media tech geeks question; WMV and fighting piracy

[Overload]

err, i just had a crazy idea ... if WMV can be used to carry DRM codes, why not use it to hide the customers CC# in it so if a file is shared on those torrents and filehosters, the producer can track back and nail down the pirat? and no, i dont mean using DRM but just the customers # or such ... might come handy but dunno IF it can be done ... what do ya think?

edit: so each time a file is downloaded from a members section that customer code wud be added to the file

[ottopottomouse]

Never mind if your genuine customers find out they will be a bit pissed off. You'd get properly fucked for distributing the credit card number of someone who's card has been cloned or stolen.

[Overload]

Quote:

Originally Posted by ottopottomouse

Never mind if your genuine customers find out they will be a bit pissed off. You'd get properly fucked for distributing the credit card number of someone who's card has been cloned or stolen.

think outside the tank ... if every studio/sponsor used a unique "key" to scramble the collected data only THAT producer cud track it

[Black Ops]

It's already being done, but with their username and IP.

[Zyber]

Quote:

Originally Posted by ottopottomouse

Never mind if your genuine customers find out they will be a bit pissed off. You'd get properly fucked for distributing the credit card number of someone who's card has been cloned or stolen.

I am afraid that you are right.

It's a pity that the credit card number cannot be used due to legal reasons. I think it would be much more efficient than using the member's username+ip.

With the username / IP the only thing we can do is legal action - and that approach hasn't shown to be succesful so far.

Using the credit card info would punish the pirate immediately. "Sharing is caring" as they say. Which idiot is going to share his own credit card number?

Of course such a system would also double punish victims who have had their cc info stolen.

[mafia_man]

Quote:

Originally Posted by Overload

err, i just had a crazy idea ... if WMV can be used to carry DRM codes, why not use it to hide the customers CC# in it so if a file is shared on those torrents and filehosters, the producer can track back and nail down the pirat? and no, i dont mean using DRM but just the customers # or such ... might come handy but dunno IF it can be done ... what do ya think?

edit: so each time a file is downloaded from a members section that customer code wud be added to the file

Errr because the it would be stripped out at the same time as the DRM. If the DRM actually worked then you wouldn't need to embed the data.

There are options although not very viable. Embed codes in frames of the movie/clip, this is very processor intensive and requires a shit load of disk space.

[AdultSoftwareSolutions]

It is illegal to give out someone's credit card number (for good reason). The PCI requirements have strict rules for how credit cards can be handled, passed, and stored.

Some media are watermarked with identifying marks though. Some e-books have your first/last name printed on the PDF. The first / last name can probably be done. That would cause enough embarrassment that they wouldn't share it. Of course, they can just blur it.

You could embed the watermark stenographically though. This would make it near impossible to remove / change it, much less even know about it. But it is resource intensive to re-encode videos on the fly for each customer.

As far as the earlier comment about punishing the pirate, you are also punishing the customer who had no involvement with the crime if his password is hacked or your site is insecure.

[VGeorgie]

For opportunistic piracy you can quickly and effortlessly insert custom metadata into WMV file (also works with FLVs, MOVs, and most other container formats). Server load is minimal as it takes a fraction of a second. If you have a Windows server any competent programmer could write a script for this in a few hours, because it merely leverages existing and documented Windows Media Format APIs.

Any re-encoding of the file will remove the metadata. This isn't usually a problem for RapidShare piracy, but it pretty much means any tube uploads will remove your "watermark."

A more elaborate system stamps data into selected frames of the video. You only have to do a couple, and only you will know which frame(s) are stamped. Processing time is 500-1000 milliseconds per stamp, even on a slow server. But be aware: there are several companies that claim a patent on this concept, however obvious it may appear to the rest of us.

You would not insert a customer's credit card information unless you want to be taken to court by the credit card companies, and the users themselves. It's called identity theft.

Like others have said, usernames are a good non-private alternative.

[AdultSoftwareSolutions]

Quote:

Originally Posted by VGeorgie

Any re-encoding of the file will remove the metadata. This isn't usually a problem for RapidShare piracy, but it pretty much means any tube uploads will remove your "watermark."

