Friday, November 5, 2010

Pirate TV

BitTorrent is a pretty amazing way to get "completely legitimate" TV recordings. Using it, you can distribute bits around a network so efficiently that a several-hundred-megabyte file can be distributed to tens of thousands of people within an hour or two. It's not perfect, but it's so close to optimal that nobody's been able to improve upon it significantly in the past decade. That's pretty amazing, given the speed at which technology advances - ten years is an eternity.

So. What would it take to significantly improve upon BitTorrent in this space?

I have this crazy idea for a protocol that should allow for secure p2p-style live streaming video. Basically, you'd have a single video source, streaming through a tree of nodes that act as stream multipliers to get it widely distributed. Repeaters within the network would have the option of restricting client access based on whatever they wanted - invite-only access, or an add-supported stream, or a micropayment scheme (let's pretend I didn't just open up a can of worms), or something else. All connections would be SSL-encrypted (using both server and client certs would be used, since clients need to be authenticated as well), and some sort of forward error correction encoding would be useful too, I guess.

Inevitably, The Man is going to try to shut this down, so we need to think about defenses. One of the weaknesses of BitTorrent in this area is the tracker, which works by giving out users' IP addresses to entire swarm to facilitate downloads. With connections managed by the user, the data on connections remains a lot more private, so users can't be easily tracked.

The video source needs extra protection, because it represents a single point of vulnerability for a network. The easiest way to track it down would be traffic analysis. This can be mitigated by having a network of a few dozen fast machines (the video source among them) all start sending data to each other at once; most of the data being passed around will be garbage data, but an eavesdropper can't know that because all connections are SSL-enabled. Thus, a dedicated attacker could narrow the source down to one of several nodes, but its location within that group of nodes can be effectively hidden.

I'm not arrogant enough to think this protocol is any good, to be honest. (The incentives are incredibly sloppy, for one thing - it's an area that I hadn't started thinking about until yesterday.) The point I really want to make here is that better p2p protocols that BitTorrent exist; they just aren't being deployed because BitTorrent is widely-used and good enough. It's something that anybody who works against piracy needs to keep in mind: the successor to BitTorrent is going to be a lot harder to shut down, and it's going to appear out of the woodwork as soon as BitTorrent is no longer an attractive option for pirates.

No comments: