Tuesday 27 November 2007

Why FairUse4WM was a good thing for the content business


12 months or so back now the nascent online video industry and the bulk of the non-Apple audio download business got it's first big security wake-up call when Viodentia hacked through Microsoft's previously unbroken DRM 10. Up to that point many within the industry while theoretically acknowledging that a crack was possible, privately felt that DRM 10 introduced a level of security that allowed the video download and music subscription business to operate in a pretty bullet-proof manner. Viodentia's FairUse4WM put paid to that myth overnight.


When the first version of FairUse4WM came out it allowed Microsoft's DRM protection to be stripped from all video and music in a user's collection within seconds. The first hack was rapidly followed by a succession of Microsoft patches and then updated hacks posted on the Doom9 forum from Viodentia before finally it Microsoft realeased a patch that stuck. Even this only lasted a few month's before the hackers struck again with a tool to unlock the keys from even Vista and the Zune player


During this time Engadget published an interview with the alleged perpetrator Viodentia. One passage in particular stands out as being particularly prescient and insightful:



"I think FairUse4WM is a good thing for the industry -- it demonstrates
that the entire world doesn't turn upside down when there's no effective
protection on content. I doubt subscription based services are impacted...the
value of a subscription is the continuing access to new titles, which isn't
dependent on the protection. "

Subsequent events have proved this to be largely correct. By blowing away the illusion of an unbreakable DRM content providers woke-up to the reality that the internet really was playing by a different rule-set. And it forced them to consider more closely what consumers wanted and what a sustainable digital product could be.


The key thing is to remember that people consume content but that they will buy product. I don't believe that DRMed content is implicitly evil as many on the internet will lobby. What is wrong with DRMed content is that it's a bad product. The strait-jacket of the existing technology means it's a royal pain-in-the-arse to use computer-based DRMed video formats in the ways that society is accustomed to using traditional video formats. It's not interoperable between systems, and often you can't even back it up. Most crucially I can't get it off my PC and onto my TV easily. And the killer for MS-DRM based audio services is that won't play on my Ipod.


Now this is nothing to do with the concept of DRM, it's just that the time, effort, resource and industry will to fix these problems hasn't been spent on product development. Put simply - Microsoft DRM - which is probably the best DRM on the market - is a bad product, not because it's DRM, but because it has a crap user experience.


Cracking it though let the music industry imagine a world without DRM, or at least effective DRM, and allowed the replication of real-world models like paying per download to be broken away from. DRMless music, Radioheads honesty box experiment, and the acknowledgement that Youtube's ad-revenue sharing is acceptable to many within the business give evidence of a growing momentum into the new possibilites of online content commerce. More crucially they could see that their existing online revenues didn't collapse overnight - to be expected really given that home-taping didn't kill music either, and that was far easier to do.


Hopefully the video business will follow suit and realise that at this point they need to re-invent the product for a new century and devise new ways of selling and packaging content should emerge. Of course they may well emerge into a world where the very same plain vanilla content is universally available for free already. But after all that's never stopped Evian.


At the end of the Engadget interview Viodentia wondered "I wonder if any subscription company will publicly admit that FairUse4WM was good for them?". Unlikely I guess, but ultimately I think he did the content business a favour.

Friday 23 November 2007

Sarkovsky in probably futile bid to stop online piracy


So the increasingly worried film and video industry isn't going to go down without a fight. And increasingly it looks like a war on multiple fronts as this time the French government are persuaded to throw themselves into the fight against global copyright meltdown. http://news.bbc.co.uk/1/hi/technology/7110024.stm


That's some set of powers they've been granted - but ultimately these kind of draconian measures are just another step in an escalating arms race that may have ultimately have effects on all of us.


Currently it's reasonably easy for an ISP to spot a file-sharer - they'll do a massive amount of upward as well as downward traffic across their internet connection, but as more and more people use both legal and illegal file-sharing - remember even the BBC iplayer uses peer-to-peer traffic now - it'll get harder and harder to spot.


So maybe the ISP could then develop more sophisticated tools to analyse the actual traffic going back and forth, likely then the file-sharers will start building encryption into the file-sharing clients and suddenly nobody will have any idea what's going on.


By this point everyone will be using file-sharing under the safe knowledge that the only way to get caught is to leave the stuff on the drive when you get it fixed down at PC World - and a removeable hard-drive which you keep at home solves that problem for under fifty quid.


Will we see speculative raids on teenagers homes to confiscate computers just in case they might be breaking the law? Or encrypted transactions being banned on ISPs? Or the CIA diverting it's monitoring equipment from the war on terror to help out an ailing Hollywood?


If the friends of Osama Bin Laden can regularly post tapes with impunity, do we really think the fans of Amy Winehouse will struggle to avoid detection?


Of course not, and the chances are that the industry will - like the music business - have to throw in the towel and think of another business model. It may not be right - but it'd be about time.