Metadata would not be a good way to go about it for the exact reason you mention. I was talking about stenographically embedding the watermark in the image data. The technology as of a few years ago was able to still retrieve the watermark if the image was cropped, rotated, scaled and recompressed (quality degradation). I'm sure it is even better now. Plus, the user has no knowledge, nor has the ability to detect, that the video is even watermarked.

[fatfoo]

It is like the concept that every paper bill has a different number so that the separate paper bills can be tracked. A customer code on a downloaded file - this is interesting.

[Nautilus]

Quote:

Originally Posted by Zyber

"Sharing is caring" as they say. Which idiot is going to share his own credit card number?

Great observation. Now I'll just offer to whatever idiot is bubbling "sharing is caring" nonsense to post his credit card number to prove that he really stands by his words.

[EliteWebmaster]

There is the whole invasion of privacy issue with embedding cc numbers within the video.

[Ron Bennett]

Do watermarks even make a meaningful difference? To me, it seems a waste of money unless one is prepared to take aggressive legal action against copyright infringers.

However, doing so isn't just a question of cost, but also risk of bad PR (many people are already leery of signing up for adult sites as it is), since it's very possible (ie. technical glitches; identity theft) that the watermark embedded within a pirated video is not truly associated with the person being sued.

Ron

[Zyber]

Quote:

Originally Posted by VGeorgie

A more elaborate system stamps data into selected frames of the video. You only have to do a couple, and only you will know which frame(s) are stamped. Processing time is 500-1000 milliseconds per stamp, even on a slow server. But be aware: there are several companies that claim a patent on this concept, however obvious it may appear to the rest of us.

I like the idea of stamping random frames. That might be the solution.

Do you know if there exist any plugins on how to achieve this? Or any instructions on how to manually implement such a system.

I'm using the Wowza Media Server. Thanks in advance

[timebomb011]

well...there are metadata injectors that could be used for this kind of a thing.

[VGeorgie]

Quote:

Originally Posted by AdultSoftwareSolutions

I was talking about stenographically embedding the watermark in the image data.

That is the second method I mentioned, and as long as you only re-encode a few keyframes frames of the stream, the hit to the server is minimal.

BUT, you don't see these approaches offered much in the open market for guys like us because they are covered by some patents owned by heavy-ass dudes that are big into litigation. This isn't a software patent either, so more countries recognize its viability. So, you either have to code this yourself and fly under the radar, or risk litigation by using or writing an open market on-the-fly watermark system, or pay a royalty that's anything but small.

[VGeorgie]

Quote:

Originally Posted by Ron Bennett

Do watermarks even make a meaningful difference? To me, it seems a waste of money unless one is prepared to take aggressive legal action against copyright infringers.

That's exactly right, and for piracy on the Internet of movies released on the Internet, there's not a lot that can be done that's worth the costs of the forensics, let alone the litigation.

Right now the ideas are mostly used for current theatrical releases. Movies shown in theaters are these days routinely watermarked, and few outside the biz knows it. For 35mm film, it's possible to "spray" a series of coded dots on selected frames using a high pressure waterjet. The spray cuts through the emulsion only, and the coding is so fleeting it's usually not noticeable unless you're looking for it. The coding identifies the print, and therefore the theater(s) where camcorder piracy might have taken place.

For digital cinema, there has long been a stenographic feature of encoding even the time of day the piracy took place. It works even with 3D content, and only the trained eye ever sees it.

Studio and distributors download new releases from torrents and when a watermark is detected they can go after the theater owner to improve their anti-piracy policies. Some theaters are more aggressive than others, including using flashing infrared lights aimed at the screen (or behind the screen), which tends to ruin camcorder tapings.

Once a movie is on DVD there is little they can do to stop the spread. Hopefully by then, they've made most of their money. For in adult, we only *start* to make money when the video is released on the Internet or on DVD.

[VGeorgie]

Quote:

Originally Posted by Zyber

Do you know if there exist any plugins on how to achieve this? Or any instructions on how to manually implement such a system.

Any programmer skilled in the art of working with digital media could do this for you, but as I noted above, the idea is covered by no fewer than a half-dozen patents, not just for digital media but for all kinds of media. This limits the options, at least if you want to keep from being sued.

The basic idea is to seek the media to a specific keyframe, then decode that keyframe to an RGB bitmap. You insert a watermark of your choice into the RGB channels. A stenographic watermark (itself, covered by various patents by Digimark, Kodak, Macrovision, and others) is not normally visible to the eye, and the better systems resist loss of mark even if the video is cropped, resized, or resampled.

You then re-encode the frame, and replace the one in the stream. When done properly, the re-encoded frame will be the exact same size in bytes as the original. This is the tough part, but there are ways to deal with this. Some stream types allow you to chunk in the new frame, then tack on the remainder of the stream. With a fast hard drive and CPU the delay isn't too bad, a few seconds maybe for a largish 100MB file.

[Tom_PM]

Sometimes people who want a house alarm system, simply install the signs, window stickers, and large outdoor speakers.

When a member downloads, pop up a brief message saying their info is being encoded.... done.. proceed with download?

[raymor]

Metadata is removed when the stolen content is reformatted as FLV, the thief
puts his own watermark on it, etc. Marking up the actual video content in such
a way that it's not too obvious, but will not be removed when the video is re-encoded
is more tricky, but can be done. We think that's the best way to go and we have
such a system in development. So far it's passed proof of concept - it works,
but it doesn't yet have a cool admin interface, and doesn't yet handle all of
the different video formats. The large number of different video container
formats and codecs means it's time consuming the develop this. The short cut
is to reencode the videos, but as mentioned that's very resource intensive and
it degrades the quality.

So then what do you do after you identify the user? Yes, you can take (or
threaten) legal action, which will most often not be worth it on a dollar
for dollar basis, though you may still do so as a matter of principle.
There are some other things you can do which may be quite a bit more
effective. Unfortunately that's the bit I can't discuss just yet - you'll see more
about those things in our product announcement.

[Zyber]

Quote:

Originally Posted by VGeorgie

Any programmer skilled in the art of working with digital media could do this for you, but as I noted above, the idea is covered by no fewer than a half-dozen patents, not just for digital media but for all kinds of media. This limits the options, at least if you want to keep from being sued.

The basic idea is to seek the media to a specific keyframe, then decode that keyframe to an RGB bitmap. You insert a watermark of your choice into the RGB channels. A stenographic watermark (itself, covered by various patents by Digimark, Kodak, Macrovision, and others) is not normally visible to the eye, and the better systems resist loss of mark even if the video is cropped, resized, or resampled.

You then re-encode the frame, and replace the one in the stream. When done properly, the re-encoded frame will be the exact same size in bytes as the original. This is the tough part, but there are ways to deal with this. Some stream types allow you to chunk in the new frame, then tack on the remainder of the stream. With a fast hard drive and CPU the delay isn't too bad, a few seconds maybe for a largish 100MB file.

Thanks, VGeorgie. You seem to be quite knowledgeable in this field. It is a pity that the big guys have patented this crucial technology. I am wondering why the file size (100 MB) has an impact on performance when you are only replacing a few frames. Does the entire file have to be re-copied on the harddisk before serving it to the client? Or is it possible to simply make a precise surgeon cut and modify the necessary frames on-the-fly as the video is being delivered to the user? So the video server can start streaming immediately, and not wait for re-encoding the keyframes which are hidden further down the stream.

Ron, it is probably a waste of time watermarking the content because it will not stop anyone from pirating it. However, you still maintain the branding if you have a watermarked logo. Yeah, why have the stenography when you cannot litigate the pirate. Litigation would also reveal the method used, and open one up for being sued for using the patents. As someone said earlier in this thread there is also the entire issue of correctly identifying the downloader.

PR_Tom, fake security might be a deterrent on the casual pirate. Good idea. Because one needs to be an expert in the field anyway to be able to detect the hidden stenography.

But how do you detect when a member clicks Download in his illegal toolbar? In the server logs and browser DOM events it will look just like regular legitimate traffic. If I am not mistaken.

This thread is great. Valuable info

[mafia_man]

Quote:

Originally Posted by Zyber

I am wondering why the file size (100 MB) has an impact on performance when you are only replacing a few frames. Does the entire file have to be re-copied on the harddisk before serving it to the client?

Yes it needs to be replicated and re-encoded.

Like I said in my post above not viable.

[VGeorgie]

Quote:

Originally Posted by Zyber

Does the entire file have to be re-copied on the harddisk before serving it to the client? Or is it possible to simply make a precise surgeon cut and modify the necessary frames on-the-fly as the video is being delivered to the user?

Making a temporary copy to serve, and then delete, may actually be less resource intensive, as you're not pushing bytes through a script. But I'll say my experience is not on the Web serving side, but on the encoding and encryption side. In my application, files were prepared for specific vendors, who then got their unique copy, which they agreed by NDA to keep in a safe place.

If a vendor leaked the video (we're talking pre-release movies here), the company - in this case a movie studio - could then do some forensics to find who leaked it. Prosecution and litigation against the vendor and its employees would commence. This actually happened a few times, but I wasn't involved in any of that. I was just a hack with a couple of ideas.

I don't own any of the patents, but I was constantly having to dodge them, and keep the legal dept updated in case some technique could not be worked around. Royalties for these kinds of things run into the hundreds of thousands of dollars per year, even for minimal use cases.

Technicolor developed an interesting dongle that watermarks on the fly. From their public description of the process, I'm not sure if they do every frame, but every frame was, or could be, encrypted. This is probably the wave of the future for downloaded content. As it's downloaded and received, your device emplants a permanent watermark on it. This is maybe 5-10 years down the road, and obviously for videos of more intrinsic value than 'Not Lie to Me XXX" ... though I'd actually pay to see that one!

But I'm sure something like that is coming. That's really what these patents are for, and they're worth hundreds of millions overall.

[VGeorgie]

Quote:

Originally Posted by mafia_man

Yes it needs to be replicated and re-encoded.

No, only the watermarked frames have to be encoded. But for some video formats, and some applications, it's easier to do binary concatenation of the stream than to fuss with making replacement frames exactly match the size of the original. This involves disk copying, and the faster the disk can read and write, the better.

[Zyber]

Quote:

Originally Posted by VGeorgie

No, only the watermarked frames have to be encoded. But for some video formats, and some applications, it's easier to do binary concatenation of the stream than to fuss with making replacement frames exactly match the size of the original. This involves disk copying, and the faster the disk can read and write, the better.

So a Solid State Drive (SSD) might be a key component in such a setup. Or perhaps a big ram-disk as an alternative

[gideongallery]

Quote:

Originally Posted by Zyber

So a Solid State Drive (SSD) might be a key component in such a setup. Or perhaps a big ram-disk as an alternative

and just think if the fair use of format shifting hadn't commercialized ssd you would have to pay $5/mb instead of 5/gb for that disk.

[Zyber]

Quote:

Originally Posted by gideongallery

and just think if the fair use of format shifting hadn't commercialized ssd you would have to pay $5/mb instead of 5/gb for that disk.

Gideon, please. This discussion is not about fair use of "format shifting" but about actually doing something to combat the thieves who hack your video-streaming system to download your video and share the loot with the rest of the world. Thieves who break into your house, raid your fridge, and give your food to someone else. Then your own hungry kids can look into the empty fridge in despair and start crying. See the point? There are actual human victims. Also, it is no one's "right" to format-shift. When you have watched a movie in the cinema you can't claim to also get a digital copy home, so you can watch the movie at home with your friends who didn't pay. No doggy-bags.

Let's keep this thread on the topic of technical solutions of identification, and not on these philosophical discussions where we will never agree, anyway.

It is time for action. Time to find efficient methods of identifying the thief. How to punish the person once correctly identified will be a totally different topic (litigation, hacking, sharing his private info, pay the guy a visit, break into his house and share his belongings with the community, compare the number of stolen videos with the number of his fingers, etc..). The punishment phase is only a question of how sadistic you are, and how much pleasure you get from seeking personal revenge. The most important though is to be sure that you catch the right guy. Otherwise you would end up wasting too much energy on an innocent person.