Netflix, HBO and Cable Giants Are Exploring New Ways Such as Authentication Using Fingerprints To Crack Down on Password Sharing (bloomberg.com) 116
A coalition that includes Netflix, HBO and cable-industry titans is stepping up efforts to crack down on password sharing, discussing new measures to close a loophole that could be costing companies billions of dollars in lost revenue each year, Bloomberg reported Friday. From the report: Programmers and cable-TV distributors are considering an array of tactics to cut off people who borrow credentials from friends and relatives to access programming without paying for it. The possible measures include requiring customers to change their passwords periodically or texting codes to subscribers' phones that they would need to enter to keep watching, according to people familiar with the matter. Some TV executives want to create rules governing which devices can be used to access a cable-TV subscription outside the home. While someone logging in from a phone or tablet would be fine, someone using a Roku device at a second location could be considered a likely freeloader, one person said. If none of those tactics work, pay-TV subscribers could someday be required to sign into their accounts using their thumbprints.
Yeah, no (Score:5, Insightful)
Christ this is so easy to stop. (Score:3, Insightful)
It is incredible the lengths they are going to when the answer is so obvious. Just offer plans for amount of simultaneous logins. If a subscriber is on a plan for 3 simultaneous logins and at some point a fourth tries to login, just deny that attempt.
Re: Christ this is so easy to stop. (Score:2)
Netflix does that already you can pay less if you only want one device streaming at a time
Just enforce that and expand it. One device, 2 etc. Watch those secondary accounts disappear.
Also you need to upgrade UI to allow logouts easier. My sister had my Amazon prime account on her tv for years because I logged in once and couldn't figure out how to logout.
Re: Christ this is so easy to stop. (Score:1)
Re: (Score:1)
For Amazon, depends on the device. Some of them get listed in Your Account > Your Content and Devices.
But older smart TVs, and possibly other devices, don't get listed anywhere that the end user can see or do anything with.
Re: (Score:2)
^^ THIS!
Charge an extra $1/login with a family plan of max 5 simultaneous logins or something like that.
It isn't fucking rocket science -- they have known about this for YEARS.
Re: Christ this is so easy to stop. (Score:1)
Re: (Score:2)
Yeah, This is theone I was thinking off too. Also a nice clue if someone gets your password when you keep getting knocked off with an error message about another logon....
Re:Yeah, no (Score:4, Insightful)
Fsck that...
Re:Yeah, no (Score:5, Interesting)
Don't get overexcited on the "thumbprint" idiotic idea that "one person" mentioned "could" be needed "someday". That was never the idea. Fingerprint meant : device + IP fingerprint, not an actual finger.
Re: (Score:2)
Re: (Score:2)
If so, we have language for that ("ip address") which is much clearer than what was used ("fingerprint"). They'd be well-advised to get their terms very clear. I'm considering disengaging their services just on the possibility that they may have let the ambiguity ride to "test out" public reaction.
Re: (Score:2)
If so, we have language for that ("ip address") which is much clearer than what was used ("fingerprint").
A device fingerprint is a lot more than just an IP address.
Re: (Score:2)
If so, we have language for that ("ip address"
Sorry, can't do that. As has been repeatedly stated on here, an IP address does not link someone to a device. Unless you're now saying it can be linked to a specific device and person in which case all those court cases where the RIAA says person X was illegally redistributing their work are now true.
Re: (Score:3)
Thats what you said when netflix dumped 80% of it's library and switched to streaming only.
- you stayed.
That's what you said when they jacked their price up again, and again, and again.
- you stayed, you stayed, you stayed.
They aren't shooting themselves in the bum - they are shooting you in the bum and you continue to take it.
Re: (Score:2)
Re: (Score:1)
If they keep doing that, people will drop them, and switch subscriptions to European VPNs, or seedbox rental. For small stuff, a small VM on LightSail coupled with an European VPN can do a lot of DVD quality movies.
Or just don't bother. There are so many other things to spend your time and money on today, that sitting around watching (expensive) TV shows isn't even on my list anymore.
Cut off your nose... (Score:5, Insightful)
I would think simply allowing only 1 concurrent session, (or only 1 concurrent ip with up to x number of simultaneous devices.) would be way better than any of these proposals.
In any case, worrying about this at a time when the proliferation of 'exclusive' content has returned piracy to the top of the value chain is kind of like re-arranging the chairs on the titanic.
