Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Might iCloud Be a Musical Honeypot?

CmdrTaco posted more than 3 years ago | from the well-of-course-it-is dept.

Cloud 375

An anonymous reader writes "Between watermarked MP3 files and matching identical files, iCloud Music Match might wind up being a giant trap for finding owners of illegally copied files should the RIAA subpoena the evidence."

cancel ×

375 comments

Sorry! There are no comments related to the filter you selected.

Admiral Akbar saw this coming (-1)

Anonymous Coward | more than 3 years ago | (#36517038)

N/T

Re:Admiral Akbar saw this coming (2)

tripleevenfall (1990004) | more than 3 years ago | (#36517088)

even though there was only 1 comment when I clicked, I knew I would be too late.

Which is why you sanitize your "collection"... (0)

Anonymous Coward | more than 3 years ago | (#36517060)

... Convert to WAV, then LAME it back to MP3. I bet someone can come up with a simple bash statement using mplayer and lame.

Transcoding doesn't fool YouTube's Content ID (2)

tepples (727027) | more than 3 years ago | (#36517196)

Transcoding doesn't fool YouTube's Content ID. Why should it fool iCloud Music Match?

Re:Transcoding doesn't fool YouTube's Content ID (1)

localman57 (1340533) | more than 3 years ago | (#36517274)

Because YouTube is looking for a particular song. The watermarks allow them to trace a song to the person who bought it. For example, something as simple as putting a unique id in one of the obscure pieces of metadata stored in the .mp3 file. This method would purge that metadata. It's a bit different than markers embedded in the content itself (although the music may have those as well). I believe that some video tapes used to have this sort of thing; a unique DTMF touchtone put on each copy to identify ones that were pirated from a common source.

Remember SDMI? (4, Informative)

tepples (727027) | more than 3 years ago | (#36517482)

Because YouTube is looking for a particular song.

And Apple is looking for a particular song to stream it to the user.

The watermarks allow them to trace a song to the person who bought it.

So we have two separate pieces of information to convey: the identity of the work and the provenance of the copy. YouTube's Content ID adequately identifies the work, leaving inaudible watermarks to identify the provenance. Do you remember the SDMI challenge [wikipedia.org] , involving watermarks that were allegedly inaudible but could allegedly survive a transcode?

Re:Transcoding doesn't fool YouTube's Content ID (1)

MrEricSir (398214) | more than 3 years ago | (#36517282)

The author of the article seems to think they're just hashing the file.

It's a stupid assumption, because you could easily fool it unless Apple had already scanned every song ever made, encoded it with every configuration of every version of every encoder ever developed, and stored the hash.

Re:Transcoding doesn't fool YouTube's Content ID (0)

Anonymous Coward | more than 3 years ago | (#36517368)

YouTube: identifies song, assumes you don't own permission to broadcast it
iCloud: identifies song, assumes you own permission to listen to it

You WANT iCloud to identify the song, because it works in your favor. You DON'T want YouTube to identify the song.

Re:Transcoding doesn't fool YouTube's Content ID (1)

Ruke (857276) | more than 3 years ago | (#36517566)

So long as iCloud: "assumes you own permission to listen to it, discards any personally identifiable information linking song-on-your-hard-drive to you."
If they assume you have permission, store evidence that you actually don't have permission, and then get subpoenaed on behalf of the RIAA, you're going to be up shit-creek without a paddle.

Re:Transcoding doesn't fool YouTube's Content ID (2)

ZombieBraintrust (1685608) | more than 3 years ago | (#36517770)

Get a subpeonea? Why would they need to do that. They have contracts with Apple to have this service. For all we know those contracts include a monthly report from Apple on possible infringement.

Re:Which is why you sanitize your "collection"... (1)

Hatta (162192) | more than 3 years ago | (#36517692)

No! Bad! No biscuit!

Re:Which is why you sanitize your "collection"... (1)

errandum (2014454) | more than 3 years ago | (#36517694)

If their hashing includes a spectrum analysis that wouldn't work.

If they want to find pirated copies they will, it won't matter how many times you transcode it (unless you actually modify the song). And a good genetic algorithm won't be fooled by that either.

I just doubt Apple will ever let anyone look at those files... Especially because apple is paying the big companies for the right to stream copies of their music (even if illegal). So they get payed even by the songs you downloaded.

Re:Which is why you sanitize your "collection"... (1)

Ruke (857276) | more than 3 years ago | (#36517838)

While this is technically feasible, 99% of people will not do this. If something is perfectly safe if, and only if, you're a paranoid expert, it's not very safe at all.

Re:Which is why you sanitize your "collection"... (1)

MBGMorden (803437) | more than 3 years ago | (#36517936)

Wouldn't it be easier (and less damaging to the quality) to just write a script to strip all non-essential metadata (ie, everything except title, album, and artist) out of the file?

