[go: up one dir, main page]
|
|
Log in / Subscribe / Register

Security quote of the week

Security quote of the week

Posted Apr 17, 2012 23:12 UTC (Tue) by dlang (guest, #313)
In reply to: Security quote of the week by njwhite
Parent article: Security quote of the week

it's not that hard to get pre-paid credit cards and free e-mail addresses if you are worried about it. Today most people have a single online identity, but there's no reason that they couldn't have multiple ones (see the book "Earthweb" for examples of how it could be done)

No, watermarking doesn't give you complete freedom to do whatever you want with the contents with no ability to track back to some identity, but it does give you the ability to do whatever you want with the contents.

I think the main gain of watermarks is not that they will cause any enforcement lawsuits, but rather that if people know they are there, they won't do blatantly illegal things with the files.

Watermarking must be hidden to be effective, if you can see where it is, then all you have to do is change those bits and it's not watermarked any more. Watermarking is a use of Steganography (http://en.wikipedia.org/wiki/Steganography) and if properly done, nobody other than the organization that watermarked the piece can tell that it's been done. In fact, the same file could be watermarked by several different people without any of them being able to tell that the others had done so.

Everything is a compromise, and I see Watermarking as being a good compromise between protecting the copyright owner and restricting the purchaser of the file. They both have concerns, but neither's concerns are strong enough to completely trump the other's

to post comments

Security quote of the week

Posted Apr 17, 2012 23:56 UTC (Tue) by nybble41 (subscriber, #55106) [Link] (14 responses)

> Watermarking is a use of Steganography and if properly done, nobody other than the organization that watermarked the piece can tell that it's been done.

Aside, of course, from the fact that files which decode to the "same" book/audio/video are riddled with inexplicable differences.

A source watermark can remain hidden, because you have nothing to compare it to; only a single watermarked version is released to the public. Steganography is similar; it only works if the hidden data is embedded in the _only_ available version of the camouflage material, and even then it can be vulnerable to statistical analysis. To use a watermark to identify the buyer, however, every buyer has to receive a different version. The fact that the file has been watermarked is thus perfectly obvious once you start comparing the files. You may not be able to eliminate the watermark just by merging multiple versions of the file (the result may contain several valid marks, rather than none), but you can at least identify the locations of the differences.

Moreover, any watermark which doesn't noticeably degrade the quality of the files can be eliminated through compression. Simply put, if you remove all the redundant data, there will be no room left for an invisible watermark to hide in.

Security quote of the week

Posted Apr 18, 2012 0:54 UTC (Wed) by Cyberax (✭ supporter ✭, #52523) [Link] (13 responses)

Long time ago (as a joke), I developed a simple exe-program which fills-in a simple 'questionnaire' and sends it by e-mail (through FIDO).

Only this questionnaire also contained encoded passwords for Internet dialup. I used spacing between words to encode bits - one space was '0' and two spaces were '1'.

One can also simply replace words with synonyms at certain points in the text to encode the buyer ID, for example. It'll be easy to find, though.

For music you can use the least significant bits of the signal (in FLAC) or small frequency shifts (survives MP3).

>Moreover, any watermark which doesn't noticeably degrade the quality of the files can be eliminated through compression.

Not really. It's easy to create a watermark that survives more encoding roundtrips than you'd care to use without noticeable degradation of quality.

Security quote of the week

Posted Apr 18, 2012 5:27 UTC (Wed) by dlang (guest, #313) [Link] (1 responses)

how many of these watermarks survive a digital -> analog -> digital transition?

Security quote of the week

Posted Apr 18, 2012 8:07 UTC (Wed) by Cyberax (✭ supporter ✭, #52523) [Link]

I'd wager at least some of them can. Unless you want to live with a noticeably degraded copy.

The easiest way to defeat these watermarks would be to buy several copies from different accounts and then compare them.

Security quote of the week

Posted Apr 18, 2012 15:00 UTC (Wed) by nybble41 (subscriber, #55106) [Link] (10 responses)

> Only this questionnaire also contained encoded passwords for Internet dialup. I used spacing between words to encode bits - one space was '0' and two spaces were '1'.

> One can also simply replace words with synonyms at certain points in the text to encode the buyer ID, for example. It'll be easy to find, though.

> For music you can use the least significant bits of the signal (in FLAC) or small frequency shifts (survives MP3).

These are all trivial schemes which are easily identified and removed or randomized, given a few versions of the file with different watermarks for comparison. The "replace words with synonyms" scheme has the additional disadvantage of mangling the text presented to the reader, with isn't going to make readers _or_ authors very happy.

>> Moreover, any watermark which doesn't noticeably degrade the quality of the files can be eliminated through compression.

> Not really. It's easy to create a watermark that survives more encoding roundtrips than you'd care to use without noticeable degradation of quality.

That's only possible because the compression isn't anywhere close to optimal. Optimal compression would only spend as many bits as are required to represent the data to the viewer/listener. Changing any of those bits would result in a noticeable difference, by definition.

