Using Watermarks to Combat Piracy 406
TheEvilOverlord writes to tell us PC Advisor is reporting that researchers at the Fraunhofer Integrated Publication and Information Systems Institute have developed a new watermarking system to help track and combat piracy. From the article: "The system lets content providers, such as music studios, embed a watermark in their downloadable MP3 files. Watermark technology makes slight changes to data in sound and image files. For instance, the change could be a higher volume intensity in a tiny part of a song or a brighter colour in a minuscule part of a picture. Even the best-trained human eyes and ears, according to Kip, can't detect the change."
Human? (Score:5, Insightful)
Who says anything about using human senses to detect the watermark? If these watermarks are embedded by machine, I'm sure it won't be long until Watermark Bob creates a "cleanser" program to detect anything unusual, and maybe even remove it.
Re:Human? (Score:5, Insightful)
Good point. All you'd really need is two or more copies of a given file, each with their own watermarks. Do a relatively straightfoward binary diff on the files and you'd quickly spot the watermarks. Normalize the diffs based on the similarities between the multiple file copies, and voila! Instant un-watermarked file.
Re:Human? (Score:2, Interesting)
Re:Human? (Score:3, Interesting)
Re:Human? (Score:2)
Sounds great (not). (Score:5, Insightful)
Re:Human? (Score:2, Informative)
Re:Human? (Score:5, Informative)
Re:Human? (Score:5, Funny)
Re:Human? (Score:3, Funny)
Oh and she's dead.
Re:Human? (Score:3, Interesting)
Doesn't matter how smart they are. The 1ee7 trading group gets 10 copies of the CD, averages the values at each sampling interval, and the watermark is gone (or obscured beyond use).
Drives up the entry cost a tiny bit but not enough to make a difference. I live pretty close to piracy ground zero - probably 1000 people employed in the piracy business within 2km radius of my home (and the retailers are a whole lot friendlier and more knowledgeable than anyone at Best Buy, by the way) - they are too serious
Re:Human? (Score:5, Insightful)
E.g., radio stations get copies of songs weeks before the CDs actually hit stores -- and suspiciously, the songs tend to show up on P2P networks soon after they go out to radio stations. What the music producers would really like to be able to do is trace the leaked files back to whoever put them on the internet, and then get medeival on them for breach of contract.
You can imagine similar uses for prerelease screenings of movies that go out to critics, film review boards, etc. It's less about preventing piracy than it is about finding the snitch afterwards so they can be made an example of. Really, the piracy deterrent is not technological (the watermark), but social (whatever punishment gets inflicted). The watermark is just facilitating the latter.
I suppose in theory if you had a watermark that could be embedded into the file quickly and easily, you could use it on downloaded music (like the iTMS) to see if people were sharing files that they purchased, but really I think systems like this are designed to catch big fish, not Joe Preteen who's ripping files that he bought off of Napster and putting them onto Kazaa.
A lot of similar systems are used with images; actually many of the techniques used for watermarking are used for steganography (it's arguable that watermarking is really a form of steganography), like Least Significant Bit padding for one. There are also systems that have a robust enough watermark that they will survive printing and scanning, although they tend to begin to mess up the image slightly.
Why should Clear Channel care about file sharers? (Score:3, Interesting)
Well I'm sure that they would like to do this, in their fantasies. But in the real world it's a music producer vs. Clear Channel, not some individual D.J. And if Clear Channel decides that it is in their best interest that the music go out to the P2P file sharers before the record is released, then there isn't a whole lot that the record producer can do about it.
Clear Channel gets money
Re:Why should Clear Channel care about file sharer (Score:5, Informative)
Your problem is that you are accepting the recording industry's propaganda, i.e. "We oppose piracy because people will listen to pirated copies instead of buying CDs."
The *real* objection of the recording industry, and this goes double for clear-channel, is that P2P sidesteps their promotion monopolies and makes the music market harder to manage and control. Fragmentation of the market costs them their niche at the top of the foodchain.
The best example of this attitude was, a while back, movie industry executives noticed that some heavily promoted presumed-blockbuster (I forget which movie it was, The Island maybe) was getting far less than the guaranteed level of attendance given the advertising budget. Careful marketing research traced this phenomenon back to bad word of mouth, which was spreading faster than it had in the past, chiefly by cellphone.
