The blog of content protection

The Digital Watermark Alliance (DWA) released last month the results of a survey it commissioned. The purpose was to evaluate what the impact of using Digital Serial Number (DSN) would have on piracy. Digital Serial Number embeds through watermark a unique identifier of the device that rendered the content. This allows to trace back the origin of an eventual leakage.

The answer is obviously that it would have an effect. About half of the responders admitted that they would stop file sharing. This is probably not a surprise for anybody.

A more interesting output is the reasons why about half responders would not stop file sharing.

- I don’t download enough to be caught.
- The online community will remove DSNs.
- DSNs will not be enforced strongly enough to make a difference.
- My downloading would remain the same as a statement of principle.
- The BitTorrent community can avoid sharing files with DSNs.
- The risk is worth it.

The document also highlights that DSN is deterrent only if users are aware of it.

The document is available here.

PS: THOMSON is member of DWA.

According to Jakob Nielsen, masking password while dialing it is a bad idea. The arguments are that users may make more errors with blind typing, and that due this complexity, they will choose simpler passwords.

Jakob Nielsen is a highly respected guru of usability. When I was working in User Interfaces research (many years ago), I religiously read all his books. I learn a lot. It was my first contacts with human psychology and brain behavior. I’ll soon come back to that interesting topic. Thus, his comments deserve our interest.

His first argument is definitively true. Who had never got his/her password rejected because the cap key was on? A visual feedback would avoid this type of errors. I must confess that each time I have to enter my long passphrase of PGP, I’m nervous. Especially if you are like me keyboard dyslexic.

I would tend to disagree on the second argument. People mainly choose a simple password because it is more difficult to remember complex passwords, rather than because it is difficult to dial them.

Sometimes, we have forgotten the initial design purpose. Password masking is mainly to avoid shoulder surfing. Shoulder surfing on a mobile device (such as BlackBerry) is far more difficult than on a notebook in an airport. Thus, is it using to protect against this threat on mobile? If there is nobody present for shoulder surfing, why protect against an non existing threat?

Thus, I would rather agree with Jakob Nielsen to mitigate the orthodoxy of password masking with some rules:

• - When shoulder surfing is not possible, do not mask (unless you fear screen capture, but then you may also fear key logging)
• - Propose a checkbox that would allow to mask/unmask the password. I would suggest that the default state could be masking.

Should we violate this rule?

UK Government just published its vision of the future of Digital Britain. As expected, a section is dedicated to copyright issues. In chapter 4, “Creative Industries in the Digital World”, the report highlights the need to fight unlawful file sharing. It describes the two stage mechanism that the Government foresees to deploy.

The first step is the typical spotting of illegal file sharers and sending notifications. It is expected that this should seriously deter the piracy. nevertheless, if it would not be sufficient then other tools such as traffic shaping, bandwidth capping or address filtering would be deployed.

Legislation to reduce unlawful peer-to-peer file-sharing

The key elements of what we are proposing to do are:
● Ofcom will be placed under a duty to take steps aimed at reducing online copyright infringement. Specifically they will be required to place obligations on ISPs to require them:
- to notify alleged infringers of rights (subject to reasonable levels of proof from rights-holders) that their conduct is unlawful; and
- to collect anonymised information on serious repeat infringers (derived from their notification activities), to be made available to rights-holders together with personal details on receipt of a court order.
Ofcom will also be given the power to specify, by Statutory Instrument, other conditions to be imposed on ISPs aimed at preventing, deterring or reducing online copyright infringement, such as:
●Blocking (Site, IP, URL);
●Protocol blocking;
●Port blocking;
●Bandwidth capping (capping the speed of a subscriber’s Internet connection and/or capping the volume of data traffic which a subscriber can access);
●Bandwidth shaping (limiting the speed of a subscriber’s access to selected protocols/services and/or capping the volume of data to selected protocols/services); and
● Content identification and filtering.
This power would be triggered if the notification process has not been successful after a year in reducing infringement by 70% of the number of people notified.

After one year of experiment, the government would check the efficiency. The objective is to reduce by 70 to 80% unlawful file sharing. If the objective would not be reached, then the Government would study new measures.

The interesting part is the attempt to limit the network use to fight piracy. Nevertheless, it may open the Pandora box. Is it the end of Net neutrality in UK?

The full report is available here.

Thanks to MJC for the pointer to the doc :)

The subjects are:

• Our guest: WILLIAMS Jim (MPAA)
• The news of past quarter
• Attacks on social networks only expose naïve users
• Latest attack on SSL
• Digital media Forensics (part 1)

It is available here.

That is what Jammie Thomas-Rasset should pay to four major labels for copyright infringement of 24 songs. The total fine is $1,900,000!!!

Jammie Thomas was spotted by Media Sentry in February 2005 for sharing 24 songs through Kazaa. She always claimed to be innocent and refused settlement. This was an appeal. The initial decision was around $9,000 per infringing songs.

Unfortunately, for this trial, her defense collapsed. Her defense was that it was not true because the experts could not spot anything on her hard disk. She always claimed that the songs must have been on the hard drive that she had exchanged at Best Buy. Unfortunately, the exchange occurred after the infringement occurrence. Furthermore, she claimed to not even know what Kazaa was. Unfortunately, while student, she wrote an essay about Kazaa. So long…

The severity of the sentence may be explained by a popular jury who did not liked that she lied to them. The severity may also incite people to go for fast settlements rather than prosecution in accordance with current RIAA’s strategy.