We recently reported how Ohio University spent more than $75,000 on the CopySense anti-piracy system, and we promised an insight into how the system works. CopySense is the network equivalent of the Eye of Sauron, watching over the lands it controls, looking for something of interest, and attempting to kill it. Instead of Orcs, however, it uses RST packets.
As stated previously, for your money you get a box that you plug into your network as close as possible to the Internet connection. Here it monitors all the traffic it can see, looking for data that matches the fingerprints stored in it. If it detects a transfer matching a fingerprint, it terminates the connection, in the same way Sandvine does , by sending RST packets to both ends of the connection, spoofed to look like the other sent it.
Audible Magic’s illustration of a typical installation
Although it seems like a fairer system than the Sandvine box Comcast used, it still has some significant flaws. Perhaps of greatest interest, is that it can be configured to act just like Sandvine, but more so. Literature for the system claims it “automatically filters copyright infringements, operating in a manner similar to a virus filter, without disrupting legitimate file trades.” But does it live up to the hype?
Audible Magic’s support site contains the answers to the basic questions most of us have about CopySense.
Q: What P2P protocols/programs are recognized?
A: The CopySense Appliance recognizes signatures from over 150 popular P2P applications and their derivatives. As new P2P applications are introduced, additional recognition capabilities are provided as software updates under your maintenance agreement
Q: How does it block traffic?
A: The appliance can be instructed to block all P2P traffic or to block only copyrighted content from P2P applications. The CopySense Appliance uses a patented packet-resetting process, and it sends a packet reset to both the requesting and sending IP addresses each time they attempt a P2P transfer that is to be blocked. The P2P application is thus forced to time out with an unsuccessful transfer.
Q: How does it recognize copyrighted content?
A: The CopySense technology examines the perceptual characteristics of a media file and compares that signature with those contained in a database of protected works. Publishers of media content register their works in Audible Magic’s database. The database is regularly updated in the CopySense Appliance as part of a content update subscription.
As the name of the site is TorrentFreak, and the main protocol in use is BitTorrent, let’s start there. Torrents are non-sequential downloads (illustration), that take ‘random’ (generally rarest first of what’s available) pieces from peers on the torrent, in 16KiB chunks. Also, although chunks might be sequential, pieces rarely are. A data stream may consist of 5 chunks from the start, then 2 from the back, and 1 from the middle. From just that 128KiB of data, Audible Magic claim they can identify a copyrighted work, and then terminate the connection.
If it sounds implausible, that’s because it is. It may work with systems like DC++, or possibly eD2k (as well as SoulSeek and KaZaA), but there is no way it can be accurate or effective with BitTorrent. Such methods would work better with HTTP (like Rapidshare) or FTP transfers, but aside from CopySense saying they don’t interfere with anything non-P2P, there is another problem.
As highlighted in the recent case involving the baby dancing to a Prince soundtrack, fair use is a perfectly adequate defence. This system makes no allocation for fair use at all. In the case, the judge ruled that before copyright enforcement can take place, the copyright owner is required to consider if the usage is fair use. An automated system is incapable of that. There have also been doubts surrounding the effectiveness of the streaming content version, which is based on the same technology.
So, in essence, CopySense does not (and can not) work to inhibit the most popular p2p protocol out there. If it could, then we would simply see a resurgence in passworded RAR files being torrented, with the passwords posted either on the torrent site, or even in the comment field of the torrent. CopySense also fails to check if a copyrighted file that it might identify (if you’re using a protocol that it can actually detect) is being used in a way consistent with fair use, or is licensed for use (although extremely improbable, the possibility exists, especially if copyrighted recording is right at the start).
In part two, we will look at claims that have been made from those who have used CopySense, and how that affects copyright infringement cases already in progress, and just how you get your content protected.