Security quote of the week

Posted Apr 18, 2012 16:47 UTC (Wed) by khim (subscriber, #9252) [Link] (9 responses)

Optimal compression would only spend as many bits as are required to represent the data to the viewer/listener. Changing any of those bits would result in a noticeable difference, by definition.

Nope. You assume single viewer/listener made from platinum-iridium alloy. In reality viewer/listener is human which evaporates your argument in hurry.

I know this because I've actually participated in sound compression studies (it was many years ago, but the most important result stays).

You actually can remove about 97-98% of the data from sound record and human will not notice anything at all! The catch? These 97-98% of data will depend not only on human, it depends on the state of said human. Tomorrow (when humidity or pressure will be different) you'll need another 2-3% of the data to hear it as “perfect recording”.

This means that any sound record with “good enough” quality contains enormous amount of redundancy.

Security quote of the week

Posted Apr 18, 2012 17:27 UTC (Wed) by nybble41 (subscriber, #55106) [Link] (8 responses)

> You actually can remove about 97-98% of the data from sound record and human will not notice anything at all! The catch? These 97-98% of data will depend not only on human, it depends on the state of said human. Tomorrow (when humidity or pressure will be different) you'll need another 2-3% of the data to hear it as “perfect recording”.

> This means that any sound record with “good enough” quality contains enormous amount of redundancy.

You're proving my point. If that "redundancy" can actually influence how a human would hear the sound, it isn't available for watermarking. The watermark isn't designed for a specific human in a specific state; it has to be transparent to nearly all humans, in nearly all states.

The bits used to transparently watermark an audio file cannot have a noticeable influence on the sound, by definition. Ergo, if they are not removed during compression, the compression is suboptimal.

Security quote of the week

Posted Apr 18, 2012 18:00 UTC (Wed) by khim (subscriber, #9252) [Link] (7 responses)

The watermark isn't designed for a specific human in a specific state; it has to be transparent to nearly all humans, in nearly all states.

BULLLSHIT!

It has to be nearly transparent to nearly all humans, in nearly all states. See the difference?

Because watermark is spread over tiny amount of data you can actually hear AND over much larger amount of data you can not hear it can not be removed with a simple compress/decompress cycle (or dozen such cycles).

To make it initially completely undetectable you can just add it after compression.

The bits used to transparently watermark an audio file cannot have a noticeable influence on the sound, by definition.

Of course they can! The trick is to make sure they are not heard before compression/decompression cycle. After compression cycle you have differences anyway and you can only find out what distortions are result of watermark and what distortions are result of the compression if you have an original without distortions.

The bits used to transparently watermark an audio file cannot have a noticeable influence on the sound, by definition.

Sure, but “noticeable influence” != “any influence”.

Ergo, if they are not removed during compression, the compression is suboptimal.

Right. And compression is always suboptimal - see above.

P.S. I think you don't get the full implications of the fact that we are talking about lossy compression here, not about lossless one. Lossless one is not interesting because it'll keep all the watermarks intact by definition.

Security quote of the week

Posted Apr 18, 2012 20:41 UTC (Wed) by nybble41 (subscriber, #55106) [Link] (6 responses)

Let's try to keep this civil, shall we?

> After compression cycle you have differences anyway and you can only find out what distortions are result of watermark and what distortions are result of the compression if you have an original without distortions.

Or if you have two or more versions with different watermarks, which, if the watermark is intended to identify the buyer, will be plentiful.

> I think you don't get the full implications of the fact that we are talking about lossy compression here, not about lossless one.

Wrong. Obviously only lossy compression would remove a watermark--lossy compression which encodes the original, pre-watermark sound in just enough bits to ensure the decoded version will be perceived the same way. Change any of those bits and not just the sound, but the _perception_ of the sound must change, for at least some listeners.

> And compression is always suboptimal - see above.

I'm not postulating the existence of perfect compression, but the better the compression, the less room there is for a watermark without compromising the fidelity of the original sound.

Of course, why go to all that effort when you can just make the watermark meaningless? Pay with an anonymous gift card, via a throwaway account, from a public or otherwise borrowed computer, and it won't matter how strongly they try to watermark the file--they don't have the necessary information to connect that watermark with an individual.

Security quote of the week

Posted Apr 18, 2012 21:18 UTC (Wed) by raven667 (subscriber, #5198) [Link] (2 responses)

> Change any of those bits and not just the sound, but the _perception_ of the sound must change, for at least some listeners

I don't think that's really true. My understanding is that the watermark is imperceptible so one could listen to many different copies of the same audio with different watermarks and not be able to tell the difference between them. I would also guess that a file can be re-encoded many times before the additional audio artifacts become perceptible and that a watermark could survive many re-encoding trips before being successfully obliterated. At that point the quality of the audio itself has probably also been obliterated. The people designing watermarks are also likely aware of how the data is encoded and decoded and so can design features that are most likely to survive many round trips. This reminds me of 56k modems which depended on knowledge of how the analog sound data was encoded to PCM digital at the CO.