Re:Cut off your nose... (Score:5, Insightful)
I pay extra for my Netflix subscription to allow multiple simultaneous streams. Do you think that I (and presumably millions of others) are going to continue paying extra if I can't actually use the simultaneous streams?
This is all BS. Netflix knows that cracking down on password sharing is a losing proposition. Netflix is just doing this for show, for the benefit of copyright holders.
Re: (Score:2)
I pay extra for my Netflix subscription to allow multiple simultaneous streams. Do you think that I (and presumably millions of others) are going to continue paying extra if I can't actually use the simultaneous streams?
You see it as one customer paying extra, they probably see it as several customers getting a group discount. It's not like there's one family TV in the living room with everyone fighting over the remote anymore. If you're watching your own thing, on your own schedule on your own device you're practically independent customers even if you happen to live under the same roof. If they said sorry, one stream per subscription would you really like to go back to passing control around? Particularly if they added a
Re: (Score:2)
No, they don't see it that way:
'Netflix CEO Reed Hastings said that consumers sharing Netflix account information was "a positive thing."' [techcrunch.com]
Re:Cut off your nose... (Score:4, Insightful)
Netflix already has tiers where you get 2 or 4 simultaneous steams. I pay for 4 streams and I should get 4 streams.
If they attempt to enforce 'who' is watching any of my 4 streams, they will have 1 less customer.
The streaming services are already trying to extract more payments by divvying up the films/tv across multiple services...NOPE I won't subscribe to more than 2 services simultaneously.
Re: (Score:3)
I was going to say doesn't the concurrent stream limitation already take care of that? I mean if Netflix suddenly started doing something like that I would just cut my service back from the 4 to 2 streams and my son who occasionally uses it but isn't interested enough to actually pay for it wouldn't sign up.
Re: (Score:2)
Netflix support multiple users (Score:2)
Netflix already has tiers where you get 2 or 4 simultaneous steams.
Not only do they do that but they also support multiple profiles on the same account so that each member of my family has their own profile within our account. How exactly do they envision someone with a multiple stream account and multiple profiles on that account is going to use it without sharing the password with other members of their family?
Re: (Score:1)
Re: (Score:1)
Re: (Score:2)
Well (Score:3, Insightful)
Lately I've been realizing that I spend way too much time sitting in front of my TV. I spend almost all my free time doing that. I don't go out, I don't exercise, I don't do anything with my life anymore. I am addicted to a multitude of TV shows and it is having a negative effect on my life. And I'm realizing that watching all these TV shows isn't enriching my life in any way whatsoever. I don't talk about these TV shows with anyone, I don't use them for inspiration, not even small talk at work. Nothing. It's just mindless entertainment that I lazily intake while I waste away. Maybe I should do something else with my free time. Maybe I should get back out into the world. Maybe you'll push me to do that, as you become more draconian with your policies of greed.
Re: (Score:1)
What are the TV shows?
Re: (Score:2)
Re: (Score:1)
Lately I've been realizing that I spend way too much time sitting in front of my TV. I spend almost all my free time doing that. I don't go out, I don't exercise, I don't do anything with my life anymore. I am addicted to a multitude of TV shows and it is having a negative effect on my life.
I hope you're joking. I think most of us realize by the time we're about 35 that TV shows are just the same thing over and over. I can't imagine anyone would really enjoy sitting around watching the same crap for decades. Would they? Surely people must have other interests.
Re: (Score:3)
not even small talk at work
Oh, never mind, he doesn't have a job. This can't be him.
Bad idea (Score:1)
The more you tighten your grip...the more customers will fall through your fingers. [makeagif.com]
Roku? (Score:4, Interesting)
How would you use a fingerprint on a Roku?
Re: (Score:1)
How would you use a fingerprint on a Roku?
Even if you could, wouldn't that imply that they want to license streaming content per-person? Fucking ridiculous.
I'm not paying for streaming for every person in the house, because they'd all need their fingerprints registered to use the damn TV.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Well...the title of this particular post is "Roku", which ships with a remote that they provide. But on this completely new topic of "other hardware" the smartphone part of my answer still applies. And then these other hardware manufacturers could also introduce fingerprint sensors on their devices. As far as decimating their target demographic, completely agree. IF they choose to go down this route, I imagine it would occur slowly over a period of time, using other forms of validation until the fingerp
Re: (Score:2)
Re: (Score:1)
How would you use a fingerprint on a Roku?