Was Natwest Bank hacked last week?


Last Friday night I popped out to the local cash machine to get some money. Lo and behold no cash! - but I got this message displayed instead stating "PRS Shutdown November 16" with a timestamp, and strangest of all what looked like a weird graphic of an ATM seemingly stripped back with gunshot effects overlaid. The graphic in particular, if it isn't a hack, looks like it's been designed to look like one.
Now I think we've all seen this with ATMs down before, usually it's a simple "out of service" message, and I've seen other run-time type errors - my favourite being what looked like a Visual Basic error dialogue I once saw on an HSBC terminal.
However, this one is a little strange - if it isn't a hack (and somehow I can't convince myself it was), it raises the spectre of a graphic designer somewhere in the depths of RBS being asked by his manager to design a holding page for system outage and coming up with something that is more inspired by Banksy than Natwest Bank brand manifesto.
Just what was the brief for this then - "Ok, the banking industry is suffering a bit of lack of public confidence at the moment, can you just knock up a quick design that looks as if the ATM has been broken into? That'll reassure people that their money is safe."
Remarkable.

Tuesday 20 November 2007

Should we trust the home office with our data?


My first reaction to the sheer scale of HM Revenue and Custom's loss of 25 million child benefit claimants bank detail was one of amazement, but I have to confess it was the number of records that amazed me, rather than the fact that some of it went missing.


It's an uncomfortable truth within the new information economy that often data security is frequently treated in a cavalier and slack fashion. From my personal experience I have worked in organisations that would be quite happy to fling fifty grand at a new firewall, but would also allow thousands of unencrypted customer data records to be biked around on recordable CDs.


Similar instances are abundant.


Hollywood studios agonising over DRM schemas and anti-piracy clauses in their contracts and yet happy to be letting their master tapes be transported around Soho in plastic bags carried by temps. Or the Natwest bank clerk in the Victoria branch who left me in his office with a pile of other customer's address and balance details face up on his desk the other day. Or the receipts from shops with the full credit card number printed at the top.


From big to small the list goes on, and it doesn't take a rocket scientist to realise that your data is no longer either safe nor private. Not because the technology is inherently insecure or vulnerable to interception, but because the technology makes no allowances for the society in which it exists.


Private information just isn't treated as the gold-dust that it is. We would never dream of transporting bank notes by courier, but data is often a different matter.

Now that a quarter of the nation's information security is compromised perhaps it's time to consider just how far out of the bottle his particular genie is.


Consider for a moment the digitisation of police, financial and educational records. Consider perhaps most importantly the upcoming placement of your medical records on the NHS "spine". There will soon be almost no part of your recorded life that will be susceptible - maybe not to deliberate attack, but definitely to the certainty of release by cock-up.

Throw in to this mix the myriad amount of other information that we've ourselves slung up on flickr, facebook and youtube and it's clear we have blundered into a new age of accidental freedom of information.


Will this lead to a dramatic re-evaluation of e-government, with a corresponding rolling back of centralised access to information? Somehow I doubt it.


However I think that this calls the whole concept of an ID card system into doubt. Whereas before we may have worried about abstract notions of our liberties being infringed by such a scheme, now we have the irrefutable truth that having that much data on so many people in one place is almost certainly going to get leaked someday, if not by design then certainly by accident, and we have to seriously plan for the impact of this.


If that impact is irrecoverable then we should can the whole shebang now.

Friday 16 November 2007

Why the chasm between the study and the lounge chasm saves Hollywood from meltdown



There was something faintly ludicrous about Warner Music withholding their content from the launch of the Nokia music service this week. The supposed reason for Warner's unexpected coldfeet was Nokia's other interests in the file-sharing site Ovi which is laughable but from my experience not at all surprising.



The short answer of course is that the whole music business is just a wafer away from total disaster. If you think the adjustments and consolidations we've seen so far are significant then just wait until the generation that grew up not paying for anything hits their thirties.



The video industry, while probably equally shafted in the long-run, is on a slightly slower time-line and in the short-term it's sheltered by the fact that nobody has yet put together the killer combination of hardware, software and ease of use that brings free file-sharing into the living room.



The study/lounge chasm is what keeps the DVD industry riding high. It goes like this:-



1. Most people have PCs and broadband on a desk in one room - that's where we watch Youtube and do our file-sharing. It's easy to get free files to here.


2. Most people have TVs and DVD players in another room - that's where they watch movies sat on the sofa.



Bridge rooms 1 and 2 and you have a winner and you can wipe 50% off Warner Video's next profit statement. Currently it's just too hard to move that movie from the study to the lounge. So people rent and buy DVDs, watch Freeview, and the Warner Video christmas party is still on.



