Most active commenters
  • kmeisthax(3)

←back to thread

How encryption for Cinema Movies works

(serverless.industries)
230 points perryflynn | 18 comments | 20 Apr 25 17:52 UTC | HN request time: 0.718s | source | bottom
1. ddtaylor ◴[20 Apr 25 22:56 UTC] No.43747149[source]
How are groups getting the high quality digital dumps of some movies then?
replies(3): >>43747235 #>>43747651 #>>43748157 #
2. pain_perdu ◴[20 Apr 25 23:13 UTC] No.43747235[source]
I don't think new theatre releases are generally getting leak in digital formats anymore until they hit streaming which can sometimes be as soon as weeks or couple months after original release. Obviously 'tele-syncs' (cameras capturing the film) still exist but that wasn't your question. The one exception to this can be oscar movie season when studios release films via a special Apple TV app and that be be slightly less secure (though still water-marked).

I would ask you to support your claim of 'high quality digital dumps' by citing one that has come out in the last couple years. See https://predb.net/

replies(1): >>43747481 #
3. lurk2 ◴[21 Apr 25 00:05 UTC] No.43747481[source]
> A telesync (TS) is a bootleg recording of a film recorded in a movie theater, often (although not always) filmed using a professional camera on a tripod in the projection booth. The audio of a TS is captured with a direct connection to the sound source (often an FM microbroadcast provided for the hearing-impaired, or from a drive-in theater). If a direct connection from the sound source is not possible, sometimes the bootlegger will tape or conceal wireless microphones close to the speakers, as it is better than a mic on the camera. A TS can be considered a higher quality type of cam, that has the potential of better-quality audio and video.

https://en.wikipedia.org/wiki/Telesync

replies(1): >>43748044 #
4. kmeisthax ◴[21 Apr 25 00:40 UTC] No.43747651[source]
Hollywood is stupid and eroded its own economic advantage by putting everything on streaming. This was already known, but it also makes antipiracy operations much, much harder.

Ripping a stream is always going to be easier than getting any unprotected video footage out of a movie theater. The stream is in your own home, you own and can tamper with all the equipment involved in playing it, and the economics of CDNs prevent robust traitor-tracing schemes[0] that could be used to hunt you down.

In contrast, movie theaters are public locations, so every one of them is a known entity. The entire supply chain for movie projection is controlled. And that makes traitor-tracing a lot easier. All the hackers pointing out that DRM is fundamentally breakable are ignoring the fact that that only matters iff you're anonymous and untraceable. Otherwise, they won't bother making the DRM stronger, they'll just arrest people until the movies stop leaking.

It's the XKCD laptop wrench story[1] in reverse. The crypto nerd imagines DRM to be easily broken trash, but the reality is that the security of the DRM is in the $5 wrench, not the math.

Let's play contrast-and-compare. If you want to leak a stream, you need:

- A streaming account

- Knowhow or software to decrypt the data stream as it's downloaded and played, or,

- Knowhow to modify a TV so that you can capture the unencrypted video and audio streams inside the TV

The last one isn't done because it's a pain in the ass and the TV scene prefers bit-perfect rips over re-encoded captures. But at some point in the TV, you have to decrypt the video; LCD panels do not natively accept encrypted signals. And that is something you can build hardware to capture.

Now let's try leaking a movie. There's a few avenues of attack, roughly corresponding to the traditional movie scene release categories:

- You can go to the theater and point a camera at the screen. They actually check for this now, in pretty much any western country you'll get kicked out or arrested for camming a movie. If you don't get caught, they can still narrow you down to a location in the room via your shooting angle, and possibly determine what theater you were at with line frequency hum. That's enough information to narrow down the guy leaking the movie to a handful of customers. Do this enough times and you create a unique fingerprint to catch yourself with.

- You can get a job as a projectionist and run the movie projector into another camera directly. That kind of machine is called a telecine, and it used to be one of the higher quality ways to get leaked movies back when they were on film. This is specifically the scenario that all the DRM in the projector is designed to stop. If you do anything to change the light path of the projector, it locks up until the manager comes in and types a password to authorize the change.

- You could bribe the manager or owner to telecine the movie for you. Problem is, the number of people who actually have the password that unlocks the projector is really small[2] and traceable. If a telecine leak is traced back to their theater, someone's getting fired at a minimum, jailed in the worst case.

