Overview
Week 1 - January 17, 19
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
1
Survey
Please fill out course survey
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
2
Faculty and TA introductions
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
QuickTime™ and a
TIFF (Uncompressed) decompres
are needed to see this picture
Lorrie
Cranor
Rahul
Tongia
Dave
Farber
Serge
Egelman
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
3
Syllabus
 http://cups.cs.cmu.edu/courses/compsoc-sp06/
 Books
 Class schedule
•
•
•
•
Subject to change - check web site for latest updates
Topics
Guest speakers
Research and communication skills
 http://cups.cs.cmu.edu/courses/compsoc-sp06/skills.html
 Homework
 Quizzes
 Class Debates
 Project
 Course requirements and grading
 Class mailing list
• http://cups.cs.cmu.edu/mailman/listinfo/compsoc
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
4
Cheating will not be tolerated
You must do your own homework
It is acceptable to discuss the reading
assignments and general approaches to
solving homework problems with your
classmates
It is not acceptable to discuss detailed
homework answers or to copy homework
answers from other students
Hopefully you already knew this….
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
5
Research and Communication Skills
CMU Policy on Cheating and Plagiarism
CMU Policy*:
Plagiarism includes, but is not limited to, failure
to indicate the source with quotation marks or
footnotes where appropriate if any of the
following are reproduced in the work submitted
by a student:
1.
2.
3.
4.
5.
A phrase, written or musical.
A graphic element.
A proof.
Specific language.
An idea derived from the work, published or
unpublished, of another person.
*http://www.cmu.edu/policies/documents/Cheating.html
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
6
Research and Communication Skills
This is serious
 Consequences of plagiarism in this class range
from zero credit for entire assignment to failing
the course to recommendation of university
disciplinary action
 Publishers and professional societies have
plagiarism policies too
 The Internet makes it easy to plagiarize
• Students are frequently cutting and pasting off the
Internet without proper quotation and/or citations
• Students are buying papers off the Internet
 The Internet also makes it easy to catch
plagiarizing
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
7
Research and Communication Skills
Avoiding plagiarism
 If you use someone’s specific words, put them in
quotes and cite the source
 If you use someone’s ideas expressed in your
own words, cite the source
 If you paraphrase, summarize in your own words,
but still cite source
• Don’t use same sentence structure with a few word
substitutions
• If you use some of the source’s words, put them in
quotes
 When in doubt, put it in quotes and cite the
source!
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
8
Research and Communication Skills
Misuse of sources
 Quinn (Appendix A) distinguishes between deliberate and
non-deliberate attempts “to conceal the source of the
words or ideas”
• Deliberate = plagiarism
• Non-deliberate = misuse of sources
 If you are accused of plagiarism, it may be difficult to
convince people that what you did wasn’t deliberate
• In this class we are warning you about plagiarism and misuse of
sources and will therefore assume that if we see something that
looks like plagiarism, it is deliberate
 So… be careful not to misuse sources
• It is not sufficient to simply cite a source when you copy material
verbatim - you must put the words in quotes!
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
9
Research and Communication Skills
Good resource on avoiding plagiarism
http://www.wisc.edu/writing/Handbook/QPA
_plagiarism.html
Includes nice examples of good and bad
paraphrasing
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
10
First homework assignment
http://cups.cs.cmu.edu/courses/compsocsp06/hw1.html
Due January 26
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
11
Discussion of course surveys
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
12
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
13
What is ICT?
 “Information and Communications Technology”
• Largely a non-US term
• IT and Telecom = US parlance
 Can be as broad or as narrow as one defines
• What are the departments within SCS?
 How important is ICT?
• GDP – non-trivial but modest share
 Measurements are difficult
• Major component of economic growth (productivity)
 Measurements are even more difficult
• Is information a source of competitive advantage?
 “Knowledge Economy”
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
14
Components of ICT: 4Cs
 Computers
• All devices part of a computing system
• More than PCs
 Connectivity
• More than just the Internet
 Content
• Inputs and/or outputs;
• Software and embedded software
 (human) Capacity
• Ability to use ICTs
• Includes literacy, e-Literacy, etc.
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
15
Which is a Computer?
Husqvarna Viking Sewing Machine
Aprilaire Thermostat
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
16
What is a Computer?