Some people will say "Windows Media Centre!" at this point, and while it's a steadily improving piece of kit, it falls down on the facts. Using a PC with a remote is like typing with boxing gloves, and sitting with a wireless keyboard on your lap is a recipe for RSI. I've seen some studies that show that the majority of people who buy Media Centre PCs stick them in their studies anyhow and use them as high-end desktops.



Maybe two computers linked by wireless is the answer - but that's economically unfeasible at the moment for many people - and this has to work mass market to be a solution. The two computers option falls down again as anyone who's configuring a home network to link them together will tell you. It can be done. You just don't want to be the one doing it.



Intel had some interesting ideas here with Viiv, a flawed concept that had its heart in the right place for trying to make wireless networks easy to configure in the home. But Viiv has gone very quiet recently. Actually make that "dead".

Burning DVDs on your PC to play in the DVD player under the telly? For those with patience only and the industry obsession with CSS has next to killed this already for the legal download providers.

Some kind of smart terminal set-top box in the living room that can download movies and play them back may be the answer, and BT is probably nearest to this currently in the mass-market, but you'll still need a proper PC to do the file-sharing unless BT put Bit-torrent on BT Vision. They won't.



Media extender type set-top boxes are another option, but again currently the amount of configuration required both on PC and set-top box is too high a barrier - and they're expensive. And mainly crap.



But when some bright spark works it out, expect the end to arrive swiftly. What price a total collapse of the physical DVD industry? A return to reliance on theatrical income for major movies, and a slashing back of production costs for everybody else?



Unthinkable? Maybe - but then who would have predicted live performance being such a proportionately big part of so many music acts income 10 years ago? Radiohead giving their music away with an honesty box? Large parts of the population streaming music all day for free a la Last.fm?

And of course most of the people in the world are living in this copy-rightless free-for-all state already. As the picture shows maybe it's time for Hollywood to stop taking their public for a free meal-ticket and come back to the real world.

Wednesday 14 November 2007

Is the game up for Babelgum and the video minnows?


Amid all the hype about Facebook recently it's worth a moment's thought about Bebo. According to Comscore the relatively under-exposed social networking giant still has a good few 10s of millions more users in the UK than either Facebook, or yesterday's champion Myspace.

Yet thinking about it I realised that not only did I not have an active Bebo account that I could remember, but neither did any of my friends.

Yet, Bebo is huge, and huge in a way that I suspect is ultimately more resilient than Facebook. I have a theory that Facebook for many is an online game, not about interacting online, or widening a social circle - more about collecting faces that you have known and sticking them like cards in an online album, to prove just how well connected you are. Certainly not true for all Facebook users of course, but I suspect for most of those caught up in the big wave that's jumped on board it is the case. In this you can see echoes of Friends Reunited - the mass wave, followed by the "OK, we're all here, now what?" question.

The answer to that question for Friends Re-united of course was "go do something else less boring instead", and I suspect Facebook may see this too. Not that there isn't a viable business model left behind, more that the mega-numbers, and infinite "facebook platform" possibilities bandied around currently may turn out to be cloud illusions before long. Rather like the college yearbooks it's based on, fun to turn to occasionally but ultimately stuck in the bottom drawer for most of the year.
Bebo on the other hand, and Faceparty and Myspace for that matter, seems to have its demographic roots in an audience that uses the web in a far less ephemeral way, a generation that is growing up entwined with online usage, rather than bolting it on to an existing social scene. The addition of video to Bebo seems a natural extension to this, and as well as boosting the stakes in the social networking game, it's likely that this will hoover a lot of traffic away from some of the fledgling video propositions. Babelgum, Joost and the like now look to be playing in a crowded space - with no users. Admittedly they may have a pile of cash, but it's a molehill compared to the potential raises of the social networking big-guns.

Where to next for them? I'd hazard a guess at early exits, increased specialisation, and rapid consolidation in the middle of next year for those left going it alone.

Monday 12 November 2007

FTSE falls reveal the unspoken


This morning a large plume of smoke was visible from many parts of London. For about half an hour or so nobody seemed quite sure what it was - friends IMed me and we googled around trying to work out what was going on.
Across London traders made their own assumptions and the FTSE fell. A short while later it became clear that it was merely a large fire in a old deserted warehouse. The news machinery kicked into action and BBC 24 soon had a helicopter hovering overhead.
What was more interesting though was the almost unspoken default reaction of both my friends and the traders to any event of this kind - another terrorism attack. I think most Londoners don't so much as fear another attack, as expect it. We are resigned to the almost inevitability of something going bang near us at any time, and are quite willing to re-interpret quite mundane events into the possibility of the extraordinary.
But do we march on the streets demanding action? Do we lobby our politicians? Do we beg for an immediate withdrawal from Iraq? Do we go the other way and demand a bigger crack-down on terror?
No. We are simply resigned to it happening someday. Another inconvenience like a train crash, a tube strike, or a fire. The genie is out of the bottle and although we see it's shadow in the every-day, we are far to busy to spend our time chasing it down.