1) Detecting piracy is resource intensive. You have to design algorithms to detect infringement and you have to implement them in a way that can keep up with a respectable portion of your backbone bandwidth without significantly degrading performance for consumers.
2) File sharing protocols can adapt rapidly and will most likely make more and more extensive use of encryption. Distinguishing legal file sharing from illegal file sharing will only get more and more difficult. Even if there remain ways to detect infringement, this arms race with file-sharers will feed back into 1 in a big way.
3) As Neil Young famously put it, "Piracy is the new radio". Those who adapt to the "new radio" first will reap the rewards. Those who spend massive amounts of cash fighting the inevitable progress of technology will just fall behind.
What should these dinosaurs do if they want to stay competitive? Stop treating users of the "new radio" like criminals and win them over by providing a superior experience to what the pirates can deliver. e.g. Stop loading DVD's and bluray's up with annoying advertisements, anti-piracy messages, and warnings. Online stores shouldn't sell 720p videos or lossy music files when pirates are giving away 1080p videos and lossless audio for free. Above all, minimize the payment barrier. Make it cheap enough to feel like value is high and make it at least as easy and fast as pirating. In short, stop spending money to treat your customers like criminals and, instead, spend it to ensure that legal purchases are the path of least resistance to the highest quality experience.
People who torrent 24/7 just because they can are also resource intensive. I think there might be a real incentive to kick Joe Leecher out of one's customer base and keep people who only check their email.
I'd be really interested in seeing a list of ISPs that have chosen not to sign. Even though I don't pirate, I would jump in a heartbeat if its feasible (e.g. I can actually find a non-signed ISP) and my ISP isn't on the list.
I left Comcast in Jan because of SOPA. This is just another reason why these 'ISPs' are a bad choice.
I live in San Francisco and chose Sonic.net because they don't cap or do any kind of traffic shaping. I did take a hit in my speed (from 20mb to 10mb), but their service is top notch and I feel good about where I put my money every month. Sonic's also been doing a fiber rollout in some areas north of SF and in one section of the city.
I won't ever go back to Comcast. I'm interested to see how this will affect people. Will there be an exodus from these guys for other ISPs that don't cap or police the line?
Speaking of the general public, how does Joe Smith know that Hulu's stream of "The Office" is legal but some other site's is not?
That's been my biggest question about streaming.
On one hand I can google "watch the office online for free" and end up on Hulu, it has ads, but it's free. If I look around I can see that I don't have access to all their content, but they have a subscription model that gives full access.
On the other, I can google "watch dexter online for free" and end up on MegaVideo (well, imagine you're four months ago). It has ads, but it's free. If I want to watch a lot of videos, I see that I can't because there's a daily limit, but they have a subscription model that gives full access.
As a user, I have no way to know that the first one is legal while the second isn't.
That being said, it's my understanding that at this point, this is what makes streaming a bit of an edge-case why mostly the website is charged, rather than the users. But that might of course change…
>What kind of traffic inspection are these ISPs doing that would enable to identify infringement as it's happening?
As I understand it, there's no actual monitoring being done by ISPs. The monitoring is done by the record and movie companies. When they see a torrent of their content being shared, they record the IP addresses of everyone seeding that torrent and then send warning requests to the ISPs whose users are uploading. Those IPs then relay that warning to the actual users associated with those IPs. Once a user gets six of these warnings, the ISP is obligated to cut off the user.
At least, that's the way it was reported last summer, and that's how Ars Technica is describing the enforcement system now.
I work in information security, and while my company doesn't have the sophistication necessary to know exactly what data is contained in each and every packet that goes through the network (that's not what we do), I could give a "this is how I would decide" overview.
We've got pretty rudimentary tools at my job, but we can still see source and destination address (even through a NAT and proxy on our end), IP ports/protocol, time of day and speed of connection trends, and we can do small amounts of packet inspection (we grab the first 120 bytes of every packet).