How would you use a fingerprint with no fingers? This is very discriminatory against fingerless people!
They're not losing the revenue they think they are (Score:4, Informative)
The media industry seems to think that every pirated copy or unauthorized viewing represents lost revenue. It doesn't. If they came up with perfectly uncrackable DRM that prevented any form of unapproved consumption, they would rapidly discover that much of the unpaid for consumption would simply vanish. It wouldn't convert to paid customers, people would just do without.
The next step would be when they find that they lose a lot of the buzz they get from wide viewership.
Re: (Score:2)
Honestly, if I had no choice but to go rent every movie that I want to watch, I'd do it. But, the shit's free, so...
Re: (Score:1)
Exactly! They minds are so clouded from capitalistic greed that they can't even evaluate a simple issue like password sharing with rational thinking.
Imagine if car manufacturers claimed that friends/family borrowing cars is costing them "billions" and implemented fingerprint authentication to start cars!
That's a flawed argument. (Score:1)
A car can only be used once at any given time. You cannot copy your car. Try again.
Re: (Score:3)
I think the point is that they are entirely okay with that. At the very least, consumption of content would truly reflect the legally authorized demand, and not be artificially inflated by the presence of unauthorized viewing.
The Circle of "Life" (Score:3)
TFA says Netflix, HBO, et al. want "to close a loophole that could be costing companies billions of dollars in lost revenue each year" -- with no realization that the lost-sale fallacy can apply to subscription services as well.
Looks like we're about to see the whole, stupid, time- and money-wasting cycle of playing Whack-a-Mole with "streaming pirates" happen all over again. I can't wait for the patronizing attempts to reframe the debate ... "You Wouldn't Share a Netflix Password." [wikipedia.org]
Next up (Score:3)
Thumbprints reduce to just one large number, so... (Score:5, Insightful)
Re: (Score:3)
It doesn't have to be fool proof. It has to be casual user proof, and that's a solved problem. See iphones, etc.
Re: (Score:2)
Software thumbprint readers like we have software cd/dvd roms, you know, to get around the DRM of need to have a CD/DVD in drive to play games.
There are easier ways to do wha tthey want to do. You know like noticing users logging in via diff IP's that are geo located to different areas.
Oh, and their phone text prompt is easier to get around by sharing/forwarding text messages. We already have this automatically with google voice....
And this will bring in more revenue how? (Score:5, Interesting)
I barely watch these services as it is. If a service starts interrupting my viewing of something, I drop the service. I tried to watch CBS All Access for the new Star Trek series - but the advertisements were so foul that I dropped CBS and won't be going back. Ever.
I do have a Netflix subscription (that's the ONE I barely watch.) I justify it as supporting my children. But if they make it unwatchable to me, I'll drop it.
I know I'm a bit extreme - but over the course of my life, people have been adopting my perspective more and more. These services are replaceable commodities.
And just think of what Disney's movie distribution model was for decades - they'd bring out their "classics" rarely. People got used to NOT seeing them. That can happen again.
Re: (Score:2)
I do have a Netflix subscription (that's the ONE I barely watch.) I justify it as supporting my children.
Surely there are better ways to support your children.
And no lessons were learned. (Score:3, Insightful)
you done broke the economy, fools (Score:2, Informative)
Keep making it more difficult for me. (Score:5, Insightful)
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
I'll just go back to BitTorrent.
Netflix convinced me to avoid bittorrent. They made it easy to watch a lot of pretty good stuff without ads, except the annoying dahduuumm sound that accompanies their logo at the start of each show, which I can tolerate.
They don't have everything, and that's the big problem. Worse is they're losing content. For example, Disney is pulling their catalog to start their own service (and nothing of value was lost). Better Call Saul is on Stan. I got into The Expanse on Netflix and now it's moved to Prime. Peo
It wouldn't have the impact they think it will. (Score:1)
close a loophole that could be costing companies billions of dollars in lost revenue each year
Lost revenue? They are assuming that everyone who uses a friends/families credentials would actually pay for the service.
Second thing, its pretty easy to fool most finger print readers these days. Even the high end ones can be fooled with a warmed up gummy bear impression of a finger print.
Third, part of the appeal of a Roku is that it is small enough to take on vacation with you and plug it in at the hotel to watch tv. So how do you know it isn't me watching from different locations?
Re: (Score:2)
MAC address. All part of the fingerprinting you're not understanding.
"Lost" revenue? (Score:2)
"Lost" revenue? Interesting turn of phrase. Can a company really "lose" revenue that it never earned in the first place?
Re: (Score:2)
Well, you have to figure SOME percentage of the freeloaders would sign up if they couldn't get it for, so that unknown percentage could be considered lost. Technically, Netflix delivered a service so they DID earn it.
False (Score:1)
discussing new measures to close a loophole that could be costing companies billions of dollars in lost revenue each year
That calculation rests on the faulty assumption that if Bob can't use Alice's password to watch Netflix he will sign up for Netflix on his own.
Re: (Score:2)
Fingerprints? They're out of their minds... (Score:2)
... and not only will I never auth biometrically, just their considering the option has me thinking in terms of scaling down purchases from anybody involved in this assinine idea. I knew how to have fun on a Tuesday night well before Netflix came along and began branding "chill".
Re: (Score:2)
I couldn't agree more. I've been a happy Netflix subscriber for many years. Raising prices a couple bucks? I don't care. Movie X is gone? I don't care. It's a cheap service, and I get more enjoyment than the small price it costs me. I also don't share my passwords for anything with anybody.
But I gotta say, the day I have to hand over fingerprints to Netflix is the day I cancel without the slightest regret. There's a line, and that's WAY over it.
If you make me pay for each and every device (Score:3)
When are these noobs going to learn (Score:1)
Or, just limit concurrent streams (Score:3)
There's no need to torment legitimate users with authentication annoyance. Just limit the number of concurrent streams.
Cheapest plan: one stream. Attempting to launch a second stream auto-boots the first one. If you share an account with a friend, you'll probably annoy each other enough for the one paying to stop sharing.
2-stream plan: 133% of cheapest plan. As a bonus, an additional stream is allowed as long as it shares the same IPv4 /31 or IPv6 /64 network.
family plan: 150% of cheapest plan. 2 streams from any IP, plus unlimited streams from the same IPv4/31 or IPv6/64 network. Additional streams are 40% cheapest plan, with a maximum of 6.
If two friends split a family plan, the service loses little, because it's only paying to process a single monthly fee.
If I pay $15/month for a family plan & charge 10 friends $8/month apiece to get extra streams added, well, great... I'm now a guerrilla wholesale reseller, responsible for dealing with my own "customer service" headaches. Beyond 1 or 2 friends, or really if ANY semi-strangers were involved, the scheme would fall apart after a few months anyway when somebody sharing the account cheated & tried using more than one stream during peak viewing times & everybody else kept getting knocked off round-robin style. Our enterprising guerrilla wholesale reseller would either have to watch people drop out in frustration, or would have to buy additional streams & hope the freeloading problem didn't get worse... and if he charged more, it certainly WOULD. As the pool of users increased & monthly share of the cost increased, trustworthiness within it would decrease until it wasn't *worth* the hassle of joining a shared pool just to save a few dollars per month.
It's no different than mobile phone family plans that share a data pool. Sure, you could join a 4-person "family"... but with no ability to limit data use per phone, one single pool member could get everyone else throttled until everyone else got fed up.
The key to keeping shared accounts profitable is to maximize opportunities for Tragedy of the Commons to rear its ugly head. If two people sharing a 1-stream account rarely get in each other's way, chances are that one or both would have cancelled the subscription *anyway* due to high cost and limited perceived value due to infrequent use.
The whole reason people use their PARENTS' cable logins is because until recently, the only way to GET access to a channel's stream was to subscribe to an expensive cable TV package whose monthly fee VASTLY exceeded the value of a channel or two. Now that OTT streaming packages have proliferated, it's not as big of a motivation anymore.
My guess is that the pressure isn't on Netflix or Hulu... or even HBO. It's on the cable companies THEMSELVES who are desperate to preserve their outrageously expensive "take it or leave it" business model, in conjunction with their historical fetish for charging by the outlet/box.
Title is won't (Score:2)
Should be ... exploring ways to make it harder for legitimate customers to use their service, to push them towards piracy
This isn't going to stop sharing (Score:2)
What netflix doesn't understand is roku's don't have fingerprint readers. So what they would end up doing is using an app to authenticate, this would not stop VPN's either.
