Of course, but typically quality suffers significantly, so what you get isn't as good as the original and that in itself is a deterrent for a lot of people.
Also, some modern watermarking techniques can survive conversions like this, so if anyone is making a habit of recording content from a service using watermarking and redistributing it on a scale that justifies taking serious action, it'll be pretty easy to prove who it was when the lawsuit comes up.
> it'll be pretty easy to prove who it was when the lawsuit comes up
Perhaps. But this person can always claim that it was done by an external hacker. In fact, it can be done by an "external" hacker, and it will be if these guys are smart.
I'm sure that's an appealing argument if you don't like DRM, but the reality is that someone who ripped content marked to their personal account, which server logs show did access the content in question from their usual IP address etc., is going to have a tough time convincing any court on the balance of probabilities that some unidentified bogeyman actually did it.
> Also, some modern watermarking techniques can survive conversions like this, so if anyone is making a habit of recording content from a service using watermarking and redistributing it on a scale that justifies taking serious action, it'll be pretty easy to prove who it was when the lawsuit comes up.
How many compromised netflix accounts do you think are floating around? At some point the bits have to actually go to a display device as well, which can always be tapped.
If a compromised account was used, presumably the server logs will show an unusual access pattern on that account, in particular involving the content that has leaked being accessed from an unusual location. And then presumably the person whose account was used will have to make a convincing case that they shouldn't be held responsible for access using their credentials anyway.
Ok, what if a machine is compromised (there are millions of zombie boxes out there)? Someone can gain access, do their stuff and then upload the result. Are they going to start suing grandmas with weak wifi passwords? That worked so well for the RIAA last time.
Then it'll be up to the person whose account was accessed to provide some evidence that something like this happened and that it wasn't their fault. That's how these things work. You go to court, you make your case and the other side makes theirs, and the court draws its conclusions and acts accordingly.
However, you don't just get to conveniently avoid taking any responsibility when there are videos being distributed that are specifically linked to an account you signed up for that clearly said you couldn't redistribute the content you got through it, just because there's some vaguely possible alternative that might have once happened somewhere maybe.
A compromised account is a vague possibility? I'm not amazing at these things, but I could probably access a WiFi network unconnected to me, mask my IP to a different location, and acquire a random Netflix account in a couple of hours. These things are likely, and wrongful lawsuits greatly damage the company while successful ones provide a minimal benefit.
I'm not amazing at these things, but I could probably access a WiFi network unconnected to me, mask my IP to a different location, and acquire a random Netflix account in a couple of hours.
Really? How would you do that, exactly?
If you're looking online and find camcorder copies of videos that were served to a specific customer at a specific time, as confirmed by the watermarking, and your server logs show that that stream was sent to the customer's usual IP address at the time in question, what are the odds that they were the victim of a carefully crafted hack of the kind you're implying, and not just someone who set up a camcorder to record from their own account?
Wireless isn't very secure, you're mileage may vary on the encryption mechanism but here is a guide to hacking WPA networks (with WEP it takes seconds):
From there you can try a range of known exploits and gain admin access to a PC, after that it's game over, they can run what they want, when the want. There is no careful crafting necessary, the process can be largely automated.
We aren't talking camcorder copies, but exact digital replicas from the netflix stream.
WPA2 is reasonably secure and has been the standard for home and business WiFi for years.
In any case, merely compromising WiFi won't get you someone's Netflix account. The Netflix data itself, including the credentials, are all encrypted.
As for taking over someone's PC, that's far beyond the average pirate, and you're talking about serious criminal offences on top of mere copyright infringement at that point.
And even then, we're not necessarily talking about being able to make exact copies of the stream. The whole point of hardware-backed DRM schemes is that just because you can run software on the PC, that doesn't mean you can access the unencrypted data stream.
So again, how exactly were you planning to do this? What you're talking about is far beyond the average script kiddie or casual pirate.
Remember, we were talking about convincing a court that it was more likely that someone did all of this and that was how a watermarked copy of protected content got out than that the person whose account was used to download that content then somehow shared it. A slight possibility that professional pirates who are also expert crackers chose that particular customer to pick on and left no evidence having done so isn't likely to be very convincing.
I can't figure out why you've added this ridiculous "need to use their computer" part, that would be necessary for a successful lawsuit but suing random Netflix users will look terrible even if the court clears them in the end. But OK...
WPA2 is reasonably secure, but most home instances aren't set up well. They often have WPS enabled or a guessable password. Plus weaker set ups are still easy to find. Once you're on, redirect Netflix to a site to grab their info, record the stream from a computer outside their house. This is needlessly complex for what is needed, find a compromised Netflix(+email?), record.
Netflix serves over HTTPS and uses HSTS. Under most circumstances, you aren't going to be able to MITM them and "grab their info" even if you've compromised their WiFi.
You keep coming up with these claims about how easy this is, yet you also keep missing basic technical points about the system actually works. As I've said before, if there is actual evidence that someone's account was compromised then they can produce that as part of their defence in court. However, if content that is watermarked to a specific account turns up all over the Internet, that is evidence suggesting that the person in question has infringed copyright, and that does need a real defence if the rightsholder chooses to take legal action accordingly.
Yes, and people are so great at making sure they access https addresses and never ignore a "this may not be secure" warning.
And you're still ignoring the major parts. What someone actually needs to do is much easier than all this, and Netflix has already lost if they end up in court with an innocent person.
If you want me to prove accounts have been compromised, look at all the account breaches over the past few years, think of how many reuse passwords.
> That's how these things work. You go to court, you make your case and the other side makes theirs, and the court draws its conclusions and acts accordingly.
Currently the burden of evidence is far too low. Something being done with my account, or even my machine is not evidence that I've done anything wrong.
> However, you don't just get to conveniently avoid taking any responsibility when there are videos being distributed that are specifically linked to an account you signed up for that clearly said you couldn't redistribute the content you got through it
How are we supposed to take responsibility for the actions of others? Should we be liable for crimes committed due to the insecurity of home networks? If so the computer industry has much bigger problems than DRM.
That's why we have laws to apply negative externalities like very large jail sentences if you're caught distributing a file that you created by taping a movie off-screen.