With this data, I'm able to tell if someone is using BitTorrent vs Skype (they're both peer-to-peer UDP packets to random addresses, so finding the difference is key). I can tell where their information is being sent to. If the packet is not encrypted, I can see exactly what is being sent (the header data will show filenames being transferred). DNS data will tell me what site they've just visited, and packet capture will tell me what specific page they're on and what search terms they used on that site.) With an unencrypted session, it's as easy as piecing the domain name from DNS (thepiratebay.com) to the packet capture (http: 11:23pm March 15, "the office", /search/test/0/99/0) to the user (10.250.250.10) to the network flows (every few seconds there's another couple packets going out to or coming from a few dozen address across the world). Bam, we've got an infringing user.
Now granted, people will likely be using encryption. I don't know how the tools handle this, we don't do anything with it at my job. However, I would imagine the ISPs could do deeper packet inspection. I would imagine they simply don't care if your traffic is legal or not. They may assume it's all illegal and serve notice anyway. There may be an appeals process. As for the difference between Hulu and joe-streams-hollywood.com, I would imagine they have a whitelist of addresses.
TL;DR; I don't know, but I can make an educated guess. Best bet, encrypt your traffic but don't rely on that to save your ass.
IANAL, but from what I understand, a consumer is not guilty of watching illegally-duplicated media; it is whoever makes the content available who is breaking the law. So ISPs would only have to stop people uploading content.
This is relatively easy for P2P and streaming sites, but I don't see how you could ever hope to police "file lockers" like MegaVideo; users would just upload encrypted files (even just password-protected zip files) and distribute the password. If it starts to be a cat-and-mouse game, I expect offshore filelockers will start providing privacy-protecting features for uploaders, coupled with a lot of fun and games with DNS records.
how does Joe Smith know that Hulu's stream of "The Office" is legal but some other site's is not?
Graduated response is only for P2P, which is presumptively illegal. ICE/SOPA goes after pirate sites. Nobody goes after the users of pirate sites, so you don't have to worry about that.
I got hit with a dire legal warning in college from these anti-piracy-crusader guys. Apparently I had been heavily uploading Beyonce songs on Limewire. This was strange, as I have never used Limewire and don't much like Beyonce's songs. I had to go to some office and fill out papers to say that I was innocent, because someone made a completely spurious (and probably automated) accusation against me.
I believe this is the "6 strike" system. They agreed to do this last July, and it seems to go into effect a year later.
Also, I'm not so sure how "voluntary" this was, considering the Obama administration was involved to "mediate" the deal. My guess is the White House tried to pressure the ISP's into agreeing with this, though I wouldn't exactly call the ISP's innocent considering pretty much all of them now have their own content services, and it would benefit them to cut down on piracy somehow.
We sure are turning chinese fast. In the end, does it really matter what ideology underpins the censorship? Users say to themselves, "I have to be really careful not to even appear like I'm doing something 'bad' on the internet or I could lose my access or worse."
It doesn't matter where you got on the train or why, once it pulls into that last station, you're done.
"There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live—did live, from habit that became instinct—in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized."
At what point will they lose their DMCA safe-harbor protection? Can we discourage them from actively policing copyright by suing them for copyright infringement?
This has already been going on as others have noted.
ISPs send email citing that X external organization representing Y media company says that you have been sharing Z content, then the ISP shuts off or redirects all web traffic from your location except that which is allowed to go to a webpage they specify in the email where you must acknowledge that you got their communication and will cease and desist. It is pretty Orwellian.
We all need to switch to mesh wifi internetworking as soon as possible. With some work, it could become a better solution than our current net, and there would be no monthly cost to an ISP, and no MPAA, RIAA, or government interference. Granted, there is value in rule of law and protection of adequate compensation for created works. But when Big Brother comes down on you and your neighbors, is that ok? These guys would have cuffed you for the cassette mixtape you made for your girlfriend in the 10th grade if they would have known about it. The longer you let the ISPs or the government rule the net, the less of a chance you will have to ever get it back.