Many definitions…
E.g.,
Any device that applies a set of rules to
systematically and consistently perform
calculations or operations (“algorithms”) on any
chosen set of data or information to produce
an output or lead to a defined state
Many devices are computers, e.g.,
calculators, cell phones, etc.
• Is a remote car opener a computer?
Computers per se are not very intelligent
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
17
Computers are EVERYWHERE
Don’t need to be digital…
Don’t need external software…
Can be part of a larger device that is
ostensibly not about the computing
• Cars – more value to the computing
components than the steel
Are humans computers?
• We have aspects of computers in us
 Adding up number of students in this class
 Cellular automata and genetic material?
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
18
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
19
Research and Communication Skills
Selecting a research topic
 Brainstorm
•
•
•
•
What are you interested in?
What would you like to learn more about?
What topics might be relevant to your thesis?
What topics might be relevant to your future career?
 Select a small number of candidate topics
 Read
•
•
•
•
•
How much information seems to be available?
Is this topic over done?
What open questions or points of conflict are there?
Do you still find this topic interesting?
Do you have the skills necessary to pursue this topic?
Feel free to
discuss with
professors
or TA
 Focus
• Select a topic
• Define a focused research question
Paper topic due March 2
 Read some more
• Conduct a “literature review”
• Adjust your topic as needed
Outline and bibliography due April 6
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
20
Current Issue:
Analysis of Security Vulnerabilities in
the Movie Production and Distribution
Process
Lorrie Cranor
Joint work with
Simon Byers, Dave Korman, Patrick McDaniel, Eric Cronin
Unauthorized copying of movies
Estimated annual revenue losses
due to unauthorized copying of
movies
QuickTime™ and a
TIFF (Uncomp resse d) de com press or
are nee ded to s ee this picture.
• Via physical media: $3 billion (2003)
• Via Internet: $4 billion (by 2005)
Arguably, these estimates are high
• Why?
Even so, a lot of money at stake
and problem is growing
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
22
Focus of MPAA’s public discussion
Shutting down mass
production and
distribution of pirated
movies
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
• Relatively easy, non-controversial
Schemes to prevent consumer copying
• Broadcast flag
• Digital rights management
• Trusted computing
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
23
Concerns about DRM proposals
May restrict reasonable uses, including
uses falling under “fair use”
May chill innovation
Some industry proposals would restrict
functionality of general purpose computers
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
24
Broadcast flag
November 2003 FCC ruling would have
made it illegal as of July 2005 to
manufacture or sell devices that receive
over-the-air digital TV broadcasts unless
they contain certain copy protection
technologies
Many consumer and industry groups
raised concerns
Court of Appeals ruled that FCC did not
have the right to regulate this
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
25
New security measures
In spring and summer of 2003, movie
industry began acknowledging publicly
need for stronger security measures
• Industry insiders publicly critical of security
practices
• Security measures at pre-release screenings
 Security guards with night vision goggles
 Metal detectors
 No cell phones
• No pre-release screenings for some movies
• Compressed release time frames for some
movies
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
26
That didn’t prevent The Hulk from
showing up on the Internet two weeks
before its theater release date
Quic kTime™ and a TIFF (Uncompress ed) dec ompres sor are needed to s ee this pic ture.
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
27
Maybe helped find source of leak
Copy on Internet had obliterated water
mark
• Not clear whether this was actually used to find
source of leak
Arrest was made within 3 weeks of leak
• Kerry Gonzalez pleaded guilty to a single count
of felony copyright infringement
• Fined $5K + $2K damages and 6 months
house arrest
• Obtained pre-release video tape of “work print”
from friend, who got it from employee of print
advertising firm
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
28
Where do copies come from?
 Press reported some anecdotes, but no publicly
available data
 This data could be useful for improving security
and for more informed policy debates
 Our research approach:
• Understand movie production and distribution process
 Interviews with insiders and experts
• Gather data about unauthorized copies of movies on
the Internet
 Empirical study
• Analyze security vulnerabilities in movie production
and distribution process
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
29
Many opportunities for “leaks”
 Leak = first unauthorized copy or use
 Insider (thousands of potential attackers):
•
•
•
•
•
•
Editing room
Marketing
Projectionist
DVD factory
Retail employee
Oscar screeners
 Outsider (millions of potential attackers):
• Camera in cinema
• Consumer copying videos, DVDs, broadcast
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
30
Many opportunities for “leaks”
 Leak = first unauthorized copy
 Insider (thousands of potential attackers):
•
•
•
•
•
•
Editing room
Marketing
Projectionist
DVD factory
Retail employee
Oscar screeners
Usually not good quality
Usually not fresh
 Outsider (millions of potential attackers):
• Camera in cinema
• Consumer copying videos, DVDs, broadcast
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
31
Empirical study
Identify every movie in box office top 50
from January 2002 to June 2003
Find fingerprints (checksums) and posting
dates from Content Verification Site
Download 5% of each movie clip
Watch them, identify quality and source
• TTA, VHS, DVD
• Insider vs. outsider
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
32
Identify box office top 50
http://www.rottentomatoes.com/movies/box_office.php?rank_id=362
We used perl
scripts to crawl
Rottentomatoes
and gather top
50 data for 18
month period
409 movies
312 first
released in US
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
33
Find fingerprints and post dates
We used perl
scripts to
search
ShareReactor
for films
Some fine
tuning was
necessary to
get data on the
correct films
Found 183/312
movies, some
with multiple
samples
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
34
Fetch small bit of each movie
 MLDonkey
• Open source peer-to-peer client
• Content divided into blocks, client downloads multiple
blocks simultaneously from different sources, can stop
and resume downloads
 Used perl script to download 8% of one file for
each movie (some movies stored in multiple files)
- usually resulted in a complete block from
beginning and end of movie
 285 viewable samples of 183 movies
• 18 gigabytes of data
• 200 MHz computer and cable modem
• Took one week to download
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
35
Classification
Insider if:
•
•
•
•
Appeared prior to cinema release
Editing room artifacts
Industry related text or overt watermarks
Good through-air video capture but apparently
direct captured audio and appeared prior to
DVD/VHS release date
• DVD quality and appeared prior to DVD
release date
Otherwise outsider or unknown
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
36
Insider: editing room artifacts
QuickTime™ and a TIFF (Uncompress ed) decompress or are needed to s ee this picture.
QuickTime™ and a TIFF (Uncompressed) decompressor are needed to see this picture.
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
37
Insider: Watermarks/Text
QuickTime™ and a TIFF (Uncompressed) decompressor are needed to see this picture.
QuickTime™ and a TIFF (Uncompressed) decompressor are needed to see this picture.
QuickTime™ and a TIFF (Uncompressed) decompressor are needed to see this picture.
QuickTime™ and a TIFF (Uncompressed) decompressor are needed to see this picture.
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
38
Outsider
Through the air video
QuickTime™ and a TIFF (Uncompress ed) decompress or are needed to s ee this picture.
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
39
Findings
183 of 312 movies found on Internet (59%)
285 different rips
77% were insiders
78% DVD quality
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
40
When do movies appear online?
2.2% movies appear before theater
5% movies appear after DVD
Theater release
DVD release
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
41
Our paper
 Published in DRM03
workshop
 Presented at TPRC
 Covered in NYTimes,
CNN, Wired,
Hollywood Reporter,
and elsewhere
 Quoted in
Congressional and
FCC hearings
http://lorrie.cranor.org/pu
bs/drm03.html
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
42
Implications
High rate of insider leaks and timing
suggests that consumer copying is a
relatively minor problem (at time of study)
Opponents of broadcast flag and other
MPAA proposals have cited our study to
argue that the movie industry should clean
up its own act before imposing restrictions
on consumers
MPAA called our study “flawed”
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
43
But two weeks later
QuickTime™ and a
TIFF (Uncomp resse d) de com press or
are nee ded to s ee this picture.
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
44
Coming back to p2p…
 Assuming the insider problem can be solved,
unauthorized copying of consumer DVDs likely to
increase
 Unauthorized copies of movies, music, software,
etc. are continuing to propagate over p2p
networks
 Anonymous p2p networks may make it very
difficult to identify source
 What should be done?
• Make p2p illegal
• Make online anonymity illegal
• Mandate DRM
Computers and Society • Carnegie Mellon University • Spring 2006 • Cranor/Tongia/Farber • http://cups.cs.cmu.edu/courses/compsoc-sp06/
45