Re: (Score:1)
Plans (Score:1)
Or they could offer family plans like Apple does.....Apple Music works so well with that.
A future conversation (Score:2)
FBI: We hear you have a massive collection of fingerprint data. Here's a court order allowing us to search the whole thing.
HBO: Come on in!
Soon (Score:2)
Hey babe you wanna Netflix and chill.
Just a sec, I have to give it my fingerprints.
[RING, RING], "Hello", "What was the name of my best friend's sister's second favorite pet?..."
Just another minute babe, gotta give 'em a DNA swab...
Babe? Where you going??!!
I am not a freeloader (Score:1)
hope it is just talk (Score:2)
hope it is just talk and it stays that way. I pay for my services but start making it a pain to login and it would be bye-bye. just too many places online where I can watch the same thing without the inconvenience.
Feels like they are going to stop Linux (Score:2)
I've seen this before with streaming services. Both Hulu and Netflix for a long time would not work on Linux for years.
How does fingerprint authentication work? (Score:1)
Re: (Score:2)
Who cares what they claim, are you going to trust them?
Re: (Score:2)
Depends on the how and who the brand will trust..
First settings needed for a new account? The person entering the CC and doing the set up is asked for a fingerprint.
That gets the data needed as part of a new account.
The box, tv remote reader is then sent out to every user? Do they trust some OS brand and computer hardware... to read the print data in?
Do they trust any random third party reader on a laptop, smartphone, crypto?
So they make
Sigh (Score:1)
Kill Your TV (Score:3)
I remember when I was a kid in the 80's seeing some group destroying their televisions and thought they were just plain weird. I saw "Kill Your TV" bumper stickers and thought "those people seem a little nutty". I must admit as time keeps going on and these kinds of schemes keep getting cooked up it seems like a better and better idea.
thumbprint? can I use other finger? (Score:2)
Fingerprint Spoofing Is Easy (Score:1)
I'm not sure I get the outrage (Score:1)
I'm going to guess that everyone on here knows at least one person who is mooching their streaming service from a non immediate relative. This is why we can't have nice things. Now the question is how do they implement this. For me I only stream on 2 devices so I'm not really worried.
Re: (Score:2)
Nice things != TV
Re: (Score:2)
That was for years of data, voice prints, all crypto access.
Now its a fingerprint account shared with 5 eye governments because the NSA asked?
Want the gov of New Zealand knowing about every file getting played back on a display?
Want some international travel and New Zealand recalls that "fingerprint" watched the wrong media file, no entering New Zealand.
Other nations see that full gov block on travel fo
Middle Finger (Score:1)
HBO can scan my middle finger while I download a torrent.
We pay extra to have 4 streams on NFLX (Score:3)
I share my password with my three kids... (Score:2)
I share my password with my three kids and when they stop me from doing that, I will cancel my service.
Dumb (Score:2)
The possible measures include requiring customers to change their passwords periodically
But changing passwords too often is a bad idea
Frequent password changes are the enemy of security, FTC technologist says [arstechnica.com]
or texting codes to subscribers' phones that they would need to enter to keep watching, according to people familiar with the matter.
They're going to start requiring subscribers to own mobile phones?
Too bad it doesn't work the other way around (Score:2)
Too bad it doesn't work the other way around.
I pay Netflix $12.99 for their standard plan that gives me access to their service and HD content 24/7 on up to on 2 devices at the same time. But I only use their service 1-2 hours a day and on 1 device at a time.
It would be nice if I could get credit for the 22 hours of the day that I'm not using their service and for not using access to the 2nd device.
Just allow X concurrent connections (Score:2)
Bottom line is STOP blaming consumers for using services
Streaming companies try to go out of business, (Score:1)
Fixed your headline for you
Torrents (Score:2)
don't ask me for finger prints,so guess what...
Likely referring to WebAuthN (Score:2)
A local biometric alone wouldn't help. However if you have key material on the phone, where the public exponent of that key material is enrolled for their account, and the private exponent is unlocked with the local biometric, that would work.
It's really amusing and frustrating to hear WebAuthN described as "Sign-In with your thumb". It's a cryptographic signing of the challenge request that is validated server side; the biometric is a local (to the device) challenge.
Two Factor? (Score:2)
Easy answer is 2 factor authentication + regular expiration of logins. Share for a week or two works, but they aren't getting back in unless they call you and bug you for the magic number that you got sent by text.