- You could break the DCI scheme itself; but you still need to source the files and keys to decrypt the movies. This is the crypto nerd's imaginary scenario. Even then, the files could themselves have steganographically injected information identifying the theater who got that master copy, which you can't strip out merely by having the encryption keys. Again, nobody is giving you those files unless they're too stupid to understand the implications (unlikely) or they have faith that you can strip out the stegotext.

It's just way easier to rip a stream than a movie in a theater. And when Hollywood moved to streaming they also made it a lot easier to leak movies.

[0] To be clear, traitor-tracing each stream would require a unique encode per account to inject the stegotext; that's computationally unfeasible. Doing one encode per movie theater would still be a struggle, but less so by three orders of magnitude.

[1] https://xkcd.com/538/

[2] This is also why the 3D era of film made movies way too fucking dark.

replies(4): >>43748102 #>>43748457 #>>43748694 #>>43750515 #
5. AStonesThrow ◴[21 Apr 25 02:30 UTC] No.43748044{3}[source]
This has an analog (so to speak) in the live music bootlegging subculture. If you can convince the roadie running the mixer or the sound board to plug in your shady recording device, then you can cut a bootleg record or tape which advertises that as a selling point.

Live audio bootlegs of concerts are typically plagued with the same sort of interference, such as crowd noise, shaky everything, cheap microphone designed for voices only, overwhelming decibel levels, etc. A "clean soundboard" recording can bypass all that and sound comparatively good, especially if the band is good at playing live.

6. mysteria ◴[21 Apr 25 02:41 UTC] No.43748102[source]
To be clear, traitor-tracing each stream would require a unique encode per account to inject the stegotext; that's computationally unfeasible. Doing one encode per movie theater would still be a struggle, but less so by three orders of magnitude.

If the movie is streamed in chunks, only certain short segments would need to be reencoded to add watermark data. Alternatively it might be possible to splice in a short segment with the watermark between keyframes of the preencoded film.

Finally all of this could be done on the audio side which is much less computationally intensive compared to video.

replies(2): >>43748235 #>>43748923 #
7. stepupmakeup ◴[21 Apr 25 02:53 UTC] No.43748157[source]
Screener leaks or insider (outsourced VFX for example) leaks
8. thr0w ◴[21 Apr 25 03:09 UTC] No.43748235{3}[source]
> If the movie is streamed in chunks, only certain short segments would need to be reencoded to add watermark data

Look into A/B watermarking - https://techdocs.akamai.com/adaptive-media-delivery/docs/add...

9. thaumasiotes ◴[21 Apr 25 04:14 UTC] No.43748457[source]
> Problem is, the number of people who actually have the password that unlocks the projector is really small[2]

> [2] This is also why the 3D era of film made movies way too fucking dark.

What is the relationship between these two things?

replies(2): >>43748609 #>>43748864 #
10. washadjeffmad ◴[21 Apr 25 04:59 UTC] No.43748609{3}[source]
Wondered that, too.

Assuming it's not a typo, guessing that 3D films needed some additional calibration that didn't happen because it was a hassle needing the manager to make and reapply the changes.

11. lern_too_spel ◴[21 Apr 25 05:21 UTC] No.43748694[source]
> Hollywood is stupid and eroded its own economic advantage by putting everything on streaming.

If moving to streaming made them less money, they wouldn't have done it.

12. kmeisthax ◴[21 Apr 25 06:03 UTC] No.43748864{3}[source]
3D requires inserting an extra device into the image path to split the projector light into polarized halves, otherwise the 3D glasses don't work. Because of how light works, half the light is thrown away. So you either have a darker picture or you jack up the light (which, according to theater owners, means more wear on the projector's light source).

Now, in an ordinary scenario, you'd just have the projectionist remove the extra polarizing step from the image path for 2D showings. Except, remember, all of these projectors have DRM specifically to control who is allowed to put things in the image path of the projector. So now management has to be called in every time a theater needs to change over from a 2D or a 3D film.

Or you follow the path of least resistance and just leave all the 3D crap on the projectors all the time, keeping it at the same brightness for 2D (to save money on maintenance), which results in everything being darker.

replies(1): >>43750003 #
13. kmeisthax ◴[21 Apr 25 06:19 UTC] No.43748923{3}[source]
If you were only watermarking short sections of the video, wouldn't that make it possible to analyze the stegotext and erase it? You could have a handful of people rip the same video and then compare them, and if different sections get watermarked then you can reassemble an unwatermarked file. This also applies to splicing in short segments of watermarked video.

If you have the whole thing watermarked then all you can do to fix that is averaging; which might not even destroy the stegotext.

Audio watermarking is definitely an option; hell, there's already a DRM scheme called Cinavia that relies on watermarking[0]. If you cam a movie and play it on a Blu-Ray player, it'll actually trip this DRM scheme and, at a minimum, mute the audio or refuse to play the file. I would argue this is probably the most successful use of watermarking, at least in terms of "how much piracy does this frustrate"; but even then you can just play your cams on something else and get around it.

And this is all assuming your CDN provider offers cheap-enough edge compute to inject watermarks before the video hits the user's device. I haven't looked into this recently, but I remember early DRM schemes having very silly bypasses[1] because CDNs could only serve static files. Someone else linked to Akamai documentation about watermarking, but I have no idea how much extra that costs or how much it might complicate other parts of the setup.

[0] https://en.wikipedia.org/wiki/Cinavia

[1] e.g. Remember when someone made an iTunes Music Store client that just didn't encrypt anything, because all the encryption was done on your own device?

replies(1): >>43753796 #
14. Thlom ◴[21 Apr 25 09:40 UTC] No.43750003{4}[source]
It's been a few years since I was in the industry, but I don't think this is entirely correct. As far as I remember the polarizer (or for Dolby 3D, the color wheel) was placed on a rail system to be slid in and out of the light path when required (It's possible that cheaper/older versions can't be automated). The polarizer is placed outside of the projector in front of the lens so no password is required to remove it. There is a security step between the projector and the playback server, but that sits on the first PCB the data signal from server hits on the projector (If I remember correctly).

With regards to the projectors light source you are correct, higher illumination means more wear on the XENON lamp in older projectors. If you have the polarizer in front of the lens at all times that would be a problem. With newer laser projectors I don't think higher illumination is a big problem for the longevity of the laser.

In any case, projectionists barley exists anymore and cinema managers knows next to nothing about the technical aspect of the business. Basically everything is automated to such a degree that all the cinema chain management needs to do is to populate the ticketing system, then films, advertisements, trailers and announcements are automatically downloaded, playlists created, distributed to screens and scheduled. Lights, projectors, doors, curtains and so in is also automated.

15. dist-epoch ◴[21 Apr 25 11:04 UTC] No.43750515[source]
> Hollywood is stupid and eroded its own economic advantage by putting everything on streaming

You are making a big assumption that they had a choice, that if a movie was not put on streaming, the consumer would go to the cinema to watch it.

But many consumers don't, if the movie is not streaming, they just don't watch it at all.

replies(1): >>43752512 #
16. Bedon292 ◴[21 Apr 25 14:38 UTC] No.43752512{3}[source]
But how much of that is because they know it will come to streaming soon for free? I feel like the 'if the movie is not streaming, they just don't watch it' mentality was driven by everything being put on streaming. I am not the average consumer, so I could definitely be off base, but I feel like people were more willing to go to see a movie in theaters when they knew it would be months before they would be able to see it if they didn't. Now it can be available for streaming within weeks, many times included with the subscription you already have. Hard to justify $20 per person to go see something in a theater when you can all see it a month later included in your $15 subscription.
replies(1): >>43755068 #
17. mysteria ◴[21 Apr 25 16:31 UTC] No.43753796{4}[source]
Sectional watermarking is always going to have a higher risk of detection using multiple rips but that's the tradeoff you get with computational power. As you said the best option is to watermark the whole thing but that's expensive.

Cinavia looks interesting as it's done on the client side, like how programs like Photoshop detect the watermarks in banknotes to prevent people from using it to create forgeries. If they managed to get it into the firmware of every television, AVR, etc. then it would be much more effective than just having it on Blu Ray players.

18. dist-epoch ◴[21 Apr 25 18:41 UTC] No.43755068{4}[source]
> but I feel like people were more willing to go to see a movie in theaters

There was no Internet, no TikTok, shitty games, not much to compete with movies then.