[mythtv] Proposal for Zap2It labs

[Justin Moore]

> > This would help Zap2It track down the ones leaking their listings, allow
> > us TOS-abiding users to keep our listings, and generally keep everyone
> > happy.  Obviously there are more details to work out, but this general
> > approach could be feasible.
> 
> … until the abuser opens two accounts, and easily identifies, and 
> eliminates, the trivial differences between the two sets of listings,

OK, let's say the abuser has two accounts, $a$ and $b$.  They download
both set of listings.  They find $N$ instances in which the two accounts
differ.  Now what?  Which one is the "valid" copy and which one is the
tagged one?  Let's say they open a third account, $c$.  They download
those listings.  Of the $N$ places in which $a$ and $b$ disagree, they
find $X$ cases where $a$ and $c$ agree but $b$ doesn't, and $Y$ cases
where $b$ and $c$ agree but not $a$.  Furthermore, there are $Z$ cases
where $a$ and $b$ agree but $c$ doesn't.

If done properly -- and I'm sure there's work in the crypto community on
this type of problem -- you can force the abuser to open larger and
larger numbers of accounts in order to (a) detect the changes, and (b)
evade detection.  I'm not a cryptographer myself, but I'm certain it's
possible to design a system such that it's easy for Zap2It to make the
changes, difficult for the "bad guy" to isolate those changes, and easy
for Zap2It to link leaked listings back to opened accounts.

-jdm

-- 
Department of Computer Science, Duke University, Durham, NC 27708-0129
Email:  justin at cs.duke.edu
Web:    http://www.cs.duke.edu/~justin/