p2pnet - rss feed: EFF unravels SafeMedia’s Clouseau
p2pnet.net news:- “Inspector Jacques Clouseau is, you’ll recall, Peter Sellers’ brilliant characterization of a ridiculous, ham-handed French gendarme who wends his way through the Pink Panther series getting everything it’s possible to get wrong, wrong. And when he does succeed, it’s by mistake.”
And that, as p2pnet wrote in mid-March, pretty much sums up Clouseau, an anti-p2p item from a company calling itself SafeMedia and whose adspeak skills far exceed the power of its product.
SafeMedia’s extravagant claims caught the eye of many members of the mainstream media who’ve been parroting its press releases in much the same way they repeat everything issuing from the RIAA and/or MPAA as though it’s credible.
But the EFF’s (Electronic Frontier Foundation) Peter Eckersley zeroes in on Clouseau in Deep Links >>>>>>>>>>>>>>>>>>
A few years ago, EFF debunked an anti-P2P packet filtering technology sold by Audible Magic. Twice. The notion that universities can just buy a piece of software to end file sharing on their networks forever is false. But it keeps coming back.
The latest product of this sort is from a company called SafeMedia. Its website is covered in dramatic marketing newspeak and includes a weird appeal to the Congress to install its software in “every public and private institution receiving Federal funds“.
[Warner Music, EMI, Vivendi Universal and Sony BMG’s RIAA (Recording Industry Association of America) virtually took Audible Magic by the hand and walked it through Congress, so Why not us too? - SafeMedia is undoubtedly thinking - Ed]
So what are they selling, really?
SafeMedia’s flagship filtering product is called Clouseau - suggestively named after the hillariously incompetent detective played by Peter Sellers in the Pink Panther movies.
The press release makes some grand and misleading claims:
‘Pirates are smart and innovative, and so is Clouseau®. Our technology is dynamic, sees through all multi-layered encryptions, adaptively analyzes network patterns and constantly updates itself. Packet examinations are noninvasive and infallible. There are no false positives.’
Wow. We wonder if it sees through the encryptions with a comically big magnifying glass?
It’s hard to be certain from marketing-speak on their website, but it appears that «Clouseau» works in two ways:
1. Recognizing protocol-identifying “magic numbers” or other distinctive patterns inside individual packets from a particular protocol (like Gnutella, or eDonkey, etc).
2. Building up a “profile” of traffic by looking at a series of packets.
A system like this could indeed block many of the p2p protocols that are widely used today (including some encrypted protocols, without breaking the encryption). It certainly isn’t, and will never be, “infallible.” In fact, the claim is ludicrous. Detecting encrypted file sharing networks is very difficult, and blocking them without interfering with other encrypted protocols like HTTPS, IMAP/S, or SSH is next to impossible.
To illustrate this, suppose that SafeMedia attempts to block a program like Allpeers. They might succeed in doing so briefly, because the program tries to make its encrypted SSL conections over TCP port 36000 at first and only later switches to port 443 (the HTTPS port). On a TCP/IP network like the Internet, eavesdroppers can see the port numbers even if they can’t decrypt the traffic. So if Clouseau was clever enough, it would remember the initial 36000 connection and stop that machine from using port 443 later (blocking https websites as a side-effect).
But if Clouseau started doing this, Allpeers could change their software to use port 443 from the beginning. If the SafeMedia engineers were really good, there might be another round of cat-and-mouse as Clouseau tried to perform traffic analysis on the sizes and timings of the encrypted packets, and Allpeers started changing their sizes and timings to look like a more typical https website.
Filtering tools merely drive the development of sharing tools that are resistant to monitoring (including small networks like Allpeers, and encrypted versions of BitTorrent and eMule), and drive students to start using them. They don’t get us any closer to a real solution that gets artists paid while letting fans continue to share music. Universities are already being forced to expend significant resources doing the RIAA’s dirty work, and they should think very carefully before implementing expensive tools like SafeMedia’s.
Stay tuned.
Also See:
p2pnet - Clouseau takes on The Pirates!, March 13, 2007
Deep Links - More Ludicrous Marketing Claims About P2P Filtering, April 9, 2007
If your Net access is blocked by government restrictions, try Psiphon from the Citizen Lab at thIs the endSurvey: How Did Copyright Infringement Become Equated with Robbery? (of the Net) nigh?zze University of Toronto’s Munk Centre for International Studies. Go here for the official download, here for the p2pnet download, and here for details. And if you’re Chinese and you’re looking for a way to access independent Internet news sources, try Freegate, the DIT program written to help Chinese citizens circumvent web site blocking outside of China. Download it here.
Use free p2pnet newsfeeds for your site. It’s really easy!
Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile - http://p2pnet.net/index-wml.php
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details. Download here.
April 11th, 2007 at 7:33 am
Ironic that an anti-piracy software company pirates the name of their product. Will Columbia sue them?