Friday, March 30, 2012

Investigative journalism: the pirate wars

Even though SOPA, PIPA, ACTA are almost defeated or in serious trouble, the war with the pirates are far from over.  The massive p2p lawsuits in UK are back, even though the last lawyer involved was utterly destroyed.  In US, ISP's are preparing to deploy in summer what they agreed to do, patrolling their users and deal with repeat offenders.

To deal with piracy, the internet is in danger of unconstitutional censorship and even loss of the guaranteed right of anonymity.  You can blame the pirates for coming to this.  My guess is, with or without the pirates, the internet is heading that way anyway.  Pirates is just the right excuse.  I may not be right.  But one thing is certain, the pirates will always become defenders of the constitution by the things they fight for.  One is unknown.  One is certain.  Which side do you take?

We shouldn't have to care.  If we are not one percent of the one percent, who cares if someone is losing money?  Punishment should fit the crime, not using severe punishment as scare tactics just because those losing money are rich and powerful.

You know from my other blog I like to investigate myself. I want to see who's going to win the next round.

Megadownload and such are money making schemes.  They have no efficiency and can't handle 3D movies 10 to 20 Gb each.  So I look at bittorrent as an indicator.
 
If you do a simple search using Google, all the great movies and great games are there, in all the formats.  BT isn't going to go away soon.

The Ship

The bittorrent protocol is an open book where everybody knows everybody else.  There are ways to cut down your exposure - private trackers, seedbox, VPN.

Private trackers are like private clubs.  Because of the small numbers of users swamping a torrent, it's much more inefficient to track down all the users.  Users are sort of screened but there's no guarantee that management are not compromised.  They have your IP just like public torrents.

Since you only need the most basic virtual server and website to run these clubs, they are almost untraceable.   There are pretty good open source software for exactly this purpose.  I'm sure they don't keep any logs.  But the hosting company of these servers still may have connection logs, depending on the jurisdiction.  There are in theory free if you want, but finding the right ones and begging to join is a hassle, on top of the hassle of juvenile management.

Seedboxes are typically servers in the cloud that performs the bittorrent download for you.  All you have to do is to download or stream the completed files into your computer.  Amazon servers in the cloud are pretty good seedboxes, but since they charge by bandwidth, HD and 3D movies are out of the question.  Because you have to seed, upload while downloading, you end up with twice the bandwidth usage.  For a ten Gb movie, you are charged twice.  It end up costing some $5 dollars for a 3D movie, which is a great deal but you can have it for free.

In Europe the cloud servers are not charged by bandwidth.  They become heavens for seedboxes.  Unlike Amazon, owning a server still cost too much for individuals.  But typically seedbox operators hire a server and split it into seedboxes to resell to end users.  But be careful that the server providers do not allow bittorrents.  So these resellers may come and go, along with your money.

The weak link in seedboxes is the final download into your hard drive.  Your IP has to be exposed.  You can use proxies but fast and reliable and untraceable ones cost money.

Typically if you are a movie junkie, you need a seedbox.  If you are a causal user, like at most a movie every two days, you don't need a seedbox.  A basic boardband connection at home, the simplest netbook can do all the work in the background.  It's even better if you have an old spare computer, or a cheap media computer attached to your TV.

If you do your bittorrent pirating at home, my source's advice is to hire some VPN provider.  A http or socks proxy for the browser won't work as bittorrent clients now use udp as well.  VPN has been called transparent proxy.  When the VPN is turned on, every net traffic goes through it so you don't have to set the proxy of individual applications.   There's no DNS leak unless you keep using your ISP's DNS server.

VPN typically cost the least of the above because it doesn't provide anything other than "anonymous" connection.  Operators have no fear of being targeted.  You can always use VPN on your last leg whatever you decide to use, which decreases your traceability.  Also, the consideration of choosing a VPN is the same as choosing other services.  Our further investigation is on VPN.

Other anonymous services such as TOR and Jondo are two slow or two expensive for huge movies.

The Base

Ironically, having real pirate problems, the Republic of Seychelles is heaven for pirates and legitimates business to setup off shore companies.  Company officials are anonymous (with records kept securely in the Republic).  That adds confidence if these people can hardly be identified, how can you?

The worse VPN or other services you can have is based in Europe, where they have the data retention laws.  When they receive a court order, they just have to give up your IP when you connected to them some 6 months or two years ago.  However, many countries haven't implemented the laws yet, and some like Germany are still fighting it.