The response of the movie industry was NOT "gee, we'd better stop making movies that even brain damaged 11 year-olds regard as intellectually insulting", but instead "is there any way we can make it illegal to badmouth our movies by text message? Libel law, maybe?" Fortunately, they concluded that was a non-starter.
That long tangent aside, look at clearchannel. Clearchannel's business model depends COMPLETELY on the willingness of the general public to agree-to-like whatever 30 songs they decide they want to play/promote in a single month. They also need to make sure that people keep listening to the radio and not to ipods. Alternate routes of distribution are just as much a threat to clearchannel as they are to the recording industry.
Under 18 (Score:3, Informative)
[Commercial music radio stations] also need to make sure that people keep listening to the radio and not to ipods.
In that case, they have the under-18 market sewn up, as students in public K-12 school systems in the United States are generally forbidden to bring an iPod or other electronic music player on the school bus without the express written consent of school administration.
Re:Why should Clear Channel care about file sharer (Score:3, Informative)
Here's the old /. article:
http://hardware.slashdot.org/article.pl?sid=03/08/ 19/1918243 [slashdot.org]
Re:Human? (Score:2)
Re:Human? (Score:2, Insightful)
Re:Human? (Score:5, Informative)
That's a valid intput, but steganographers thought of that years ago already. Decent steganographic techniques include low-frequency information that can make them quite resilient to a fair deal of subsampling, recompressing, re-encoding and so on. The idea is not to make a "miniscule variation" but a very subtle variation over a large area. You can think of it like, the actual information is in the 'high bits' not the 'low bits'. Info in the 'low bits' is easily destroyed.
Re: (Score:2, Interesting)
Re:Human? (Score:3, Informative)
Oops, I don't actually know all that much about steg., it was years ago that I was into it (and mostly for images) and I've forgotten a lot of it now, so I don't feel that mod was deserved ... but anyway, this looks like a fair starting point: http://www.jjtc.com/stegdoc/ [jjtc.com] ... there are quite a few different techniques, most of which are detectable though.
Re:Human? (Score:3, Informative)
As far as the watermarking tools themselves, all the ones I'm aware of are proprietary (patented and/or trademarked.) They are certainly not open source. If you think about it, that's the only way watermarking software can ever be made practical. Watermarking is 100% "security through obscurity." Once an attacker is aware of a watermark, that watermark can be tampered with and/or destroyed. But GPL'd code is not obscure: it is transparent by fiat. So anyone a
Re:Human? (Score:3, Informative)
True, if you rip your own from CD. If you are purchasing online music though it will already be compressed ... some existing audio stego techniques are integrated into the compressors, e.g. mp3stego [petitcolas.net]:
"The hiding process takes place at the heart of the Layer III encoding process namely in the inner_loop. The inner loop quantizes the input data and increases the quantiser step size until the quantized data can be coded with the available number of bits. Another loop checks that the distortions introduced by
Re:Human? (Score:2)
Re:Human? (Score:5, Informative)
Re:Human? (Score:3, Insightful)
I mean, isn't it cheaper to let everybody know that you're watermarking the video files than it would be to actually watermark them? Maybe toss in a few random bits if you think that people would actually download two copies and diff them, to keep them guessing.
Social solutions to technical problems. Think of it as the, "Hey, I'll give you candy for your password," issue, but in reverse.
My thoughts exactly (Score:2)
For an image, again, just compare the two, and you will find the difference, the watermark. Edit it out.
Re:My thoughts exactly (Score:3, Interesting)
Also think about the situation where files all have their watermarks at the same position. If the watermark is an error correcting code, and the Hamming distance between the valid strings varies enough, you might even be able to find out which two copies were used to provide the "cleansed" copy.
Re:Human? (Score:2)
Yes let them watermark my music in a way that only someone who is running a program on my computer can tell...because, you know, this will prevent me from listening to the pirated music. Watermarks are
How can it hold up in COURT? (Score:2, Insightful)
Re:Human? (Score:5, Insightful)
The purpose of making the watermark imperceptible isn't to trick the user. The user is fully aware that the music is watermarked. The reason it is done the way that it is, is because it is the only way to do it. There are really two requirements for the watermark. First, it must be intertwined with the actual data in order to make it non-trivial to remove. Simply sticking the watermark in a meta-information block would make removing it too simple. Second, because the watermark is intermixed with the audio data, it MUST be done in an imperceptible way in order to retain the quality of the recording.
So, making the watermark inaudible is not some attempt to pull one over on you. It's just the only realistic way it could be done.
Um, what? (Score:5, Insightful)
For whom was this intended again?
I'd be happy if there actually was plenty of music studios providing downloadable mp3's though.
Defeating? (Score:5, Interesting)
I've yet to see a scheme that reliably survived that test unless it was specifically designed just for that test (like embedding high power signal in several random places), and upon detection, looking for that signal in those random places (hope is that 2nd watermarking didn't wipe out -some- signal data).
In any case, Watermarking doesn't work! Even Microsoft's researchers said so (damn, can't find link).
Re:Defeating? (Score:2)
Identifying pirated music (Score:3, Insightful)
So, let's say you gave each legally sold copy of a song a unique randomly generated 64bit ID (that you record). The pirate could remove that ID. They might even put their own random ids in place of your id. The deal is, their IDs will not match those that you recorded, and you could make the the case that this
Undectable? (Score:2)
Maybe not, but I bet outguess [outguess.org] can, along with a million other stego tools.
And this fights piracy how? (Score:3, Interesting)
Assuming a "de-tag" program doesn't pop up an hour later, what do you do with this wonderful invention? Instead of passing around a "normal" mp3 of Metallica, they're now sharing a "watermarked" version that allegedly can't be discerned by mere humans. How does this help?
Cheers,
Re:And this fights piracy how? (Score:5, Interesting)
In theory it lets the distributor figure out who the source of the piracy was. Joe User logs into their site and downloads the latest hit DRM_SUX.mpeg. Unknown to him it has a unique watermark in it that identifies him as the one who downloaded this particular file. Six months later the Copyright Kops find a copy of DRM_SUX.mpeg floating around on P2P networks. They analyze the file and discover the watermark points to Joe User, so they then sick their landsharks^M^M^M^M lawyers on him.
Re:And this fights piracy how? (Score:2)
Re:And this fights piracy how? (Score:2)
Re:And this fights piracy how? (Score:3, Insightful)
Ding! This is not a criminal proceeding, but a civil suit. A far more extreme example would be suing someone who allowed a murderer to get a hold of an otherwise legally obtained gun. They can't prove you committed the murder, but they can argue that your lack of security on the firearm contributed to the crime so you have some civil liability. And in civil court you only need a preponderance
Re:And this fights piracy how? (Score:2)
Those are all interesting defenses, and you are free to try any/all of them in a court of law when you get illegally sued by the RIAA.
Enjoy spending thousands of dollars on your lawyer and wasting dozens of hours of time. Maybe yo
Re:And this fights piracy how? (Score:2)
While I hate the RIAA just as much as the next
Re:And this fights piracy how? (Score:2)
Hmm ... interesting, a good portion of my mp3 collection consists of files copied from people without their knowledge (e.g. open shares found at LANs or at work). Not to mention Joe User's box getting hacked and the files getting copied without his knowledge. They might be able to prove whose file it was but can they really prove piracy unless they find (and identify) Joe User himself personally sharing that file on a p2p network?
Re:And this fights piracy how? (Score:2)
Re:And this fights piracy how? (Score:2, Funny)
Well, at least Lars would know who to sue.
Re:And this fights piracy how? (Score:5, Informative)
You code media players to detect the watermark (which would have to be in a standardized format) and refuse to play anything that does not contain the watermark. Conversely, ripping programs will not rip anything containing the watermark, making it harder to copy the source. You wouldn't have to worry so much about removal programs, as programs that would "fake" the watermark, basically couterfeiting programs. Of course, those would pop up fifteen minutes later.
Indies? (Score:3, Insightful)
You code media players to detect the watermark (which would have to be in a standardized format) and refuse to play anything that does not contain the watermark.
So would independent recording artists be able to insert the watermark? If not, wouldn't that be grounds for an antitrust action? Or are they assuming that all possible songs are already copyrighted to a major multinational publisher, as hinted by this article [slashdot.org] and this article [lld-law.com]?
