duncan, and, get this, Methos. Methos is worth the ticket price alone my friend. If you aren't aware of the later episodes of the series, Methos is the oldest living immortal (~5000 years old), pretty damned cool, and played by an excellent actor.

    copy and paste this link to see a spoiler [the.role]
  • By the way, somewhat off-topic: can anyone tell me why, in an OTP scheme, you can't use your pad once for data, and then once for transmitting a new pad? I'm no crypto expert, and I'm sure there's a problem with that, but I can't figure out what it is.

    For a one time pad to be secure, each key bit must be used once and only once, for whatever purpose. You could transmit a new key pad with an existing key pad, but you would use up one key bit for every one that you would receive, so you'd be better off not bothering.

    Why is this so? Because a true OTP, properly implemented, is unbreakable. If you want to use a key pad twice, once for data, once for new keys, go ahead, but it's not an OTP any more and it's not unbreakable. i.e. you send an encrypted message and then reuse the same key bits to get more keys. I have some good guesses about the text of your message, so that means I can have some good guesses about the key bits which were re-used. Thus I can determine the new key bits which are being transmitted. Is is this likely? No. But it is, implemented like this, no longer unbreakable. That's why otp's are special, because, implemented properly, they are unbreakable.

    Cheers.

  • oh my god! that CAN'T be real!

    Mike Roberto (roberto@soul.apk.net [mailto]) -GAIM: MicroBerto
  • Almost -- I would enjoy wathcing a Kevin Smith movie WAY more than cracking it! Kevin Smith is the man and if i wasn't lazy i'd make you a link.

    Mike Roberto (roberto@soul.apk.net [mailto]) -GAIM: MicroBerto

  • Re:Crack em! (Score:5)

    by dirk ( 87083 ) <dirk@one.net> on Thursday June 15, 2000 @05:00PM (#998913) Homepage
    I, for one, would not pay. In fact, I would immensly enjoy trying to crack this protection scheme. I would enjoy trying to crack it way more than I would enjoy watching the film. An I would enjoy watching a film I cracked (or recieved a cracked copy of) way more than watching a film I paid for.


    So what you are saying (and apparently the moderaters agree with you) is that all the people that have been spewing about "If they make something easy to get and affordable on the net, we'll buy it instead of steal it" is a huge load of crap? Here is something that is distributed in the "great new way" everyone wants, yet no one is willing to pay for it, because it will be cracked and available for free. Once again, it is proven that high prices don't cause piracy, piracy is justified by bitching about high prices.

  • While I agree that Gnutella hogs bandwidth, I disagree as to the extent that it sucks it up. I routinely download files 2,3,4 or more at a time at rates consistantly at or above 35Kbs - all of them (ADSL). Admitedley I could achieve nowhere near this performance with dial up service. My biggest peeve about Gnutella is that there is no way to stop the search once you have found what you are looking for - more unecessary bandwidth hogging :)

  • In an attempt to raie my karma up from the current -15, I beseech any moderator reading this to help a down and out brother. Oh, how the tears will begone from my eye and a smile grace my face if someone would spare me some karma!

    Holy crap! All this while I've been posting insightful, informative, funny posts to raise my karma. Now I discover you can just ask for karma!

    Karma, please.

    Oh yeah, not the negative kind, thank you.

    -- Admiral Burrito, Karma-whore wannabe.

  • Bandwidth isn't the cheapest thing in the world, especially when you're talking about large movie files.

    How do you distribute your movies for free and get people to send you money for them? Easy, distribute them on Gnutella and let the little people pay for the bandwidth.

    What could be better?

  • Now hold on a minute. The original post was not entirely elegant, but it's not fair to say that it's necessarily wrong either. This issue is more complex than just pirates vs. decent folk. It is a conflict between the interests of copyright holders vs. the interests of the public. geekd is expressing a desire to get back at the media companies which have become so successful by charging the maximum the market will bear ($18/cd and $8/head/movie, last I checked). His solution is simply employing the same tactics. In other words, "lets get as much as we can". A solution to the current earthshaking effects of technology on intellectual property will have to find a compromise between both points of view. In the meantime, don't fault those who choose to employ the same tactics as the recording and film industries.
  • hmm... Poor attempt at fud... let's see...

    "Anyone who is on Outlook is potentially vulnerable and needs to be very careful and cautious," said Scott Blake, security program manager for Bindview. "It's very easy for someone to utilize the Outlook network to propagate a Trojan horse, a file that appears to be something useful but in fact is the SEED OF ONE'S DESTRUCTION!!!."

    Blake added that Microsoft could possibly be at fault for encouraging people to use Outlook.

    "It's somewhat irresponsible for (Microsoft) to be pushing a software that's fundamentally insecure as this," he said.

    I love the smell of FUD in the morning. ;-)

  • Hmm, this is a perfectly insightful, relevant comment. I hardly think it deserves to be at -1. Why, Rob, is this comment at -1? Hmm?
  • Actually, the files appear to be between 250 and 500MB's -- and surprise surprise require MSIE 5.0. Ugh.

    Hey, by the way -- what's up with marking that last post "Troll"? Lame.
    ---
    icq:2057699
    seumas.com

  • Encryption and licensing issues aside, what's the point of making the content available on Gnutella, when a web site would be much more practical. Gnutella already uses HTTP to transfer the file, and Gnutella is not as capable as Apache. And Yahoo doesn't index Gnutella, either!
  • Comment removed based on user account deletion
  • Gnutella uses ordinary HTTP to transfer files, and supports restarts, at least by adhoc specs and most implementations.
  • Well, one reason to use Gnutalla would be if it were Open Source, but the last time I checked, the Gnutella development team had not released their source code, saying that they would wait until "a stable 1.0 release was ready". There are plenty of clones around that use the Gnutella protocol, but I am still curious why they have not been called on giving their product the GNU label when they don't actually provide their source code.

  • Proof (Score:1)

    by Tom7 ( 102298 )
    Here is a simple proof that one time pads are unbreakable.

    Assume M0..i are the message bits.
    Assume P0..i is a one time pad (= completely random bits shared by Alice and Bob, but not known by Eve).
    Let Ei = Ei XOR Pi.

    Alice sends E0..i to Bob, who recomputes M0..i as Ei XOR Pi.

    Eve can intercept E, but cannot decrypt it. Why? Decrypting E means having M, but with M she would have P (bitwise XOR again). But we've said that P is a sequence of random bits, which Eve doesn't have! She has no way of verifying that she has used the correct key to decode the message.

    This is a bizarre argument, but it makes sense when you consider that M, E and P are equivalent information-wise in this scheme. Revealing any two of them gets you the third, but one alone can't get you any information about the other two. Essentially you are exchanging a secret earlier in time (E) for the chance to later exchange a secret of the same size. It's hardly a "code", but it is unbreakable.

    As has been pointed out several times, this is totally worthless for encrypting media like we're talking about. But if you guys get to toot your geek horns, so do I. =)
  • The file transfers in Gnutella use HTTP, so downloading from Gnutella is no less unstable/slow then downloading from the web.

    If someone tried to host a popular website on their AOL-14.4 baud modem, they would encounter the same problem.

    on the other hand, these sightsound people probably already have a good webserver that they can run a Gnutella client. As long as you're downloading from them, and not some moron who decided to mirror the encrypted data

    Of course, given that copy-protection isn't even theoretically possible, I can just see search results for a sightsound movie showing up right next to cracked versions of the same thing :P

    Amber Yuan 2k A.D

  • Sightsound is not the only company to be banking on Microsoft DRM to be "secure enough". There's plenty of other people going that route.

    For information on MS DRM, see the Microsoft Digital Rights Manager Overview [microsoft.com] which talks (in very general terms) about how MS DRM works.

    Interesting excerpts from the FAQ include:

    Standard cryptographic protocols based on digital signatures are used for authentication throughout the Rights Manager system. For example, license servers use Rights Manager technology to authenticate Rights Manager-based clients. These clients use digital certificates on their PC. The digital certificate's unique public key and version number identify the client.

    And...

    Windows Media Rights Manager 7 individualizes the critical components of each run-time client. Individualization binds the run-time client to the machine on which the client was initially installed. Every consumer is given a different executable file and different certified license keys. This significantly reduces the danger of global breaks. If a specific Rights Manager client becomes compromised, it can be disabled from acquiring licenses for new media files.

    There will probably be a CERT advisory talking about how to circumvent both within a few months. :P

  • you'll have to wait until the War on Violence subsides.
    --

  • Warning about above link! (Score:3)

    by Disco Stu ( 13103 ) on Thursday June 15, 2000 @03:16PM (#998929) Journal
    Informative: I have set up a mirror of this site as it appears to be /.ed already :(

    Don't click on the link given in that statement if you're at work. I did, and it led to porn!

  • How much to pay per view? (Score:4)

    by DeepDarkSky ( 111382 ) on Thursday June 15, 2000 @03:18PM (#998930)
    I wonder how much they are going to price it?

    The reason why I ask is, I think if you take the entire population (of the world) and work out two variables, x number of people willing to spend y amount of dollars, you'll see that as y goes down, x goes up. The amount of money made by film producers (or distributors, or whatever) would be roughly x times y. Over time, however, x becomes more important. x is actually more along the lines of number of viewings rather than number of people willing to pay. But my point is, if you make y low enough such that an acceptable percentage of people are willing to pay, then they wouldn't have to worry about piracy.

    Let me borrow, as an example, currency. The reason why printed currency works and why the government goes through all the anti-counterfeit stuff is because would-be counterfeiters would have to spend a lot more money than the value of the currency that they are trying to counterfeit. The government has the economy of scales on their side. They spend less than 10 cents printing each bill, but it would be much more expensive (though not impossible) for counterfeiters to produce counterfeits that can fool people. That's why counterfeit money is usually higher is denomination, because the lower denomination just wouldn't pay off. That's perhaps why the U.S. has, as it's highest denomination, the one hundred dollar bill.

    Back to the encrypted movies. If they priced it so that it would not be worth anyone's time to pirate the movies, even though inevitably, a small percentage of the population will anyway, they can reduce the effects of piracy and actually make enough money (it's never enough, I suppose, and they want to get the money while they can), and the consumers will not complain about how expensive it is to watch a movie. Imagine if pay-per-view was only 10 cents? Take an average long-ish 2 hour movie, if you watched movies non-stop for a month, you'll average about $30, less than most utility bills and DSL fees. Would you do it?

  • Doesn't make any sense to embed next key in current msg because then next key will have to be = length of current msg, and eventually you will no longer be able to have a msg of any appreciable length. You might as well just use all the random bits in your key w/o having to transmit any new key info inside of the message.
  • At least as far as the recording industries are concerned, they could distribute demo/trailers of their movies @ 160x152 resolution (so you could get a taste of their stuff @ postage-stamp size, then get the "real thing" through their normal ordering process). I bet the porn sites would just LUUUUUVV this :)

  • Re:the (forebidden) apple (Score:4)

    by Kris_J ( 10111 ) on Thursday June 15, 2000 @03:19PM (#998933) Homepage Journal
    The problem is that if an established power base attempts to ban an item or product (and sometimes behaviour) it is assumed by at least a large minority, if not the majority, that it's something worth having. This does unfortunately have a pretty good basis - look at the banning of X-rated material in Australia, followed by complaints from the very politicans that enacted the legistation when they themselves were blocked. I didn't seriously consider buying a Rio until the RIAA attempted to ban it.

    A mindless ban on something typically doesn't work as well as decent education on the topic. Not that education seems to be valued very much any more anyway. I believe that if sex, even erotica, was discussed openly and sensibly from a young age then demand for pornography and prostitution would decrease dramatically. You always need to target demand, not supply.

    The problem for artists is that their work is hideously undervalued. To survive they typically invest their money (and any "power" they do have) in power hungry little dictators that have no more interest in the actual art than the rest of the population. The result is the MPAA and RIAA - a marketing and legal machine with a choke-hold on popular art. It's no longer about the art, just the money.

    I say, support local artists, buy stuff from independant labels, look up the word "patron". Sure, take in a mainstream movie every so often, but try to lose the false sense of need that's been implanted by immoral marketing practices. (I tell you, many of the complaints about DVD make people sound like they're hooked on drugs rather than home movies.)

  • Some encryption is 'belived' perfict, they are not, however, mathimaticaly proven. But no one with any clue knows how to crack them (unless you give 'em a quantum computer)

    Even then, that encryption can still be cracked given enough time (say, a few million years)

    Copy protection, on the other hand, is always crackable, beacuse you need to have a decrypted form somewhere on the client machine. That means you have to have the encrypted keys rigth there with the media. see DeCSS.

    Amber Yuan 2k A.D
  • If you're looney enough to run a file of unknown origin with a .vbs extension, that would be referred to as Darwinism."

    So, anyone out there wanna create the "killer virus" of the Evil Empire? Darwinism got a little forgotten recently - maybe we need a refresher course?

    --
    TheDude
    Smokedot [baked.net]
    Drug Info, Rights, Laws, and Discussion

  • I can't beleive I didn't mention American Beauty...

    I had originally thought it was going to suck and had to be dragged out to see it. Afterwards, I liked it so much that I went to see it again.

    As for The Matrix, I could have sworn that it was a 1998 movie... brain fart on my part I guess. Prolly what threw me was how fast it got out on DVD.

    john
    Resistance is NOT futile!!!

    Haiku:
    I am not a drone.
    Remove the collective if

  • Just a couple thoughts outside the scope of the current conversation...
    Most entertainment media to be displayed in at a size and resolution that your average user would find enjoyable is over a gig for a full length movie.
    Your average home user does not have a high bandwidth connection, and of those that do, they're on pac bell dsl and @home cable. Both of which at least in the SF Bay Area are highly overloaded as it is. Anybody see a problem here?

