Thoughts on UltraViolet

I’ve recently been able to take advantage of UltraViolet ‘digital copies’ of movies, and the experience has left me with some thoughts. I promise that this won’t turn into an Anti-DRM rant, beyond a brief mention of the rights you are guaranteed.
Firstly, for those who don’t know what UltraViolet is, a brief explanation. UltraViolet is essentially a service, backed by 5 of the ‘Big 6’ movie studios, that provides a ‘digital locker’ of sorts for digital copies included with select movie DVD/BluRay discs. You buy the DVD or BluRay in the shop, and included in the case is an ‘UltraViolet’ redemption code. After following the instructions you then have a digital copy of the movie in your UltraViolet account that you can then stream or download onto your UV compatible players.  There’s also a feature of adding up to five additional accounts under your own to share UV library access.
At least, that’s the ‘non-technical’ version. What the service really is, is a collection of license files. That’s it. The Ultraviolet service itself doesn’t store any movie files, it just stores some DRM information stating that you have the license for this film. The actual files, streaming and downloading services are provided by other ‘UltraViolet Retailers’ – so, for instance a Warner Brothers movie will likely use the Flixster service – both being owned by the same parent company. The ‘UltraViolet’ website ‘stream’ and ‘download’ links merely point you to this other service. Which is an entirely separate account. UV mandates a choice of DRM schemes, and mandates a few select rights (streaming for free for one year, unless geographic restrictions come in to play), all other options are couched in “may” language, and thus might not be applicable at any point.
Because of this… decentralised…. nature, the core of ultraviolet is essentially nothing more than a thin veneer on-top of numerous different digital lockers. And thus is pretty useless. There may be progress in the future – UltraViolet appears to have plans to create ‘branded’ UltraViolet players that let you stream (or play downloaded files) from any of the UV retailers. This unification could actually provide some value.
Now, let’s talk about this in practise.
My first experience was when I bought Les Misérables on DVD. For this film they had also allowed an additional iTunes redemption (separate from the UV redemption – as UV is incompatible with iTunes[0]). iTunes redemption was simple – sign in/up to the iTunes store. Put the code in the redemption box, and done. The UV experience first required me to sign up for a Flixster account, then allow that to create a separate Ultraviolet account, put the code in the box, and it showed up in my UV library, and in my library on the Flixster site. As I only bought the DVD version, I was not surprised when I only received a Standard Definition digital copy. This however is where the cracks start to show. On the UltraViolet site the ‘download’ box is greyed out – implying that I only have streaming rights. The ‘watch’ link on the UV site simply takes me to my Flixster library. It doesn’t start the streaming of the movie – instead I now need to hunt again through my Flixster library to find the actual movie. On the Flixster site however it transpires that I can download the movie – into the Flixster desktop app. It’s this inconsistency of information, and the lack of one click integration that, to me, is UltraViolets biggest weakness.
My second experience was redeeming my ‘Harry Potter Wizards Collection’. This is essentially a giant box containing all 8 movies on DVD, BluRay, and a UV copy of all the movies, along with many special features and exclusives (No iTunes digital copy code however). The UV retailer was again Flixster, although this time I only needed to sign into Flixster, as they had ‘linked’ my UV and Flixster account together. Thus my previous notes about this particular retailer carry through. This time, however, on the UV site it shows that I have the standard and high definition version of all the films. However when I go to the Flixster site, I can find no way to actually obtain, through stream or download, a High Definition version of the films. This is a major problem in my view – and again, highlights how the lack of unification and integration is too apparent. When they’re trying to compete with iTunes for digital distribution, unification is one thing they need to get spot on. To be told in one place that you have the High Definition version, but not be able to get it is frustrating.
If UltraViolet feels like one thing, it really does feel like it was designed by a committee. None of whom wanted to let go of their vested interestes,  each of whom has a different idea about what should be allowed, leading to this incredibly weak platform. If their UV Player idea ever takes off, then it would help. But fundamentally, the idea of a system that does nothing but say “John Smith acquired this movie on this date from this UV Retailer” is worthless on the technical side. To the end user it’s a glorified catalogue that doesn’t even provide one click access.
A final note – obviously I haven’t tried any of the other UltraViolet retailers, but I don’t have high hopes of them being any better either.
[0] – UltraViolet movies cannot be played in iTunes, nor loaded onto native iOS devices. However, UV Retailers (such as Flixster) do have iOS apps and native platform apps that have to separately download/stream the movie each time.