On the other hand, Europe has the best data protection acts to protection your privacy.  It's harder to bribe or make threats in order to get data.  Everything has to be done properly, such as proper court orders, or the company will be liable.

Some countries are harder to get court orders such as Sweden.  When the Pirate Bay got busted the last time round, anonymous persons carried on as a non-profit incorporated in Seychelles.

The Sword

Kryptotel is a VPN provider (amongst others) incorporated in Seychelles.  The VPN service specifically allows bittorrent, while some don't.  VPN by definition always allow anything unless you block it, or don't open the ports for it.  It's also the cheapest, less than $5 a month if you pay in bulk.

I have no affiliation with Kryptotel. (There are few others and then some.) I'm just interested to go into real pirate infested waters to try out their service.

They sell service for just one month, monthly recurring, a couple of months and more.  I brought one month for my investigation.  The order form seems primitive and I am expecting to wait till tomorrow or next week to hear from them.  But they must have monkeys sitting on the other end 24/7, or the system is actually fully automated in disguise.

Soon after I paid via paypal, I got in my email  a configuration file for openvpn for linux. Of course they support Windows and Macs.  Basically it contains the encryption key and also for your credentials to use the service.  So you can connect any time in any machine as long as you have the file.  Actually it's one configuration file for each country they have servers in, and one for random servers in the world if you want that.  Type in the openvpn command with the configuration file and I'm in.  Actually there are minor problems but since I'm a rarer case so I don't blame them.  It's trivial problems.

For all the servers I tried, connection is instant.  The connection speed maxed the broadband connection under trial.  I don't lose anything in speed by going through the VPN.  Typically torrents aren't that fast as typical broadband connections at home.  So it's good enough.  But I miss my Amazon EC2 seedbox.  It ran as fast as several MB/s, making it almost movie on demand for popular torrents.

So I tried some public torrents with public domain contents (of course).  The speed is good so I don't think they limit the speed or the servers are over used.

I paid using my personal paypal account because everybody who visits coffee houses using wifi should have one VPN account.  It cost less than a coffee per month.  It cost you more if you have your own Amazon VPN, or you have to turn your EC2 on whenever you need it.  There is no hassle for Kryptotel.

If you are under aged you can get the cheapest VISA gift card for $25 plus $4 fee.  Some are not as good as the others.  The most VISA looking card allows you to enter any name and billing address online, while some don't.  I believe you can setup a paypal account with that, or just pay online as a credit/debit card.

They even advice you to email them with a disposal account.

The Verdict

Will the pirates win?  Avatar 3D Blu-ray cost $100, while the cheapest active 3D TV is just over $600.  Go figure.  It's like paying $150 for a Wii while each new game cost $30 or more.

They scare people away from bittorrents and move into direct download.  It's inefficient and expensive.  And you can easily close it down.

You cannot really close down public torrent trackers, and you will find them easily replaceable.  You just can't track down all the private trackers and close them in all countries.  There are new version of the protocols that are purely distributed p2p without the need for central trackers and hence nothing to close down.

Does a VPN service like Kryptotel provide sufficient anonymity?  There's no money in it to cooperate with law enforcement.  I think they just hire virtual servers from some providers when there are demands, or find some mom and pop at home servers as affiliates.  To have accessible logs they have to ask all these operators to log huge amount of data, and send it to a central database to store.  They won't do it if they don't have to.

From a torrent, you can only prove that a certain IP downloaded certain content at some point in time.  If that IP is from your ISP, it links to you directly.  Even without data retention laws, typically ISP log IP's for 6 month or more.   With a VPN, that particular IP is shared, probably simultaneously, likely different people at work shares the same external IP.  Even if you can trace everything, you have to log a lot more than connection time as at your ISP.

I'm no expert but think of it this way.  They have to monitor the server you are using, and monitor you at your ISP, just to catch you in the act.  That's just too stupid to catch one bittorrent user.

If you are one strike from your ISP, and you get a VPN service, there's no difference from downloading a torrent or surfing in a coffee shop.  Though the coffee time is much longer. And if you encrypt your movies at home, they can't hold you anything even if they knock down your doors.

If you have a rich enemy that's another matter.  But you just can't find these anonymous guys to bribe. 

3D is a reason you stay at home.  More controllable viewing angle, better 3D glasses.  There are more decent 3D titles now than a year or two ago.  3D TVs are approaching the $500 mark, and they are the better ones than the older generation.  A few times brighter and arguable finer characters can be read off the screen.

