One of the recurring themes in the DRM negotiations I sit in on is figuring out how far away two different computers are from one another, so that an entertainment company can enforce crazy, paranoid "business models" like, "Buy a movie for viewing on as many PCs as you'd like provided that they're all within 10 feet of one another."
My cow-orker, EFF Staff Technologist Seth Schoen, has posted a little blog entry about the inherent failings in all the DRM vendors' systems for determining "proximity" of two devices over the Internet.
…DRM vendors are falling back on other tricks. One you hear a lot about is "IP TTL" (a part of the Internet Protocol specification where routers are supposed to subtract 1 from a header field, to prevent a misaddressed packet from floating around the Internet forever). That doesn't provide evidence either, though, because (1) IP headers like TTL are under the minute control of end-users wielding firewall software, and (2) "bridging" software doesn't subtract 1 from TTL in the first place because conceptually it is not acting as a router.
So the last resort of people trying to use TCP/IP and get evidence about locality or proximity has been to measure latency — how long it takes for one device to communicate with another. Latency is harder to tamper with because there are physical limitations like the speed of light. For example, you can never get any message from New York to Paris in under 19.5 milliseconds because that is how long it takes light to go from one to the other. If you're using a satellite in geosynchronous orbit, there is a magic number around 250 milliseconds (depending on your latitude) because geosynchronous orbits can only occur at one particular altitude and it takes light about 250 milliseconds to cross that entire path. (Geosynchronous orbit is far away!) So some systems have been adopting rules about not sending some programming to devices that take more than a certain number of milliseconds to answer you when you say hello and ask them for acknowledgment, on the theory that devices that answer really quickly plausibly are on the same local network, whereas device that answer more slowly probably are not.
