Slashdot Mirror
Gnutella Copyright Enforcement?
horos1 writes "Is copyright protection on gnutella enforceable after all? I thought that gnutella users were better off (ie: more anonymous) than napster users in this regard, but this story on zdnet implies otherwise." As I understand it, this app can report user names and IPs of people who download boobie trapped files that the software pretends to serve. Yes, you to can be Lars!
Get too many of your nyms shut down, and it'd be cheaper to buy the music CDs themselves.
"Hey, hey! Ho, ho! 100110!" - Robot rebels in Futurama
Not only that, but imagine how the judicial system would react in front of the ensuing onslaught of litigation? After 5000 cases of "Plastika - vs - Joe-Blow-who-downloaded-the-latest-hit", judges will soon tell the RIAA to go screw itself pretty quick.
--
Here's my mirror
but is just the IP of the person REALLY going to help any? So you might be able to track it down to the computer. Big deal! How exactly do you link *1* person with that computer? How do they know it wasn't your mother/wife/father/child/friend/neighbor/someone robbing your house/pet jumping on the keyboard? It's impossible to make a connection between IP and user. I'm guessing the most they could do is have your ISP stop giving you service.
It's like if the police clock you at 50 over the limit, but they don't catch you. However, they do get your liscence plate number. They have nothing on YOU because anybody could have been driving the car.
-- Dr. Eldarion --
At least not yet, you can bet the RIAA would love to be able to nail you for just *thinking* a copyrighted tune. I'm humming a metallica song right now, eat that lars!
The problem with this method is that since every client is a peer, and possibly now a relay, you could end up using someone on a slow connection as the relay.
I'd hate to be the poor sap on a T1 downloading from a T3 using a machine on a 28.8 modem as a relay.
It means nothing. Anyone can create any username, and and IP's can be filtered, masqueraded; ports can be forwarded, and tunneled over in many different ways. Routers can be misconfigured even without bring down the traffic. What would that IP/username mean?
Makes perfect sense to me.. I mean, when you do a file transfer, it happens peer-peer, so you do know who the other party is (or at least, their IP).
In fact.. as soon as search results are returned, those results contain the IP address of the host holding the data, no?
So... the only thing anonymous about gnutella is that searches are anonymous until you actually download something.
But really.. the whole point of gnutella wasn't that it was 'anonymous', but that it is decentralized. There is simply no easy way to 'stop' people from using gnutella. we can switch ports easily.. it really doeos need randomized ports....
Now.. personally, I would think that putting up material to be downloaded in order to finger people would ammount to entrapment, as you are basically going somewhere where you *KNOW* that people are tempted to download software, and put up software they might want...
It just might be time for a civil equivalent to the Bill of Rights.
The Mongrel Dogs Who Teach
Hear Hear
It is, alas, a common police/investigative tactic throughout the world to turn up and gain access to premises on the mere threat of a search warrant.
In fact, in most jurisdictions, at least some form of prior judicial scrutiny is required before agents of the state can violate privacy in search of evidence. (And if they claim they don't, ask for full details of the enactment/statute under which they derive their power and take a careful note of what is said, in writing and at the time.)
When faced with police pressure, you should always insist on seeing a warrant/court order before permitting any intrusion - don't back down unless and until they threaten physical harm. It makes life so much more fun for the nice officer when he has to explain himself to the judge later.
Of course, your mileage may vary as to how effective judicial scrutiny of police action ever is...
-- AndrewD
A Maze of Twisty Little Laws, All Different.
Yes, but the law doesn't care. Ever notice how hookers get busted, but the Johns do not? Ever notice how the pirate video stores get raided but no one follows up their customer list? Ever notice how they went after napster but not after its users (they nuked some nicks but never bothered real people). Ever notice how the FBI goes after bank robbers, but not after those who accepted the stolen money for various goods and services. It's all about stopping the supply, not the demand.
On the other hand, commercial ISPs have a financial interest in people using their service - the longer you are online trading files by Napster and the larger the bill you run up. So it would be a bad idea (financially speaking) for ISPs to crack down on Napster use. Have you noticed how hard it is to get most ISPs to do anything about spam which originates from their service? This would be a similar situation. The ISP would be unlikely to investigate the pirated MP3s or ban the user until they were forced to by a court order. Which brings us back to the situation that less successful artists are unlikely to have the financial means to drag this sort of thing through the courts.
