February 21st, 2003, 08:18 AM
Fingerprinting P2P pirates
Fingerprinting P2P pirates
For months, the digital equivalent of a postal censor has been sorting through virtually all file-swapping traffic on the University of Wyoming's network, quietly noting every trade of an Eminem song or "Friends" episode.
The technology, provided by Los Gatos, Calif., company Audible Magic, isn't yet blocking individual file trades. But that's the next step. As the company begins testing its service with more universities, corporations and small Internet service providers during next few weeks and months, this peer-to-peer monitoring and blocking technology threatens to open the next front in the online piracy wars.
With the capacity to look inside every bit of data that flows over a network--whether it's part of a song being illegally traded or a personal e-mail--this new generation of antipiracy technology is sure to prove controversial. But some administrators at universities and corporations--deluged by peer-to-peer traffic that continues to overwhelm their networks--say they're ready for this sweeping step.
"I don't really want to be looking that closely at what people are doing, and you'd probably just as soon not have me looking either," said Brad Thomas, a network specialist at the University of Wyoming who is helping manage the Audible Magic project. "But it's getting to be the only way to control our bandwidth."
For years now, the online antipiracy war has been more of a legal battle than a technological one. Record labels and movie studios have relied more on court rulings than on their own technical innovations to stop companies such as Napster, Audio Galaxy and Scour; and while those and other companies have stopped their activities, the overall quantity of online trading has abated little if at all.
Many of the technological ideas for stopping piracy have focused on traditional digital rights management, or DRM, which essentially locks a song or movie to a specific piece of hardware, or otherwise restricts how it can be used. This has proven controversial, because the technology is often susceptible to hackers cracking through the protections, and because it has had little effect in stemming trades of millions of unprotected MP3 files through services such as Kazaa.
Nor have those tools proved much help to universities, which found their networks bearing the brunt of file-swapping traffic early in Napster's rise. With fast connections and the technical savvy to set up the applications, students became a cornerstone of the early file-swapping community and remain so today. Many schools found that half or more of their network bandwidth was being used by applications such as Napster, Kazaa or Gnutella.
Traffic-management tools such as those produced by Packeteer have helped considerably. These tools prioritize data flows, so that e-mail and distance learning applications can travel without speed limits, while bandwidth allocated to Kazaa can be reduced to a trickle, for example. Thomas has used those tools at Wyoming, limiting all Kazaa users at any given time to a total of 1 megabit of bandwidth--a tiny sum if shared among dozens or scores of people downloading and uploading at any given time.
Some colleges, companies and even small ISPs have also tried to block the "ports"--a computer's equivalent of a door reserved for specific types of data--used by file-swapping applications. Modern file-swapping programs automatically bounce between ports until they find an open door, making this tactic ineffective, however.
Napster song-blocking redux?
Audible Magic's tools are among the first of a new generation that threatens to go much deeper inside the data stream, allowing a network operator to see exactly what files are being transferred.
The software lives inside a router or gateway to the broader Internet. As it is currently configured, it creates a copy of all the traffic flowing past, identifies those bits that are using FTP (file transfer protocol) or the Gnutella technology, and then re-creates those files to identify them.
The resulting reports have given Wyoming a look at what its students are actually trading and in what quantities. In one 24-hour period, for example, the most popular file traded using the Gnutella network was an MP3 by rap artist "Big Tymers," which passed the network monitor 188 times.
Audible Magic is taking the program to a next round of beta tests with another university, a corporation and a small ISP during the next month, CEO Vance Ikezoye said.
The next step for the technology is actually blocking songs and other content, instead of just monitoring--much the same way that Napster wound up filtering songs under court order in the waning days of its service. Audible Magic has a music "fingerprint" library that it says can reliably identify more than 3.5 million different audio files. In theory, songs could be blocked as the data passes the network monitor and is compared against this database of fingerprints.
"We believe that what this does is transform network devices to be content-intelligent," Ikezoye said. "That will be important. You can't just say, 'Let's block peer-to-peer.'"
In practice, this is potentially an enormous computing job that has yet to be tested on a wide scale. Blocking files means that someone has to come up with a list of files to block. Record companies have been loathe to perform that role, a massive undertaking that would require the listing of virtually every copyrighted work ever recorded, and that blocking services such as Audible Magic were updated as new songs were released.
Moreover, the computing power necessary to monitor, identify and block the millions of songs that could traverse a university network in the course of a month would be enormous and expensive, critics say.
Napster's experience in 2001 has been the biggest experiment in song filtering to date. People quickly found ways around the simplest ways of song filtering, and when Napster tried to integrate song fingerprint recognition into the filters, hurdles emerged that quickly saw the company shut its doors altogether.
The fingerprint recognition tools, provided in part by Audible Magic competitor Relatable, did block copyrighted songs, but also wound up "overblocking" so completely that even non-copyrighted files were stopped. Concurrently, sources said at the time, a few copyrighted songs that did continue to slip through, endangering Napster's status in the courts.