Absolutely not (4, Insightful)

hsmith (818216) | more than 3 years ago | (#36517062)

Apple as a company cares a lot more about their brand image than most. If suddenly Apple had 90% of it's customers who uploaded pirated music being sued because of a service Apple provided - it would be bad. I'd assume that yearly fee you pay goes to the RIAA, because Apple being a hardware company cares little about software when it is driving their hardware sales.

Re:Absolutely not (1)

tripleevenfall (1990004) | more than 3 years ago | (#36517182)

It would be interesting to know if they are paying RIAA off out of the revenue from the iCloud service.

However, as far as "Steve wouldn't do that, Steve loves us"... when it comes to subpoenas, Apple might not have a choice but to comply.

Re:Absolutely not (2, Informative)

tripleevenfall (1990004) | more than 3 years ago | (#36517198)

In addition, does this criticism not apply to Google's budding Music service?

Re:Absolutely not (5, Funny)

Duradin (1261418) | more than 3 years ago | (#36517400)

Google good. Apple bad.

Please report to the nearest /. reeducation center.

Re:Absolutely not (1)

BadPirate (1572721) | more than 3 years ago | (#36517338)

I think the key here (and likely what Apple plans to do), is to avoid having the honey pot in the first place. The iCloud service has no need beyond the original matching to keep a record of what Hash was used by which user to get which legal version of what music file. By not retaining any personally identifying information (beyond what legitimate songs a user is entitled too)... Apple could truthfully and fully comply with any subpoena without giving away anything.

Re:Absolutely not (2)

vux984 (928602) | more than 3 years ago | (#36517474)

Don't be daft. They absolutely want to know what songs you have, and which you listen to, and how often you listen to them, so they can profile you and sell you more crap.

Re:Absolutely not (1)

fusiongyro (55524) | more than 3 years ago | (#36518002)

His point is that they don't have to actually store the file in violation. So it doesn't necessarily have to even look like a violation in their records.

Note that I'm saying it doesn't have to, not that it will not, which remains to be seen. However, it would be a PR disaster for Apple if people wound up sued over using iCloud, so it seems unlikely to me.

Re:Absolutely not (0)

Anonymous Coward | more than 3 years ago | (#36517898)

iTunes is linked to you personally. They know what they're giving you and will have the transactions for each file for their own accounting purposes. Apple will datamine this to see how to change the service to make more money. After 18 months or so, the RIAA will subpoena this information in the mother of all John Doe fishing expeditions.

Re:Absolutely not (1)

Tharsman (1364603) | more than 3 years ago | (#36517648)

I think there were leaks noting 70% of iTunes Matc 24.99 yearly fee is going to the studios.

Also Apple can protect consumers by simply not gathering any signs of piracy. In theory they don't even need iCloud to do this, they could do this years ago just by datamining iTune libraries. They already scan it for Genius recomendations and have done so while respecting user privacy.

Re:Absolutely not (1)

Anonymous Coward | more than 3 years ago | (#36517454)

If suddenly Apple had 90% of it's customers who uploaded pirated music being sued because of a service Apple provided - it would be good.

FTFY

It would allow Apple to make a deal with the RIAA where the person gets out of being sued by 'buying' all the songs they illegally obtained (along with a reasonable processing fee).

Re:Absolutely not (3, Insightful)

salesgeek (263995) | more than 3 years ago | (#36517934)

a) Who cares what Apple thinks or their brand (in context of this discussion). If the RIAA or one of it's members files suit and gets access to music stored in iCloud in discovery, Apple has to obey the law. Apple's employees probably care a lot more about not going to jail for contempt of court than they do about getting your business or being cool. All the money and lawyers in the world will not intimidate a Federal Court Judge who spends the better part of their career dealing with litigation between companies, governments and people with more money than God.

b) If 90% of Apple's customers use iCloud for storing pirated music, that will be a problem with the business plan, unless you are right about some legal/license arrangement existing in advance.

c) Assume nothing. It would be wise to read the contract, terms of service and any license agreement between the labels, RIAA and Apple before putting yourself and your family at risk. Personally, I hope Apple has got a solution on this. If not, then I'd rather not be left out in the wind like iPhone developers are right now (see Lodsys).

It'a an Apple article! (0)

Anonymous Coward | more than 3 years ago | (#36517074)

Based purely on speculation! Revolt against Apple! Revolt!

What motivation would apple have? (0)

Anonymous Coward | more than 3 years ago | (#36517084)

Doing something like that to customers would ruin Apple's reputation with customers, and for what gain? So the music companies could sue their customer more successfully?

