Adobe Flaw Allows Full Movie Downloads For Free 166
webax writes with this excerpt from Reuters:
"[An Adobe security hole] exposes online video content to the rampant piracy that plagued the music industry during the Napster era and is undermining efforts by retailers, movie studios and television networks to cash in on a huge Web audience. 'It's a fundamental flaw in the Adobe design. This was designed stupidly,' said Bruce Schneier ... The flaw rests in Adobe's Flash video servers that are connected to the company's players installed in nearly all of the world's Web-connected computers. The software doesn't encrypt online content, but only orders sent to a video player such as start and stop play. To boost download speeds, Adobe dropped a stringent security feature that protects the connection between the Adobe software and its players."
webax also notes that the article suggests DRM as a potential solution to the problem.
Doublethink (Score:5, Insightful)
Wow, so even Bruce Schneier is subject to the DRM double think now? What part of this is hard to understand? You have to give the viewer the key so it can decrypt the video stream and play it to the user.. if the user can see it, the user can record it. Game over. No amount of "encryption" can change the facts.
Ming boggles... (Score:5, Insightful)
...at how fuckin dumb this all is. If you can see it, you can copy it, maybe it is more difficult, but not impossible. Do these idiots never ever learn?
in case you hadn't noticed (Score:5, Insightful)
sadly, axxo and fxg and their black market friends already figured out years ago how to get movies for free to most anyone willing to look for them. it brings the end of an industry in it's current form.
There are better models: allow people, if they choose, to take media without paying for it, but give them credit, additional access, and membership benefits when customers do sponsor/pay for the media they consume. It is really not that complicated... find something you can sell because you can no longer technically control the distribution of your product.
Major media producers cannot change the progression of technology with policy and lawsuits. They would be so much better off to adopt what tech can enable, and build effective business models around providing customers with real value when they do pay for media, instead of using fear and lawsuits to force them to pay when they don't have to.
Switcheroo (Score:1, Insightful)
Re:Switcheroo (Score:5, Insightful)
DRM can't be a solution (Score:4, Insightful)
Restrictions pitting a computer against its owner (and wasting time and energy to further a business model built on distrust) are always a problem [wikipedia.org], and the proof that some technologies can be inherently evil.
From the article (Score:3, Insightful)
One Web site -- www.tvadfree.com -- explains step-by-step how to use the video stream catching software.
[snip]
Forrester analyst James McQuivey said he doesn't believe the video stream catching technology will entirely derail the advertising-supported business model used by the networks for online video.
"It's too complicated for most users," said McQuivey, noting that file-sharing services like BitTorrent already exist but only a small percentage of people use them.
See? He (whoever he is...) thinks piracy won't be a problem... it's too complicated to pirate stuff... people would rather pay... something like that anyway. And he's an analyst, so that makes it official, right?
Re:Doublethink (Score:4, Insightful)
yea, i think Adobe did the smart/sensible thing by leaving the stream unencrypted to boost download speeds. performance and speed are major considerations for streaming media.
like you said, you ultimately have to give the user access to the unencrypted data so that they can view the content. so if they had done what the author suggests they should have done, then they would have just ended up with a streaming technology that's slower & wastes more bandwidth, and the DRM scheme still would have been easily bypassed by hackers.
it's pointless to apply DRM to web content, as it is with offline content. it's always amusing to see website developers try to prevent visitors from saving images from the site--which is especially annoying when they use JavaScript to disable right-clicking, as if that'll stop anyone from saving an image to disc when it's already on their hard drive. these petty tactics simply insult visitors to the site and create a major annoyance for anyone who simply wants to access a command from the context menu. but i guess driving visitors away and decreasing the traffic to your site would reduce the chance of people steeling your precious lossy, lo-res jpeg images.
Re:Ming boggles... (Score:3, Insightful)
The key isn't stopping everyone, its stopping your average stupid computer user from doing it. That is all they need to achieve. When even John McCain can figure out how to pirate something, then the copyright holders are really screwed.
Re:Ming boggles... (Score:3, Insightful)
The key isn't stopping everyone, its stopping your average stupid computer user from doing it.
Average Stupid Computer User will not be doing it, anyways. He will go to something like The Pirate Bay and download it from there, after one Above Average Stupid Computer User did it and put it there.
This is new? (Score:5, Insightful)
You have to re-encode it if you want to, say, burn it on dvd, but that's not too hard. I use winFF (yes, I use windows).
From the article: (Score:5, Insightful)
Uh, the pirates were already uploading the full HD rips to Usenet days before the movies were even released. No pirate would want the shitty version Amazon is offering.
Re:Not really a flaw (Score:3, Insightful)
I'm not an advocate of DRM, but as a practical matter I find it works better when you actually turn it on.
Unless the reason you are using it is to satisfy a checklist from hollywood.
Kind of like the TSA at the airport - "DRM theater" to make the frightened hollywood execs feel safe and secure even though they are still just as vulnerable with or without DRM...
Re:From the article: (Score:4, Insightful)
Exactly. This flaw, no matter whose fault, isn't going to make more pirated copies appear, or even more people to become pirates. Anyone that wants to pirate the films, isn't waiting for some security flaw in Amazon/Adobe software to allow them to do so.
Re:Doublethink (Score:5, Insightful)
The dumb part here is that they send the whole movie to your computer even if you're just watching the free two-minute preview. The two-minute restriction is only enforced in the flash applet.
Web programming 101.
Children, repeat after me: When you program for the web, NEVER, EVER trust the client.
Re:Doublethink (Score:5, Insightful)
Now, no amount of DRM can stop a paying customer from copying the movie, but a smartly designed system could certainly make the customer pay for the movie before giving the whole movie to them.
Having the preview show you a preview length clip is not a "smartly designed system" it is basic common sense.
Any site that try to protect their content with stupid tricks instead of creating separate content for the preview honestly deserve what comes their way.
I guess content providers have to make a decision as to which is cheaper &/or better:
1. Licensing DRM
2. Buying extra hard drives to store preview clips instead of streaming from the full movie/audio/whatever
Re:This is new? (Score:3, Insightful)
I think the news part is that Amazon sends you the entire movie when you play the 2 minute "preview". Most people would assume the preview would in fact be a two minute clip without the rest of the movie attached.
Re:Doublethink (Score:4, Insightful)
Comment removed (Score:5, Insightful)
Re:Doublethink (Score:3, Insightful)
But we're not talking about the point of the article, we're talking about the point of Bruce Schneier's quote.
If the user can copy your media after having paid for it, well, that's just how things are. But if the user can pirate your media off your own servers without ever having paid for it, that is downright stupid. Given the vagueness of Schneier's quote he could very well have been referring to that.
Re:Doublethink (Score:3, Insightful)
When will they learn?