  • Does anyone say "the bomb" anymore???

    But yeah, I'd see a Kevin Smith movie any day. But seeing as Dogma was just out last year, and he typically has a 2-3 year interval between movies, and he just put a lot of effort into the Clerks cartoon, only to be fucked (again) by disney...

    I don't think we'll be seeing a new View Askew production this year.

    But, eh, I *DID* break the DVD boycott to get Dogma and Chasing Amy on DVD to complete my collection. Only two DVDs I've bought since the deCSS fiasco.... honest.

    john
    Resistance is NOT futile!!!

    Haiku:
    I am not a drone.
    Remove the collective if

  • It's for digital flatscreens, which most people believe are the future for displays.

    They're not to concerned with you recording a lossy version, rather an exact digital copy.

    The "They" is the usual bunch, but I seem to remember IBM working on this particular "innovation".
  • Um, can I pick a religion where I'm guaranteed eternal life with lots of redheads? And short brunettes? And... and....

    I mean, as long as we're just shopping, you know, what the hell. So to speak.
  • My problem with Gnutella is that you're never sure you're getting an original copy. This is fine for things like mp3 files, where there is no "original" copy.

    While Gnutella presents you with a list of sources, you can't be sure which one is the original source, which for my investment in time, would be the only source I would trust. I would be quite upset to spend a considerable amount of time downloading a movie to find that the "copy" I downloaded was corrupt.

    There are people working on Gnutella trying to add the ability to verify the content of a file before downloading it. This is primarily to allow you to resume a download from a different source, but that would also be useful in this context.
  • If "Show friendly HTTP error messages" is turned off, then it only shows that "The page cannot be displayed" if it can't get a connection to the server for some reason (like being slashdotted or whatever). If it does get some error message it spits it out as usual.
  • Me, Myself, and Irene might be good, if it's more like Truman than Jim's older movies.

    Any movie that confuses the difference between schizophrenia and multiple-personality disorder reeks of crap.

    Last year Jakob the Liar was released, and it was excellent.

    Trust me, the original (Jakob der Lüger, East German, 1975) version kicks Robin William's hiney any day. But someone who likes a remake rarely appreciates the original as much.
  • You're forgetting that, sooner or later, the movie is going to have to be viewed by a pair of eyes and a pair of ears (with some appropriate substitutions and/or absences for people without eyes and/or ears). If it has to be displayed on my screen, then you can bet that it'll be a piece of cake to redirect to a file.
  • It would be nice to see a GPL program being put to serious use. It will be nice to see how this pulls through. As for the protection... well, I saw the word "Microsoft" so I know that it isn't a problem... =P
  • Think about it. The firm distributing this movie is in the quiet period before their IPO. This is a great way to get press, and even if the file is cracked and distributed, they can always blame Microsoft. But that's not what they're worried about. Think about it this way: modern law enforcement is not so much aimed at preventing crimes as it is punishing the offenders after the fact. So, if the movie is "cracked" by actually purchasing the right to view it, then intercepting the video stream and saving that... Well, let's suppose that the keys and algorithms used in decrypting the movie are (1) all different and (2) all provide a slightly plaintext (the movie). You don't notice these differences unless you do a bit-by-bit comparison of two different decrypted copies of the movie. You don't notice them when you're watching, because, hey, there's a lot of information in a movie. Granted, the more you compress a movie, the less room you have for just throwing random bits in and having them be less noticeable, but bear with me... So now you can trace exactly which copy was pirated. (This is nothing new -- distributing a bunch of slightly different copies of something, so that when one gets leaked you can tell who leaked it). So now maybe the person who originally leaked the movie can be prosecuted. Or maybe it was somebody using a stolen credit card in a far-off nation, and they don't get punished. Regardless, the threat is still there, and people get a little bit more scared.

    Who cares if people are scared?

    Think about how long MP3s were around. A lot longer than Napster. So why are they only getting so much attention now? Cause they've become mainstream! No more navigating IRC or pop-up porn banner sites to get ftp passwords... Anyone can download Napster and start grabbing mp3s in minutes. Anyone. Which means there are now a LOT more pirates than there were, simply because it's now so easy...

    Piracy will always exist. It's hard to secure data that passes, cleartext, through unprotected regions (video signal to a monitor). The point is to make it hard or dangerous enough that most people won't consider piracy an option. Then it will just be back to the "underground" doing it, and there will be far less public outcry when they get cracked down on...

    Who would watch this movie if it was a normal theater release? Ok, how about if it was distributed online? Ok, now how about if it was distributed online, but securely, then got cracked and famous for being an early example of the "failure" of secure, digital distribution of audio/video... How many more people would want a copy, just because?
  • I, for one, would not pay. In fact, I would immensly enjoy trying to crack this protection scheme. I would enjoy trying to crack it way more than I would enjoy watching the film. An I would enjoy watching a film I cracked (or recieved a cracked copy of) way more than watching a film I paid for.

    I have a feeling I am not alone here.

  • My thoughts on SightSound (Score:3)

    by faeryman ( 191366 ) on Thursday June 15, 2000 @02:38PM (#998948) Homepage
    In an attempt to raie my karma up from the current -15, I beseech any moderator reading this to help a down and out brother. Oh, how the tears will begone from my eye and a smile grace my face if someone would spare me some karma!

    So to help you out, here are reasons why to mod me up:

    Insightful: After reading this article I have a few questions. Mainly, what are the potential security ramifications to both the whitehats and blackhats? It appears as though security was not directly mentioned, so sadly I fear that the designers left this crucial part out. I would not trust my data with an insecure system, and I'm sure you wouldn't either.

    Interesting: After reading this article, I see that it is very similar to what is already on the market. Do they plan on setting this product outside of currently existing technology, or embrace what already is there?

    Informative: I have set up a mirror [127.0.0.1] of this site as it appears to be /.ed already :(

    Funny: Can you imagine a Beowulf cluster of these?!?!?!

    Underrated: Come on. I post at 0 now, hook me up. Look at these Insightful, Interesting, Informative, and Funny reasons!

    Here are reasons why to NOT mod me down:

    Overrated: Come on. I post at 0 now. This is not worth of -1, if at least for the novely value.

    Troll: Nowhere am I suggesting this is a "FRIST PSOT D00D!" or that "Natalie Portman" is "naked and petrified."

    Flambait: Nowhere am I suggesting that "Taco sux!" or "Signal11 blows!" or "linux sucks me"

    Thank you for reading, now spare me some karma.
  • Actually, they're planning on standardizing on a digital display format which is encrypted along the wire precisely to keep you from doing this.
  • Just try downloading something like a 3 meg mp3 for gnutella, it will take hours. Gnutella can saturate bandwidth like no ones business. There is no limit on the software, some guy on a 14.4 modem on AOL will have like 100 transfers going. Another thing is search timeouts, being they never time out the traffic it generates is amazing.
  • Post hoc ergo procter hoc.