Re:What motivation would apple have? (1)

Saishuuheiki (1657565) | more than 3 years ago | (#36517176)

It could be part of the agreement signed to get the music companies to agree to put their stuff up on it

Re:What motivation would apple have? (2)

node 3 (115640) | more than 3 years ago | (#36517848)

That doesn't answer the question. What motivation would Apple have to agree to something like that? It's completely absurd.

Sure it *COULD* be... (3, Insightful)

mark-t (151149) | more than 3 years ago | (#36517094)

... but it won't be effective, because pirates won't utilize it.

Re:Sure it *COULD* be... (0)

Anonymous Coward | more than 3 years ago | (#36517278)

but a lot of iDIOTS will.

Re:Sure it *COULD* be... (1)

mark-t (151149) | more than 3 years ago | (#36517426)

They will, at best, only actually catch a couple of them, because the news will spread so fast that everybody else who might have otherwise got caught for pirating by using it will quit using it immediately.

Re:Sure it *COULD* be... (0)

Anonymous Coward | more than 3 years ago | (#36517552)

Why? The RIAA and Apple can wait for years until the iCloud service has reached market saturation, then spring the trap.

Re:Sure it *COULD* be... (1)

cultiv8 (1660093) | more than 3 years ago | (#36517490)

Exactly, it will only catch those who have a few pirates in their entire collection. This could play out the same way that NY decreased crime in the 90's [wikipedia.org] using the broken windows theory [wikipedia.org] ; bust the people doing petty crimes to prevent escalation into more serious crimes.

Or it'll just be a PR nightmare for Apple.

Re:Sure it *COULD* be... (1)

Kenja (541830) | more than 3 years ago | (#36517650)

Which pirates? The ones with raid systems full of MP3s or my mother who downloaded a couple CDs from "free" music sites?

Sounds like a good idea... (0)

Anonymous Coward | more than 3 years ago | (#36517130)

But I'm staying the fuuuuu away.

Depends how it works (1)

MrEricSir (398214) | more than 3 years ago | (#36517134)

Are you actually uploading the MP3s to Apple? I don't think so.

The service has to "fingerprint" the files in some way. A hash of the file wouldn't be enough to identify it, since there could be an unlimited number of hashes for the same song.

At most, it's probably like SoundHound or Shazam that just listens to the track. Based on that type of analytic data, there's no way the RIAA or whoever could know whether you purchased the track legally or not.

Re:Depends how it works (1)

tepples (727027) | more than 3 years ago | (#36517342)

Based on that type of analytic data, there's no way the RIAA or whoever could know whether you purchased the track legally or not.

I once read an article about various methods of encoding an inaudible watermark in audio's phase. Shift the audio two samples early or two samples late after a kick drum, or invert both channels' phase by 180 degrees after a crash cymbal, or the like. All this is imperceptible to the human auditory system, but the information it encodes still survives popular psychoacoustic codecs.

FUD? (4, Insightful)

SkywalkerOS8 (398450) | more than 3 years ago | (#36517140)

Doesn't the same problem apply to the music lockers (Amazon, Google) or even Dropbox? Why single out iCloud?

Re:FUD? (1)

Tasha26 (1613349) | more than 3 years ago | (#36517440)

Good question, that South Park episode was perhaps spot on about "carefully reading Apple T.O.S." I suspect Google & Amazon online storage are alternatives to your hard-drive, so there should be a privacy clause (they don't get to interact with your files). With Apple, this article points to Apple having the right to do data mine. In both cases, I wonder if one can tell if a nosy admin has gone through your online files?

Re:FUD? (1)

Teun (17872) | more than 3 years ago | (#36517520)

Low hanging fruit?

Actually... (5, Insightful)

MrEricSir (398214) | more than 3 years ago | (#36517554)

The problem is much worse with Amazon, Google, DropBox, etc. With those services you're uploading the file itself to their servers. The RIAA could stomp in with a fancypants court order and demand to see your music collection.

With iCloud you're not uploading the file; you're getting the "right" to play a different copy of the file that already exists on Apple's servers. Even if the RIAA came in, it's not clear there's much they could do.

Re:FUD? (1)

Flyerman (1728812) | more than 3 years ago | (#36517744)

Because it's Apple! Gotta talk about Apple!

Duh (0)

Anonymous Coward | more than 3 years ago | (#36517144)

get FLAC and re-encode.

I don't see the appeal of clouds (2)

ackthpt (218170) | more than 3 years ago | (#36517150)

Am I out of touch or am I, by default, wise? I look at these services and think "why would I want that? I have an ftp site of my own anyway."

Considering there must be a business model behind these services to make $$$ I wonder what I might have to put up with

Re:I don't see the appeal of clouds (1)

Bloodwine77 (913355) | more than 3 years ago | (#36517296)

"Cloud" is just the latest buzzword for storing data at a network-accessible data repository or using network-accessible servers to handle some workload.