Moreover, privacy concerns stemming from this kind of network monitoring would likely be deep and immediate. Already the Electronic Privacy Information Center (EPIC), a Washington, D.C.-based lobbyist group, has blasted the recording industry's calls for deeper network traffic monitoring at universities.
"Monitoring the content of communications is fundamentally incompatible with the mission of educational institutions to foster critical thinking and exploration," EPIC wrote in an open letter to universities in November 2002, which followed a Recording Industry Association of America letter to more than 2,000 university presidents. "Such a level of monitoring is not only impracticable; it is incompatible with intellectual freedom."
Finally, innovations among peer-to-peer software developers themselves could limit the use of the monitoring tools. Most file-swapping communications today are unencrypted, or transmitted relatively openly over the Net. If monitoring and blocking tools were widely introduced, new software programs could easily develop ways to encrypt or scramble the data in transmission in order to make it unrecognizable by Audible Magic's tools or other databases.
"Clearly that's a problem," said Ikezoye, adding that his company still would have markets in this eventuality. "It's always a concern, particularly from private corporations, to have encrypted data flowing out of your network. We definitely see an opportunity in corporations."
taken from :-
Another technology ? I thought the music industry is not making any money ? Where are they getting the funds to do all this crap ?
February 21st, 2003, 09:55 AM
GAWD the RIAA needs to get over themselves...Awh the beauty of compression and encryption...They stop nothing except bandwidth by monitoring packets and re-building files. Also what if there is a ************* transfer over that hop. Or what if there is too much loss and they loose that node(s) entirely.
Also a word to this ikyikyiky Ikezoye character "WHATEVER" there will be "OTHER" ways after that and after that and after that.../etc/ let's waist more resources for a buck but still provide no solution.
... anyway enough of me
February 21st, 2003, 11:11 AM
If things like this really are going to be deployed, there's still hope for file sharing networks. Encryption, wiretap laws, and the DMCA, if you live in the US. If the network they're monitoring is encrypted, then it would be illegal for the device to circumvent this encryption under the RIAA's favourite law, so the device would be rendered useless. (Personally I would love to see this tested. If anyone knows of any cases where it already has been, could they please provide links.)
Then there's the issue of illegally intercepting private communications. What this device is doing is effectively snooping your internet session. If law enforcement agancies have to get a court order or a warrant to do this, then where is this going to leave an ISP that uses this device? I'd say in a lot of trouble, unless there's something about communications will be monitored in this way in the contract. But how many people would sign a phone contract when there's something that basically says "Someone will be listening in on all your phone calls in case you're committing a crime. You're probably not, but we'll listen in anyway regardless." It's exactly the same thing, and the phone company that adds a similar clause to their contracts will soon go out of business, and rightly so.
If it wasn't for the film and music studios acting like Luddites when it comes to the Internet, they wouldn't be in this mess in the first place. I'd love the opportunity to buy high-quality, uncompressed (or compressed using a lossless algorithm) music online at a reasonable price. The music industry had a great opportunity during their battles with Napster to roll out alternative services like this, but they didn't, and so these p2p networks cropped up.
I'm not American, and I don't fully understand the DMCA, so I could be wrong about it being used in this way. But under UK law, this device is almost certainly going to be illegal if used without a court order.
Just my thoughts...
February 21st, 2003, 04:36 PM
You got to be kidding me!
Wait wait wait, stop a second and think about this:
With the capacity to look inside every bit of data that flows over a network--whether it's part of a song being illegally traded or a personal e-mail--this new generation of antipiracy technology is sure to prove controversial
I heard "personal email" in the same sentence as "look inside", that's not cool. This is totally someone invading my personal space when sending an email back and forth. I'm sending email, I'm not trading anything illegal, so why should my personal emails be read? That would be my thoughts if I was going to that college.
If we go on that logic of that "device", then why not put a microphone in every room of every home and office and place of business in America? I mean since there could be terrorist sitting at a coffee shop talking about how they are going to attack America again.
I'm not getting off subject, I'm just relating two things. Because ok if they want to try to stop P2P file sharing, fine go ahead and try. Personally I think they are money hungry retards that need to pull their wallet out of their ass. But still, I'm not going to argue that point. Though why is them trying to stop illegal file sharing have anything to do with them being able to read my emails? Or even have a computer sitting there putting packets together and read my email to see if I have any sort of illegal software. How would they know anyway?
Someone needs to stop and think for a second here, because that's wrong to be able just to have the power. The only people who should be able to read your emails or personal stuff should be your ISP, AND ONLY THEN should they do it if there is warrent to or you are under investigation for a computer related criminal charge.
Next they will start putting filters on cell phones so you can't call out side the US, incase you might be plotting something with another country, or embedding little homing devices in our bodies when we are born to track us and make sure we are not doing anything wrong. Ahhh, there is no privacy anymore in the US for the common person.
[shadow]There is no right and wrong, only fun and boring...
Formatting my server because someone hacked into it sounds pretty boring to me...
That\'s why it\'s all about AntiOnline.com![/shadow]