[p2pi] Somewhat OT: Anti-piracy strategies and P2P was Re: OT ? : Consultation on legislative options to address illicit P2P file-sharing
Nicholas Weaver <nweaver@ICSI.Berkeley.EDU> Thu, 18 September 2008 14:27 UTC
Return-Path: <p2pi-bounces@ietf.org>
X-Original-To: p2pi-archive@ietf.org
Delivered-To: ietfarch-p2pi-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1B97A3A6965; Thu, 18 Sep 2008 07:27:02 -0700 (PDT)
X-Original-To: p2pi@core3.amsl.com
Delivered-To: p2pi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 70E8A3A6963 for <p2pi@core3.amsl.com>; Thu, 18 Sep 2008 07:27:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.687
X-Spam-Level:
X-Spam-Status: No, score=-5.687 tagged_above=-999 required=5 tests=[AWL=0.912, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gVf1k81of5SJ for <p2pi@core3.amsl.com>; Thu, 18 Sep 2008 07:26:59 -0700 (PDT)
Received: from fruitcake.ICSI.Berkeley.EDU (fruitcake.ICSI.Berkeley.EDU [192.150.186.11]) by core3.amsl.com (Postfix) with ESMTP id 78F843A6965 for <p2pi@ietf.org>; Thu, 18 Sep 2008 07:26:59 -0700 (PDT)
Received: from [IPv6:::1] (fruitcake [192.150.186.11]) by fruitcake.ICSI.Berkeley.EDU (8.12.11.20060614/8.12.11) with ESMTP id m8IEQWnN008621; Thu, 18 Sep 2008 07:27:12 -0700 (PDT)
Message-Id: <20384D3E-CDF8-4F50-B273-8D722241C5A4@icsi.berkeley.edu>
From: Nicholas Weaver <nweaver@ICSI.Berkeley.EDU>
To: The 8472 <the8472@infinite-source.de>
In-Reply-To: <48D25C90.4020502@infinite-source.de>
Mime-Version: 1.0 (Apple Message framework v929.2)
Date: Thu, 18 Sep 2008 07:26:32 -0700
References: <835B846B-1014-4CEE-9BA3-644D207FC231@multicasttech.com> <48D25C90.4020502@infinite-source.de>
X-Mailer: Apple Mail (2.929.2)
Cc: p2pi@ietf.org, Nicholas Weaver <nweaver@ICSI.Berkeley.EDU>
Subject: [p2pi] Somewhat OT: Anti-piracy strategies and P2P was Re: OT ? : Consultation on legislative options to address illicit P2P file-sharing
X-BeenThere: p2pi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: P2P Infrastructure Discussion <p2pi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/p2pi>, <mailto:p2pi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/p2pi>
List-Post: <mailto:p2pi@ietf.org>
List-Help: <mailto:p2pi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/p2pi>, <mailto:p2pi-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: p2pi-bounces@ietf.org
Errors-To: p2pi-bounces@ietf.org
On Sep 18, 2008, at 6:50 AM, The 8472 wrote: > Well, from a technical perspective this is trivial, ISPs cannot > distinguish illegal from legal content, assuming a minimal amount of > encryption/obfuscation. The content industry could only tell the ISP > "user XY is doing something illegal, do something about it" and the > ISP > would have to believe that without being able to verify it. Most > regulation proposals we currently see are after-the-fact measures, > i.e. > disconnecting the user's internet connection after he has been > identified and warned about illegal filesharing. > Not to mention that some ISPs have an interest in preventing illegal > filesharing on their own as they offer VoD, streaming and similar > services or are owned by media companies. Actually, for P2P bulk data (big stuff like movies, rather than small stuff like audio), it is possible for the content provider to say not that "user X is doing something illegal", but that "Users X, Y, Z, A, B, C represents a graph of something illegal, block JUST that communication between these pairs of users". And for open-world piracy, this information can be found and verified by crawling the P2P swarm. The ISP still has to trust that the content provider is telling the truth, but this is far more actionable information and information that can be distributed and acted on in real time to disrupt the pirate flows without significantly impacting other traffic. > As far as i can see this concerns ALTO in that it should not reveal > any > information about the user and his sharing behavior as it would be a > singinficant dis-incentive for adoption if any data could be used > against the users. The problem is this impacts utility: in order to make a decision you have to know some information about the users, and content IDs that the user is participating in is significantly important. But as long as any form of content ID represents a random NONCE provided by the P2P coordination mechanism (not a hash, it MUST be a NONCE), an opponent could only use it to tie a user to a piece of content if the opponent is also able to access the swarm coordination mechanism in order to map the meaning of NONCE to content ID. Thus it would represent an information leak, but it is probably safe to assume that if the adversary has access to the P2P coordination mechanism sufficient to get the NONCE (necessary to tie a user to a piece of content in ALTO), the adversary could also contact the coordination mechanism to get a participant list. > Another issue is that such schemes might drive > illegal filesharing deeper underground, e.g. onto darknets which > provide > pseudonymity and plausible deniability at the cost of increased > bandwidth consumption, another network overlay and data being bounced > through random nodes, which is completely the opposite of what we want > to achieve. There are two plausible transitions: Deniability, and to private (closed-world) piracy. Deniability on distribution is not necessarily going to fly, because the big strength of BitTorrent is substantial noninfringing uses. Deniability loses much of this benefit: it becomes far easier for content providers to argue that the software itself should be blocked: that using a deniable P2P file sharing tool is nefarious behavior because deniability is not a benefit for LARGE legal content. The transition to closed-world piracy, however, is actually a win for the content providers. The goal should not be to block all piracy, but to up the hastle so that casual users aren't tempted to pirate material. Let the hardcore file sharers exchange information through secret torrents, they'd never be customers anyway. Rather you want the casual users however to keep buying DVDs or pay for downloads from Amazon/Apple/whoever. > Experience shows that fighting filesharing only makes filesharing > networks more resiliant against attacks. There are however, limits. Bulk data P2P is just that, bulk data and P2P, and will always be detectable as such. And open-world piracy is just that, open-world. If you relax these constraints (eg, make it closed-world, or eliminate the bulk data by changing it to point-to-point), you can build some real robust defenses against a copyright-enforcing adversary. But you lose a lot of the utility present in being bulk data, P2P, and open-world. _______________________________________________ p2pi mailing list p2pi@ietf.org https://www.ietf.org/mailman/listinfo/p2pi
- [p2pi] OT ? : Consultation on legislative options… Marshall Eubanks
- Re: [p2pi] OT ? : Consultation on legislative opt… The 8472
- [p2pi] Somewhat OT: Anti-piracy strategies and P2… Nicholas Weaver
- Re: [p2pi] Somewhat OT: Anti-piracy strategies an… The 8472