The only real benefit I can see from storing media in such a solution would be that all your devices anywhere can stream the media from the repository. You might have a FTP server, but you won't find a mobile app that plays songs directly from your FTP server in real-time.

With that being said, the only "cloud" I will use is one at my home network. A private cloud. If ISPs don't all go down the dark path of data caps I can see a bright future of hosting media centers/apps on your home network and stream media from your network when you are away from home.

Re:I don't see the appeal of clouds (1)

Bucc5062 (856482) | more than 3 years ago | (#36517658)

This I do already. Thank you subsonic! My next project is photos so I don't need to upload to Picasa. It's not a bad site, but why duplicate effort. Hosting one's own media server is not for beginners, but I'd rather learn then trust the "cloud".

Re:I don't see the appeal of clouds (1)

flooey (695860) | more than 3 years ago | (#36517616)

Am I out of touch or am I, by default, wise? I look at these services and think "why would I want that? I have an ftp site of my own anyway."

The main advantage to iCloud over your own server appears to be that they'll upsample your music for you, as long as it's something they sell on iTunes. If you only have a crappy copy (that's what you could find for download, you ripped it from CD in a low bitrate, whatever), your copy on your FTP server won't be any better, but the copy in iCloud will be 256kbps AAC. Whether that's worth the price is up to you, but it's at least one clear advantage over running your own server.

Re:I don't see the appeal of clouds (0)

Anonymous Coward | more than 3 years ago | (#36517994)

Upsample? My FLACs? haha

Without U (the paying users) it would just be iClod.

Re:I don't see the appeal of clouds (5, Insightful)

Ruke (857276) | more than 3 years ago | (#36517710)

This is not marketed towards you, if you're willing to set up, configure, and run your own music server. This is marked towards the people with enormous music collections at home, who want to be able to listen to any song in their library on their mobile device at any time, without having to worry about whether their data is synced.

Your "wisdom" is no deeper than someone who says, "Why would I go out to a restaurant, when I could cook a gourmet meal myself?" or "Why would I take my car into the shop, when I'm perfectly capable of diagnosing and repairing any problems that it might be experiencing?" Cloud storage is offering a valuable service to those without the expertise or patience to do it themselves.

Re:I don't see the appeal of clouds (3, Insightful)

frank_adrian314159 (469671) | more than 3 years ago | (#36517940)

Yes, you are out of touch.

Most people do not have the skills or desire to set up their own FTP site, even if iCloud didn't do a lot more for ease of use than a simple FTP site. Do you want to set up a streaming service? Write the apps to automatically download the songs to your device? Even if the user had the skills to set up all of these services, do they have the skills and abilities to keep them secure?

I have my own FTP server set up and even that's getting to be a pain in the butt for me to maintain. I'm moving to hosted environments as quickly as I can at this point - they're good enough now and I don't have to dick about maintaining the hardware and OS anymore. I'm looking forward to the day when I can simply own one computer again.

audio fingerprinting (1)

TenMinJoe (727612) | more than 3 years ago | (#36517190)

From the article: "I also doubt that there is going to be any process that is going to ‘listen to’ the music to see if it sounds like a recognized song."

Why not? This technology exists and is available in projects like MusicBrainz Picard, used for a very similar purpose. There's every chance that iCloud could work this way.

Why don't you wait for the TOS... (0)

Anonymous Coward | more than 3 years ago | (#36517206)

...to be published before spreading this FUD. Oh yeah, then you might not be able to engage in your fear tactics.

"Cause I may be bad..." (0)

Anonymous Coward | more than 3 years ago | (#36517220)

RIAAnna ftw

You guys are completely paranoid (3, Interesting)

MouseR (3264) | more than 3 years ago | (#36517226)

You guys are completely paranoid.

There is no telling the difference between a CD that iTunes ripped or aggregated from your disk (which might have been ripped prior to iTunes' existence). Remember MacAMP (or any *AMP)? How about SoundJam? There was music before iTunes. (I tell ya!)

They are SELLING you an online subscription to "upgrade" (ie, crossgrade) this music to their catalog. This way they can stream to your devices and... believe it or not... possible upcoming thin, storage-less inexpensive devices.

The only trap in there, if any, is user's reliance on a yearly subscription; how many times are you willing to pay for the music you already own?

Re:You guys are completely paranoid (2, Informative)

Jiro (131519) | more than 3 years ago | (#36517350)

RTFA. Each time you rip from a disk, the rip is slightly different. If twenty people have the exact same file, they'll know that at least 19 of them didn't get it by ripping disks.

Re:You guys are completely paranoid (1)

kriss (4837) | more than 3 years ago | (#36517546)

Actually, no.