    Religions like Christianity have always been popular for a bunch of reasons, and the Romans had very little to do with it. Drugs have been popular since before homo sapiens sapiens was evolved, as humans aren't even the only species to use them. You're closest to the truth when you cite rock music, but there's hardly anything unique about that movement.

    And by the way, the correct idiom is "forbidden fruit", not "forbidden apple".
  • What ho!

    Thou art a pirate, 'tis true!
  • What's to stop someone buying the licence (which is presumably some kind of program or file), and Gnutella-ing that too...?
  • Yeah but you have to have the decryption app at the other end, and pass the key somehow. Reverse engineering takes care of the rest. There's no such thing as true security.

    -jpowers
  • This is true, but the company is personally supplying the bandwidth, which, with any luck will exceed a 14400 baud connection!
  • The problem is that if an established power base attempts to ban an item or product (and sometimes behaviour) it is assumed by at least a large minority, if not the majority, that it's something worth having.

    That definately displays the high mistrust of authority even the general public has.

    believe that if sex, even erotica, was discussed openly and sensibly from a young age then demand for pornography and prostitution would decrease dramatically.

    There is empirical evidence to support this as well - like Sweden, for example.

    ". Sure, take in a mainstream movie every so often, but try to lose the false sense of need that's been implanted by immoral marketing practices. (I tell you, many of the complaints about DVD make people sound like they're hooked on drugs rather than home movies.)

    Ideas are the most powerful drugs we have.. ideas which are communicated by sight and sound. There is no question it is a mind-altering substance.

  • Re:the apple (Score:3)

    by MaximumBob ( 97339 ) on Thursday June 15, 2000 @03:24PM (#998958)
    The Romans tried to stop christianity. Christianity became popular. Drugs were made illegal in this country. Drugs became popular. Rock music was chastized by the establishment as being "satanic". Rock becomes popular. Anyone starting to see a pattern here?

    What else is illegal? Suicide is. The rates are rising, but I don't know if it is "popular" by any means. Bank robbery is illegal. I just got back from robbing one myself, actually. I think that Christianity, rock music and drugs all have other draws than just being forbidden.

    Now, music becomes illegal to download. Downloading music becomes popular.

    Yes! Down with the establishment! I'll download music I hate! That'll show them!

    Wait, no, I download music, when I do, because I like the music. The legality of it has nothing to do with it, except that it makes me LESS likely. I believe it's a deterrent. I certainly don't think it increases the chances of my downloading.

    So Microsoft goes out and builds this standard. Then they say it's impossible. Then, to top it off, they make it illegal to crack it. Who shall be the first to taste the forbidden apple? Good idea! Me me me! I want to taste it!

    Wait, no I don't, I don't care.

    And what's with criticizing MS for developing the standard? Believe it or not (hold on to your seat here...) they're a SOFTWARE company. They make software. It's how they put food on their tables. If they didn't come up with software, they'd go out of business. (it would take a long time, but that would be the upshot) And what are they supposed to do? "Oh, here's our new encryption software... Um, it's not terribly secure." No. Of course they have to promote it as being secure.

    Honestly.

  • If this works at all, it will go a long way towards the acceptance of gnutella/napster w/ wrapster/freenet style data exchange programs (peer to peer with gnutella and freenet, private with freenet).

    OK, hands up for everyone who believes this won't get cracked?

    Don_Negro, put your hand down, I said "get cracked", not "be smoking crack"

    OK. No hands. No surprise.

    I mean, Stephen King's ebook got cracked within hours, and he wasn't even charging for it the first day.

    So, next possibility, this will get cracked, and gnutella will be demonized along with the computer cr/h/ackers.

    Conspriatorial-think, is MS testing it's DRM software, PR repair can be handled later, and SightSound is helping the MPAA and RIAA to demonize gnutella and the like.
  • Here is why you can't reuse your pad, even to send the next pad. In this case, we will assume that you encrypt your data using XOR with the pad. We will have the following variables:
    O1 and O2 = OTP one and two.
    P1 and P2 = Plaintext one and two
    C1, C2, and C3 = the three ciphertexts.

    Send the first encrypted message:
    C1 = P1 XOR O1

    Send the first pad encrypted with the second pad:
    C2 = O1 XOR O2

    Send the second encrypted message:
    C3 = P2 XOR O2

    Your opponent has C1,C2,C3, since that's what you transmitted.

    So, your opponent performs the following:
    C1 XOR C2 XOR C3 =
    (P1 XOR O1) XOR (O1 XOR O2) XOR (P2 XOR O2)
    The way XOR works, duplicated variables cancel out, so the above is equal to:
    P1 XOR P2
    because the two O1's and the two O2's each cancel out.
    Now, your opponent has your two plaintexts XOR'd with each other, which is easily solvable. You may as well use ROT13.
  • Er, how could that possibly work? Even if somehow they kept me from running any video capture programs on my monitor, i can still just pipe it to my TV instead of my computer monitor, run it in fullscreen, and record onto a tape (or, soon, DVD).
    Dreamweaver
  • I think a judge would probably toss a suit against Gnutella and Freenet out on its ass - it's "bad people", not bad technology.

    Excellent analogy! I hope to hell you are right, but alas, I lack your faith in our justice system, and have even less for our lawmaking bodies.

  • Re:Crack em! (Score:3)

    by medicthree ( 125112 ) on Thursday June 15, 2000 @05:45PM (#998982) Homepage
    It says a lot about the slashdot community when a comment such as the above is moderated up to 5, Insightful. I say it says a lot about the community because not only does the poster speak for himself, but the moderators who moderated the above up, and those that have not subsequently moderated it down, are spoken for as well.

    So, people, which is it? Do you all really only use Napster for music you already own, or do you really agree with the spirit exhibited above? I know the above post doesn't explicitly deal with Napster, but when a post such as the above is 5, Insightful, you have to admit that a propsensity for piracy is strongly indicated.

    Oh, and please don't say that the above poster is just advocating cracking the film only for the pure enjoyment of cracking it. Remember, he did say "An I would enjoy watching a film I cracked (or recieved a cracked copy of) way more than watching a film I paid for." That " or recieved a cracked copy of " says an awful lot.

  • Murder, plunder loot and burn
    But all in moderation
    If you do the things we say
    you soon will rule the nation
    First kill your foes and enemies
    and then kill your relations
    Murder, Plunder loot and burn
    but all in moderation!
  • They should be able to track you down pretty easily and break your fingers.
  • Some folks here are already screaming "Gimmick". That's almost certainly true, but I imagine there's another reason for doing it.

    Serving up video takes up a lot of expensive bandwidth. Why not let someone else do the serving for you? As an added plus, should SightSound's movies actually become popular, the number of people willing to host the files will increase, thus automatically scaling up the bandwidth accordingly.
  • There's plenty of people now. There are even arguments why cannibalism would be a good thing. That, plus the fact that it's illegal, should make it quite vogue.

    And I don't know why you're saying incest isn't very fun. I'm assuming that it wouldn't happen at all if that was the case. Someone has to be enjoying it. And in this age of safe sex and legal abortion, it causes fewer and less obvious problems. Man. What a great way to flaunt authority!

    Anyway, my point is that I don't see pirating music and movies as being popular because it's anti-establishment. It's popular because people want to listen to/watch music and movies for free.

  • OK, this is back to my general DRM (Digital Rights Management) speech.

    GIVEN: The entirity of the user base will not accept a technology that restricts or degrades their experience with a medium they previously had greater rights on.

    given that, let's explore the possibilities here.
    Anything you can view can be copied. Remember the BetaMax suit. That's been solved by some tricks which don't noticably degrade the movie but do degrade any copies, if you don't have tech know-how or some low-grade video editing software.
    Computers make copying data much easier--no degradation that can't be fixed. In a perfect, trusted computing environment where the OS, nay, the hardware, was working in concert with DRM software, the data could not be copied digitally.
    Firstly, there are no such environments. Secondly, even in the perfect possible case, it doesn't solve the problem--if something can be viewed, it can be copied. Whether it involves getting a video-out from your video card and stereo from your sound card, (let's presume they're also working with DRM), or simply getting a dark, soundproofed room and setting up a video camera, it can't be stopped.

    DRM in the digital world will be no better than the real world. Does the existence of VCRs manufactured for mass copying, copier machines, cameras, audio-out and -in jacks, and camcorders ruin the film/tv/music industry? no. When the dust settles, the digital world will be similar. Pirated data will be more available. Vendors will have to deal, or find better business models. Blockbuster and Xerox seem to be doing just fine on their business based off of technologies once thought to be the doom of their respective areas.

  • You're not dowloading the actors and movie sets to your computer, are you? no.

    Of course not, but you know that, and that's not what you meant anyway. The actor's labor is scarce, the other capital involved is, of course scarce. What we're doing is paying them for their labor, right?

    After a fashion. What it basically amounts to is that the production houses provide these movie-making services to the public at a loss, and then trying to make it up by playing toll collector to the resulting information in perpetuity.

    i.e. the movies are being made for free (or worse), and then subsidized later. That seems kind of bass-ackwards to me, although it's been the only practical way of doing it for a while.

    The thing is, I think particularly as micropayment schemes become more widespread, it's going to become more and more practical to actually pay production houses/groups/what have you _directly_ for the service of making the movie in the first place.

    At least movies are an example of where the artists are actually treated somewhat decently. It's certainly not true of the music industry -- you know this big thing about artists being able to eat? There's no way in hell 90% of the signed musicians in the US would be eating if they tried to live on the money they got from their record company.

    I'd rather see artists paid for what they do, and how well they do it, rather than expecting them to work for what almost amounts to free.

    In the long run, I think systems that don't pay the artist for creating art (and instead indirectly subsidize them by placing onerous restrictions on IP) are wrong, and destined to fail.
  • Yeah, by the time you saw the comment, it was at 5, Insightful.

    However, if you'd clicked on the link to take you to the "full" comment details, you would have seen that of that +5 score, one point was "insightful", and the others were all "Funny".

    Don't forget that the comment that goes with the score is only the most recent one - hence you will see, on occasion, comments with socres up around 2 or 3 that are marked as being "Flamebait".

    I don't condone what the poster said, but please don't attack the moderators without knowing all the facts.

    (In fact the scoring on the comment at the moment is: Flamebait=2, Troll=1, Insightful=1, Funny=4, Overrated=1, Total=9; hardly a glowing endorsement from the "community")

    Cheers,

    Tim
  • The protocol has been fully reverse-engineered but only released with the windows client. Basically gnutelladev.wego.com [wego.com] deals with current generation clones and gnutellang.wego.com [wego.com] deals with extending the protocol to add new features. Capnbry did all of the reverse-engineering and he hangs out in #gnutella on EFnet so if you want to talk to the guy that did it he is the one to ask.

  • Your machine crashes half-way thru viewing. Must you buy a new liscence? What if you get disconnected? When you dial back up and re-run the liscence their servers would say you already used your activation.

    Somewhere out there, there is a Microsoft developer thinking "Nah. We'll just code the SQL so that each download is a transaction. With a long time-out parameter. Yeah, that's the ticket! Lessee, 30,000,000 AOL users at 56K dropping carrier an average of 6.8 times per download... <shrug> should work! We'll use ASP on IIS!"

    ======
    "Rex unto my cleeb, and thou shalt have everlasting blort." - Zorp 3:16

  • As much as it pains me to say it, Microsoft is barking up the wrong tree with this software-based "intellectual property" protection mechanism. As others in the thread correctly point out, you can always intercept a transmission in the clear at some point on your machine. The packaged music or video may be owned or obfuscated by somebody else, but the output of its decryption is 100% within my control. It has to be translated, and immediately afterwards I can snag a copy. This form of protection will always fail in the long run. Its only hope is to render the cost of buying a legitimate copy less than the inconvenience of ripping the output stream. Before IP can be protected commercially (if indeed it should be) the hardware makers must collude with the owners of intellectual property. This is precisely what the MPAA is attempting to accomplish. If they own the players, then they can ensure that at no point is the clear stream electronically accessible. At best I can place a microphone in front of my speakers or try to do a video capture and re-record the output of a movie. But in either case, I will have at best a lossy copy. Personally I wish they would all just give up and go home, and stop treating a non-scarce resource like a precious, scarce one.
    -konstant
    Yes! We are all individuals! I'm not!
  • Other than View Askew, Pixar, and Lucasfilm, I don't know one studio from another so I can't speak for miramax in aprticular...

    But given the quality (or actually, the lack therof) of the absolute crap that's been dished out into the theaters this year, it *IS* the literal truth that I'd enjoy trying to hack the encryption more than watching the movies themselves.

    Really! What movies have been worth seeing this year? The only one I've seen and enjoyed was High Fidelity. I might give Road Trip a try, just cause I'm a big Tom Green fan. But what else???

    Battfield earth? gag... I only regret that I didn't fall asleep earlier. Actually I regret going at all, but I'm too bloody-minded not to stay for my whole $8.50s worth of 2 hours.

    U571? The bastard stepchild of Das Boot and The Hunt for Red October, but with neither the direction of Wolfgang Peterson, nor the acting talent of Sean Connery.

    Rules of Engagement? Knockoff of "A Few Good Men" but without Jack Nicholson.

    Gag, gasp and more gag...

    I'd *MUCH* rathar spend two hours hacking at whatever encryption mirimax has put in place (Hell, or even just playing CivIII) than subject myself to any of the tripe that has been released THIS year again.

    Seriously? WTF is up? Last year we had some aweosme movies...