Re:And this fights piracy how? (Score:2)
Ok...and just who is gonna hold a gun to the head of every person writing a media player/ripper to comply with said watermarking observance?
I kinda doubt xmms or grip is going to switch to only working within the watermark confines....
Re:And this fights piracy how? (Score:3, Interesting)
If instead the only way to detect a watermark is to put it in a carefully protected machine in the RIAA's basement with a secret program
Re:And this fights piracy how? (Score:2)
Re:And this fights piracy how? (Score:2)
So if the file does get out, then at least it should be easier to trace the source of the leak... Assuming this works...
Then again, I wouldn't put it past the MPAA (the same technique can be applied to movies) or RIAA to go after the initial poster for total "damages" (in other words, blame the original uploader for all co
psychoacoustic codecs? (Score:2, Interesting)
uhm (Score:2, Insightful)
Trace it back to me? How? (Score:2, Insightful)
How, exactly? Supposing I went out and purchased a music CD (a radical idea, I know) with cash, how could they possibly trace that particular CD back to me should it somehow be made widely available to download? I
Re:Trace it back to me? How? (Score:2)
Nothing to see/hear (Score:5, Insightful)
In other words, "Nothing to see/hear. Please move along?"
More seriously - although it could be stripped out (relatively) easily, you could embed watermarking data in the metadata segments of downloadable MP3s. I'd accept this as a tradeoff for music studios offering downloadable MP3 files: If some_hit_song_i_downloaded.mp3 shows up on a P2P network and contains metadata whose MD5 could only be generated by, say, hashing my credit card number with some_riaa_private_key, that'd be pretty reasonable grounds for RIAA to believe that I'm the schmuck who (a) paid for the right to download it from a RIAA-authorized source, and (b) uploaded it to a non-RIAA-authorized filesharing network.
Make it impractical for Joe Sixpack (who will be unaware of this type of watermarking, and who probably will be unaware of the existence of tools to strip it) to upload his files without risking fines/prosecution, and you can offer DRM-free MP3s to Joe Sixpack.
Re:Nothing to see/hear (Score:4, Insightful)
Re:Nothing to see/hear (Score:3, Interesting)
The practical use (Score:2, Informative)
band releases early copies of an album to reviewers. if the album leaks, the people who sent out the advances can find out who leaked it.
Pointless (Score:2)
Re:Pointless (Score:2)
If this will result in someone's lawyers contacting all the people running insecure home PCs and giving 'em a short scare, I'm all for it. The first time, hopefully, should be a quick excuse to the judge: "My PC was compromised without my knowledge. I'm not at fault." -- but the _second_ time, well, the sharks get to have fun.
There's a potential for this to improve the 'Net. Having the copyright holders identify compromised machines? It's pratically a public service
What about silent movies? (Score:2)
Buy your CD in a store. (Score:2)
That's the spirit (Score:5, Insightful)
Things like the DRM and DMCA were put into place to fight piracy, and wound up just hurting regular consumers while the pirates just snickered as they continued along their merry way.
With these kinds of things, regular users will still be able to do what they like with their own copy, be it back it up or transfer it to another medium for personal use. At the same time, it will allow those tracking piracy to find the source and press charges only against that person, and not the random multitude.
I'm sure the pirates will figure out some way to work around this (be it to randomly change the volume slightly throughout an entire MP3, or brightening/dithering an entire picture), as they have everything else, but if this kind of technology can prevail and advance, it will allow those of us legally using our own purchased goods to do so without worry, while punishing those who deserve it.
Re:That's the spirit (Score:3, Insightful)
Re:That's the spirit (Score:4, Insightful)
What do others think?
Re:That's the spirit (Score:3, Insightful)
Although it sounds like a very attractive alternative to DRM, there are some serious security issues that would have to be adequately addressed.
"Big brother" is right--it's all about trust (Score:3, Interesting)
The notable thing here is that all the companies are doing is transferring that trust-anxiety from them->you to you->your friends.
i hate to say it (Score:3, Interesting)
This goes for downloaded files, not physical media. If I buy a CD, I want to be able to do whatever I want to it, which includes sharing with friends. I've never made a habit out of sharing files, even back in the Napster days (Sorry, but I was a leech). Most of my file sharing is between me and my friends, and while I admit that it certainly pushes the limits of legality, it's the only "responsible" way to do things.