If you use different compression algorithms, sure, it'd yield a different result. But if you rip a CD with default settings in whatever music manager - say iTunes, for posterity - you'd end up with the same file hash as the next guy that did the same thing with the same software. Digital data, et al.

Rip jitter can be ignored (2)

tepples (727027) | more than 3 years ago | (#36517636)

Each time you rip from a disk, the rip is slightly different.

True. CD has one "subcode" byte per six samples to store timing information for the 588 audio samples in each sector. The digital data from several lossless rips is the same; it just has a random amount (up to one sector) of silence before and after it because drives are allowed to let the subcode data drift slightly out of sync from the audio data. This leads to so-called jitter [cdrfaq.org] . But rip jitter doesn't interfere with the ability to identify the actual timing of the first note of a song.

Re:You guys are completely paranoid (1)

Rolgar (556636) | more than 3 years ago | (#36517872)

So, if people buy music from Amazon, they'll have the same file (since Amazon doesn't re-rip for every customer). Which ones are valid purchasers, and which ones received a copy from a friend or file sharing site?

Re:You guys are completely paranoid (1)

AlienSexist (686923) | more than 3 years ago | (#36517376)

I have observed that itunes encodes a non human readable hexadecimal comment into the MP3 ID3 comment tag when ripping a CD. For what possible reason? If you were to share that file with someone and both of you uploaded to iCloud, why wouldn't that be detectable?

Re:You guys are completely paranoid (1)

Hatta (162192) | more than 3 years ago | (#36517762)

It would be, but that's no proof you shared the file. It's only proof that you shared the ID3 metadata.

Re:You guys are completely paranoid (0)

Anonymous Coward | more than 3 years ago | (#36517398)

Apple won't be streaming the music to devices. The devices actually download the music first.

Duh, of course (2)

AlienSexist (686923) | more than 3 years ago | (#36517246)

We shouldn't expect that they would store peoples' music files without exploiting the advantage of learning about what people have uploaded, right? Of course they are going to look for any exploitable pattern that can be gleaned. Comparing most-popular songs uploaded v.s. most-popular by sales to determine what kinds of music people acquire elsewhere, encoding qualities people typically utilize, track changes with encoding format trends, better quantify the amount of stolen music, collecting bounties on self-incriminated pirates... There simply must be business value for them to bother with this endeavor at all.

Re:Duh, of course (1)

node 3 (115640) | more than 3 years ago | (#36517980)

There simply must be business value for them to bother with this endeavor at all.

Yes, it's called "selling hardware", which is something Apple intends to do for many years to come, and something which they will find exceptionally difficult to keep doing of they *EVER* do anything like this idiotic notion.

Stupid argument for several reasons (2, Informative)

SuperKendall (25149) | more than 3 years ago | (#36517280)

1) Apple doesn't get the file; that would take forever. They fingerprint or otherwise use ID information from the file to see what song you get. Without the file there is no "proof".

2) The implied message of the program is to bring pirates in "out of the cold" with a blanket payment. The music industry doesn't care as they finally get something instead of nothing. They would not seek to kill this golden egg they are about to hatch.

3) Suing individuals has just about run the course; there is no profit in it (for the music industry, movie industry is just getting started there).

4) No way for the most part to distinguish between copies you ripped off a CD and downloaded.

This story is an Apple Haters wet dream, they same technique they always try where they take something positive Apple is doing (providing a way to move away from pirating music for the masses) and twisting it into some distorted version that is actually evil in some way. The music industry itself has and will be evil incarnate, but Apple has treated the consumer quite well to date and really served as a needed buffer between the populace and ravening madness that is the combined record industry.

One more, cannot prove you shared it... (5, Insightful)

SuperKendall (25149) | more than 3 years ago | (#36517340)

5) Even if you owned a file that was without a shadow of a doubt pirated, that doesn't matter if they can't prove you SHARED it. If you just own it all you MIGHT be liable for the 0.99 the song could be purchased for, not the 200x damages they normally seek in lawsuits. There is no way to prove, from a file, that YOU have shared it as opposed to someone else.

Re:One more, cannot prove you shared it... (1)

TheLandyman (1130027) | more than 3 years ago | (#36517618)

And also, there is no way for them to prove just by looking at the possibly 'pirated' file that you are not just being lazy. I could, for example, have a case of CDs that I feel like downloading in 5 minutes per CD, rather than ripping (and using my precious CPU) for 10 or 20 - not to mention all that wear and tear on my optical drive. As you say, if you are not SHARING (i.e. using torrents) then you still have committed no crime as long as you OWN a copy of the media in question. Also, for media that you have purchased which is damaged or possibly stolen, the same is true.

Re:One more, cannot prove you shared it... (1)

am 2k (217885) | more than 3 years ago | (#36517950)

And also, there is no way for them to prove just by looking at the possibly 'pirated' file that you are not just being lazy. I could, for example, have a case of CDs that I feel like downloading in 5 minutes per CD, rather than ripping (and using my precious CPU) for 10 or 20 - not to mention all that wear and tear on my optical drive.

The one who sent you the file still committed a copyright violation, so there's no difference whether you own another license to it or not.

Re:One more, cannot prove you shared it... (0)

Anonymous Coward | more than 3 years ago | (#36517622)

5) Even if you owned a file that was without a shadow of a doubt pirated, that doesn't matter if they can't prove you SHARED it.

No one needs to prove anything. What percentage of the population has the financial means to merely defend against the accusation?

If you just own it all you MIGHT be liable for the 0.99 the song could be purchased for, not the 200x damages they normally seek in lawsuits.

And the RIAA MIGHT just say "golly, well, for the love of music you might as well just keep it and we'll forget you ever did such a naughty thing." Why would the RIAA leave money on the table and accept a 0.99 restitution when they could go the distance and make you choose between a disgustingly inflated settlement amount or bankruptcy? On what do you base your supposition they'd be reasonable?

There is no way to prove, from a file, that YOU have shared it as opposed to someone else.

"Through Media Sentry, we uploaded selected tracks from a honeypot and collected some IP information of the downloaders. An IP address, as we know, isn't enough to uniquely identify people. However, the unique person with an iTunes account uploaded a hash derivative from that file that completes the chain of custody that helps prove our complaint, from the initial unauthorized duplication to the unauthorized storage to the false declaration of ownership."

You do not understand lawsuits or what is proven (1)

SuperKendall (25149) | more than 3 years ago | (#36517836)

No one needs to prove anything. What percentage of the population has the financial means to merely defend against the accusation?

There has to be some proof to even bring a suit or else the company bringing the suit will be heavily fined and the lawyers possibly disbarred. Witness the major damage currently in progress for Righthaven and you will understand what a company insane enough to try this would face...

All that assumes that Apple would even let them have the data, which why would they without proof? It's a catch-22 of stupidity.

Why would the RIAA leave money on the table and accept a 0.99 restitution when they could go the distance .99 IS THE DISTANCE. That is as far as they can theoretically go with you simply owning a file. And they can't even get there as I have shown.

Through Media Sentry, we uploaded selected tracks from a honeypot and collected some IP information of the downloaders.

Because the honeypot seeded it using a torrent they ALSO had proof it was being shared to other people as that is a reasonable assumption due to how BitTorrent and clients generally work. With just knowing the file exists for a user you have no proof of how they obtained it.

Plus the lawsuits you mentioned aren't even working out that well.

Re:One more, cannot prove you shared it... (0)

Anonymous Coward | more than 3 years ago | (#36517732)

but but but... you've shared it with Apple!

Re:One more, cannot prove you shared it... (1)

Angst Badger (8636) | more than 3 years ago | (#36517880)

Even if you owned a file that was without a shadow of a doubt pirated, that doesn't matter if they can't prove you SHARED it.

I hate to hit you with this, but the whole "shadow of a [reasonable] doubt" standard applies to criminal cases, not civil suits. Even in criminal cases, we're talking about reasonable doubts, not the sort of infinitely elastic justifications that small, grouchy children in the back seat on road trips give about how they really didn't touch each other. In a civil case, the standard is the preponderance of the evidence which, even if it's on your side, will cost you an arm and a leg to prove, with the usual result being that you'll settle for an arm to be able to keep the leg.

Re:Stupid argument for several reasons (1)

Anonymous Coward | more than 3 years ago | (#36517532)

1) Apple doesn't get the file; that would take forever. They fingerprint or otherwise use ID information from the file to see what song you get. Without the file there is no "proof".

There is no reason a cryptographically secure hash, e.g. from the SHA-2 family, would not be considered proof.

Proof of WHAT (1)

SuperKendall (25149) | more than 3 years ago | (#36517564)

There is no reason a cryptographically secure hash, e.g. from the SHA-2 family, would not be considered proof.

That you have a file with a given song, yes.

That you own a copy that came from pirating instead of a copy that came from ripping using the exact same software on a different system, no.

You also assume Apple wants to keep all those hashes. Why would they? They don't care.

Re:Stupid argument for several reasons (1)

Anonymous Coward | more than 3 years ago | (#36517536)

1) Apple doesn't get the file; that would take forever.

This isn't entirely correct -- if the song isn't already in the iTunes Store's library, the file *will* be uploaded.

Good point (1)

SuperKendall (25149) | more than 3 years ago | (#36517706)

This isn't entirely correct -- if the song isn't already in the iTunes Store's library, the file *will* be uploaded.

That's actually a very good point; music Apple doesn't sell will be uploaded.