I understand that you read about it on reddit, and they may have sounded quite confident and/or optimistic, but I assure you an internet based on wireless mesh and without ISPs would be completely unusable. Along with most ideas that sound anything like that. Whatever visions you have of a future pirate nirvana internet will have to include a bunch of pretty traditional looking fat pipes in the center of it all.
We all need to switch to mesh wifi internet working as soon as possible. With some work...
"Some" work? There are serious problems with scaling mesh networks. Private citizens are not going to replace the internet backbone with mesh networks. The best we could hope for are low bandwidth metro WAN. That said, this is something we should put in place ahead of time, so we can turn it on if the government ever wants to black out media and internet access.
As far as combating this latest outrage, how about additional widespread encryption, so all the traffic is effectively on a VPN? If keys are distributed via smartphone networks, it will be hard for the ISPs to do things like mount MITM attacks. Combine this with some honeypots -- as mentioned elsewhere, have people engaging in legal sharing and sue the ISPs when they interfere.
Are US ISPs being paid to do this by the entertainment industry? If so, is there any transparency on this?
Why would the ISPs choose to do this with no legal requirement for it and strong restrictions in how they can achieve this now or in future any infrastructure business around it due to net neutrality and other regulator issues? This would directly alienate their own broadband customers...
How does this mix with major ISPs offering VOIP bundles – what happens if they cut off your internet access and you are no longer able to call 911? Is there any potential liability there?
They don't actually cut off your network connection, they just filter it so that you can only reach a subset of their own addresses like dhcp, dns, trouble resolution website etc. I'm sure they just include the voip servers on that list. That traffic is often provisioned totally separately (outside of your commit, possibly to a separate mac) so that it might not be an issue in the first place.
Move to central Washington state, where you have a hcoice of a dozen or so high-speed ISP's across fiber......
This reminds me. I wonder if the change during Reagan/Clinton to pro-consolidation, anti-competition has anything to do with making an industry easier to control in this way.....
Unless everybody moves to freenet (or some other friend-to-friend network) you have to exchange keys at the beginning of every session with a peer. The ISP can see that, and MITM you. SSL/TLS gets around this with a central certificate authority that vouches for the public key of the other party. That's damn difficult if not impossible to pull off in a decentralized system.
It does not take a leap of the imagination to see how ordinary, law-abiding citizens might accidently be affected. Here is a hypothetical scenario of how things might play out.
People pirating music will be caught. These people will start encrypting their web-traffic to avoid getting caught in the future. Then coders like me who use SSH/SFTP heavily will be flagged as pirates too. Then my internet will be cut off.
Quite a while ago my ISP threatened to shut off my Internet as I had a port open for SSH. I suggested that they should be more concerned that they had admitted to either scanning my system without permission or snooping on my traffic.
That was enough to end that. Unfortunately I don't think asserting an expectation of privacy is enough anymore.
They might get a lot of false positives for people who just stream videos a lot from the web or something. But I think I know how they will propose to "solve" this later on. They will just "allow" content websites to enter a "whitelist", and as soon as that list gets big enough, just throttle everything else.
> People pirating music will be caught. These people will start encrypting their web-traffic to avoid getting caught in the future.
Which won't really help since they're being tracked by their peers, I don't think anyone is wiretapping random Internet users' connections to bust them for piracy.
Well, if web policing is enforced by ISPs, it may give birth to the next generation of internet. I'm not kidding. I'm serious.
Let me explain. Today everyone has a wifi router. Imagine, one wifi router sending request to the next wifi router, which routes to the next router towards the destination. It is theoretically possible to reach the destination and get back. It may be a million hops. But, it is possible.
Today's wifi routers are designed to talk to CABLE or DSL. But they can be made to talk to a nearby wifi router also. If we do that the entire world will become one giant network. That would be the real internet. At that time, we won't need ISPs.
Today majority of traffic goes through ISPs. If this type of wifi routers come to existence, even countries like Iran cannot control internet.
The moment a provider throttles my internet based on "piracy" is the moment I begin investing all of my free time into making a free and invincible p2p solution.
What if you share an IP address with several other families? Does this imply that internet would be cut off to the IP address if it were found to be infringing?
[+] [-] beloch|14 years ago|reply
1) Detecting piracy is resource intensive. You have to design algorithms to detect infringement and you have to implement them in a way that can keep up with a respectable portion of your backbone bandwidth without significantly degrading performance for consumers.
2) File sharing protocols can adapt rapidly and will most likely make more and more extensive use of encryption. Distinguishing legal file sharing from illegal file sharing will only get more and more difficult. Even if there remain ways to detect infringement, this arms race with file-sharers will feed back into 1 in a big way.
3) As Neil Young famously put it, "Piracy is the new radio". Those who adapt to the "new radio" first will reap the rewards. Those who spend massive amounts of cash fighting the inevitable progress of technology will just fall behind.
What should these dinosaurs do if they want to stay competitive? Stop treating users of the "new radio" like criminals and win them over by providing a superior experience to what the pirates can deliver. e.g. Stop loading DVD's and bluray's up with annoying advertisements, anti-piracy messages, and warnings. Online stores shouldn't sell 720p videos or lossy music files when pirates are giving away 1080p videos and lossless audio for free. Above all, minimize the payment barrier. Make it cheap enough to feel like value is high and make it at least as easy and fast as pirating. In short, stop spending money to treat your customers like criminals and, instead, spend it to ensure that legal purchases are the path of least resistance to the highest quality experience.
[+] [-] gurkendoktor|14 years ago|reply
People who torrent 24/7 just because they can are also resource intensive. I think there might be a real incentive to kick Joe Leecher out of one's customer base and keep people who only check their email.
[+] [-] joelhooks|14 years ago|reply
[+] [-] krosaen|14 years ago|reply
[+] [-] gcb|14 years ago|reply
to who? seems the best deal ever regarding cost/benefit for the RIAA members.
[+] [-] quasisimple|14 years ago|reply
[deleted]
[+] [-] SoftwareMaven|14 years ago|reply
[+] [-] equalarrow|14 years ago|reply
I live in San Francisco and chose Sonic.net because they don't cap or do any kind of traffic shaping. I did take a hit in my speed (from 20mb to 10mb), but their service is top notch and I feel good about where I put my money every month. Sonic's also been doing a fiber rollout in some areas north of SF and in one section of the city.
I won't ever go back to Comcast. I'm interested to see how this will affect people. Will there be an exodus from these guys for other ISPs that don't cap or police the line?
[+] [-] cgarvey|14 years ago|reply
[+] [-] dangrossman|14 years ago|reply
What kind of traffic inspection are these ISPs doing that would enable them to identify infringement as it's happening?
How do they know what rights the people involved have to say that a specific download is infringing or not?
Speaking of the general public, how does Joe Smith know that Hulu's stream of "The Office" is legal but some other site's is not?
[+] [-] Timothee|14 years ago|reply
That's been my biggest question about streaming.
On one hand I can google "watch the office online for free" and end up on Hulu, it has ads, but it's free. If I look around I can see that I don't have access to all their content, but they have a subscription model that gives full access.
On the other, I can google "watch dexter online for free" and end up on MegaVideo (well, imagine you're four months ago). It has ads, but it's free. If I want to watch a lot of videos, I see that I can't because there's a daily limit, but they have a subscription model that gives full access.
As a user, I have no way to know that the first one is legal while the second isn't.
That being said, it's my understanding that at this point, this is what makes streaming a bit of an edge-case why mostly the website is charged, rather than the users. But that might of course change…
[+] [-] quanticle|14 years ago|reply
As I understand it, there's no actual monitoring being done by ISPs. The monitoring is done by the record and movie companies. When they see a torrent of their content being shared, they record the IP addresses of everyone seeding that torrent and then send warning requests to the ISPs whose users are uploading. Those IPs then relay that warning to the actual users associated with those IPs. Once a user gets six of these warnings, the ISP is obligated to cut off the user.
