I just read an interesting article on internet piracy in a TV-producer friend's professional magazine (DGA Quarterly Fall09 "The Piracy Problem").
They mention the most effective solution is to identify users who are downloading pirated content and simply inform them their actions are illegal. Perhaps the next step is suspending their internet connection for a short period (60min) with the help of the ISP. That would be sufficiently disruptive to alter their behavior most likely.
However the question is how do you identify these users? Its a cat and mouse game. If the p2p clients (the mice) get smart, they can do fancy things to hide their tracks. I just spent 120 sec musing about what I would do (a mental exercise only), and at the limit I'd encrypt all traffic, and send it all to port 80 or 443 to make it look like web traffic, using a kernel module to redirect necessary packets to the correct application port based on a token in the payload or perhaps some useful header field.
The cat would probably do something like measure the rate and number of different connections to a node to identify the mouse, rather than the contents of the data stream itself. Then the mouse would attempt to make its traffic look indistinguishable from a busy user reading multiple webpages at once. The mouse just has to make identifying himself hard enough to cause the cat to make mistakes once in a while, to cause false positives. I.e. if the cat shut down the internet connection of a legitimate web browsing customer for 60min, just once per 10,000 users monitored, that would likely be enough to stop the cat altogether. The ISP does not want to jeopardize its customer relationships, give refunds, get the reputation for invading privacy, etc.
The ultimate cat would be a employ a method that affects only filesharing protocols, but not web-browsers, and legitimate users. I cannot think of one myself.
No comments:
Post a Comment