A Delphi question on the changing shape of Piracy

[Greg Anos]

I know this is going to be perceived as a troll, but it is not.

Piracy on the internet has been mostly done as a widespread, public accessible, clear text file transfer. Whether it was done by a central server (the original Napster) or Peer-To-Peer, it has always been about finding and uploading/downloading clear text files.

Now, one of the most (in)famous names in the pirate world is going to set up a world wide Cloud storage with automatic, inherent, strong encryption on the upload. Only the uploader will have the key. (How strong the encryption will be remains to be seen.) However, the file can be downloaded by anybody who know it's there, and anybody with the decryption key can decrypt it. It would be perfect for friend-to-friend, small sale piracy.

What I wonder, and would like to get other views on, is will this start changing the shape of piracy from wide availability piracy to narrow focus, friend-to-friend piracy, where person a know person b and wants to share something with them, but not the whole world.

I'd like to Delphi this among the Mobile Read posters.

(This it not to say I am in favor of piracy. This may be a total paradigm shift though...)

[fjtorres]

That is pretty much how software piracy started: back in the early 80's pirate sites were dial-up bulletin boards accessible only by those who got the phone number and password from the operator and/or an existing member. You had to know somebody who knew somebody.
And the "price" of download rights was uploads, usually measured in bytes worth of content.

[Greg Anos]

The difference is the modern method doesn't require any work at all, anybody can do it for anybody else...

[FizzyWater]

How is this different (except for maybe having to have an encryption key) that people who upload to Megaupload or RapidShares....or even create a shared folder in Dropbox? Maybe those are not specifically *for pirates by pirates*, but the usage is the same IMO.

Personally, I've always felt friend-to-friend sharing was ethically acceptable (despite its legality) for reasons that have been said a million times here (already do it with paper books).

But I've seen websites where people post they've uploaded books to Megaupload or various other sites and post the link. What would stop that kind of sharing of this other site?

[speakingtohe]

Quote:

Originally Posted by Ralph Sir Edward

What I wonder, and would like to get other views on, is will this start changing the shape of piracy from wide availability piracy to narrow focus, friend-to-friend piracy, where person a know person b and wants to share something with them, but not the whole world.

I share books with my 87 year old mother who would not know how to share them with anyone else. Her kindle is registered to my account.

I do not think it is wrong to allow someone else to read your ebook as long as you are 100% sure they cannot/will not share your ebook with someone else. But probably I am ethically wrong on that.

For example if I email a copy of an ebook to a friend, and they in turn email a copy to two friends, who then email a copy to two friends, soon there are a exponential amount of copies of your copy in circulation.

Not intentional piracy per se, but the end result is pretty similiar.

Helen

[fjtorres]

Quote:

Originally Posted by speakingtohe

I share books with my 87 year old mother who would not know how to share them with anyone else. Her kindle is registered to my account.

That happens to be both ethically and legally acceptable under Amazon's terms of service. (But not necessarily legal under other companies' TOS boilerplate.)

Piracy considerations don't factor into it; you paid for the book and you're within the letter of the contract.

[kevinp]

I don't think it will be any different. When people post the link to their file, they will also post the encryption key.

[Elfwreck]

Quote:

Originally Posted by Ralph Sir Edward

Now, one of the most (in)famous names in the pirate world is going to set up a world wide Cloud storage with automatic, inherent, strong encryption on the upload. Only the uploader will have the key. (How strong the encryption will be remains to be seen.) However, the file can be downloaded by anybody who know it's there, and anybody with the decryption key can decrypt it. It would be perfect for friend-to-friend, small sale piracy.

This system already exists, in password-locked files loaded to things like MegaUpload, in Googledocs that are shared with a select few or "only those who have the link," in shared-with-a-few folders on Dropbox, SkyDrive or SugarSync. Setting it up for ease of selective sharing (for which none of those are optimized) and good encryption are enhancements, but they're building on features that are already available.

So I don't think this will be a game-changer, although I do think it'll get a lot of press about "changing the way filesharing works on the internet." It won't, though; anything designed to optimize small-scale sharing won't change much at all. It'll be incredibly convenient for people who want to do small-scale sharing and were struggling to make the other sites work for that, but those who actively want to distribute widely will continue to use other methods--torrents, open file uploads, newsgroups, and the occasional website hosted outside the US or EU with files available until someone sorts through the paperwork to get the thing shut down.

Media companies will make big noise about it, but will be even less effective at tackling it in court than the RIAA has been against music downloads & torrenting. The targets are even smaller and more scattered, and the obvious legit uses (share kid's photos with relatives; share master's thesis drafts with study group; share small business documents with all six employees) means there'd be no useful case against the site itself.

