The bulk of my infosec experience has been split between two spaces —

  • Crypto and decentralized software
  • Media and entertainment (M&E)

In the latter space, it’s common that “cybersecurity” or “product security” work with copyright enforcement, brand protection, lawyer-type folks to some extent.

In the former space, such characters are despised and there’s a big theme of libertarianism. Some pushing for as open and transparent of a world as collective imagination allows.

“Crypto” file storage technologies like Filecoin and Arweave are a grenade rolling through M&E.

Grenades with Arweave and Filecoin logos, rolling down Hollywood Boulevard

The grenade might be inert but is more likely to damage so-called brand protectors and copyright enforcers. Perhaps blowing their entire department(s) to high heaven.

“Deepfakes” make for another grenade which may be the topic of other writing. 😇

Grenade-shaped cakes with Arweave and Filecoin logos

The following is a regular, continuously cycling dance between M&E entities and individuals who want to share and/or consume their content —

  • Desirable content is newly released by Party A, who holds legal protection and/or copyright over it.
  • Party B rips desirable content from Party A’s platform.
  • Party B facilitates hosting for their rip of desirable content.
  • Party B advertises and/or announces their hosted desirable content rip for wider consumption, by Parties X.
  • Party B’s rip of Party A’s desirable content remains hosted and announced for some period of time, with Parties X consumption continuing.
  • Party A facilitates the takedown of Party B’s rip, targeting their hosting, announcement/advertisement, or both, which thwarts consumption by Parties X.

We can probably all agree on ^^ that, regardless of our personal opinions around piracy and/or unauthorized sharing of copyright’d (copywritten?) content.

A lot of people are paid a lot of money within M&E to support that dance too.

When the content in question is shared via “Web 2.0” platforms like Facebook or Google Drive, takedown is easy and straightforward. Discovery and storage can be stopped.

Things get a bit more complicated when torrents and related discovery hubs like IP Torrents enter the picture. We might say this is “more traditional” decentralized file storage entering the picture.

Torrent discovery hubs are typically not compliant with takedown requests or other tools of brand protection lawyers. For the biggest players, perhaps taking them offline in a Web 2.0 environment is feasible, with wider law enforcement cooperation.

Consider The Pirate Bay’s various domain changes over the years.

What about storage? Torrent tech in itself makes it more difficult to take things down — you’d have to go after individual nodes. Similarly to the discovery here, we might deem this “unlikely but possible.”

I’ve seen firsthand some rare attempts at it. My research suggests 2010 is when law enforcement started trying.

What’s the difference with Filecoin or Arweave versus torrents? In my opinion, distribution and longevity, which collectively make for persistence.

Distribution minus longevity doesn’t feel like a notable evolution from torrents, at least in the theme of this blog post. IPFS falls into the category of other crypto projects not being called out here.

Let us cover high-level patterns from my previous torrenting work for M&E threat-hunting.

Read as : authorized torrenting of things my employer(s) produced and not anything illegal 🕊️

Desirable or “hot” new releases of media/content would have lots of active seeders — the more productive type of participants, versus leechers — for a relatively brief period.

Exclusive or private torrent networks were best about this because they incentivize certain >= ratios of seeding-to-leeching amongst their members.

In this early phase of a torrent’s life, it is the closest one might come to a “perfect” vision of decentralized file storage. Where everyone’s traversing the “happy path,” holding hands and sharing graciously.

But as a release’s desirability trends down or “cools off,” so too does seeder support in keeping the content online. It generally becomes slower and slower to download as time goes on. Eventually it becomes inaccessible altogether.

Certain participants in the torrent ecosystem — perhaps “IPTV” services — have more of a vested interest in keeping “torrented” movies and other files online over an extended period. They might pay for torrent hosting. However, that paints a nice concentrated target for law enforcement to take down.

What am I trying to say? Most people who participate within the torrent ecosystem of unauthorized content sharing are pure leechers. They want a file downloaded and have no interest in continuing to sustain that same experience for others afterward. An exception is when they’re part of exclusive and/or premium networks. Even then, though, they might just call for a 1:1 ratio of seed-to-leech activity.

Incentives do not align to keeping unauthorized content live on torrent networks over an appreciable timeframe. Let us estimate that a hot new movie will become unavailable — perhaps totally, perhaps just very slow download/access — in about a year. Law enforcement will try to help that along if they can.

Brand protection and other copyright enforcers do not have to act at all for that “self-termination.” They might only help speed things up.

That brings us to what I’ve called “contemporary” decentralized file storage. These are technologies like Filecoin and Arweave which have aligned economic incentives (via crypto) in a (subjectively) superior way than torrents. Arweave’s emphasis is keeping content accessible FOREVER after a reasonable one-time payment.*

* 200 years is the Arweave design marker for ~permanent, just doesn’t sound as dramatic 🕵️‍♂️

You can read more about Filecoin here and Arweave here. I deem whitepaper-explainer-prose to be outside the scope of this post.

Consider as an example this recent case of a lawsuit document made available via New York court system hosting. Individuals outside New York and/or the United States reported that the file was inaccessible for them.** But then, for “less than a penny” (!?), that ~493 kilobyte file was copied onto Arweave where it will purportedly be accessible FOREVER.*

* More realistically that 200 years’ mark again …

** IP addresses + third party geo-guesses

And so our diagrams might evolve like this —

How do brand protection and copyright enforcement teams feel about the potential for their content to be hosted with Filecoin or Arweave and without their permission?

The discovery sites/hubs/gateways to ripped material — think to the stuff they point to live via BitTorrent itself — can be hosted the same way and via a “Web 3” domain like Unstoppable. That’s literally the name of one ecosystem. But, I digress.

I was unable to determine if any such unauthorized and/or piracy has yet taken place. Discussion has occurred on Reddit.

My experience is that these lawyer-centric teams are slow on “the technical uptake.”

But the time to at least consider this new reality might best be now, concerned M&E parties.

Randy Gingeleski - GitHub - - LinkedIn