University Update

Today my University published provisional pass lists for graduating students like me. Essentially as long as I don’t owe the university any money then all will be good.
I got a 2:1. Which is awesome. And exactly what I needed to be able to take up my job offer with IBM Hursley in September. ^_^

Why I run a Tor Relay.

Everyone has the right to freedom
of opinion and expression; this right
includes freedom to hold opinions
without interference and to seek,
receive and impart information and
ideas through any media and
regardless of frontiers.

– Article 19, The Universal Declaration of Human Rights

I make no secret of the fact that I use Tor, and that I run a Tor Relay. Admittedly  I don’t use Tor as often as I perhaps should – but a lot of my browsing is on websites where I have an account that’s already associated with ‘real-world’ me, thus negating the purpose of Tor. Given the recent headlines, I figured now would be a good time to explain what Tor is, and why I encourage its use.

What is Tor?

Tor is software developed by the Tor Project that aims to ensure that your ISP and middle-men cannot correlate who you are with what you’re doing on the internet. The idea is that you download the Tor Browser Bundle – a one-click package of everything you need. Then when you browse the internet using the provided browser (a modified Firefox) you are routed through 3 volunteer relays in a way that guarantees forward secrecy, before the last node actually sends your request to the website in question. The way the encryption is set up means that when using Tor the ISPs, and anyone listening before your data reaches the first Tor node knows only that you’re running Tor, but not what you’re doing. The 3rd ‘exit’ node, and anyone listening to the connection between them and the destination website can only see your data, but not the original source. As far as the website is concerned your IP is that of the exit node. When you combine this with HTTPS connections secured with SSL even the exit node can only see the site you’re visiting, without seeing any of the data being passed back and forth. The EFF has a nice diagram summarising this.
Thanks to this it provides a way to secretly access websites that you may not be able to. In Turkey for example, it can bypass their web firewall so users can read news about what is really happening. Tor’s usage skyrocketed during the height of the recent Egyptian revolution.
A second feature of Tor are its ‘Hidden Sites’ these are websites who accept connections directly from Tor without having traffic go back over the ‘clear net’. This way there is no ‘exit’ node to spy on your data or site. Your connection is fully encrypted.  There are Wikileaks mirrors for those wishing to view that data. There’s an e-mail service so you can send and receive emails (even interacting with clear web email addresses) entirely anonymously. The New Yorker has an anonymous document submission/communication platform as a Hidden Service (the second link won’t work unless you are using Tor).

What’s a Relay?

A Tor Relay is a computer with the Tor Software installed that has volunteered to be one of the middle-men in other peoples Tor connections. They provide the bandwidth that can make the Tor experience faster and more stable. An ‘Exit Node’ is a special kind of Tor Relay that has additionally volunteered to be the last Tor node before a connection jumps out onto the clear net. By running a normal relay I can help ensure that whistleblowers and dissidents can access the information they need to do their job.

Any downsides?

Like anything, it’s not perfect. There are known attack models – if all three of the relays you route through are run (or have traffic logged) by the same organisation, they could in theory perform timing analysis to work out which data stream is yours. There’s also the fact that it is significantly slower – streaming data is out of the question (even more so because Tor is TCP and doesn’t innately support UDP). And naturally like all privacy preserving tools, it can be used by the bad guys as well – Tor semi-often hits the headlines because of the Silk Road – a drug marketplace that operates as a Tor Hidden Service. But humanity is mostly good. Some people can do terrible things, but in the grand scheme of things I believe that the good it enables, and that humanity uses it for, greatly outweighs the possible negatives.

So who the heck is funding this?