Prediction: Much noise and drama; no change in the internet nor copyright law.

[fratermus]

Quote:

Originally Posted by kevinp

I don't think it will be any different. When people post the link to their file, they will also post the encryption key.

Not all cryptosystems are symmetric and therefore do not involve the exchange of secret keys.

Consider an PKI version where the uploader encrypts to the public key[s] of members of a known and trusted group. Works with regular communications as well as anything else (not just, or even primarily, about piracy).

[fratermus]

Quote:

Originally Posted by Ralph Sir Edward

It would be perfect for friend-to-friend, small sale piracy.

Fast, non-descript cars would be perfect for smuggling.
Backyards with fences would be perfect for growing pot.
Clothes with roomy pockets would be perfect for shoplifting.
Coca-cola would be perfect for inducing Type II diabetes.
Chef's knives would be perfect for murders in a kitchen.

[JoeD]

It won't be all that different to when people copied CDs and handed (or posted) them to their mates whenever they called, who then copied, handed them on to theirs.

People will avoid the need to go around to a friends house to obtain a copy and to an extent the friends of friends of friends may all be able to get access to the content at the same time, but scale wise I think it will remain much closer to hand to hand copying than p2p currently is.

The reason I believe that is that if the scale grows too large, e.g much beyond the known/trusted friends and their friends only group, it will be easy for investigators to get onto the lists and decrypt/determine what the content is, then have it removed and potentially go after the account holder for that particular group (may be easy or hard depending). Either way, the scale would need to be smaller to remain more secure. Of course those friends who download it, may then encrypt/upload to a new group.

edit: removed a few paragraphs that may have risked taking the thread way off topic. I'll save them for a more appropriate thread

[Ninjalawyer]

I'm not really sure how this setup is different than any "cyberlocker" website. People will still be able to distribute files widely with this system, they'll just have to post a link to the file in a forum and, if they've set one up, the password.

This isn't changing piracy, just driving it slightly farther underground.

[Greg Anos]

I think I mis-spoke in the initial thread. Let me try again.

What I am asking is - With a easy-to-use (and cheap) combination of cloud storage and strong encryption, it would make it virtually impossible for for copyright holders to be able to know even if their copyright is being violated, on a small scale.

Only if a key to a file is widely disseminated, would then the copyright holders be able to find out about the piracy.

Today, things like search engines allow millions people to find out about the availability of I.P., and be able to access it. This includes the pirates and the copyright holders both. Under the system coming into place, nobody other than the people with the decryption key would even know what a file is and what's in it.

This, to me, seems to be a game-changer. It's not that it couldn't be done before, but if there is simple, one stop shopping (so to speak), it will be as if the sneakernet just went online....

[DiapDealer]

Quote:

Originally Posted by Ralph Sir Edward

What I am asking is - With a easy-to-use (and cheap) combination of cloud storage and strong encryption, it would make it virtually impossible for for copyright holders to be able to know even if their copyright is being violated, on a small scale.

I still don't really get it. It's always been virtually impossible for copyright holders to be able to know if their copyright was being violated on a small scale. Even long before ebooks were ever conceived. I guess I just can't get my head around how this might be considered a "game-changer." "Easy" doesn't change anything if it's still "small."

[JoeD]

Quote:

Originally Posted by DiapDealer

I still don't really get it. It's always been virtually impossible for copyright holders to be able to know if their copyright was being violated on a small scale. Even long before ebooks were ever conceived. I guess I just can't get my head around how this might be considered a "game-changer." "Easy" doesn't change anything if it's still "small."

Exactly.

The only change cloud based/encryption may make, is that the scale of small may be able to grow a little larger.

For example, 5 people send their public keys to an uploader they trust. From then on any new addition to the group only occurs if one of the existing members wants to admit a friend. This could be done by anonymously posting a signed copy of their friends key encrypted using the uploaders private key. The uploader will never know who the new friend is and the new friend will never know who the uploader is (only the original trusted 5 know), however the uploader knows one of the existing core 5 (or several other existing members trust this new member) and starts including their public key in future releases.

It's a piracy spin on the web of trust.

At some point the group may grow too large and a member of a company enforcing copyright manages to be admitted. They can then decrypt all the latest posts and issue take down requests. However, if the group doesn't grow too big, that's less likely to happen and it will only impact that groups releases.

If any members in that group are taking the downloads and re-encrypting them to distribute to another group they're a member of, then a takedown might only impact a handful of people at a time.

However, for this to work on a large scale and replace torrents etc it will need software that makes the process trivial. That could be the weak point if the software is deemed to only be used for copyright infringement (e.g napster) it may be easier to restrict access to that, although that may be easier said than done.

Either way, I don't think it will be any better or worse than the current situation.