
Game of Thrones leak and watermark: a stupid tracking system - bru
http://blog.frite-camembert.net/got-leak.html
======
anigbrowl
_Next iteration would be changing the length of each scene by a few
milliseconds. One can count that the first episode holds s=18 scenes. Each
scene lasts several minutes. Once again each copy can be made shorter or
longer by a couple milliseconds, providing a unique fingerprint for each
version sent._

This sort of thing makes it hard for me to take any of the article seriously.
The author doesn't seem to know the first thing about either video formats or
the authorial role of editing. Things are cut on particular frames for a
reason. Also, editors don't deal in milliseconds, they deal in frames. Sound
editors work in frames and samples, and while I have no objection to
steganography-type adjustments to the final output, the idea of monkeying
around with the content of the film, even on the margins, for tracking
purposes tells me that the writer shouldn't be allowed anywhere near a post-
production facility, for the same reason that most programmers don't want an
art director telling them how totheir code would look prettier in a fancy font
and in a more earth-toned color scheme.

Honestly, I think HBO is quite well aware of this srot fo thing already, and
the 4 episodes were leaked to hook people on the rest of the series. There's
already a lot of digital distribution technology involving rock-solid
encryption, single-use keys, check ins and outs, and so on. Tweaking things
like the length of the end credits (or rather the black frames at the end) are
potentially viable but also trivially obvious to any editor. But monkeying
with the program material is strictly out of bounds.

~~~
iron_ball
Anyone who was going to get hooked on Game of Thrones _is_ hooked, and anyone
who is still on the fence isn't likely to torrent the leaked episodes.
Incompetence is a better explanation, I think.

~~~
InclinedPlane
I think that statement is really rather silly. It's a bit like saying "anyone
who is going to drink coke is already drinking coke". There's a ring of truth
to it, but it still falls flat.

Edit: a few things: arguments based on the behavior of "the majority" and
arguments founded on the principle that 100% of all people who have ever been
Game of Thrones viewers are completely and utterly committed to viewing every
single season are rather weak. Viewership of shows changes from season to
season. More so, not every TV show viewer is the sort of person who must start
a series from the beginning. Pulling in folks who are caught up on Game of
Thrones but haven't been hooked on the current season and pulling in folks who
will begin mid stream (and then maybe go back and watch from the beginning, or
not) adds to their viewership. More viewers means more purchases, more
purchases means more dollars.

Not to mention the value of retaining their existing viewership base.

These are all the same reasons why coke continues to dump massive amounts of
dollars into advertising despite already being well known and having a huge
chunk of the soft drink marketshare. In fact, the returns on investment for
advertising already popular products tends to be higher than for products just
entering the market, because the numbers are so big. There are millions of
Game of Thrones fans. If even a few hundred thousand existing fans who might
have held off on watching the new season are kept on the hook and if even a
few hundred thousand non-watchers gain interest in the show via starting with
the new season and if only a small fraction of those folks end up purchasing
the discs, or HBO (in whatever form) then that's a considerable amount of
money in HBO's pocket that would have been left on the table.

Which isn't saying it wasn't an accident, but business wise this is still a
win for HBO.

~~~
mattchamb
I don't watch game of thrones. If I was going to start watching it, I would
start at the beginning of the series instead of just jumping straight into the
leaked episodes. By the time I get to the latest season, they would be
formally released.

~~~
lmm
If you were going to start, it might be because the folks at the water cooler
were excited about it - and this leak makes that more likely. People who'd
dropped off might be reminded there's a new season coming and feel inspired to
catch up. It's a great way to build hype for the "real" start of the new
series.

I think accident is more likely, but HBO doesn't lose much - anyone who
watches these episodes is going to want to watch the rest of the series and is
going to pay HBO (or else would never have done so)

------
fredley
...or just use steganography. Steganography in videos can be made to be
invisible to the naked eye, and extremely robust - even to video compression.
It's also difficult to detect, and even more difficult to remove/tamper with.

What the author of the article is proposing is actually a kind of
steganography, albeit a rather crude one, and probably rather difficult to
implement (since scene timings will be different for each episode, and you'll
need to keep a separate log of exactly which timings correspond to each person
you've distributed the file to), compared to running a video through a process
that embeds a steganographically hidden id pattern at each keyframe.

~~~
DrJokepu
This might be a very naive suggestion (I know nothing about the subject) but
couldn't you just take two copies, XOR them and blank out the difference to
defeat such signatures?

~~~
darkmighty
We're talking about images, so if you take the pixels for example they're just
{0,...,255}^n, integers.

You can if you have the original file, but then what's the point?

Otherwise, take image a=original+f1, image b=original+f2. Then if you e.g.
average them you still have c=original+f1/2+f2/2 -- so both signatures are
kept (theoretically if either you have a large number of sources you could
average the signals out of existence, or perhaps the system isn't robust and
can't detect multiple sigs). This assumes the introduced signatures are
indistinguishable from the source (quite reasonable).

------
felixgallo
For at least the last 20 years, there are steganographic watermark systems in
which inocuous parts of the images are used to hide coded data that stands up
to even most lossy recompression.

Either HBO is using these and nobody knows yet; or they had an internal leak
prior to their application; or they leaked it themselves. Under no plausible
circumstances did they visibly watermark a corner and hope for the best.

~~~
jewel
I looked into stenography for a client who had a problem with audio being
leaked by the users of his service. Even though there is a lot less signal in
audio, it was trivial to encode a 32-bit pattern throughout the audio track in
such a way that it was not discernible to his well-trained ears, and yet it
would survive being encoded as a 64kbps MP3. We also checked pushing it
through an analog loop, since that was most likely how his tracks were being
pirated.

The pattern would repeat throughout the song (I think once per minute) such
that only a small sample was necessary to recover the pattern. It also had
enough check bits that it was impossible to get the wrong code; either you'd
get back the right code or nothing. This was all done with COTS software (a
command-line executable) that could be licensed for a few hundred dollars.

My client ultimately decided not to add stenography. He believed that his
users would be upset with the possibility that there was some quality loss due
to the process, as they were paying a lot of money to have high-definition
tracks. He thought the losses from the discovery that he was applying
stenography would exceed the ongoing loss from piracy.

~~~
belorn
> the losses from the discovery that he was applying stenography would exceed
> the ongoing loss from piracy.

A very likely correct conclusion, and there an additionally logical error with
the assumption that privacy would disappear if they used it. Just because the
copyright owner can sue whoever distributed the first copy doesn't mean piracy
would stop after that. In order to get any effect at all, they would have to
tell every customer about it, and the effect would likely not be 100%. It only
take one person who upload the song to make it a permanent resident in torrent
swarms.

If someone were to use this, the profit calculation is 1: Can winning lawsuits
cover the costs, 2: Can informing (accusing) all your customers be worth the
decreased rate of uploads. If neither of those 2 sound attractive to your
business model, then spending money/reputation on personalized watermarks is
completely pointless.

(edit) additionally, lets look at a typical scenario. Let say a file is being
spread unlawfully and you track down it to customer 40#. The customer is a
hardcore fan, studying for a music degree, and has no idea how the song "got
out" when confronted. Customer 40# is against piracy, as can be seen by the
major library of lawfully bought copies. However, they are also a member of a
small fangroup, and did share the song with its 10-20 members. The customer
was sure that everyone in that place would never think of uploading it to a
public place. The question then becomes, do you continue with the lawsuit and
put this student, this great fan in debt for the rest of their life?

~~~
jewel
That's certainly the right thinking for consumers. In my client's case it was
B2B in the entertainment industry where licensing fees were per-day and
substantial, so there are no poor students involved. Sorry for being vague as
I don't want to link to him here without his permission.

I think he might have made the wrong decision in his case, as adding leak
penalties to his contracts would have made his users more careful with his
files. Since he was in turn licensing some rights from other parties, leaks in
the past had caused him some legal trouble and he didn't want to have that
happen again. His solution was to add DRM, but it didn't close the analog hole
so there's still the potential for leaks. (I haven't talked to him in a few
years so I'm not sure if things have improved.)

------
waspleg
The website says his method of randomly changing the length of the credits is
a step in the right direction. I think that's completely wrong.

[https://www.techdirt.com/articles/20130808/02084524106/time-...](https://www.techdirt.com/articles/20130808/02084524106/time-
warner-ceo-says-having-game-thrones-as-most-pirated-is-better-than-emmy.shtml)
"Our experience is that it leads to more paying subs. I think you're right
that Game of Thrones is the most pirated show in the world," he said. "That's
better than an Emmy." \- Time Warner CEO Jeff Bewkes

THAT is a step in the right direction.

~~~
bradleyjg
Even if you decide that you are okay with some leaks, you still want to know
which employees / partners / journalists you can't trust.

------
gpmcadam

        > Apart from that I think that binge-watching the first
        > 4 episodes is a stupid idea that will make you ache
        > for a month waiting for the 5th episode ☺.
    

For me, I find more enjoyment in binging shows than being drip-fed, I watched
all 4 in a row and don't regret not waiting (besides I've waited 12 months I
can wait a few more weeks for more.)

But more importantly, my online activity means I'll probably be spoiled before
the 4th episode airs, not to mention people "predicting" events (read: passing
off spoilers as theory) throughout the coming weeks. I'd rather not take that
risk, personally, the cost of spoilers far outweighs the costs of waiting for
me.

~~~
cookiecaper
I honestly think that there needs to be a compromise between the weekly
releases common in TV and the season dumps common by streaming services like
Netflix. Dumping the whole season at once doesn't allow any communal
discussion or suspense, dragging it out over 2 months is meant more to drive
revenue for the distributors than the enjoyment of the viewing public. I think
releasing 3 episodes a week is probably the optimal strategy; it gives the
show's communities time to confer and it keeps a reasonable pace without
placing what some apparently feel is a demand to watch all 13 episodes in one
sitting. It mitigates spoiler paranoia that you get with Netflix shows (which
only further diminishes the communal aspects) and does other good things. I
think it's all around the best strategy for the consumer. I understand Netflix
uses binge releases as one of its selling points, but maybe now that they've
established a respectable pedigree, they can stage some of their releases in
iterations moving forward.

~~~
Kalium
A compromise already exists. It's really very simple - you and friends agree
on a pace to watch a show at.

This is flexible, and can fit any schedule! You and friends can watch in
whatever pattern you want, and it requires exactly nothing of Netflix! You can
deploy this method _today_!

This would unquestionably satisfy your needs. Why would you need anything
other than a dump from Netflix?

~~~
cookiecaper
It doesn't satisfy the needs of the larger community. Yes, if you watch in
person with a group of a few friends and that's all you care about, this works
fine. It can't realistically be implemented on the scale of something like a
subreddit or a whole office.

There is a massive difference in both quality and activity between
/r/HouseOfCards and /r/GameOfThrones. The "season dump" just doesn't work on a
scale that exceeds one living room.

~~~
Kalium
Communities are capable of organizing. Further, I submit that the needs of the
larger community _are_ served by a flexible dump. Subreddits and social
circles are not the larger community - they're small, highly active
communities.

~~~
cookiecaper
/r/GameOfThrones has 484k subscribers. /r/HouseOfCards has 50k subscribers.
These are not "small communities" and there's no reason that there should be
9.5x more interest in GoT than HoC; they're both gritty political thrillers
and HoC usually has more episodes per season than GoT. I posit that the GoT
sub is much more active because the way that HBO releases content makes
communal watching and discussion much easier -- you don't have to worry about
trying to coordinate episode watching times between 500k people, and people
who can't make the official air time can avoid for 1-2 days before they find
time and can get caught up.

~~~
Kalium
I know Reddit and subreddits fairly well - most subscribers to a sub are
silent and passive. 50k is a small community. Stacked against the whole of the
viewerbase, 50k is even smaller a community. I posit that GoT is much more
active because the show draws on a hugely engaging series of books that has
been building a fanbase for a decade - an excellent reason for an 8x
difference in size.

Bluntly, you're not making a compelling argument for taking flexibility away
from the silent majority that watches and doesn't aggressively engage in
public discussion. You're arguing from a position where the putative needs of
that minority is the only thing that matters.

~~~
npizzolato
Anecdotally, I have three different friend groups I talk to about Game of
Thrones. Everyone is always caught up, the line for book spoilers is obvious,
and as a result its a common conversation topic anyone can join in on.
Conversely, no one talks about House of Cards. We've tried a few times, but
after a bunch of "I've watched it all," "I'm on episode 8," "Oh, I'm only on
episode 5," etc. we just stopped bringing it up.

At the end of the day, television is just entertainment. And I get a lot more
entertainment from being able to discuss drip-rate shows with friends.

------
robertwalsh0
Was talking to my partner about this and she had a pretty clever take:

"Seems like a simple idea would simply be to change just the spelling of one
seemingly insignificant name near the end of each version of the credits and
then by actually watching the credits you'd know the leaker straight away."

"Of course, you'd leave the watermark on there so the leaker doesn't know how
you caught them and thinks that the watermark is still the tracking
mechanism."

~~~
objclxt
That's a mountweazel (better known as a fictitious entry) - reference books
used to do it to trap people copying the text:

[http://en.wikipedia.org/wiki/Fictitious_entry](http://en.wikipedia.org/wiki/Fictitious_entry)

~~~
ceejayoz
With it changing to detect _which_ person leaked, it's more a
[http://en.wikipedia.org/wiki/Canary_trap](http://en.wikipedia.org/wiki/Canary_trap)

~~~
DanTheManPR
Hilariously, that wikipedia page uses an example from Game of Thrones. Tyrion
tells different versions of a rumor to the various members of the king's
council and successfully identifies who is an informant for Cersei.

------
bigiain
It's a bit hard to encode millisecond scale differences in scene or credit
lengths - when the video is quantized to ~40ms frames...

~~~
TazeTSchnitzel
Edit the frame length.

------
exelius
Or there's another reason not to use a better tracking system: HBO is ok with
leaks. The more the show gets leaked, the larger the audience. Some portion of
that audience will pay for HBO, and hopefully stick around for the other HBO
shows. HBO has been remarkably progressive on the piracy front.

It's also only the first four episodes: enough to get you hooked enough to
want to see the end. Of course, torrents are always an option, but at some
point $15/mo is worth less than the hassle of downloading the show on a weekly
basis.

~~~
dewitt
> _HBO has been remarkably progressive on the piracy front._

I'm not suggesting that's not accurate, but I'd love to better understand your
sources for that, as my single point of anecdotal evidence suggests otherwise.

About six or seven years ago we torrented a single episode of an HBO series (I
forget which—we were cable-cutters and it wasn't available to rent online at
the time) and while we knew it was wrong, it was convenient and it worked.

However, we were surprised when, two days later, I received an email from
Comcast saying HBO had reported that our IP address had pirated copyrighted
material, and that if we did it again our service would be shut off and we'd
possibly face civil charges. That actually shocked me into avoiding bittorrent
altogether, which was undoubtedly their goal.

Empty threats or not, I hardly walked away feeling that HBO was "remarkably
progressive on the piracy front".

Maybe things have changed?

(Note, I'm not actually pro-piracy, since I do think that copyright holders
deserve a right to monetize their work as they see fit, within bounds. I just
wish more of them had a more sophisticated view on how to make their content
more broadly and conveniently available.)

~~~
exelius
They're just empty threats to make you sign up for HBO service. I don't recall
hearing of HBO ever going after anyone who just downloaded a torrent. They've
said in the past that they accept some level of piracy as part of the business
model; so long as people are watching their shows they will keep making money.

It's not "sure, go ahead and pirate our shows!" but more of "People pirate our
shows, so we look at piracy for trends to see what countries/audiences have a
large, underserved viewer base for our shows." Some people pirate because
shows are unavailable, so you can sell to them and make money. People who
pirate because they're cheap and don't want to pay aren't HBO's target
customers (and they probably don't have enough money to be worth suing
anyway).

------
forrestthewoods
This is a stupid blog post. There are two goals:

1) Prevent copies from being leaked 2) Trace leaks if they happen

Watermarks are actually great for the first goal. They are big, ugly, and
obvious. This discourages people from leaking. If they do leak it's crystal
clear they're taking a huge risk. This is also why the DVD screener is low-res
SD.

HBO already tracked down where the leak came from. Whatever methods they have
in place to do so were successful. Thus any complains about watermarks being
ineffective at goal #2 are irrelevant.

~~~
bru
That you for that "typical HN comment".

>This is a stupid blog post.

Have you seen the topic discussed on the Internet? I looked for it and I
haven't, so I simply started it. Given the score of the submission and the
number of comments, that goal is reached. I learned a lot from other comments
and I'm happy.

> HBO already tracked down where the leak came from.

Source?

~~~
forrestthewoods
Normally I'm the one complaining about typical HN comments. However given the
blog post was titled "Game of Thrones leak and watermark: a stupid tracking
system" I felt that leading with "This is a stupid blog post" to be a fair and
amusing twist.

“Sadly, it seems the leaked four episodes of the upcoming season of Game of
Thrones originated from within a group approved by HBO to receive them,” the
spokesperson said. “We’re actively assessing how this breach occurred.”
[http://www.buzzfeed.com/jaimieetkin/game-of-thrones-
season-5...](http://www.buzzfeed.com/jaimieetkin/game-of-thrones-
season-5-leaked-online)

They've at least narrowed the leak down to be from inside HBO. They may not
have it down to an individual just yet. Their internal process may need some
work.

~~~
bru
Ah, I feel dumb for not catching it. It is fair indeed.

About the article: that's not what I understand...

> a group approved by HBO to receive [the episodes]

What I understand is that the leak did not come from HBO but from one of their
service providers or journalists or anything like that. Am I missing
something?

~~~
forrestthewoods
Ah, you're right on the leak source. I over read "within". Sadly if they do
pinpoint who leaked the copy I'm not sure it'll ever become public knowledge.

HBO has had DVD screener leaks before. If they all have the same watermark and
the watermark is the only tracking info they have then, for all the reasons
you put out, that'd just be silly.

------
tarpherder
How can people so easily assume that the watermark was truly the only tracking
present? HBO wouldn't immediately come out swinging even if they knew who or
where the copy was leaked.

~~~
droopyEyelids
Thats an astute observation. Whenever you're tricking someone, you put
something stupid easy in for the tricked person to defeat, so they assume
they're tricking you.

But it could be even easier. Why not put the watermark in a different location
for every copy you distribute?

~~~
tarpherder
The silly thing is that nobody seems to realize that the public has only seen
1 leaked copy, probably from 1 source. HBO could be using any number of
techniques and none of us would notice any of them because we have a sample
size of 1. Even the odd techniques OP describes could be present in the copy,
your described technique as well, any number really. We won't see them unless
they are as in-your-face as the watermark.

------
alanh
Does all the math littering this post add anything? "Add a few ms variation to
each each scene" seems extremely self-explanatory, and so does the concept
that only a few bits per scene are needed to produce a meaningful number of
variations.

~~~
deckar01
As much as I enjoy using summations liberally, a simple visualization of the
spacing between frames would have been more useful.

~~~
bru
Author here. I can easily use summations, but I'm definitely incompetent when
it comes to making a visualization!

And as per your parent's remark, most math is there "for fun" as written in
the article.

------
intopieces
Can someone help me understand the negative impact of this leak? From what I
can tell, the leak only benefits HBO. Viewership numbers in the age of time-
shifting are worthless. Moreover, viewers now _cost_ HBO money, in terms of
server load during the peak viewership time. If even a small number of people
avoided the broadcast during the premiere, HBO actually wins - and there's no
telling how many people decided to subscribe to their new service after
watching the leaked copy.

Anyone who remembers the first GoT streaming premieres, they were largely
catastrophic on the the servers. Last night appears to have gone well. I'm
beginning to think HBO leaked it themselves.

~~~
joezydeco
_Viewership numbers in the age of time-shifting are worthless_

Do Comcast/TWC/DirecTV/Echostar feel that way? If even one person that was
planning to subscribe to HBO over cable/satellite to watch this season decided
to bail and watch the torrent instead, then the leak has economic impact. DVRs
are irrelevant.

~~~
intopieces
They most certainly do not feel that way because their business model is quite
different from that of HBO.

------
jawr
There are audio watermarks on these leaked videos, and potentially other video
watermarks that might not be visible at first sight.

The watermark which has been blurred is a just a visual warning to the
original receiver of the file to remind them that they have a special copy,
it's not meant to act as a form of identification.

------
ryanlol
Author is plain wrong here. The big visible watermark is there for the
psychological effect, not to trace the leaks. There's always a plenty of
hidden ones. (Missing frames etc)

HBO will definitely know who they sent the episodes to, but that doesn't
necessarily mean they know who leaked them.

~~~
devindotcom
yeah I thought this was the case too. no one in the industry, let alone the
people distributing one of the most popular and leak-sensitive shows of all
time, is going to rely on just a logo in the corner.

------
genericuser
While using the millisecond length of things would be clever and would catch
which copy it originated from while it remained secret that was how you were
doing it. As soon as it was known it is not much harder for the person ripping
the copy to shorten all the scenes by a random number of milliseconds than it
is for them to blur the watermark.

I mean this could be a good addition to the current tech used in something
like Cinavia, which is the most robust system I have seen and if not already
doing it could easily identify individual sources. But the inaudible audio and
steganography used in that system just seem much more of a pain to circumvent
than using lengths of scenes as a serial number of sorts.

------
bithush
I am surprised things such as Cinavia[1] isn't more widely used for tracking.
It is designed to cut off the audio after 20 minutes which you see on a PS3
with many Bluray Disc rips released on torrents.

For that to work obviously you need the player to implement the feature but
this isn't about disabling playback but simply tracking a leak. Just tweak it
audio on each early release copy and you are good to go.

The really interesting thing about Cinavia is that it survives even an audio
transcode/re-encode so even converting 5.1 DTS to MP3 or similar won't kill
it. It is extremely robust in that sense.

[1]
[http://en.wikipedia.org/wiki/Cinavia](http://en.wikipedia.org/wiki/Cinavia)

------
peterkelly
"A few milliseconds" won't work - you must do it in units of frames.

~~~
erroneousfunk
That's what I was thinking, too. Given that each frame is about 42ms, that's
not a trivial oversight. Much easier would be to use stenography to slightly
manipulate the color of sets of pixels in the video. Far more information
available to mess with, and extremely easy to hide (do it in various corners
of various frames, keep the secret carefully guarded, or only let parts of the
"secret" out to different groups, so that no one person knows all of the
manipulation information, except, perhaps a head of security coordinating the
entire thing)

------
shmerl
Instead of wasting efforts on DRM and watermarking, they can avoid handing out
copies until release time. But in practice they probably benefit from leaks,
it keeps the buzz.

About the futility of so called "social DRM", see also
[http://www.publishersweekly.com/pw/by-topic/columns-and-
blog...](http://www.publishersweekly.com/pw/by-topic/columns-and-blogs/cory-
doctorow/article/50413-with-a-little-help-digital-lysenkoism.html)

------
dmbass
How do we know they're not using techniques like this?

------
xenophonf
Anyone else here think HBO's missing out on a business opportunity? I wonder
why they don't charge rabid fans (a _lot_) extra for early access to episodes.
There appears to be a lot of demand for this.

~~~
slayed0
Those episodes would immediately be leaked to everyone after becoming
available and HBO would lose a ton of viewership on its own platform.

~~~
Phlarp
This is happened anyway, and they are capturing none of this possible revenue.
Even if only one person purchased the early access and leaked it to everyone
else they'd still be one sale better off than they currently are.

~~~
slayed0
Yes this has now happened one time. It doesn't happen every season. If you
allowed early release of episodes to customers who were willing to pay more,
you can pretty much guarantee that those will be leaked early every single
time.

------
krob
Everyone in her claims that there are mechanisms to add non-visual watermarks
into both video & audio, anyone have any suggestions as to what products /
systems to use so this can be implemented? Minus writing one yourself (like
writing your own framework, you don't know all the gotcha's of an expert)

~~~
TazeTSchnitzel
It's not a very compression-resistant approach and more sophisticated methods
are usually used, but a simple one is using the low bits of colour channels.
In a red pixel you have bits like so:

    
    
      RED      GREEN    BLUE
      11111111 00000000 00000000
    

A change in the most significant bit of any of these colours would be massive.
01111111 is half as bright as 11111111.

But a change in the least significant bit(s) is barely noticeable. You
probably wouldn't notice the difference between 11111111 and 11111110,
especially as you don't experience individual colour channels, you see a
blended colour. And when you're looking at something with thousands of pixels
you simply won't spot it.

So, stick your secret message in the low bits:

    
    
      RED      GREEN    BLUE
      11111XXX 00000XXX 00000XXX
    

You now get 9 bits of data per pixel. Or less (for a less noisy image) or more
(for a more noisy image). For a 640x480 image, you now have 345.6KB of data.
And if you use encrypted data, it won't even seem like data if someone looks
(plausible deniability). Just noise.

Techniques like this were used on 4chan to hide child porn in high-resolution
photographs. This the "mods are asleep, post hi-res" meme.

~~~
CHY872
You don't get plausible deniability in any way.

Turns out that the least significant bits of a pixel are not uniformly
distributed. The obvious example of failure is that you expect more pixels
with value 255 than 254, since any overexposure will be stuck at 255. The rest
is obvious when you look at a histogram of pixel values; as the number of LSBs
used increases you see the curve become stepped.

LSB replacement steganography is easily detectable at about a ratio of about
0.01 bits per pixel. The smarter plan is to add or subtract 1 randomly (or do
nothing) in order to _match_ the LSB to what you want; this symmetry is harder
to detect (but still very possible, the methods are just more complicated).

The reason you encrypt the data is not just for data security, it is so that
the embedder does not have to worry about the data that they are embedding
screwing everything up.

tl;dr LSB steganography does not give you any plausible deniability because
it's really easy to detect in any type of image at very low embedding levels
due to inherent limitations of the process. If you want to use it, you'd be
safe with a single message at perhaps a level of 0.005 bits per pixel, but
then in a ten megapixel image you'd get 150kB of data which hardly seems worth
it when you have to transmit losslessly. Even then, you'd still be screwed at
a theoretical level with Ker's square root law.

~~~
TazeTSchnitzel
Ah, I see. I hadn't thought of the 255 issue, in hindsight that seems obvious.

Still, I think LSB replacement steganography is useful if only to provide an
example of how it steganography can be done, even if it's not particularly
sophisticated.

------
damon_c
How about a scheme where some selection of 16 shots throughout either are or
aren't missing a single frame?

You could number 65k unique distributions that way and the overall length
would rarely be affected by more than a frame or two.

It could be implemented with a pretty easy python script.

~~~
aamar
Speaking as a former film/tv editor, one frame here or there can definitely
affect the pacing and feel of a scene. Yes, sometimes external
constraints—broadcast formats, licensing issues—can force compromises, but
it's still an artistic decision where to cut a frame and where to keep one.

Much better to adjust coloring slightly in central but low entropy parts of
occasional, appropriate frames, sort of like Omron rings[1], but designed
specifically to be visually inconspicuous while surviving encoding.

The newish CineFence supposedly does something like this. In any case it
wouldn't be hard to improve on the horrible Deluxe code.[2]

[1]
[http://en.wikipedia.org/wiki/EURion_constellation](http://en.wikipedia.org/wiki/EURion_constellation)

[2] [http://en.wikipedia.org/wiki/Coded_Anti-
Piracy](http://en.wikipedia.org/wiki/Coded_Anti-Piracy)

~~~
zevyoura
Now I'm eagerly awaiting a colorist jumping into this conversation to tell us
why that would be unacceptable. (Agreed that it's probably less of an issue to
encode data in color than timing, but it just strikes me as funny how we've
passed the buck from programmer > editor > colorist)

------
NoMoreNicksLeft
Not very clever.

Get two leaked copies, and mix them up. Use the credits from copy A, or hell,
even chop off 11 milliseconds from them. Then mix and match scenes... even
chop off a few ms from some randomly selected scenes.

I bet you wouldn't even need the two copies.

~~~
slayed0
This assumes you know the method they are using. As the post mentioned, a few
milliseconds + or - at the end of a scene would not be noticeable and the
overall timestamp would still be constant if "self-compensating offsets" were
used.

~~~
bigiain
So how many video frames do I lop off a scene to subtract "a few milliseconds"
from it?

~~~
NoMoreNicksLeft
If it's 30fps, each frame is about 33ms. One or two is sufficient. Most films
are 24fps, or 23.99 for some weird NTSC->film->NTSC reason.

------
baddox
People seem to be ignoring one obvious solution: don't send out copies of the
first four episodes of what is arguably the biggest and most-pirated show in
the world. I get it, there are apparently still these "print publications" out
there that need time to "print" their reviews. How important is that really,
in 2015, for Game of Thrones? I doubt that a few reviews in pop culture
magazines are worth more to HBO than preserving the desired experienced of
weekly viewing.

Or maybe it's a trial run for HBO to gauge what viewers think of binge
watching.

------
acomjean
> and the only tracking set up HBO seemed to be a watermark in the bottom left
> corner of the screen.

If they only had the one obvious watermark, I think HBO was hoping that maybe
the people getting the screeners would think that there is more than one way
they had the video tracked. Either the person who uploaded didn't care, or
didn't think about it.

Its worth noting HBO has been on a path to make content available on the
internet even without Cable (HBO now). probably a good long term strategy.
There are always people who want it sooner, and free!

This is why we can't have nice things..

------
Galactor963
While this is cool idea, how possible would it be to extend any particular
scene by that short of a time? If the video is output at a typical 24 fps, the
shortest any scene could be modified would be ~42 ms. Even with a lot of newer
footage being filmed at 48 fps, it's still only able to clipped at a rate of
21 ms.

Past that, I've seen a small amount of time shifting take place during a not-
so-careful re-encode. At 1 ms precision, even this would be enough to throw
off such a tracking system.

------
NiekvdMaas
Google cache URL, since the GitHub page is down:
[http://webcache.googleusercontent.com/search?q=cache%3Ablog....](http://webcache.googleusercontent.com/search?q=cache%3Ablog.frite-
camembert.net%2Fgot-leak.html&oq=cache%3Ablog.frite-camembert.net%2Fgot-
leak.html&aqs=chrome..69i57j69i58.3049j0j4&bmbp=0&sourceid=chrome-
mobile&espv=2&ie=UTF-8)

------
nelhage
Why do we think the blur is sufficient? The blur loses information, but there
are presumably a small number of watermarked versions, and a _lot_ of frames.
It's almost certainly possible for HBO to reverse-engineer the blur algorithm
— I bet it's a stock option from a common tool — and then run it over all the
originals and see which produces the best post-blur match.

------
sln
What a terrible post. Every single example is simply security through
obscurity. Once a leaker understands the ways in which a file may be
watermarked, they will likely be able to circumvent it. An example of a
watermarking method that does not fall apart when people know what to look for
would make a very good article. This is not that article.

------
jarxg
This person has no idea of how video production and editing works.

------
higherpurpose
While everyone is thinking how awful this is for HBO, I wonder how much it
will boost the _future_ viewership not just of the reason but for the whole
game of thrones show.

I imagine those who watched it early told all of their friends about the show,
making them watch it too when it came out on TV.

------
circuitslave
I scanned these comments and didn't see any mention of it - I used to work for
a company - [http://www.teletrax.tv/](http://www.teletrax.tv/) \- that used
Philips made hardware to encode video watermarks that were not easily
detectable. We would then use detector hardware in the top (n) markets of the
US and "detect" whenever some channel broadcast a watermarked piece of video.
This was usually used to enforce things like Sony licensing you to show a
movie of theirs (n) times over a given period of time. There's competitors in
that space as well like Nielsen, etc. I am sure HBO is using more than just a
visible watermark to track their content.

------
plorg
Even with a blurred watermark, the mark itself could be enough to pinpoint a
source. At least if the watermark disappears and reappears several times in a
video you could use the timestamps of its appearance and disappearance to
indicate who was responsible for a leak.

------
wslh
There are similar approaches for software. See "Advanced Security Now" [1].

[1] - [http://arxiv.org/abs/1006.2356](http://arxiv.org/abs/1006.2356)

------
mattjjh
The chances of this leak not being steganographically watermarked are close to
zero. The visible watermark is added as well as the invisible watermark just
for the purposes of deterring screenshots.

------
OSButler
This is just a wild guess, but the visible watermark could be the result of a
legal issue. Having hidden tracking elements in such videos could require
disclosing them, whereas a visible watermark could be used to argue that the
viewer is aware of the video being marked and therefore other included
tracking elements do not need to be specifically named.

It has the potential side-effect of the watermark getting blurred out by the
leaker, but leaving other tracking pieces intact.

~~~
greggarious
You're confusing eavesdropping law with tracking in general.

(You're probably thinking of the one party vs two party consent issue:
[https://en.wikipedia.org/wiki/Telephone_recording_laws](https://en.wikipedia.org/wiki/Telephone_recording_laws))

If I were to somehow create a Game of Thrones video file that "phones home",
yes that would need to be disclosed.

If I want to add an invisible watermark to a video file and note who got the
video with that watermark, that is legal.

------
kayfox
I'm not sure you can vary video by anything other than full frames, so you
would have to vary it in 33 ms chunks.

Also, editors would cringe at "varying the length of scenes".

------
Lerc
It's crazy to muck around with timing, When things are quantised to frames you
have very little scope for change without it being very noticeable.

There are a heap of image based ways to encode data. Kerning on the credits,
Position of titling. Minor brightness colour tweaks.

The thing that springs to mind the most. THERE'S A FULLSCREEN WHITE NOISE
EFFECT AT THE START OF THE SHOW. You could stick whatever you want in there.

------
sxp
What happened to the site? [http://blog.frite-camembert.net/got-
leak.html](http://blog.frite-camembert.net/got-leak.html) Now shows a generic
404 and [http://blog.frite-camembert.net/](http://blog.frite-camembert.net/)
shows a github 404. Was the information DMCA'd?

~~~
bru
It's hosted on github pages and I inadvertently deleted the CNAME file when
updating the post:
[https://github.com/brunal/brunal.github.io/commit/89fd81f93d...](https://github.com/brunal/brunal.github.io/commit/89fd81f93dd80d8ba2cea7fee4d345ce3d103129)

It took me ~20 minutes to realize it was gone, you probably tried to hit the
page during that time frame.

------
erikb
I guess we all agree that watermarking the viewable content instead of
thinking about securing/signing the whole data file was not so smart in the
first place.

When I download a video from the Google Play Store I can only watch it for 24
hours or so. I thought there was already a highly protected digital
signature/encryption system involved. Why is that not used for reporter
previews?

~~~
shawabawa3
Anything that is viewable cannot be secured.

The play store can stop you watching the content after 24 hours _on the play
store_. It cannot possibly stop you recording your screen while it's playing
and saving it forever

Preventing leaks is basically impossible, but making them traceable is
possible using watermarks

~~~
erikb
Sounds quite reasonable, actually. Haven't thought about that. Thanks!

------
monkeymolester
The problem with least significat bit approaches mentioned by others is that
they don't survive through re-encoding very well. A much better way of
watermarking IMHO would be to add features (could be patterns, even images or
text) in Fourier space- imperceptible if done correctly, and guaranteed to
survive through encodings.

------
amelius
Perhaps the author should have a look here: [1] and note that transmitting a
message over the air in an undetectable way, and embedding a watermark are
roughly the same thing.

[1]
[http://en.wikipedia.org/wiki/Spread_spectrum](http://en.wikipedia.org/wiki/Spread_spectrum)

------
whelden
Nothing based on time is as simple as this article implies. When movies are
ripped, they tend to have slight adjustments in playback speed as a side
effect, and not necessarily at a constant rate; it can result in a total
language change of a couple seconds. Any playback type analysis needs to be
based on frames.

------
dan00
Wouldn't it be smart to add one easy recognizable and breakable tracking
system and another more hidden one? ;)

------
nissehulth
HBO spins this into a marketing activity. Every news outlet seem to report
about this leak. Remember some year ago, some HBO executive said that GoT was
the most pirated show in the world and that it was better than getting an
Emmy.

Not saying that HBO did leak the episodes, but they do benefit from all the
free marketing...

------
speakeron
The only thing that needed to be done when distributing the review copies was
to ensure that they were 1080p Blu-ray instead of SD DVD. This would have
ensured even more global jonesing to see the 5th episode after after the
cliff-hanger in the 4th.

Apart from that, mission accomplished.

------
AshleysBrain
A smart protection system would be:

1) use stenography or some other subtle process to watermark content

2) put a big obvious decoy watermark in the corner

Leaker chuckles to themselves thinking what a dumb publisher this is, masks
out #2 and releases it. Publisher immediately identifies them by #1.

------
sanp
In the "Scenes Length" section - Should it not be n = k^s and not n = s^k?

~~~
kahoon
I think the same! It is k choices per scene for s scenes.

------
thefreeman
Why does the attacker need a second leak? Can they not just randomly clip each
scene by a few milliseconds? This would defeat the identification, and not be
noticeable to a viewer.

------
smegel
What a load of blogspam. Its like it was written by a kid who didn't bother
researching any of the effective copy tracking systems that already exist.

------
fleitz
It's easily defeated for the same reason that netflix's geolocation stuff is
easy to bypass.

The entire point of the scheme is more subs, not not pirating GoT.

------
towelguy
It makes sense to add the watermark as a low-hanging-fruit tracking system so
the leaker simply stops at blurring it and doesn't look further.

------
golergka
All these methods meddle with films editor's jobs. And, the be frank, their
job is much more important than considerations for piracy: they make the movie
(or tv series) actually interesting. Making them do that (or changing their
tools to support meta-data to do that) would be equal to bothering creative
professionals who are essential to your product's success with mere details.

And, if I remember correctly, GoT producers already said in some interview
that they're not that concerned with piracy anyway.

~~~
nothrabannosir
There's a difference between post-release piracy and pre-release bootlegging.
I would be surprised if this leak doesn't noticeably dampen their view count
for the first four eps. Although that's hard to measure.

------
warrenmiller
Threres a dash that flashes during playback for a while, they may have a
different flashing/timing sequence for each reviewer...

------
RobertoG
I am curious about if somebody with access to two copies can just compare them
and blur the stenographic watermark.

~~~
AlyssaRowan
>The case of a leaker getting her hands on 2 copies is however highly
unlikely.

I'm not so sure about that. Some groups used to have a general practice of
_always_ getting at least two distinct copies from a supplier to avoid burning
sources. And I doubt they just averaged either, but detected discrepancies and
manually eliminated potential areas of interest. A few releases of cracked
software were even actually compiled afresh from source, or were object code
before a wrapper protection was added. Some suppliers were developers
themselves, who weren't always seeing eye-to-eye with their publishers.

Of course, perhaps the 'race' to be first has all but eliminated this from
modern practice. I couldn't say.

------
tempodox
This must be one of those posts you only understand after you've been primed
into some obscure context.

~~~
strangecasts
It helps to be familiar with steganography; the post is basically proposing to
make a unique watermark in a video by changing the starting times of each
scene, and the rest of the post is mostly math to figure out how much you'd
need to alter it to let you identify a single leaker from a given number of
people.

------
ianstallings
Yeah they _forgot_. Just like a crack dealer conveniently forgets to charge
for the first hit.

------
iamleppert
I despise people who use formal equations to explain otherwise simple
concepts.

------
JacobEdelman
All of these systems are security by obscurity. Just suggesting them on a blog
ruins them. Watermarking is not truly possible with current technology, which
means you can't give someone something without given them control over it. Is
that such a bad thing?

------
djyaz1200
Digimarc solved this.

------
jheriko
there is a lot of assumption here... maybe they have tracked it down already?
even so it could have been stolen from the original intended recipient.

------
Htsthbjig
Oh man, this guy is a genius, just make each file different so it cost 10
times as much to make...

It never ceases to amaze me how smart people consider their selves and how
stupid consider the rest of the world are.

------
salibhai
Genius!