Any Peer to peer networking (ie TCP/IP as it was meant to work) will expose the sender's address to the reciever and vice versa. Otherwise there can be no meaningful communication.
What you suggest simply puts a server in between which you will have to trust. So basically you are back to Napster with some sort of encryption.
The point of gnutella is to make all transfers peer to peer, not really anonymous. Of course you could always relay the packets from a central server on either end, but the goal should be to retain the "end-to-end" nature of the internet and you can never effectively encrypt routing information.
Wow, you've described a great DDoS! 8)
It's 10 PM. Do you know if you're un-American?
I have do different questions relating to the who 'Music-Cops-On-The-Net' thing.
1. Very little mention has been made of mp3 (or any file for that matter) distribution over IRC. It certainly is easy enough to locate your favorite music on various channels. So is it trackable? If it is (it would have to be because of the peer-to-peer nature of DCC), why has IRC slipped through without being part of Lar's wrath?
2. What if I put up a file called 'Metallica - They've sold out, man.mp3' that consist of me ranting into a microphone about how Metallica has sucked since the 'Black' album. My name/IP could be snatched up by this software, right? So I get taken down by Napster, or hauled to court... what kind of recourse would I have? Heck, for even more fun, I take my rantings, but call it 'Metallica - Unforgiven.mp3'. How would that affect my legal standing?
"I shoulda never sent a penguin out to do a daemon's work."
Cat, the other, tastier white meat.
It might just be my latest dumped core that I automatically rename to Metallica-DownloadThis.mp3 because the band pissed me off or I think it is funny. In that context, having a file called Metallica-DownloadThis.mp3 and sharing it though Napster or Gnutella is perfectly legal
It may not be illegal, but having a file names that is enough suspicion to investigate further. If I have a baggie that looks like it has crack in it, and I show it to a cop, he's going to arrest me. If you have something that looks exactly like a pirated file, they have enough grounds to pursue it. You may be found innocent in court, but that doesn't mean they aren't going to try and prove it was a pirated file.
"Information wants to be expensive" - Stewart Brand, the same guy who said "Information wants to be free"
I wonder what would happen if several thousand people subscribed mediaenforcer@hotmail.com to it's own "when this page is updated email me" service.
Not that I think anyone should actually do this, of course; that would be wrong.
--
And I was just watching the last JavaOne keynote webcast today and was pleasantly surprised when Tim O'Reilly brought up Gnutella and its role as facilitating sharing and communication. In a totally positive light. I'm sure for many in the audience this was the first time a Big Name had talked about Open Source. So I'm glad the FUD didn't get to them first.
It's 10 PM. Do you know if you're un-American?
Any distributed file-sharing protocol that is non-encrypted is insecure in this fashion. The reason is simple: Your computer requests the serving computer for the file in question. The other computer obviously knows your IP, then, and a modified client can serve up that info. That's why the Freenet project is so essential.
Here's a simple precaution that can be taken when desiging such a protocol: One computer never directly requests to another. Instead, it gets a piece of information from the serving computer through the network (x, n, and x^y mod n for some x, y, n) and creates a key (x^y^z mod n for some z) and sends another piece of information indirectly (x^z mod n), so that the server can get this number (x^y^z mod n) itself. Then you can establish a two-way encrypted link securly while having your packets be passed through other clients (so that the server never knows your IP). (BTW the encryption is a diffie-hellman key exchange and is one of the neatest things in modern crypto).
And then what? The person hasn't done anything illegal, since the content was bogus. The person hasn't actually infringed on anything. If you buy a bag of oregano from an undercover cop who tells you it's pot, you can't be arrested for anything. You actually have to commit the crime you intended to commit to be held liable for anything.
This raises an interesting point. To actually convict someone of pirating mp3s, it strikes me that you would have to have direct evidence that the file you put up for download was, in fact, an illegitimate file. You would also have to strongly link the IP address to the actual person. It would be exceedingly difficult, if not impossible, to take any legal action against anyone using evidence such as a list of user names, IP addresses, and alledged song files they made available for downloading. It would take a serious investigation involving searches, stakeouts, time, and money to really get the necessary evidence to make a piracy charge stand up in court. The only people the police would go after to that extent would be real "pirates" who actively distribute illegal copies en masse, and who charge for it. I don't think there is any reason to believe that the government would or could go after individuals trading files for fun.
-Vercingetorix
"Necessitas non habet legem." -St. Augustine
Makes it perfect tool for DDOS attack. Just tell 20 of your Guntella neighbours "that guy overseas really wanted that 10G movie clip, so please help me delivering it" and your victim is roasted and served with fries.
Humorous, but I think you missed the idea.
The scatter network code is part of every client. You can't initiate the transfer for someone, it's the other way around.
In discussing the idea with my brother earlier today, you would have to devise a way to split the initial transfer up into x "tamper proof" packets. Packets which could be split up but not be altered otherwise. That would prevent subverted clients from mucking with the data.
How would the fragmented mess eventually get to the original requestor? I would imagine it would be done with some kind of session ID. A "virtual circuits" (to steal a Frame/ATM term) kind of thing, but where you would start advertising you are connection x and the server would start broadcasting that it is the producer of information for that session. Hmmm... I wonder if a DeviceNet style of data producer/data consumer would work in this case. A routed system which learns which sessions are where... sounds bandwidth intensive.
I didn't say I had a working solution, merely an idea. :-)
It might just be my latest dumped core that I automatically rename to Metallica-DownloadThis.mp3 because the band pissed me off or I think it is funny. In that context, having a file called Metallica-DownloadThis.mp3 and sharing it though Napster or Gnutella is perfectly legal.
Whoop, I think CmdrTaco misread the story (and I misfollowed); this software doesn't fake files, it hunts for real ones on the net and IDs the provider.
Ooh, a sarcasm detector. Oh, that's a real useful invention.
You could make Gnutella support email attachments as a transfer protocol, so that paranoid people could have their files sent to a hotmail account.
MSN Hotmai1 supports attachments on1y up to 1,000 KB in size; any good sized *.mp* file is out.
Will I retire or break 10K?
Wouldn't setting up 'boobie-trapped' files be a form of entrapment? Is this legal in the States?
Nope, search responses have ip addresses in them, they also have a unique identifier to allow the network to pass push requests around when you can't directly connect to the end router. fake ip's and working push stuff makes the whole thing a little more anon.
This post does not exist
... is just as much a part of information theory as information distribution. Information wants to be free, whether it is m374lic4_5uXx0r5.mp3 or the log entry show the time, date and IP of the person who downloaded it. This program provides tracking for napster and gnutella. Ok.. big deal. It doesn't comprimise Gnutella in any way other than to provide accounting for file downloads, which isn't such a hard thing to do, since gnutella is a multi-access broadcast media anyways.. all information transmitted on it is pretty much viewable by everyone. This program does nothing to stop people from downloading soungs, files, etc.
Plus, think about it.. if everyone on Gnutella got subpoenas on their doorstep towmorrow for downloading copyrighted information, we would have even more popular support for the cause. The more people the RIAA piss off with these bully tactics, the better off we are.
//Phizzy
"Most European technology just isn't worth our stealing," -- Former CIA chief James Woolsey, referring to Echelon
This, and the related problem of hacked clients giving back hits for any search that just link back to banner sites, has been a real impediment for me in using gnutella over something more centralized like napster. The problem with anything de-centralized like this is that while you have all the benefits of abandoning centralized control, you have all the headaches of abandoning centralized control too.
:) is to implement, either at the protocol level or the client level, a moderation-style system, or actually, more appropriate still: a web-of-trust setup.
/. at -1. But if nothing gets implemented, we end up with a great distributed file sharing mechanism that is, much to the pleasure of Lars and his ilk, too contaminated to bother with.
The best solution I've come across (in the oh so many hours I've thought about it...
Unfortunately, the protocol as it currently stands, does not have much room for carrying this kind of information, and implementing it in any kind of non-trivial-to-circumvent way would require a fair bit of work. I mean, you can have clients digitally sign their hits, and the hits of people for whom they vouch, but ugh - think about the kind of traffic that goes across one of these clients, and the overhead that would come from signing or otherwise authenticating each one.
Maybe something more akin to the spam blacklists would be more appropriate: have a hook in the client that allows it to grab the current blacklist and filter those people out of the hits. Unfortunately, since a gnutella request doesn't pick and choose it's recipients, you'd have all sorts of traffic moving around that was just being dropped by the recipient, but at least this contamination would be harder to pull off.
Any thoughts on these, or other ways to keep the S:N on something like this up? I think client-side implementation is important, since it allows the protocol to remain unscathed, and choice is of course, essential, just like browsing
Johnath.
The decentralization of Gnutella is a big problem for copyright enforcers, because it's a heck of a lot easier to put all the pressure on a big company. Plus, there's potential money there. The little guys using these programs aren't deep pockets.
