Hollywood Keeps Insisting Tech Is Easy, Yet Can't Secure Its Own Screeners
from the nerd-harder,-nerds dept
We keep getting back to the whole "nerd harder" aspect of those who don't understand technology insisting that technology can accomplish just about anything, if those darn techies would just put their minds to it. We've seen it a lot in the encryption fight, but it's also been a big part of the copyright fights as well -- with Hollywood in particular repeatedly insisting that if these darn techies are so bright, why can't they just create technology that stops infringement. Of course, it doesn't work that way, but the industry still never seems to get it. A good reminder that technology isn't easy should come from this TorrentFreak story, noting that the "secure" system that Hollywood now uses to send out "screener" copies of movies had some pretty serious vulnerabilities, as found by Chris Vickery.Late August, TorrentFreak was contacted by security researcher Chris Vickery of MacKeeper.com who told us that while conducting tests, he’d discovered an exposed MongoDB database that appeared to be an integral part of Awards-Screeners.com.While some will just look at this and mock Hollywood for bad security practices, it does raise more serious questions: if Hollywood can't figure out its own (basic) technology issues, why does it think that the tech industry should solve all its problems for it? If it doesn't even understand the basics, how can it insist that those in Silicon Valley can fix the things that it doesn't understand itself?
“The database was running with no authentication required for access. No username. No password. Just entirely exposed to the open internet,” Vickery told TF.
The researcher’s discovery was significant as the database contained more than 1,200 user logins. Vickery did not share the full database with TF but he did provide details of a handful of the accounts it contained. Embarrassingly, many belong to senior executives
We're already seeing this with the MPAA's ridiculous and misguided freakout over the FCC's plan to have cable companies offer up app versions so that authorized subscribers can access authorized, licensed content. The MPAA and its think tank friends keep falsely insisting that the FCC's recommendation requires the cable companies to ship the actual content to third parties. But the plan has never said that. It only required that third-party devices be able to access the content -- such as by passing through credentials so that the content could flow from the (licensed) cable service to the end user.
The fact that these guys don't seem to understand the basics of how the technology works comes through not just in the fact that they failed to secure their screener system, but also in the policy proposals that they keep making. It's becoming increasingly difficult to take those policies seriously when they seem to be based on a fundamental ignorance of how technology actually works.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: chris vikcery, hollywood, nerd harder, screeners, security
Reader Comments
Subscribe: RSS
View by: Time | Thread
The solution to screener leaks
[ link to this | view in chronology ]
Re: The solution to screener leaks
Have no Online copy's, make sure each BetaMax copy is Watermarked so you can SUE the person that leaked the piss poor copy.
[ link to this | view in chronology ]
Re: Re: The solution to screener leaks
Further on the subject of Betamax players, they made TVs with VHS VCRs built in, yes? Perhaps they made TVs with Betamax as well. Send one of those along with the tape!
[ link to this | view in chronology ]
Re: Re: Re: The solution to screener leaks
[ link to this | view in chronology ]
Re: The solution to screener leaks
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Also, from the movies and TV shows they keep releasing. Even (especially!) the ones that are supposed to be about technology.
Thanks to Hollywood, I now know that it never occurred to Alan Turing that it might be useful to look for repeated words and phrases in German code until he overheard a woman telling an anecdote in a bar.
[ link to this | view in chronology ]
Because like any good Luddite, Hollywood isn't in the business of modifying existing behavior. If you have a government at your beck and call to bully another industry on demand, put laws in place that allow for more money to be funneled to your executives, and keep your working grunts poor so you can lobby for more demands, why would you bother locking your front door when you can scapegoat the same, poor fucker every time?
[ link to this | view in chronology ]
That was your clue?
I dunno... The fact that CSI Cyber managed to get a green light at all was a pretty strong indicator that they still have no clue and no intention of figuring it out.
[ link to this | view in chronology ]
Re: That was your clue?
I like the episode where they enter a building through a furnace because reasons, and then fix a bundle of cut ethernet cables by soldering them back together. Which they keep referring to as "server cables" for some reason.
Based on the life of Walter O'Brien!
[ link to this | view in chronology ]
what we wont acknowledge...
And if they cant PROVE, that every part is COSTING them money, and they can DEDUCT those costs(even when most of it ends up coming BACK to them)(so they can SHOW a 0-negitive Value and NOT pay taxes..)
They dont want to do it..
[ link to this | view in chronology ]
Re: what we wont acknowledge...
If you could get the Movie/TV corps to go back to the 60's..
Every RE-broadcaster, around the USA PAID THEM..to broadcast in ANY/Every area of the USA...
Then CABLE came in..
TRYING to make things Cheaper, but the TV corps already were Strangling things..and a BETTER WAY was NOT what they wanted..
IF they wanted a BETTER WAY...they would setup Satellites.. and Broadcast Direct to every home in the USA...but they would NOT be, BEING PAID 10000 times for every show..
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Well, realistically that should be what they do! Not *insist* necessarily, but when you require expertise from other industries to fix problems for your company then it's a good idea to hire experts from that industry rather than fumble around yourself. You have an issue that needs solving, you hire experts and listen to their recommendations.
The problems are that the entertainment industry is trying to dictate what should be done, then rejecting the informed knowledge of those in the tech industry who disagree with them. This could be an amicable discussion, but one side is fundamentally opposed to a realistic negotiation. Mainly because they really, really want a magic wand, but are happy to settle for a handy scapegoat instead.
[ link to this | view in chronology ]
It's not their fault!
How come all these fools fail to do their part in protecting America's future?
[ link to this | view in chronology ]
Not in a cinema near you.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Hollywood people watch too many movies
Too bad we don't live in a movie.
[ link to this | view in chronology ]
Re: Hollywood people watch too many movies
[ link to this | view in chronology ]
The real problem
[ link to this | view in chronology ]
I think this argument is below you
In any other venue, how would this argument pan out? "If {Masnick} can't figure out his own {abdominal surgery} issues, why does he think the {surgeon} should solve all his problems for him?" We both know they're spitting in the wind, but constructing the argument this way makes you sound like a partisan pundit poking at the opposition rather than a considered thinker pointing out the gaps in a flawed system.
Yes, they're off-base, but calling on experts to exercise their expertise when you're not an expert really isn't a basis for mockery.
[ link to this | view in chronology ]
Re: I think this argument is below you
This analogy isn't apt. In the case of Hollywood's own security, their problem could have been solved by hiring better security people but they elected not to. And they clearly have the money to be able to afford better security.
And it was reasonable of Hollywood or the government to ask for secure backdoors the first time. What was unreasonable was that after every expert came back with "what you are asking is not just difficult, but mathematically impossible." they just kept asking for it again and insisting it was possible in the face of all facts showing otherwise.
They aren't asking surgeons to figure out routine abdominal surgeries. They're demanding that the government make surgeons figure out how to turn a person's stomach into an extra pair of lungs that only breaths in oxygen but never carbon monoxide. And then getting pissy about some one chiding Hollywood for their lax security practices is like getting mad that the doctor told them they should quit smoking.
[ link to this | view in chronology ]
Re: I think this argument is below you
A couple of problems with this analogy. First off, Mike would actually be paying the surgeon for these services, not just demanding them because surgeons make a lot of money these days.
Secondly, I highly doubt that Mike (or any rational person) would insult, threaten to sue, actually sue and/or use their influence/money to buy favorable laws against their surgeon prior to asking for their services.
[ link to this | view in chronology ]
Re: I think this argument is below you
[ link to this | view in chronology ]
Re: I think this argument is below you
Sure, it's exactly like that. If every surgeon in the country already told him, "Mr. Masnick, I assure you that abdominal surgery will not help you with your broken leg."
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: why can't they just create technology that stops infringement
but I don't think they'll like the solution.
Part of the benefit of a free market, is the ability to "vote with your feet". But for a lot of this media, the aristocratic market makers are not easy to distinguish from the value created by the artists.
Tech can correct that. There should be a way to digitally tag douche baggery in audio and video content. And by doing so, I should just be able to filter out Sony, and Paramount without every having to see any of their content or advertisements AT ALL.
Code wise, this is basically a big database and review system derived from corporate registration documents, mated to a browser plugin. If I had the staff available, it'd have been done years ago.
These guys want code that makes their shit easy to distinguish... So do we. Lets work on that together, shall we?
[ link to this | view in chronology ]
Why can't the film industry
[ link to this | view in chronology ]
They declared war on technology & are shocked that technology doesn't much care for them.
Rather than work with, they opted to dictate what they want and expect everyone else to keep paying the bills.
Content ID cost a pretty penny, yet they contributed nothing to its development, other than screaming its not enough.
Flawed DMCA notices, companies pay entire departments to weed through the millions of notices a day & give them nothing for having to deal with bogus notices.
Technology that would improve all sorts of things, they imagine a way it might hurt their dated business model and demand it be killed.
They managed to get stipends to their bottom line taking in cash because a storage medium COULD be used to 'steal' from them.
We keep paying to support them, perhaps its time to let them learn to walk on their own... they've had training wheels far to long.
[ link to this | view in chronology ]
Re:
DMCA notices are still going to be sent whether you abide by them or not, but you will be liable under the law if you ignore them. Content ID is a bunch of shit, but it exists so that YouTube could continue to exist - the company was incredibly facing lawsuits for content it was authorised to host, let alone the independent content that depended on fair use, etc. It was endangered even before you consider any actual infringing content.
The problem here isn't what the tech companies are doing. It's that the people who make them laws that restrict and threaten them don't know anything about technology. You can't leave the legacy corporations to "learn to walk on their own", because they've bought those lawmakers.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
ACTUAL VS PSEUDO QUANTUM FIELD FLUX INTEGRITY
.
Simply put!... and again!... believe it, or not!... a soul of evil intent is like one broken piece of the bar magnet (AT THE QUANTUM LEVEL!), and a soul of sound intent is like the remaining broken piece!... AND NEITHER PIECE WILL BE COMPATIBLE!
.
The souls of evil intention (EVIL QUANTUM FIELD FLUX!) are desparately trying to "INFLUENCE (GAIN 'QUANTUM MAGNETIC FIELD FLUX CONTROL'!)" over "ACCESS AND PRIVACY (I.E., OVER 'DENIED AND IMPACTFUL' QUANTUM MAGNETIC FIELD FLUX!)" of those of good intention, while those of good intention (GOOD QUANTUM FIELD FLUX!) are "matter of factly" successfully "INFLUENCING (GAINING 'QUANTUM MAGNETIC FIELD FLUX CONTROL'!) over "ACCESS AND PRIVACY (I.E., OVER 'DENIED AND IMPACTFUL' FIELD FLUX!)" of those of evil intention!
.
And inasmuch!... as the power of those of evil intention can never achieve CORRECT QUANTUM MAGNETIC FIELD FLUX INTEGRITY!... AND THERBY, QUANTUM MAGNETIC FIELD FLUX CONTROL (although!... at times!... it may APPEAR to those of "little faith" that those of evil intent have achieved CORRECT QUANTUM MAGNETIC FIELD FLUX INTEGRITY!)!
.
Please!... no emails!
[ link to this | view in chronology ]
ACTUAL VS PSEUDO ULTIMATE NUMERIC AND MATHEMATIC CONTROL
.
Please!... no emails!
[ link to this | view in chronology ]