    Dogma
    Being John Malkovich
    American Pie
    Enemy of the State
    Toy Story 2
    South Park: Bigger Longer and Uncut
    Austin Powers 2

    And hell, even the oft maligned Star Ware Episode I, The Phantom Menace easily beats the snot out of anything I've been subjected to THIS year.

    Have the powers to be decreed that 2000 will be the year that the movies suck?

    john
    Resistance is NOT futile!!!

    Haiku:
    I am not a drone.
    Remove the collective if

  • But as far as I know, ANY software encryption is breakable. If you can see how the decode process works, you can duplicate it.

    True, any process can be duplicated, however any data cannot be. If any encryption algorithm is good you won't be able to break it even if you have the well-commented source code.

    What encryption does is merge two peices of information, the plaintext and the key into one. If you have any two of those things, then you can get the 3rd. but if you only have one, you can't get anything else.

    However, when you are talking about copy protection its different. In order to get the plaintext, you need to have both the cyphertext and the key. That means that the key has to come with the plaintext (or in this case, plainvideo). You should be able to see the problem here...

  • I hate to tell you this but some form of encryption are uncrackable. Read some books and you can find the proof. Basically a single pat random key is uncrackable as it can produce any results.

    That works as long as the key is not available for the cracker. With "encrypted" movies key is ALWAYS available -- if someone paid for viewing once, he has a key. The idea of "protection" is to obfuscate the process to make it impossible to re-use the key if it will be transferred to someone else or used by the same user more than once. This obfuscation will be the target of cracking, not the key itself.

  • As far as I can see, anything protected by any of the 'protection schemes' is not easy to get, because you have to jump through unreasonable hoops, like never moving the file once you've downloaded it.

    BTW, isn't it ironic that the term used is 'protection schemes', the same as shakedown artists use.

  • ZDNet seems to be relatively computer illiterate between their staff and policies. I like them, some of their people are pretty good. I would, however, have to say, that unless it's marketted by Microsoft or has never had an attack of any type even attempted on it, they really don't support it. They will say that they do, but the inner rung support from them just isn't there. It's a shame.
  • I think you're overlooking rubber-hose cryptoanalysis here.

    Daniel
  • What's wrong with you? Don't you already know? I for once never had to bitch about high prices of music CDs or movie DVDs since I have discovered MP formats (MP3 format specifically over 4 years ago) and I have not bought a single CD thereafter. I get the music for free and I will continue doing it while I can and I don't see how I can be effectively stopped with networks like FTP, HTTP, Gnutella, Freenet, Hotline and Napster. On the other hand if there were fast networks were I had to pay 10cents for download of a song I wanted, I would still pay those 10cents if it was going to save my time.

  • The apple. RIAA and MPAA in the garden of Eden (Score:5)

    by Money__ ( 87045 ) on Thursday June 15, 2000 @06:06PM (#999040)
    RIAA, MPAA and Microsoft in the garden of eden with Adam and Eve.

    1) Eve can't eat the apple.
    2) Adam can't eat the apple.
    3) Eve can't copy the apple.
    4) Adam can't tell Eve about the ATI (Apple Tree Interface).
    5) Eve can't inform Adam about the ATI because of the click thru EULA (Eden User Licence Agreement).
    6) Adam can't use the trademarked word apple without the expressed writen consent of god and monday night football.
    7) Eve can't walk around eden with the apple in her hand without first ataining the exclusive distrubution rights from AAE (Apple Association of Eden).
    8) Adam is prohibited from making apple sauce or using any other "compression algorithm" on the copyrighted apple.
    9) Eve is prohibited from telling Adam about the apple sause maker because it would be contributing to the use of compression tools in order to facilitate piracy.
    10) Neither Adam ore Eve are permitted to make caramel apples as that would be using encryption and obfuscation on copyrighted materials with the expressed intent of unauthorized distribution.
    11) The snake can only sell the apple at a minimum advertised list price of $17.99.
    ___

  • Steve Jobs files a law suit against Eden, God, RIAA, MPAA and Microsoft. DOJ rules that all of the above mentioned have infringed on Steve's copyright and traidmark and closes Eden down. God throws Adam and Eve out of there in order to remodel the whole thing but the contractors take their time and so the things are never the same again...

    Adam consumates his feelings toward Eve in a citizen marriage and a feminist movement is created at that point...

    the history gets repeated...
  • Well, try doing it with PGP :)

  • Re:the apple (Score:3)

    by gilroy ( 155262 ) on Thursday June 15, 2000 @03:46PM (#999053) Homepage Journal
    Blockquoth the poster, quoting someone else in italics:
    The Romans tried to stop christianity. Christianity became popular. Drugs were made illegal in this country. Drugs became popular. Rock music was chastized by the establishment as being "satanic". Rock becomes popular. Anyone starting to see a pattern here?

    What else is illegal? Suicide is. The rates are rising, but I don't know if it is "popular" by any means. Bank robbery is illegal. I just got back from robbing one myself, actually. I think that Christianity, rock music and drugs all have other draws than just being forbidden.

    Fair enough ... but the "forbidden" aspect does draw people in. It adds a certain allure.

    I think the actual truth evidenced by these examples is this: You can't legislate morality. In other words, you can make something illegal and therefore (perhaps) deter people through the consequences they face. But that won't convince people it is wrong. I know it's naive but I believe that most people have a relatively well-balanced sense of morality, and they can sesne when someone else makes a law that contravenes it. They might obey such a law but they don't respect it.

    In counterpoint, consider the experience with drunk driving in the USA. Although it's still a problem, the astonishing thing is, rates of DUI (for young drivers) have been falling for almost a decade. (See, for example, http://w ww.nhtsa.dot.gov/people/injury/alcohol/promdrunk/G ENERALFACTS.HTML [dot.gov] for data on trends.) This has happened in part due to enhanced enforcement but largely due to education and a shift in perception. I teach high school and my kids are increasingly of the opinion that drinking and driving is more than illegal ... it's stupid. No amount of laws seem to reach them, because they don't take their moral bearing from laws. Insteasd, they evaluate laws based on interactions with their moral sense.

    To bring this back to slashdot ground, I think the MPAA and RIAA and all the other evil acroynms are fighting a losing battle, because their methods don't deal with the morality of the issue. By relying on technological mechanisms (backed by draconian laws), they seem to be ceding the ground over the "rightness" of copying. And because they treat all digital distribution as morally equivalent to mass-producing bootlegs, they create an essential disconnect with their consumers.

  • I fail to see any good reason to do this. Even as a PR stunt, it's just a poor choice.

    Bandwidth suckage for Sightsound and those who are downloading the movies will be enormous, due to gnutella's design. Even a poorly designed web page would be more efficient.

    gnutella is (generally) much less stable, and noticeably slower than Napster. The only advantage I see of gnutella over Napster is that gnutella is unlikely to be sued out of existance anytime soon.

    Using gnutella requires a moderate amount of computer literacy, unlike clicking on a button on a web page. This limits the audience by a large margin.

    Perhaps Sightsound thinks the giga-huge file will be stored on other computers on the network, so that Sightsound's servers won't be the only ones burdened with transferring, but that's pretty unlikely.


    My mom is not a Karma whore!

  • ...possible problem (Score:3)

    by Malk-a-mite ( 134774 ) on Thursday June 15, 2000 @02:45PM (#999067) Journal
    The one thing that concerns me is that it seems the nature of the deal is you can trade the file between systems, fine. But to watch it you need a code or some type.
    Whatever, let's assume the code uncrackable (yeah, I know no code is, just run with it for a second).

    But with the frequency of incomplete files on services like Napster and Gnutella *ahem* so I heard *ahem* I believe I would go a littel crazy registiring movies and then finding out their incomplete.

    I wondering what protection to this problem is being handled.
    Currenting missing the ending of End of Days, or whatever, is no big deal - it was free.

    How will they deal with this when I have to pay?

    Malk-a-mite

  • Come on, people.

    They are using gnutella to distribute digital versions of their movies.

    They are grossly overcharging for the privelege, with one viewing priced at $9.95, more than a seat at the cinema.

    I think we must consider the possibility that this is a ploy to completely discredit distributed file sharing technologies such as gnutella and, by association, much of the free software / hacker (not cracker) community. They know $9.95 is an unreasonable price, and as others have pointed out this makes it a strong incentive for cracking and unauthorized copying.

    Imagine the following testimony, either before congress while lobbying for a new bill, or before the supreme court in upholding a new law banning FreeNet, gnutella, etc. outright:

    "We have tried using this technology for distributing our intelletual property, providing users with an easy method of legitimate payment, but recorded only 6 legitamate sales in over 21,000 downloads. We need this legislation to protect our rights -- these people are ruthless vultures and steal from us no matter what we do, or how reasonable we are!"

    By cracking and making unauthorized copies of this, you play into their hands. Hell, we're probably playing into their hands simply by not buying their overpriced product "we had zero sales using gnapster - there is no legitimate ecommerce capability there whatsoever."

    These people aren't stupid. They are amoral, libelous, monopolistic thugs, but they are not stupid.

  • SightSound?? (Score:2)

    by Anonymous Coward
    Aren't these the clowns that held one of those really vague patents? If I recall, it was for the distribution of audio and video over the Internet.

    They've got an enemy in this corner...
  • This is off-topic, but, I noticed for quite a while now that Darwinism, more and more, refers to acts of stupidity, implying that if you are stupid enough to do (fill in the blank) then you don't deserve to live long enough to pass on your genes. I wonder if Oxford English Dictionary has this usage listed?

    I further wonder by posting this (off-topic as it is), am I suffering the same fate in terms of my Karma?

  • the apple (Score:5)

    by Signal 11 ( 7608 ) on Thursday June 15, 2000 @02:48PM (#999074)
    Something needs to be said about the concept of the forbidden apple. The Romans tried to stop christianity. Christianity became popular. Drugs were made illegal in this country. Drugs became popular. Rock music was chastized by the establishment as being "satanic". Rock becomes popular. Anyone starting to see a pattern here?

    Now, music becomes illegal to download. Downloading music becomes popular. As any sysadmin who has made the claim that their system is "uncrackable" will tell you, saying that something is impossible is a very good way of drawing engineers in - like moths to fire.

    So Microsoft goes out and builds this standard. Then they say it's impossible. Then, to top it off, they make it illegal to crack it. Who shall be the first to taste the forbidden apple?

  • Breaking the code (Score:4)

    by DranoK ( 18790 ) on Thursday June 15, 2000 @02:51PM (#999081)
    Maybe I'm dead wrong here, and if so just tell me =)

    It seems to me sending encrypted data over utilities such as Naptster etc could be a good or bad idea. Well, we all know the good so I'd like to point out some problems I see *grin*

    1) Liscence creation/distribution. To ensure that the liscencing scheme is sound, I would think the best way to do it would be to have two classes of liscences. Type A would be a one-view liscence, and Type B would be a constant liscence. Each would be encrypted via a different scheme. With this, however, comes some inevitable problems. To make this work right, it would be assumed that one must be connected to the internet to check the liscence with an ever-growing online catalog (to make sure nobody has broken the scheme or is giving away their liscence code to everyone else). So....let's say you bought a one-view liscence. You're running winblows. Your machine crashes half-way thru viewing. Must you buy a new liscence? What if you get disconnected? When you dial back up and re-run the liscence their servers would say you already used your activation. Any other method besides online auth could be easily cracked.

    2) How many people would downloading it not realizing they needed a liscence and jam tech support lines?

    3) Why not stop spending time cracking the encryption method (which almost HAS to be stored in the viewer program and not online; else ...well, I'll leave the problems up to you) just hack the code (hex editors are your friends!) to tell the proggy that the code is authentic no matter what.

    Nothing is secure. Nothing. Sorry, but everything can be cracked. You'll spend so much time and money trying to stop it that you wonder when it just won't be worth it anymore.

    God...WHEN is this whole Intelectual Property shit going to go away!?

    DranoK



    That is not dead which can eternal lie, and with strange eons even death may die.
  • Comment removed based on user account deletion
  • Exactly. The problem is that the cracks against digital media are blown waaay out of proportion, compared to joe blow selling pirated music tapes in the streets for $3 each. And piracy of that type is rampant in may parts of the globe, speaking from firsthand experience here.

    Most people will find it more convenient to pay, just like normal--provided that the consumer is given rights in return for the payment, as is the case with 'traditional' media. This is why DivX and SDMI players died various deaths.

  • The assumption is that a license for viewing is one time only, or that if you have a license, it is linked to an account, so that you keep paying. In any case, I'm not sure anyone would want to do that. Besides, it doesn't have to be in a file. Even if it is, it could be setup so that it don't work on other machines. There are many ways to make sure that the license will not be distributed.

  • Target Audience (Score:4)

    by seizer ( 16950 ) on Thursday June 15, 2000 @02:59PM (#999108) Homepage
    You just have to consider the target audience. The fact of the matter is, that just now, people who use Gnutella are almost all there to get copyrighted materials without paying for them.

    I'm not judging that.

    But these same people will almost always have a level of technical expertise which will enable them to get the crack as well. Sightsound should aim more at the website distribution model they have just now, which is targeted at a different audience. The Gnutella idea is just as silly as setting up an iRC fserve, or putting it on some l33t ftp.

    Also, what's to stop people putting the crack (for there is no doubt in my mind that there WILL be one) on Gnutella with the same or similar filename as the movie, so users searching for the movie will get the crack in the search results at the same time? At the end of the day, I do like this endorsement of Gnutella as a legitimate distribution medium, but it's just not going to work!


    --Remove SPAM from my address to mail me
  • So basically, they'll encrypt it with something like CSS and if someone can crack the encryption, then it'll be like DeCSS again, no?

    Maybe there wouldn't be a stupid licensee mistake, but inevitably, all encryption can be cracked...

    At least these guys have the right idea about one thing: it's impossible to stop the copying of digital content, unlike the DVD guys and the RIAA, who believe that they can control the distribution of all content forever, rip-off artists and consumers, and make tons of money to pay lawyers and lobby congressman to pass laws like DMCA to allow them to keep making tons of money. What a cycle.

  • Comment removed based on user account deletion
  • 1) The file is being released in a proprietary Microsoft format, thus pushing certain favored open operating systems further outside the mainstream.

    2) If the encryption is cracked, we will see another legal maelstrom like we have around Napster and DeCSS.

    3) If the encryption isn't cracked, then what happens to fair use? Fair use effectively ceases to exist if you can excerpt films because of encryption measures.

    ---

  • Depends on what you mean by 'being cracked.' True, there is no way to recover a message encrypted with a one-time pad given only the ciphertext. That does not, however, mean that one-time pad-based encryption schemes are uncrackable. OTP systems in fact are notoriously hard to do properly because you must be absolutely sure 1) that your OTP is shared onlybetween the two parties involved and 2) that there is no way that anyone else could have that pad. 'Cracking' is still possible, it just means figuring out what the pad is (though you're far deeper into Mission: Impossible territory here than distributed.net typically gets).

    In fact, all forms of encryption that I can think of at all are crackable, because they all work by creating some kind of secret (a one-time pad, a private key, shared session key, etc) and attempting to make it as difficult as possible to figure out what the message is without knowing the secret while making it as easy as possible to figure out the message given the secret. Which implies that cracking a security system is at most as difficult as figuring out what the secret is. You can make that tough, but you can't make it impossible, because somebody knows the secret because he/she can decrypt the messages.

    By the way, somewhat off-topic:
    can anyone tell me why, in an OTP scheme, you can't use your pad once for data, and then once for transmitting a new pad? I'm no crypto expert, and I'm sure there's a problem with that, but I can't figure out what it is.
    --
    -jacob
  • > It says a lot about the slashdot community when a comment such as the above is moderated up to 5, Insightful.

    Does it? I consider myself to be a part of "the slashdot community", and yet I very often see comments I disagree with moderated up to 5. I don't think the moderation on any given post tells us much of anything about "the slashdot community".

    Even beyond that, does an "insightful" rating actually mean that the moderators are going to enjoy doing the same things? Or does it merely mean that those moderators think the post gives some insight into the way the world works?

    I happen to think that the post is "insightful" in some sense, and yet I do not have a single bootlegged movie or mp3 on my system. Nor do I look forward to acquiring them under the new scheme.

    --
  • The reason why this won't work (and why many schemes like it have failed) is simple. Anything you can show the user is open to piracy.

    What's to stop someone writing a program that simply captures everything displayed to the screen to a massive mpeg? (and there are programs that do this already...)

    Or, if there's some sort of detector for this kind of thing built into the special viewer, what's to stop someone running VMware or wine under linux and then changing a few lines of code so that instead of displaying output to screen, it writes it to a file?

    The simple fact of the matter is that no matter what you do to try and prevent piracy, there is ALWAYS a way around it at a low software/hardware level.

    That's my 2c.

  • Re:Crack em! (Score:3)

    by antic ( 29198 ) on Thursday June 15, 2000 @04:55PM (#999122)
    In the past there have undoubtedly been thousands of /. comments: "Why don't they just use (free/paid) digital downloads as a method of distribution?"

    Then when someone steps up to try it, thousands of /.ers start screaming "I can't wait to crack this protection scheme to escape having to pay for it!"

    There's your answer to "Why won't they use online distribution?"

    You know those films that tonnes of people enjoy? The Matrix, etc? They cost a shitload of money to make. By cracking protection schemes, you contribute to the lack of progression in the industry from via-cinema, via-DVD, and via-videotape to online distribution. And the less viable these huge films are to produce, the fewer will be created.

    (And not all of the money gets wasted on big name actors. Look at The Matrix, they avoided ultra expensive actors (I'm doubting that Keanu was paid a Tom Cruise salary...) and still spent a fortune on special effects that nearly everyone loved to bits.)

    There is no doubt that online distribution is one of the pathways to the future (especially with the introduction of higher bandwidth for most users), but anyone who cracks the first steps, or urges others to do the same, is discouraging other production houses to try online distribution too.

  • Re:...possible problem (Score:3)

    by Neuracnu Coyote ( 11764 ) on Thursday June 15, 2000 @03:05PM (#999132) Homepage Journal

    But with the frequency of incomplete files on services like Napster and Gnutella *ahem* so I heard *ahem* I believe I would go a littel crazy registiring movies and then finding out their incomplete.

    If the file is incomplete, it doesn't work. I'm attempting to download the film (Quantum Project, named "SSC0 - QuantumProject_v4-0_highres.asf", size 174485308) as we speak. I'm at work, behind God knows how many OC-3 pipes and getting a transfer at about 1.5k/s. I'll have the thing fully downloaded sometime Saturday morning.

    But that's another rant all together. The point is that the file is one of Microsoft's A$F files. This means that, upon launching whatever.asf, Media Player can fire up a IE browser window with a purchase form in it. That form then returns some kind of flag or key to the Media Player which allows you to watch the movie. A perfect (FREE!) example of this is the Little Nicky movie trailer (5.7 MB) [goestoeleven.com] which is an ASF that, when you try to play it, opens a website which has a simple survey to fill out.

    If the file is incomplete or broken, it just won't launch. Such is the advantage of non-sequential files.

  • What was the file? Do they have special naming conventions? I'd like to see one of these too. Although, $9.95?!?! I'd rather go see it in the movies - it's cheaper, and in the summer, it's cooler.
  • this is going to fail the same way microsoft's secure music codec did. if grabbing the unencrypted output of a sound device is really the work of "hackers", then i can't wait to h4x0r the temporary file the movie streams to after decryption.
  • IF you can run a debugger on the code, then you can break any encryption that any program can come up with. I believe this is a variant of the class of problems known as NP-Hard. I have only heard about this in passing (I'm not really a programmer, I just dabble a bit occasionally), but as far as I know, NP-Hard is jargon for 'provably impossible'.

    No matter what a program attempts to do, if you can sit on top of it and watch its internal functioning and code, you can duplicate its responses, spoof the other side, and crack the encryption. All encryption does is protect data IN TRANSIT.

    Basically, to make this kind of file-sharing work, SightSound will need to go to some kind of tamper-proof hardware encryption/decryption. This can certainly be done (and often is), but it is very expensive. Intel is in the process of designing tamper-proof encryption into its next generation of video cards and digital display devices. Those will be HARD to crack.

    But as far as I know, ANY software encryption is breakable. If you can see how the decode process works, you can duplicate it.

Slashdot Top Deals

"What man has done, man can aspire to do." -- Jerry Pournelle, about space flight

Close