Comments on: Patent Allows Watermarking of Already Encrypted Movies

By: Cienoway

Cienoway — Wed, 03 Sep 2014 23:46:00 +0000

The fact of the matter is Cinavia has been effectively defeated. It has been successfully demonstrated, that Cinavia can be completely erased from detection, without knowing any specific “secret parameters” used in embedding the watermark. This category of attack methods have been known by researchers for a long time. The defeat is effect against past, current, and future Cinavia technologies, because all of them are based on embedding a long string of 1s and 0s into the content, thus all of them are subjected to the same vulnerability that the 1s and 0s can be scrambled into un-recognizable random noise.

The new patent of Verance, US8781967, is nothing new, and is subject to the same attack thus is also useless. The idea is US8781967 is that they start with the same content, embed it using two different watermarks, one copy embed using A and another embed using watermark B, then they inter-mix the two copies using a sequence like AABBABABABBBAA… The switching between A and B, when detected, thus carries some secret information. For example consider A as 1 and B as 0, you have a string of 1s and 0s that represent secret information. Unfortunately for this to work, you need to first reliably detect watermarks A and B first. Since that is defeated, the new scheme is defeated as well. The detector will see nothing but random noise.

Any one interested in learning how the attack works, can post contact info here. Or look for Cienoway on the internet.

By: Lord of the Files

Lord of the Files — Wed, 03 Sep 2014 02:58:00 +0000

I get the impression this might be more about giving Hollywood employees an incentive to not leak stuff, which is where a fair bit of content comes from. The latest example was that recent Expendables movie, as well as several Doctor Who episodes. Even if not on purpose, say because it was a virus, it would still be useful because they would be able to identify a security hole and fix it.

It could also work well for legal streaming sites, places where you have to give your billing information in order to create an account and be able to pay for anything. They’d also have your IP address and a VPN won’t help since streaming sites will just block them, just as we’ve seen happen already. This is where webrips come from (yes?) so there would be an incentive.

Like others, I was thinking the least useful place would be places where consumers buy physical discs. It’s hard to believe places like Walmart and Bestbuy would want to bother with a convoluted system like this and have to ask customers for ID, or that said customers would stand for it. Then I remembered that tons of people did exactly that back when we used to rent stuff from places like Blockbuster.

And what happens when you can no longer buy AV equipment that doesn’t have copy protection mechanisms like this one? Formats change and all equipment eventually dies. If Hollywood was patient enough, they could make things very difficult for pirates over time. Maybe. Hard to see this happening though.

By: Fields

Fields — Tue, 02 Sep 2014 07:18:00 +0000

Why do you think flicker, netflix and other television providers are hopping on the digital train? Before the internet they had to build up statistics on who watches what. Now TCP/IP offers them the greatest and most accurate inquiry tools they ever dreamt of.

By: Fields

Fields — Tue, 02 Sep 2014 07:12:00 +0000

Thanks for your explanation but I don’t think I see your point. I might need to ask “where is Cinavia implemented?” It looked to me it was burnt deep inside commercial media players and entertainment boxes. Do you mean Cinavia also consists of intercepting the media stream *before* it is encrypted?

By: Links 1/9/2014: Poettering on systemd, ITNews on DBMSs | Techrights

Links 1/9/2014: Poettering on systemd, ITNews on DBMSs | Techrights — Mon, 01 Sep 2014 21:27:05 +0000

[…] Patent Allows Watermarking of Already Encrypted Movies […]

By: You Fail Again

You Fail Again — Mon, 01 Sep 2014 19:36:00 +0000

It’s not even been “proven” by DVDRanger.

Lol @ their “database”

Doesn’t work on every title. Period.

By: tetridae

tetridae — Mon, 01 Sep 2014 18:30:00 +0000

OTR ( off the record ) messaging is about deliberately avoiding men-in-the-middle attacks, which are possible to do with several public key cryptography methods. Especially if they have control at the internet service providers level. It is in certain situations with some cryptosystems possible if you intercept the “handshake” to fake being the receiver and to post fake messages.

The whole infra-structure of the internet is fundamentally flawed with even allowing centralized “ISP”s to have that large power. The groundworks of inter net being build decentralized… it was for a reason.

By: tetridae

tetridae — Mon, 01 Sep 2014 18:24:00 +0000

They expect people are too lazy to realize / care what they are doing. Let us hope they are wrong.

By: tetridae

tetridae — Mon, 01 Sep 2014 18:20:00 +0000

You can still benefit from the threat of war. Scaring people about that evil “other side”.

By: Tatsh

Tatsh — Mon, 01 Sep 2014 15:51:00 +0000

It will always be very hard to totally remove a watermarking scheme like Cinavia. I think if anything it will be done with efforts by people who are deeply interested who are in the open source community, not proprietary software. Cinavia is also cryptographic and sometimes (in fact it seems most of the time) said schemes have glaring bugs. The other possibility is a disgruntled employee who works for this company now might leak the scheme and keys.

Regarding open source, we see how much better/faster it gets when multiple good minds come together (e.g. DeCSS, libaacs, PS3 jailbreak, all open source emulators as of late like Dolphin) and allow basically any-one else to join in if they know their stuff. There has to be a *lot* of interest first though.