I doubt if the ISP's are doing anything but lip service.  For few dollars a month worth of protection, they cannot do anything but actively target you one at a time without probable cause.  In that case you can switch to DSL, get a VPN as the final leg, rent a seed box, and you will be very welcomed to join a private tracker club.  That cost about a Blu-ray 3D per year or every quarter.

If all else fails, there's always the Pirate Parties all over the world.  In a few year's time, a lot of people will turn 18 and vote.  If I were your, don't mess up their internet connection starting this summer.

Monday, March 26, 2012

Playing .mkv files on Internet TV's

 This is outdated.  See Reformatting and recoding video files for Internet TV's and other devices.

As you know, my small and sexy netbook do not play 1080p files well under Ubuntu without hardware driver for video acceleration.  In Windows 7, it's barely OK, but the default media player do not recognise .mkv format.  Other players suffers from the same thing on Linux, without hardware driver that use video acceleration.

It is very frustrated when these Internet  TV's can play 2x1080p from the blu-ray player, 1080p 3D movies from Vudu and even Youtube.

My TV says the media app can only play mp3 and view pictures from the USB ports.  It will only support flash thumb drives.  And that the format have to be the old FAT.  (It' the E3D420VX for the bathroom :-)  This is very wrong, protectionism.  This is pure software.  The hardware can obviously play anything from anywhere, USB or even stream via Wifi.

Out of frustration I plugged in my external USB drive in the standard Windows format - NTFS.  It works and plays mp4!!!  Another upgrade it should connect to your PC or file server via wifi and no need to carry your USB drive around.  Now almost any USB drive works.  I have a 1 TB Western Digital, and another very old laptop hard drive savaged and put in an external box to adapt it into a portable usb drive.  This one is even better as it uses y-cable instead of power adaptor.  No need to find another power socket.

There are only two problems.  Like Windows, the media play won't recognise .mkv files.  Even though it's not FAT, the video file size is limited to 4Gb.  It will play larger files, but would crash at the 4Gb point.  I think if these are sorted out, they will update the manuals.

On Ubuntu you need to install two packages to solve everything.
#sudo apt-get install gpac mkvtoolnix

First you need to find the exact frame rate and the tracks.
#mkvinfo hugo.mkv

You should read the exact video frame rate, eg, 23.976 fps.  So far all the movies are on this rate.


Usually track 1 is the video, 2 and 3 are alternative audio formats, DTS and AC3. Next extract the tracks you want.  Extensions are important.  This is how the file formats are recognized.
#mkvextract tracks hugo.mkv 1:hugo.h264 3:hugo.ac3

Since dts and ac3 in the same language are not put in blu-rays, you need to convert the dts audio track obtained the same way as above.

#ffmpeg -i hugo.dts -acodec ac3 -ab 640000 hugo.ac3
where -ab is the audio bit rate, 640kb/s may be the max for ac3, while dts is higher.

Now put them back in mp4 format.
#MP4Box -fps 23.976 -add hugo.h264 -add hugo.ac3 hugo.mp4

For some reasons, mp4box cannot detect the video frame rate correctly.  And if you put in 24 instead of 23.976, it will be out of audio sync sooner or later.  Audio sampling rates are well defined with no problems.

In contradiction to what I have researched, ac3 audio works perfectly in the mp4 format, and on my TV.  So mp4 got updated, the TV player cheated, or mkv is a mistake.  The mkv file is 11 GB, while the mp4 file is only 9 GB.  Still mp4box don't support DTS format.

Finally split up the big mp4 file into 4GB trunks.
#MP4Box -splits 4000000 hugo.mp4

This is totally lossless.  Totally fastest.  You can also concat the split files so you don't need to store the complete movie file.  Can totally be done in the cloud.  Now EC2 provides 30Gb free for one year for new signups.  But Amazon will be totally not suitable for movies because they charge bandwidth.

My prediction is that the most popular file format will be mp4 with ac3 audio or whatever what is in blu-ray.  And the 3D format will be HTB.  The blu-ray format is full side by side, meaning 2x 1080p.  To keep the current HD bit rate, the more common format is half that - HSBS.  However, in passive 3D TV's, half the vertical resolution is dropped so each eye can see all the time on a 1080p display.  So half top-bottom is best for passive, with no further loss of resolution.

Now the cheapest Vizio becomes the best.  A lot of people says passive are better.  Passive allow gamers to play 3D 24 hours instead of an hour or two.  Passive is a few times brighter.  Surprisingly, you can see finer small text in passive.  Anyway, if you know a thing or two about active, it seems like an electronic gadget for torture via your eyes.