One last point. The Tor Project makes no secret of the fact that they were originally founded and are funded by the US Navy. But as you can see, there is now a wide diversity of funding coming in. And if that isn’t enough, Tor’s Projects are entirely Open Source (including the core Tor code) – you can download the code, submit patches (please do that!), and check there are no back doors.

Did I see mention of a free T-Shirt?!

Yes. Yes you did. I have my free t-shirt. Get yours for running a 500KB/s relay for two months. Or a 100 KB/s exit that allows Port 80 (HTTP) traffic. (I do the former).
Privacy is important. Especially for those whose governments are actively stopping their own people from being well-informed.  You can make a difference. ^_^
Update: I finally found a link I was looking for, but couldn’t find. I’ve added it to the Hidden Sites discussion.

Jury Nullification

I saw this post on Tumblr today about Jury Nullification

An image promoting Jury Nullification
An image promoting Jury Nullification

The image had had some text added by a tumblr user as a comment

This is something that more people should be aware of, if only because (in many states, at least) defense attorneys are actually prohibited from mentioning it to jurors. The law allows a jury to return a “not guilty” verdict contrary to the facts of the case, but not for the defense to inform them of that power or to argue for its application in the current trial.

And I decided it would be a good idea to cross-post my response here, as legal issues are something I’m passionate about myself.

My Response

Jury Nullification is….. yeah.
I mean, I know it’s a thing, and it does, on the face of it, seem like an important thing. But the entire principle of the Jury is that they are Finders of Fact. That is, their entire role is to determine only whether a law has been broken. Don’t misunderstand me – it’s a vital and very important role – 12(ish) random men and women drawn from amongst the general population. To judge whether a particular fact has occurred.
The issue with Jury Nullification (for me) is that, although it sounds like it’s an amazing thing, and it brings to mind all kinds of nice images of “giving it to the man”, it’s not that simple.
There are the scenarios presented where for instance 12 jurors return not guilty for someone who is in court for light cannabis use – to pick a US example. Or copyright infringement.
But this ignores other potential situations. 12 is a tiny number. It could be easy to get 12 people who think “an eye for an eye” is perfectly fine, and so will vote Not Guilty for some crime done in retribution. Or 12 people who are racist and thus vote not guilty simply because the victim was black.
And of course, there’s the other side – where the Jury vote Guilty even when the evidence is slip-shoddy, because the defendant was black, or (and this is a serious actual problem) they believe anyone who the police have arrested must be guilty.
The reason why Jury Nullification is awkward is because these are 12 individual people, answerable to no-one (In the UK speaking about Jury Deliberations can lead to a charge of Contempt of Court for the Juror), whilst the law-makers who actually make the law are elected by the entire population, answerable to them, and thus (in theory) create laws based on the overall will of the people. Therefore Jury Nullification is (in theory) the minority overriding the majority. (Which, while not always bad, is definitely a warning sign in any justice system claiming to be by the people)
Jury Nullification isn’t as awesome as it’s made out to be – it is very problematic due to the reasons outlined above. It’s not even really an actual thing. There’s no law that states “Juries may return a verdict of Not Guilty if their conscience disagrees with the law” – technically Juries don’t even create the punishment; sentencing is purely in the judges domain. Instead Jury Nullification is an unpreventable thing arising from the fact that Jury Verdicts are meant to be simple findings of fact, with no moral judgements made by the Jury. It is an innate part of a justice system where the defendants peers are responsible for deciding whether a law has been broken.
So it exists, but it is also a dangerous thing, as it undermines the entire principle of Juries being simple Finders of Fact – hence why in some jurisdictions it is not allowed to be mentioned to jurors.
As something I’ll add just to this blog entry, I’d say that Jury Nullification is a simple principle that can lead to a whole mess of chaos – especially for the uncertainty it can create should either side appeal the verdict. In certain, limited cases it can prove useful, and is potentially a last line of defence against unjust laws. The problem is that different people have vastly different opinions about whether a law is just or unjust – and this is why it is such a dangerous thing to publicise directly to jurors.