Security quote of the week

Posted Apr 18, 2012 21:59 UTC (Wed) by nybble41 (subscriber, #55106) [Link] (1 responses)

> My understanding is that the watermark is imperceptible so one could listen to many different copies of the same audio with different watermarks and not be able to tell the difference between them. I would also guess that a file can be re-encoded many times before the additional audio artifacts become perceptible and that a watermark could survive many re-encoding trips before being successfully obliterated. At that point the quality of the audio itself has probably also been obliterated.

Yes, that is how watermarks are supposed to work. For this to work in practice there have to be bits in the compressed version which can be changed to store the watermark without affecting the quality of the decoded audio. Of course, if we know which bits don't affect the quality of the audio, a better codec would just leave those bits out entirely.

> The people designing watermarks are also likely aware of how the data is encoded and decoded and so can design features that are most likely to survive many round trips.

Yes, watermarks are generally designed with specific codecs in mind. They depend on the coded retaining more data this is really necessary about the source audio, data which won't affect the perception of the audio and thus can be modified to store the watermark.

To eliminate the potential for a watermark you would need a better codec, one which more accurately models the listener's perception of the sound. The better the codec, the fewer bits are used to represent the sound at the same quality, and the harder it is to watermark the file.

Security quote of the week

Posted Apr 18, 2012 22:54 UTC (Wed) by khim (subscriber, #9252) [Link]

For this to work in practice there have to be bits in the compressed version which can be changed to store the watermark without affecting the quality of the decoded audio. Of course, if we know which bits don't affect the quality of the audio, a better codec would just leave those bits out entirely.

Situation is quite asymmetric: if someone will notice and complain that watermarked sound is distorted it's easy to recall the watermarked file and replace it with differently watermarked file. If codec will produce distorted sound then you'll face a lot of quite angry guys. Thus pure compression will never be able to remove watermarks.

Now, schemes specifically designed to remove watermarks are, of course, possible, but since noone will say to you if watermark is detectable in processed file or not (till you'll be sued, that is) it's quite hard to develop them.

Security quote of the week

Posted Apr 18, 2012 21:44 UTC (Wed) by khim (subscriber, #9252) [Link] (2 responses)

> I think you don't get the full implications of the fact that we are talking about lossy compression here, not about lossless one.

Wrong. Obviously only lossy compression would remove a watermark--lossy compression which encodes the original, pre-watermark sound in just enough bits to ensure the decoded version will be perceived the same way.

Ah, finally got your idea. Ok, if you'll invent some compression scheme which compresses sound just enough to make sure not a single human can distinguish it from the original in minimum possible set of bits then it can be used to strip the watermark.

This is great plan. The only problem: it's impossible to implement it if you don't have a detailed information about all future listeners and about all states of all these future listeners. You can as well invent something more realistic. perpetual motion machine (2nd kind if you know what I'm talking about), for example.

Any realistic compression scheme leaves tons of information which can be perceived by some theoretically possible human, but is not perceived by any real human on real planet Earth (because there are insane number of possible combinations of receptors and less then seven billions of human beings). This is where you theory falls apart.

I was under impression that we are talking about real music, real watermarks and real compression. If you want to discuss how many angels you'll need to remove the watermarks then it's separate issue - and I'm not sure I want to participate in such theological discussions.

Security quote of the week

Posted Apr 18, 2012 22:18 UTC (Wed) by nybble41 (subscriber, #55106) [Link] (1 responses)

> ... it's impossible to implement it if you don't have a detailed information about all future listeners and about all states of all these future listeners.

> Any realistic compression scheme leaves tons of information which can be perceived by some theoretically possible human, but is not perceived by any real human on real planet Earth...

The watermark scheme is under the same constraints. Sure, for any given listener and state there is quite a bit of redundant information left over. However, that information is needed for other listeners and other states, so it can't be used for watermarking.

A perfect compression scheme would make watermarking impossible. However, short of that, a _good_ compression scheme will still make watermarking _very difficult_. Moreover, knowing how to make a watermark which survives compression immediately tells us how to make a better compression codec which would remove the watermark. After all, any bits which can be changed to watermark the file without diminishing quality can just as easily be removed during compression without diminishing quality.

Security quote of the week

Posted Apr 18, 2012 22:48 UTC (Wed) by khim (subscriber, #9252) [Link]

Moreover, knowing how to make a watermark which survives compression immediately tells us how to make a better compression codec which would remove the watermark.

In theory, but not in practice. In practice you can only have sample of some files with watermerks, you don't have a machine which applies these watermarks. Thus now we are very-very firmly in “how many angels can dance on the head of a pin” territory. Watermarks add negligible overhead thus practical advantage in using this information for compression purposes is minuscule. We are talking not about compression at this point but about “watermarking removal” procedure. And like with real watermarks and real banknotes it becomes cat and mouse game. As history shows this game can only be won for a short periods of time: sure you may counterfeit old banknotes (and you'll probably be able to remove old watermarks from sound records), but people on the other side will introduce newer and newer schemes.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds