How are groups getting the high quality digital dumps of some movies then?
replies(3):
Ripping a stream is always going to be easier than getting any unprotected video footage out of a movie theater. The stream is in your own home, you own and can tamper with all the equipment involved in playing it, and the economics of CDNs prevent robust traitor-tracing schemes[0] that could be used to hunt you down.
In contrast, movie theaters are public locations, so every one of them is a known entity. The entire supply chain for movie projection is controlled. And that makes traitor-tracing a lot easier. All the hackers pointing out that DRM is fundamentally breakable are ignoring the fact that that only matters iff you're anonymous and untraceable. Otherwise, they won't bother making the DRM stronger, they'll just arrest people until the movies stop leaking.
It's the XKCD laptop wrench story[1] in reverse. The crypto nerd imagines DRM to be easily broken trash, but the reality is that the security of the DRM is in the $5 wrench, not the math.
Let's play contrast-and-compare. If you want to leak a stream, you need:
- A streaming account
- Knowhow or software to decrypt the data stream as it's downloaded and played, or,
- Knowhow to modify a TV so that you can capture the unencrypted video and audio streams inside the TV
The last one isn't done because it's a pain in the ass and the TV scene prefers bit-perfect rips over re-encoded captures. But at some point in the TV, you have to decrypt the video; LCD panels do not natively accept encrypted signals. And that is something you can build hardware to capture.
Now let's try leaking a movie. There's a few avenues of attack, roughly corresponding to the traditional movie scene release categories:
- You can go to the theater and point a camera at the screen. They actually check for this now, in pretty much any western country you'll get kicked out or arrested for camming a movie. If you don't get caught, they can still narrow you down to a location in the room via your shooting angle, and possibly determine what theater you were at with line frequency hum. That's enough information to narrow down the guy leaking the movie to a handful of customers. Do this enough times and you create a unique fingerprint to catch yourself with.
- You can get a job as a projectionist and run the movie projector into another camera directly. That kind of machine is called a telecine, and it used to be one of the higher quality ways to get leaked movies back when they were on film. This is specifically the scenario that all the DRM in the projector is designed to stop. If you do anything to change the light path of the projector, it locks up until the manager comes in and types a password to authorize the change.
- You could bribe the manager or owner to telecine the movie for you. Problem is, the number of people who actually have the password that unlocks the projector is really small[2] and traceable. If a telecine leak is traced back to their theater, someone's getting fired at a minimum, jailed in the worst case.
- You could break the DCI scheme itself; but you still need to source the files and keys to decrypt the movies. This is the crypto nerd's imaginary scenario. Even then, the files could themselves have steganographically injected information identifying the theater who got that master copy, which you can't strip out merely by having the encryption keys. Again, nobody is giving you those files unless they're too stupid to understand the implications (unlikely) or they have faith that you can strip out the stegotext.
It's just way easier to rip a stream than a movie in a theater. And when Hollywood moved to streaming they also made it a lot easier to leak movies.
[0] To be clear, traitor-tracing each stream would require a unique encode per account to inject the stegotext; that's computationally unfeasible. Doing one encode per movie theater would still be a struggle, but less so by three orders of magnitude.
[2] This is also why the 3D era of film made movies way too fucking dark.
If the movie is streamed in chunks, only certain short segments would need to be reencoded to add watermark data. Alternatively it might be possible to splice in a short segment with the watermark between keyframes of the preencoded film.
Finally all of this could be done on the audio side which is much less computationally intensive compared to video.
If you have the whole thing watermarked then all you can do to fix that is averaging; which might not even destroy the stegotext.
Audio watermarking is definitely an option; hell, there's already a DRM scheme called Cinavia that relies on watermarking[0]. If you cam a movie and play it on a Blu-Ray player, it'll actually trip this DRM scheme and, at a minimum, mute the audio or refuse to play the file. I would argue this is probably the most successful use of watermarking, at least in terms of "how much piracy does this frustrate"; but even then you can just play your cams on something else and get around it.
And this is all assuming your CDN provider offers cheap-enough edge compute to inject watermarks before the video hits the user's device. I haven't looked into this recently, but I remember early DRM schemes having very silly bypasses[1] because CDNs could only serve static files. Someone else linked to Akamai documentation about watermarking, but I have no idea how much extra that costs or how much it might complicate other parts of the setup.
[0] https://en.wikipedia.org/wiki/Cinavia
[1] e.g. Remember when someone made an iTunes Music Store client that just didn't encrypt anything, because all the encryption was done on your own device?
Cinavia looks interesting as it's done on the client side, like how programs like Photoshop detect the watermarks in banknotes to prevent people from using it to create forgeries. If they managed to get it into the firmware of every television, AVR, etc. then it would be much more effective than just having it on Blu Ray players.