However, again it's not proof you have shared the file with anyone (which they need to seek damages), and also at this point if a song is not on iTunes it's probably not owned my a major label so who would come after you?

It also assumes visibility into the "cloud" by third parties which I can assure you is something Apple does not want liability for.

Re:Stupid argument for several reasons (1)

Anonymous Coward | more than 3 years ago | (#36517644)

Have no fear SuperKendall is here to save Apple's day! I'm just waiting for TatsuNG-whatever to chime in too.

Re:Stupid argument for several reasons (0)

Anonymous Coward | more than 3 years ago | (#36517814)

Yar! His tongue be far up thar arse! I - Unbelieving Pirate

Here to battle utter stupidity (0)

SuperKendall (25149) | more than 3 years ago | (#36517946)

I am not here to "save" anyone, much less a giant multinational corporation with more lawyers than I have t-shirts.

It's just that stupidity rubs me the wrong way, and few people on this planet are as willfully stupid as the Apple Hater. I am however gleeful in correcting stupidity on all fronts, not just Apple stories.

Basically I am doing what small part I can to delay the heat death of the universe by stemming the tide of intellectual entropy. So perhaps I am here to save something after all..

Re:Stupid argument for several reasons (1)

chemicaldave (1776600) | more than 3 years ago | (#36517958)

2) The implied message of the program is to bring pirates in "out of the cold" with a blanket payment. The music industry doesn't care as they finally get something instead of nothing. They would not seek to kill this golden egg they are about to hatch.

I think it's important to note that past services have existed to bring pirates in "out of the cold" before. Internet radio, individual song purchases, etc. Yet the industry still pursues legal cases.

Ridiculous (4, Insightful)

brit74 (831798) | more than 3 years ago | (#36517312)

Yeah, because Apple wants to spend hundreds of millions of dollars creating and promoting its iCloud service just so that they can bring the hammer down on pirates and drive everyone away to other services. That makes sense. Maybe Slashdot is getting a little paranoid and forgetting what companies actually care about (money). Seriously, how did this type of paranoia get to the front page without being flagged as "makes no economic sense". Besides, if Apple were going to do that, then why haven't they already leveraged their iTunes application to do the exact same thing?

Re:Ridiculous (1)

c0d3g33k (102699) | more than 3 years ago | (#36517712)

Well, why not?

Will Apple make more money selling music at $0.99/track, or $hundreds_or_thousands_or_millions selling infringers to the lawyers?

My money is on the lawyers.

Re:Ridiculous (1)

wintercolby (1117427) | more than 3 years ago | (#36517884)

My concern is far less about what Apple wants to do, but more what RIAA's lawyers are able to get a subpoena to. When music I backed up from CD's that I own is sitting on my computer, in my home, there is a different expectation of privacy, and a different form of ownership, when compared to files on a remote server, housed by someone else. I won't use it or anything like it until read about the cloud provider insisting on a court order when RIAA comes knocking, and winning when they bring it to trial.

Re:Ridiculous (1)

1 a bee (817783) | more than 3 years ago | (#36517914)

Agreed. Even if this privacy thing does become an issue, it's can probably be technically addressed. For example, if the only information is in the collision of watermarks, and if those watermarks are not steganographic, then the client app downloading the file could be made to modify the watermark. That way downloaded files will look like ripped files.

Apple Excels at Customer Service (0)

Anonymous Coward | more than 3 years ago | (#36517356)

Apple does many things well, and near the top is providing a positive end user experience. Only a simpleton (or a troll) would believe Apple is setting their customers up for RIAA lawsuits.

The author lost me at MD5 (1)

LordNite (65590) | more than 3 years ago | (#36517424)

From the article:
"MD5 hash values are a cornerstone of computer forensics and fully accepted as evidence that two files are identical copies of each other. You could claim that you didn’t download the song from the file sharing network because you were the one who uploaded it, but I doubt that will help your legal predicament."

The MD5 hash has been known insecure since at least 2005. See: http://www.schneier.com/blog/archives/2005/06/more_md5_collis.html. I seriously doubt any computer forensics expert in 2011 would use MD5 hashes as evidence that two files are identical.

Re:The author lost me at MD5 (2)

nedlohs (1335013) | more than 3 years ago | (#36517586)

It's an MP3 file of a given size. Yes if the MD5s match, it is the same file.

Re:The author lost me at MD5 (0)

Anonymous Coward | more than 3 years ago | (#36517602)

Wouldn't it be trivial to just change the Comment field on your entire library (or some other metadata you're not using)? I suppose the problem here is that most people wouldn't bother.

Re:The author lost me at MD5 (0)

Anonymous Coward | more than 3 years ago | (#36517642)

From the article:
"MD5 hash values are a cornerstone of computer forensics and fully accepted as evidence that two files are identical copies of each other. You could claim that you didn’t download the song from the file sharing network because you were the one who uploaded it, but I doubt that will help your legal predicament."

The MD5 hash has been known insecure since at least 2005. See: http://www.schneier.com/blog/archives/2005/06/more_md5_collis.html. I seriously doubt any computer forensics expert in 2011 would use MD5 hashes as evidence that two files are identical.

It means it can be broken for secure communications. Running it over a file is a different matter. The hash process is fine. Maybe you cannot tell the difference between the two?

No. (0)

Anonymous Coward | more than 3 years ago | (#36517470)

They have no way to distinguish from format-shifted samples.

Much cheaper ways to do this... (1)

Beelzebud (1361137) | more than 3 years ago | (#36517472)

You can pay for a website, run something like Ampache, and have better functionality, have it be cheaper, and have your privacy.

Follow the money (4, Insightful)

hellfire (86129) | more than 3 years ago | (#36517500)

1) Apple creates this service to upload your music
2) User's upload massive amounts of pirated music
3) Apple passes to RIAA all the logins of people who have uploaded watermarked music
4) RIAA sues these people with massively punitive lawsuits
5) Apple profits!!... profits?!?! Right? Hey, where are all our iPhone customers going?

Such a move is entirely not in Apple's best interest and Apple would not let such a thing happen. Nor would Google or Amazon, unless compelled by a court of law. Steve spent months negotiating so they wouldn't get sued, they wouldn't turn around and allow their customers to be sued en masse. All the Android fans could only hope that Apple would be this galactically stupid.

Re:Follow the money (4, Insightful)

revscat (35618) | more than 3 years ago | (#36517610)

> All the Android fans could only hope that Apple would be this galactically stupid.

Which is exactly why this article was posted in the first place.

Re:Follow the money (0)

Anonymous Coward | more than 3 years ago | (#36517906)

Were not talking about apple; we are talking about the courts and the courts have been massively stupid in the past.

Case in point: copyrighting software...

Also, apple will not cross swords with the court system, DOJ or any other government agency that has anyrhing to do with law enforcement.

Why?

Steve Jobs is not massively stupid either.

Illegal to distribute. (1)

Maxo-Texas (864189) | more than 3 years ago | (#36517578)

It's not illegal to have a copy of a song.
Pretty trivial to have made a legal copy in a variety of ways including recording off the radio or your personal CD.

It is illegal to distribute songs.

Re:Illegal to distribute. (0)

Anonymous Coward | more than 3 years ago | (#36517996)

Yes, and then you see the evil in Watermarked copies. "Hmm. Joe here is uploading a copy that claims it is owned by Jane. There is no legal way Joe should have said copy. Let's go after both and see which one sticks."

No (1)

Hatta (162192) | more than 3 years ago | (#36517634)

To date, no one has been sued for downloading a file. Simply possessing a copy that was illegally made is not illegal. It is making the copy that is illegal. Since this service cannot determine who made the copy, it is no threat whatsoever.

Re:No (1)

c0d3g33k (102699) | more than 3 years ago | (#36517736)

Are you sure about this? Citation needed.

Only for stupid pirates (1)

Angst Badger (8636) | more than 3 years ago | (#36517674)

Not that I would ever do such a thing -- cough, cough -- but if I was pirating mp3s and wanted to store them on a remote server under the control of someone else, which is not very smart to begin with, I sure as hell wouldn't pick a service run by the music industry or one of its primary partners like, just for the sake of argument, Apple.

Ergo, I read this story as an excessively wordy way to say that, yes, if you are dumb as a fucking rock, the odds that you'll get caught doing something illegal are higher than average.

Thank you... (1)

Kamiza Ikioi (893310) | more than 3 years ago | (#36517686)

... Capt. Obvious. Without this story, the re-re's would never have thought of this.

As for those talking about "Aww, they'd never go after individuals!" Um, what universe did you come from? Before, they had to settle for little girls downloading Happy_Birthday.mp3. You think they'll ignore someone with a 50,000 mp3 collection given the chance? Hell no! Why? Because most people SETTLE. And they can hold you up and say, "See, see, here are the ones we've been talking about!"

So, are you, owner of 50,000 mp3's (for which you have no explination) going to settle for $100,000 fine and lose your home? Or, are you going to fight them knowing that you are not a 14 year old girl, the songs aren't Happy Birthday, and they still kicked her ass all over the place?

But hey, don't let me rain on any Apple fan-boy's parade (above comments), this same technique would work on Apple, Amazon, or Google cloud music solutions. There's no "safe" cloud storage for streaming pirated music. It's not Apple, it's the industry. They love cloud, and don't doubt it. Cloud is the new DRM. Most people just haven't realized it yet. Then again, I buy my music... now. ;) And I'm fine with using cloud.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>