Melody Fwygon

It occurs to me that adding a visual watermark might actually serve to obscure a visual watermarking scheme that is otherwise invisible by providing data that scrambles or breaks the watermark decoder itself.

Audio watermarks can be distorted in any number of ways; and it could be that some of the wildly poor audio quality in most cam-rips is probably the only way you can defeat the watermark; by using a LQ microphone and encoding the audio to a very limited bitrate and then re-upsampling; to defeat any subtle alterations a digital watermark might make to the audio waveform.

Watermarks are only an issue in-as-much as it is used to trace down which copy was leaked.

With modern digital projection systems; you don’t get a reel of film; you get a briefcase of [SS/HD]Ds containing the raw, encrypted, footage. The digital projection system will decrypt using provided keys. There’s no output except the standard ones for the theatre projectors and sound systems…so capturing the output is difficult.

If you do intercept the signal; the projection system might detect it; and refuse playback or wipe the decryption keys. Watermarking is also a danger; since your theater can get identified as the leak source and sued.

Now we wait for someone to build an absolutely wonderful chat app on top of this wonderful bit of PoC code…

I genuinely hope someone does. Imagine what this could do if this was routed over Tor using Private Services.

Run this over that; and you’d have a bullet-proof text chat. Wrap a nice GUI client around all of that and you have a proper secure, anonymous messenger with no problems. With a little more build-out; you could even implement the Matrix protocol over this wire-line and basically have full inter-federation and moderation over a secure wire protocol; allowing for complete privacy and client integration.

TL;DR: Matrix over PQChat over Tor. Think about it. A Post-Quantum Dark-Matrix web.

Can it? Maybe. It’s not impossible; but it isn’t practical and most ISPs limit their shenanigans to grabbing your unencrypted DNS requests.

Will it? Probably no; aside from the previously mentioned DNS redirections; they’re not interested in most people’s packets, only in how many they deliver.

Should you care? I won’t tell you not to take precaution, but I do urge you to consider your threat model carefully and consider the tradeoffs. When Security & Privacy goes up, Convenience and Functionality WILL go down. Balance your needs. Don’t put yourself in a state of Privacy fatigue.

Are there easy fixes? Maybe. I think a VPN or using Tor would solve your concerns here anyways; it’s not required that your modem be running OSS that you can control. If you can achieve it; that’s still good for you; but it’s not something to be sweating if your modem isn’t capable and your invasive ISP is the only effective option.

I’m not accounting for State laws; which may in fact be stricter. I’m talking about Federal Laws which might not explicitly forbid such things; so long as they’re done in an actually safe manner by professionals.

But, as I said before, if the DEA believes it has the power to stop that none-the-less; that’s what they will do, without respect to if the law is actually legally unclear or borderline. Unfortunately many pharmaceutical places don’t care to invite the wrath of the DEA; even if what they’re doing could be considered permissible; so long as they do not synthesize an exact drug that the Feds specifically name as a controlled substance.

Again; IANAL either. But I do think there’s a lot of room for small compounding pharmacies to synthesize various drugs to meet a patient’s needs quickly while waiting for proper shipments to arrive. There’s lots of compounds that are life-sustaining that do not fall under the DEA banner of authority.

Depending on how Vyvanse is Scheduled; it might be legal to privately make. If it’s not scheduled like a standard amphetamine; the DEA is powerless.

I have a sneaking suspicion it’s not illegal to compound this stuff. But IANAL; and it doesn’t matter if the DEA thinks it is and will hassle anyone trying.

I firmly think this would be a boon for many people; owning one of these is likely a lifeline that even small town physicians could utilize to dispense drugs freely or cheaply to patients in need.

This is something that I think small-town pharmacies could use to create compounds in cases of drug shortages. I think tools and programs and small labs like what are discussed in the article are a positive force for good; and that they should be not only allowed, but encouraged, for many drugs that are expensive, unavailable to someone in need and can be readily synthesized safely with a basic college level of chemistry training by someone in a pharmacy.

I think the potential risks and downsides are small right now; and I think more of it should be encouraged gently so that we can find out quickly what the flaws and limitations are so that we can put regulatory guardrails around it so that people do not harm themselves.

I’m certainly concerned that now that this software has been covered in PopSci; that it will certainly suffer a needless onslaught of DMCA and other lawsuit-related shenanigans. >_>

No; Piracy won’t stop.

Analog loopholes still exist; and cannot be eliminated completely from the chain. Enterprising crackers will tinker and find weaknesses in systems. People will find bypasses, workarounds, and straight up just crack whole encryption schemes that were badly implemented.

Encryption was never intended to protect content. It was intended to protect people. In the short term; sure, DRM and encryption can protect profits. In the long term, it provably cannot and does not. Oftentimes it gets cracked or goes offline; and the costs associated with keeping authentication servers up for long enough to keep lawsuits off your back is provably large and difficult to scale. I would even assert that it costs more to run DRM than it saves anyone in ‘missed profits’.

Frequently companies also argue that it saves profits by recapturing “lost sales”; but that’s provably false. A consumer, deprived of any other viable choice, will in fact, just not buy the thing if they cannot buy it for what they deem as a fair price. It has also been proven; that if they can acquire the content freely; they will oftentimes become far more willing to buy whatever they acquired or even buy future titles. When a customer trusts; they may decide to purchase. But why should a customer trust a company that does not trust them?

To be clear; the Nintendo Switch tends to trade fluently in cryptographic certificates.

The MiG Switch has one of these certificates; one it’s creators likely copied from a legitimate Nintendo Switch game title. All games have such certificates and they are uniquely serialized; much like a GUID or UUID would be. These certificates are signed by the Game Dev studio, and then Nintendo in a typical certificate signing chain scheme; Nintendo signs the Game Dev Studio cert, which signs the Title certificate, which signs the unique cart or digital copy cert.

This banning is usually achieved by banning either the lowest certificate in the chain or the one directly above it; or even the Dev Cert if it was compromised.

So the MiG Switch carts are likely hardware banned. Your Nintendo Switch probably advertises to Nintendo which cart(s) were inserted into it recently by sharing the fingerprints of the certificates. Then Nintendo can basically kill the certificate assigned to your Switch system and prevent you from connecting online; as your Switch uses it’s own system cert to identify itself to Nintendo services.

In all cases this is un-evade-able when connecting to the internet; as Nintendo Switch system certs are burned into a PROM chip on the main board at manufacture. This chip is a WORM chip, which can only be written once and read many billions of times.

A critical part of the way they try and curb cheating in online play is checking the integrity of the runtime environment; which includes checking what titles were launched recently; and if that happens to include a certificate they’ve banned for being cloned by the MiG Switch; then you’ll quickly be banned by their anti-cheating hammer.

Most important is those checks typically don’t take place naturally; they only occur when you’re connecting to the EShop, or connecting to NN to play multiplayer online. The devil therein unfortunately lies in the details; and if you’ve ever purchased a Digital Title that means your Switch is regularly connecting to the EShop to renew Digital License Tickets needed. They tend to expire every 72 hours and must be renewed by presenting an expired Ticket, a valid Ticket Granting Ticket (given to your Switch when you buy the title) and contacting “Mommy Nintendo” and asking “Mommy, May I?”. Yeah. DRM sucks.

If all goes well; your Switch gets a shiny new set of tickets. Unfortunately Nintendo was paying attention to requests and will issue out regular waves of bans for systems detected cheating. You won’t know when this will happen, and it won’t prevent Nintendo from letting you play your games; you’ll just suddenly find your Switch banned from online play after such ban waves.

Like a Hydra; You cut one head off; and two grow in it’s place.

Typically, using your own VPN should suffice. Depending on your situation you can do other things as well. If you are unable to download these tools on the school network in question; do not attempt to do so again. Use a public or other network connection elsewhere to obtain the tools you need to bypass their crap.

For example, NextDNS could be helpful. By running their client app; ( https://github.com/nextdns/nextdns/wiki/Windows ) you can make sure all your DNS requests are encrypted. Similarly you could simply set up a local DNS server that you point Windows at which can redirect those requests over DNS-Over-(HTTPS or TLS) to a DNS provider of your choosing.