MediaSilo at CPS: Balance Asset Usability, Security

Piracy is no laughing matter for content owners. Yet Alex Nauda, lead developer for secure video sharing company MediaSilo, did manage to get a few laughs out of a serious subject Dec. 7, during his workflow security discussion at the eighth annual CDSA Content Protection Summit (CPS).

In his meme-based presentation — “Why You No Haz Content Protection: Secure by Default” — Nauda tackled how new technology has made it easier to incorporate security features (role-based access control, on-demand watermarking, etc.) into existing workflows, but that a balance must exist between making content secure, and yet still accessible. And while putting up a security-themed meme picture of a guy dubbed “Scumbag Steve” was funny, Nauda stressed that the problems facing content owners today are not.

“What we’ve seen is that there is this very real tension between usability and security,” Nauda said. “If you make things too secure, so that it’s an impediment, users will work around it. And if we don’t find a way to make really good systems that are secure by default, the problem is just going to get worse, because we won’t be able to control that entire ecosystem.”

Nauda pointed to statistics that show piracy reduces potential revenue from any given title by as much as 20%, and that, despite films pre-released via media and award screeners leaking pretty much 100% of the time, content owners continue to distribute them on physical disc. Those stats lead Nauda and MediaSilo to a simple conclusion: make security simple for those involved with digital assets.

That means selecting effective yet unobtrusive controls for content access; avoid the mindset that passwords solve everything; and approach content security with the understanding that, when push comes to shove, even content creators can be lazy about their content, if it means fewer hassles.

“What we see in post-production is that they are under time pressure, and expediency wins this argument,” Nauda said. “They’re not going to secure it if it slows down their workflow.” For MediaSilo, that means offering iOS apps for reviewers where a web browser can still be used, but requires a device registration similar to a password reset, “so we know it’s the right person, and then we will register that device with a long-term authoring,” Nauda said. “It’s persistently logged in.”

He also tackled the necessary evil that is DRM today, an oft-mandated studio requirement for content that’s still hard to manage, due to the various, proprietary platforms that have to be addressed. “I hate it when I get something that is DRM, because the players sometimes re-circuit,” Nauda said. “And then, beyond that, they can’t secure all of the workflows. What if they have to download it and modify the content? You’re dealing with downloaded file that is outside of the system. There are other tools you can use there, but it’s not the same control. And content can still be pirated.”

This is where watermarking — both forensic and visual — plays its part, Nauda and MediaSilo CEO Kai Pradel said: visual watermarking can act as a straight deterrent, while forensic watermarking can help determine which workflow leaked, and find the people involved.

“A lot of stuff that leaks, when it’s forensically watermarked, we think that the leakers probably did not realize it was there,” Nauda said. “The other side of watermarking, visual … may not be really robust against a sophisticated attacker. But we know it’s working.”