/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsNEW YORK, USA: A security hole in Adobe Systems Inc software used to distribute movies and TV shows over the Internet allows viewers to copy movies on some Web sites and avoid commercials on others, threatening the financial success of online video.
The problem exposes online video content to the rampant piracy that plagued the music industry during the Napster era and is undermining efforts by retailers, movie studios and television networks to cash in on a huge Web audience.
Amazon.com Inc by Friday had fixed a flaw that gave free access to record and copy from Amazon.com's video streaming service without paying.
But screen-recording software can still make unauthorized, unprotected copies of Amazon online movie rentals, which could be viewed and copied beyond the rental limits on how and when to view.
Network television shows from Hulu.com can be viewed online without watching the commercials that are meant to pay for the system and copied as well.
"It's a fundamental flaw in the Adobe design. This was designed stupidly," said Bruce Schneier, a security expert who is also the chief security technology officer at British Telecom.
The flaw rests in Adobe's Flash video servers that are connected to the company's players installed on nearly all of the world's Web-connected computers.
The software doesn't encrypt online content, but only orders sent to a video player such as start and stop play.
To boost download speeds, Adobe dropped a stringent security feature that protects the connection between the Adobe software and its players.
"It's the traditional trade-off, convenience on the one hand and security on the other," said Ray Valdes, analyst at research group Gartner.
COMMITTED TO SECURITY
Adobe said it issued a security bulletin earlier this month about how best to protect online content and called on its customers to couple its software security with a feature that verifies the validity of its video player.
"Adobe is committed to the security of all of our products, from our players to our server software. Adobe invests a considerable amount of ongoing effort to help protect users from potential vulnerabilities," it said in a statement.
Amazon fixed its Video On Demand service, which offers as many as 40,000 movies and TV shows on its Web site, to stop completely free viewing of movies and television shows recorded with the Replay Media Catcher from Applian Technologies.
But another screen capture program was able to record movie rentals from Amazon in a format that could be copied, kept, and shared at will. Adobe said all the issues with its software have been fixed and that it was working to make customers aware of proper security measures.
But some saw flaws with the design of the system.
"Adobe's (stream) is not really encrypted," said Applian CEO Bill Dettering. "One of the downfalls with how they have architected the software is that people can capture the streams. I fully expect them to do something more robust in the near future."
One Web site -- www.tvadfree.com -- explains step-by-step how to use the video stream catching software.
Videos from Hulu.com, NBC.com and CBS.com are already free although the TV programs are interrupted by commercials. However, the stream catching software separates the commercials and the program into two separate folders, so people can keep the programs without the advertising.
Hulu.com, a video Web site owned by News Corp's Fox network and General Electric's NBC Universal, was the big networks' answer to YouTube, the popular video-sharing Web site where many users began uploading TV shows and other content owned by media companies.
The networks scrambled to post videos on their own sites in a bid to capture another stream of advertising revenue from a growing audience, but they have struggled with how best to show commercials that fund the programming when played on the Web.
YouTube, which started the online video boom before being bought by Google Inc for $1.65 billion in November 2006, has also struggled to cash in on its popularity even though its user base continues to mushroom.
DESTROYING BUSINESS MODELS
One possible solution would be to protect the video with a digital rights management (DRM) system. A Seattle-based company called Widevine Technologies has a DRM system that can encrypt online videos using Flash.
"The fundamental problem here is that Adobe's lack of technology is not allowing the business models to be preserved," said Widevine Chief Executive Brian Baker.
The lack of content protection, according to Baker, threatens all the business models used today to fund video on the Web.
Apple Inc, which sells movies and television shows at its online iTunes store, uses its own DRM technology called FairPlay, but it only works for video bought on iTunes.
Forrester analyst James McQuivey said he doesn't believe the video stream catching technology will entirely derail the advertising-supported business model used by the networks for online video.
"It's too complicated for most users," said McQuivey, noting that file-sharing services like BitTorrent already exist but only a small percentage of people use them.
"People want something easy to find and easy to use."