Are Movie Streams Secure?

The Main Guru Law & Security, Streaming

Are Movie Streams Secure?

Convenient, easy to use, fast: Movie streaming has become the new standard of watching movies online for not too tech-savvy users. Simply go to your favorite movie streaming site, click on a few links, battle through the ads, and you’re in for some quality time.

But behold, what is this nagging feeling, creeping through your brain? Could it be that your not completely confident that what you do on your computer will STAY there.

Haven’t you heard about all these evil little letters some ISPs like to send out to such horrible persons such as you, allegedly infringing the copyright of some unknown company in China just waiting to drag you to court for some outrageous damage payment?

No panic: Streaming is not as easy to track as filesharing – yet.

Contrary to torrents, you don’t have to out your identity to a whole bunch of other people when streaming movies: Only a few participants know who you are, and most are not at all interested to rat you out.

More precisely: Streaming sites host their content on so called filehosters, companies which provide you direct access to media hosted on their server farms, which requires “anti-piracy” trolls to come up with tracking solutions a lot more complicated than your usual torrent user snatching program.

After all, they cannot just pick a piece of paper, connect to a filesharing network and note down the IPs of downloaders because there is no network, and why would a filehoster hand over any visitor activity logs to them?
Why “streamers” are not as strongly under attack

In contrast, in a filesharing network such as BitTorrent, files are being send to you by a huge number of other “peers”, everyone in the swarm knows everyone else, and every downloader is automatically also turned into an uploader, meaning you not only download files from other users but simultaneously share the parts you already downloaded with the crowd. Read more on how Torrents work here.

Or, to put it simple: You are connected to hundreds of strangers, revealing your IP and also distributing what you download to your fellow torrent users, making you both more vulnerable to detection and increasing the damage payments our “friends” from the copyright mafia can justify extorting from you in their “pay up or else” schemes. Read more on how they track and sue BitTorrent users.

Lazy, uncreative law firms and tracking companies make weak foes: Publicity is much easier to get

So, for a long time, the “rightholders” did the same for streaming as they did for the filesharing crowd in the first years the phenomenon came up: Trying to take down the streaming sites while ignoring individual users.

And for a good scare and some cool “downloading is dangerous” headlines in the local newspaper, tracking down your regular torrent using moms and 9 year old kid with a winny the poo laptop is easier and more rewarding than going after stream users.

Almost no one has been sued for watching movies, tv-shows or porn online… for now. It has been a relatively harmless activity in the past. However, it seems as if things are slowly about to change.

Enter the RedTube case.

It was December 2013 when tens of thousands of Internet users in Germany received an innocent looking letter in their mailbox. In it, german law firm Urmann and Colleagues informed them about an alleged copyright violation, asking for 250 Euros retribution (or else…).

The claim? On some day in 2013, one of six porn clips was accessed from their IP on RedTube, one of various tube sites for adult content. Allegedly. Based on that allegation and some dubious evidence, a German court ordered the ISPs of the “offenders” to release their private information.

Users and press were dumb folded. How was this possible? Weren’t streaming sites a safe haven for users? Did RedTube log and hand over visitor information, or was the whole thing a fake? Even the court, as it turned out, didn’t really understand how the so-called evidence presented to them by The Archive AG, a previously unknown company and self-proclaimed rightholder of high-quality entertainment movies such as “Sexual Rehab” or “Naughty Cheerleaders 2”, had been produced.

We can only guess what happened. Experts point to strange referrer data in the logs presented to court, indicating users might have been maliciously redirected to the videos from popups or adult traffic broking service TrafficHolder.com.
Read more on the anomalies in their “evidence” here.

Subsequently, the lawsuits were dropped, and the victims were off the hook. For now.

But what we can learn from this story is that streaming has become under attack, and might soon become dangerous. Finally, after so many years, the copyright mafia seems to have begun to look for creative solutions to detect and sue your average movie watching and porn surfing user.

Technically, tube sites are the same as Megashare, Movies4k and all the others.
You are under attack now, folks.

Consequences: How to protect yourself

Where do you go from here, and how exactly can you avoid the copyright trolls attempts to track you?

Since it isn’t exactly clear what their next steps will be, it is very difficult to give general advice such as “only use this or that site”. For example, when torrents came under attack, it was relatively easy to avoid detection by simply using lesser-known sites, since it was only the very popular indexers such as The Pirate Bay or SuprNova.org that had come under attack.

But the RedTube case shows this strategy to be futile in this case. If traffic redirection schemes are used, how could you possibly protect yourself? Every ad loading on your favorite filehoster transfers the referrer back to the advertiser; surely it could be possible to get track you down this way?
Streaming sites overload their sites with ads without doing too much due diligence on their affiliates.

What about rogue sites, setup to catch users and sue them later? It isn’t an unlikely scenario at all.

Ad blockers could be a way to reduce the risk (see our guide on how to use Adblock Plus to reduce advertising), but such an approach can only help so much. Ads tend to slip though the filter, and there certainly are other ways for our friends in the copyright industry to catch yo

For several years now ISPs have been pressured into analyzing their customers traffic to detect “abuse”. And in the current climate it could very well get a real threat soon.

But fear not, there are ways to get around all of these problems.

1. Use the AdBlock browser plugin to block annoying and potentially dangerous ads

It is strongly suggested to do so either way, and this easy step might also increase your security not only from viruses and malicious websites but also make some attempts to legally extort you highly ineffective.

Also, who wants to be tracked by shady advertising companies anyway?

Read our article on how to block ads here

2. Log into public WiFi and switch to torrents

Yes, it is less convenient and you have to go outside your house to do so, but what if you have a public WiFi at your local fast food restaurant or unversity? Why not plan what you’re going to watch a few hours ahead and fire up your notebook while eating your daily burger?

Read our guide on how to use torrents here

Most big companies or universities know pretty well what to do with stupid “you did something really evil, pay us moniez!” letters coming their way: They send them their standard, pre-written message, saying “sorry, we can’t track who it was” and throw it into the bin, where it belongs.

Of course, this takes planning and might be highly inconvenient for some. However it is definitely worth a shot. Be sure to use a netwok requiring no identification and to carefully read your hotspots ToS though. Also, logging into your neighbours network without their permission to avoid lawsuits is dubious at best.

3. Use a VPN service to make your Internet connection anonymous

This is, by far, the best method I know of, and it covers all your tracks, hides your identity online, even making what you do invisible to your Internet provider. Hundreds of thousands are already doing it, and it is easy to see why: It is remarkably easy, reliable and costs only a few dollars per month. After you install it, you’ll very likely never see any difference in the speed of your Internet connection, or even have any indication that you’re even using it, except for a small icon on the lower right of your screen.

Here is how it works: Signup for a VPN privacy service such as Private Internet Access.
Then, download the software, enter your login information and click a few buttons to connect to the service.

And that’s it: A encrypted tunnel to the VPN has been established. It is through this tunnel that all your Internet traffic is routed through now, and on the other end of it, the privacy service will give you a new identity which is shared with dozens to thousands of other customers at any given moment. No way for a third party to know what person is hiding behind the IP address they now see in their logs, and VPN services make it very hard to impossible for them to request your information from them.

Many VPN providers log almost nothing at all: Not what you do online, not what sites or services you’re accessing, a lot can’t even track down which user was hiding behind which anonymous IP / Internet identity given out by them and if they can, it is generally extremely hard for anyone to get this information. Certainly no copyright troll has ever gotten anything from them. Ever.

If you aren’t closely monitored by the NSA or have somebody stealing your PC or anything, no extortion letter will ever reach you, period, and if you follow some basic rules like not entering private information on sites you don’t want to track you (DUH!), you can surf the net absolutely anonymously.

Read our guide on how to setup a VPN.