This watermarking idea just reeks of being absolutely unnecessary. People just need to learn to be more "responsible" about how they rip off music. I hate the record labels as much as the next guy, but I'm willing to work within the confines of a happy medium, and do most of my sharing via less (or is it more?) traditional means.
I don't see anything wrong with sharing TV shows that are freely broadcast over the airwaves, however. For most things, however, if you don't own the copyright, it's usually not yours to distribute.
What's my point? I really don't know. Try this: Steal all you want, just don't get caught, and don't let them force more of these silly things on all of us.
Simple way around it... (Score:2)
medialoggers replace keyloggers as top malware (Score:3, Insightful)
Key question (Score:4, Insightful)
Are they planning to
The first is basically worse than DRM, the second is essentially an aid to enforcing existing copyright laws. I suspect that if the Content Cartel would finally accept that their business models need to change and go for the second approach, most of us could accept it.
So it's steganographic then... (Score:2)
It's a bit like those secret government documents who have several purposely-placed typoes, different for each distributed copies, with which you can deduce who leaked the document according to the typoes that surface in the unauthorized copies...
So, what can prevent anyone from shaving-off the least significant bits and putting garbage instead? This way, you cann
Doesn't make sense. Its too easy to kill off (Score:2)
At the very worst, a simple matter of re-encoding the file in memory from digital to analog and back would insert enough variation due to nothing more than the variance introduced by floating point math to make the process easily circumvented.
Aren't people transcoding iTunes stuff now by jus
Cost Effective? (Score:2)
But a pretty dumb file compare program will have no problem. Compare two versions of the file to see where the changes are. Compare them to a third version to assess how different each watermark is. Then fiddle bits to create your own version that they cannot no longer trace back to you.
It will cost more to deploy the embedding software and panoply of infringement detectors than defeating this mechanism, which leads
Short memories -- this was called SDMI (Score:5, Informative)
Basically, the Powers That Be came up with a very good watermarking system, but even the best system can be defeated by a very determined adversary -- especially since the watermarks can't be updated once the CDs are shipped.
Another problem that I've always had with these systems is the proof issue. If the RIAA tries to prosecute you for having watermarked files, they have to demonstrate the watermark. I can't imagine how they could show that without revealing exactly how the watermark is detected -- and once they do that, you should be off to the races.
Anyway -- this has been tried, and it has failed. The SDMI system was really quite sophisticated, and it failed almost immediately.
Thad Beier
Re:Short memories -- this was called SDMI (Score:5, Interesting)
This is exactly what "zero knowledge" proofs [wikipedia.org] are supposed to be able to do. Using such a protocol allows me to prove to anyone interested that I know something without revealing what that something is. the proof does not impart any new knowledge to the person/entity that is receiving it about the information. In this context it would mean that the RIAA would be able to prove that the files had been watermarked using their private mark and were thus their copyrighted material without revealing any information about how that watermarking was done. The proof would not rely on revealing the method. Graph isomorphism is a commonly used example.
I don't know if anyone has incorporated a practical application of this into any sort of watermarking scheme, but it could be used for this purpose.
Re:Short memories -- this was called SDMI (Score:3, Interesting)
Re:Short memories -- this was called SDMI (Score:3, Informative)
"watermark" is supposed to mean it is invisibly small. A player that does not play things with the wrong wat
Who will this impact? (Score:2)
Subtlety is subjective (Score:2)
Strange... (Score:2)
on top of that, they seem to be intent to charge as much to download a song as to buy a CD, sometimes more.
So how does this do anything at all?
Now, for p0rn it's another story altogether.
This whole data protection is crap anyway! Just deal with the fact that you are competing with piracy and approach it that way. Tighten your belts a lit
How the fuck is this a watermark? (Score:3, Interesting)
Real watermarks are for duplicating, not taking out. Absolutly nobody would want to take the watermark out of their 100 euro banknote. In an mp3 you would instead want to remove the mark.
Am I being anal? Well yeah but when it comes to security it is the only way to be. A banknote with the watermark removed just lost its value. A mp3 with its watermark has possibly just increased in value. It certainly has lost none.
So the type of attack they have to stand up against is totally different. A banknote watermark just has to be expensive to duplicate. Add enough expensive to duplicate elements to a banknote and you will make it unattractive to counterfitters. It is the reason you see so few attemps at counterfit cents. (Please do not post links to your favorite wooden nickel story okay?)
But all the 'counterfitter' has to do with the mp3 is to remove the watermark. Wich as others have already pointed out should not be too hard. This is totally different type of attack. Remember, the banknote is proud of its watermark and makes it very easy to 'see' it. It even forms a pretty picture to make it stand out more. The last thing you want in the mp3 version is for it to stand out. Adding a split second of mp3 codec that stands out shouting 'look at me I am a pretty watermark' is just asking for it to be edited out.
Oh well, will this work? Well only if they somehow manage to keep you from just removing the watermark. mis-Trusted computing anyone?
Funny thing, I own more LP's then any other medium. In fact as more and more anti copy protection is introduced, the less I own of it. LP (too many) -> CD (repectable) -> VHS (0 now but used have a okay collection) -> Mini disc (a couple)-> DVD (a few) -> iTunes (0)
Odd that.
Nothing to see here (Score:3, Funny)
Arrr, This be no piracy! (Score:2)
Arrr, what a poor excuse for piracy this be!
May ye be touched by his noodlely apendage
Re: (Score:2)
Watermarking is a dead end (Score:2)
Also, who
This will not replace current "DRM" schemes (Score:4, Insightful)
Even so, the labels might adopt something like this. But it would be in addition to their current copy restriction schemes, rather than a replacement for them. Consumers still lose as they'll still have to wrangle with FairPlay, WMA, or whatever copy restriction scheme the labels want to use.
I don't understand.... (Score:4, Funny)
Whoops read the article title wrong.. (Score:3, Funny)
Although, that would make sense.
Lossy Format (Score:3, Insightful)
If the watermark is applied to the file after compression to mp3, then it is very easily defeated by decompressing and recompressing with a non-watermarking encoder, of which many exist for mp3. The act of decompressing the file will obliterate whatever bits were flipped for watermarking purposes. If the hidden information is subtle enough, the lossy compressor will simply throw it out. If it's obvious enough to not be obliterated by lossy compression, then I can hear it in the file, and the product is inferior. The only option would be for the encoder to recognize the watermark and purposefully retain the data, and then we're tied to a specific piece of software just like DRM.
However, if the watermark was applied before the compression (i.e., directly to the wav file on the CD), then the act of compressing the file will change the watermarking somewhat, and matching the "fingerprints," as they are called in the article, would be statistical in nature, not exacting like a hash is. The fingerprint would have to be considered "close enough" to be a match.
Also, every single watermark would have to be unique in order to match it to a specific source, which means creating a Big Database (tm) of customer info, which is easily defeated by paying with cash. On the other hand, if the record companies weren't interested in identifying a specific source, but the presence of a watermarked file in an upload directory is sufficient, then that's no different than the existence of any other file in an upload directory which contains copyrighted material, which is what they've been going after for quite some time now.
And the point is...?
If it is in the actual data (Score:2, Informative)
Re:Stand up to Encoding? (Score:3, Funny)
About as well as my ears do, I'm guessing.
Re:Stand up to Encoding? (Score:2)
What if you were to just re-encode it or go from mp3->ogg->mp3 again ?
I would think that would scrub any watermarks from the mp3.
Re:Stand up to Encoding? (Score:2)
Re:Stand up to Encoding? (Score:2)
You mean before it's called noise??
Re:Stand up to Encoding? (Score:2)
This would actually be great (Score:5, Funny)
Watermarked MP3s would be a way that the music industry could say "look, we almost trust you!"
RIAA? No, HFA (Score:2)
Cleansing music files is not much harder
Are you sure? If the stego and the crypto behind it are good enough, you won't know that you even need to cleanse a given file, let alone which algorithmic steps to take to cleanse it.
and one can always simply re-record the music too
Recording a new performance of the music is called a cover version [wikipedia.org]. RIAA isn't interested in covers, but Harry Fox Agency [harryfox.com] is.