At least, that's the way it was reported last summer, and that's how Ars Technica is describing the enforcement system now.
[+] [-] freehunter|14 years ago|reply
We've got pretty rudimentary tools at my job, but we can still see source and destination address (even through a NAT and proxy on our end), IP ports/protocol, time of day and speed of connection trends, and we can do small amounts of packet inspection (we grab the first 120 bytes of every packet).
With this data, I'm able to tell if someone is using BitTorrent vs Skype (they're both peer-to-peer UDP packets to random addresses, so finding the difference is key). I can tell where their information is being sent to. If the packet is not encrypted, I can see exactly what is being sent (the header data will show filenames being transferred). DNS data will tell me what site they've just visited, and packet capture will tell me what specific page they're on and what search terms they used on that site.) With an unencrypted session, it's as easy as piecing the domain name from DNS (thepiratebay.com) to the packet capture (http: 11:23pm March 15, "the office", /search/test/0/99/0) to the user (10.250.250.10) to the network flows (every few seconds there's another couple packets going out to or coming from a few dozen address across the world). Bam, we've got an infringing user.
Now granted, people will likely be using encryption. I don't know how the tools handle this, we don't do anything with it at my job. However, I would imagine the ISPs could do deeper packet inspection. I would imagine they simply don't care if your traffic is legal or not. They may assume it's all illegal and serve notice anyway. There may be an appeals process. As for the difference between Hulu and joe-streams-hollywood.com, I would imagine they have a whitelist of addresses.
TL;DR; I don't know, but I can make an educated guess. Best bet, encrypt your traffic but don't rely on that to save your ass.
[+] [-] toyg|14 years ago|reply
This is relatively easy for P2P and streaming sites, but I don't see how you could ever hope to police "file lockers" like MegaVideo; users would just upload encrypted files (even just password-protected zip files) and distribute the password. If it starts to be a cat-and-mouse game, I expect offshore filelockers will start providing privacy-protecting features for uploaders, coupled with a lot of fun and games with DNS records.
[+] [-] wmf|14 years ago|reply
Graduated response is only for P2P, which is presumptively illegal. ICE/SOPA goes after pirate sites. Nobody goes after the users of pirate sites, so you don't have to worry about that.
[+] [-] samstave|14 years ago|reply
[+] [-] pjscott|14 years ago|reply
These people are scum.
[+] [-] nextparadigms|14 years ago|reply
Also, I'm not so sure how "voluntary" this was, considering the Obama administration was involved to "mediate" the deal. My guess is the White House tried to pressure the ISP's into agreeing with this, though I wouldn't exactly call the ISP's innocent considering pretty much all of them now have their own content services, and it would benefit them to cut down on piracy somehow.
[+] [-] ekianjo|14 years ago|reply
[+] [-] unknown|14 years ago|reply
[deleted]
[+] [-] noonespecial|14 years ago|reply
It doesn't matter where you got on the train or why, once it pulls into that last station, you're done.
[+] [-] ttt_|14 years ago|reply
Once the technology is set up and the practice is sanctioned, more and more 'bad practices' will start being policed and punished.
[+] [-] unknown|14 years ago|reply
[deleted]
[+] [-] Cieplak|14 years ago|reply
[+] [-] rabidsnail|14 years ago|reply
[+] [-] jrockway|14 years ago|reply
I anticipate failure.
[+] [-] tim_h|14 years ago|reply
Edit: I'm surprised to see this downvoted. Care to comment why?
[+] [-] wmf|14 years ago|reply
[+] [-] frigite|14 years ago|reply
ISPs send email citing that X external organization representing Y media company says that you have been sharing Z content, then the ISP shuts off or redirects all web traffic from your location except that which is allowed to go to a webpage they specify in the email where you must acknowledge that you got their communication and will cease and desist. It is pretty Orwellian.
We all need to switch to mesh wifi internetworking as soon as possible. With some work, it could become a better solution than our current net, and there would be no monthly cost to an ISP, and no MPAA, RIAA, or government interference. Granted, there is value in rule of law and protection of adequate compensation for created works. But when Big Brother comes down on you and your neighbors, is that ok? These guys would have cuffed you for the cassette mixtape you made for your girlfriend in the 10th grade if they would have known about it. The longer you let the ISPs or the government rule the net, the less of a chance you will have to ever get it back.
[+] [-] trotsky|14 years ago|reply
[+] [-] stcredzero|14 years ago|reply
"Some" work? There are serious problems with scaling mesh networks. Private citizens are not going to replace the internet backbone with mesh networks. The best we could hope for are low bandwidth metro WAN. That said, this is something we should put in place ahead of time, so we can turn it on if the government ever wants to black out media and internet access.
As far as combating this latest outrage, how about additional widespread encryption, so all the traffic is effectively on a VPN? If keys are distributed via smartphone networks, it will be hard for the ISPs to do things like mount MITM attacks. Combine this with some honeypots -- as mentioned elsewhere, have people engaging in legal sharing and sue the ISPs when they interfere.
[+] [-] drucken|14 years ago|reply
Why would the ISPs choose to do this with no legal requirement for it and strong restrictions in how they can achieve this now or in future any infrastructure business around it due to net neutrality and other regulator issues? This would directly alienate their own broadband customers...
[+] [-] angrycoder|14 years ago|reply
My ISP is comcast, which not only owns their own TV networks and sports teams, they just bought NBC.
Same thing with Time Warner.
[+] [-] incongruity|14 years ago|reply
[+] [-] trotsky|14 years ago|reply
[+] [-] einhverfr|14 years ago|reply
This reminds me. I wonder if the change during Reagan/Clinton to pro-consolidation, anti-competition has anything to do with making an industry easier to control in this way.....
[+] [-] EricDeb|14 years ago|reply
[+] [-] jrockway|14 years ago|reply
[+] [-] rabidsnail|14 years ago|reply
[+] [-] jostmey|14 years ago|reply
People pirating music will be caught. These people will start encrypting their web-traffic to avoid getting caught in the future. Then coders like me who use SSH/SFTP heavily will be flagged as pirates too. Then my internet will be cut off.
[+] [-] orbitingpluto|14 years ago|reply
That was enough to end that. Unfortunately I don't think asserting an expectation of privacy is enough anymore.
[+] [-] nextparadigms|14 years ago|reply
[+] [-] spindritf|14 years ago|reply
Which won't really help since they're being tracked by their peers, I don't think anyone is wiretapping random Internet users' connections to bust them for piracy.
[+] [-] unknown|14 years ago|reply
[deleted]
[+] [-] snambi|14 years ago|reply
Let me explain. Today everyone has a wifi router. Imagine, one wifi router sending request to the next wifi router, which routes to the next router towards the destination. It is theoretically possible to reach the destination and get back. It may be a million hops. But, it is possible.
Today's wifi routers are designed to talk to CABLE or DSL. But they can be made to talk to a nearby wifi router also. If we do that the entire world will become one giant network. That would be the real internet. At that time, we won't need ISPs.
Today majority of traffic goes through ISPs. If this type of wifi routers come to existence, even countries like Iran cannot control internet.
This may be a blessing in disguise.
[+] [-] mistercow|14 years ago|reply
According to the official Copyright Alerts site[1], the only "other bandwidth provider" that has signed on is AT&T.
[1] http://www.copyrightinformation.org/about
[+] [-] acuity12|14 years ago|reply
[+] [-] mindslight|14 years ago|reply
[+] [-] Cieplak|14 years ago|reply
[+] [-] yaix|14 years ago|reply
Stop of being accused?