When Metallica wanted to stop Napster users it got Napster to ban them (not that this was terribly effective, as two minutes in the registry got a user back in with a new account name). But if Metallica wanted to enforce its rights under Gnutella, there is no central company to put pressure on. They have to go after the individuals. They've said they don't want to do that, and I can't imagine there are many that would, because there's nothing in it for them.
If you want real anonymity, you have three options:
The first one can be had by anyone who will let you use their SOCKS5 server. With some servers, you may also be able to tunnel through an http proxy to obtain non-http service, however YMMV. Services exist online like Anonymizer.com or Freedom which will, for a small fee, happily remove all traces of your IP address from the request using one of their servers. Caveat emptor, however, as they likely need to keep logs as well to prevent absue.
Option #2, illegal proxying - crackers have known about this for a long time. Basically, grab yourself a copy of nmap and start scanning on ports 1080, 80, and 8080 and see how many proxies you can find. Scan for winproxies as well as they are often poorly configured.
Once you have your net of proxies up, or have compromised a bunch of computers and done the same, use those to relay your messages. Or just go down to a public terminal and install some proxy software.
Option 3, there is only one option here - MBone. It is basically an IP multicast network setup on top of IPv4 which allows one server to broadcast data to all other computers on the network.
I'd like to, at some point, start a project to create a self-healing mirroring network with crypto support do accomplish the same things GNUella does, but have it rely on multiple protocols and require no special software (ie, web servers, ftp servers, etc) for the clients to use to get information off the servers.
But I digress... in short, you have no privacy. Either do something illegal to get it back, or give up and accept it. No solutions exist at present to give you 100% anonymity. But.. there are projects in the works that aren't internet based that may be appearing in the not too distant future...
False. In some cases, trafficking in stolen goods is just as bad as the actual theft, even if you can prove you had no knowledge that the goods were stolen. I imagine that something similar might apply here.
www.alarmist.org
All of these protocols involve direct peer to peer file transfering, without going through some sort of trusted intermediary or anonymous network. Thus, if you find someone has the item you are interested in, it is trivial to get the information: Just start the transfer, see the sucker's IP, and disconnect before you waste any more of your bandwidth. From there, you can go through whatever routines are necessary to associate an IP address with an individual.
Similarly, there is no means of authenticating files before downloading, so it is easy to make a tarbaby server: Just put up a bunch of bogus content, but interestingly named files. When someone tries to download it from you, you get the sucker's IP address.
Finally, under copyright law, the copyright holders do need to be rather active in defending their rites. Although I believe that Lars Ulrich and company are being rather ham-handed about how they go about it, they really have no choice but to at least make reasonable attempts. Otherwise, a copyright lapses if undefended, and someone could start manufacturing CDs of Metallica and the band could do nothing.
Is Napster really different from a company who's business model is "We want to make money by software piracy?"
Nicholas C Weaver
nweaver@cs.berkeley.edu
Test your net with Netalyzr
It is the copying that matters, which is why buying a copy of the New York Times isn't parallel--you're not making a copy.
Only the copyright owner can give you permission to make a copy (unless the copy is Fair Use, in which case you don't need permission). To use your example, the guy behind the counter at the newsstand can't give you permission to make a copy of an article in the paper. In fact, the newspaper itself might not be able to give you permission--unless they had secured those rights from the author.
Obvously this can be a bit complicated to figure out in advance. That's why contracts to use copyrighted material have the author warrant that he or she owns the copyright and agree to make the publisher whole if that turns out not to be true.
OK first off, do not compare physical property to intellectual property. The analogy never works, and in this case, it falls down immediately.
The argument of 'what if I didn't know it was being distributed illegally' is a valid one. Assume that you're doing some research on caramel corn. You go to your trusty friend google.com and start looking for pages relating to "caramel corn". You find an article that looks very promising, so you follow the link. Once you've loaded the entire page, you find that, sadly, the article is copyrighted by Caramel Media Inc., but John Francis, who is a caramel corn fanatic, copied the article on to his page without permission from Caramel Media.
In my mind, this would be analogous to what the OP described. You were looking for some poetry (do people distribute poetry on Gnutella?), found one that sounded interesting, and, after downloading it, found at that it was being distributed illegally.
In the first example, it would be ludicruous to phone up the ISP of *every* page you were about to view and say ("yes, I was thinking of reading an article you have saved on your website at ~users/bill/caramel.html, but I was hoping if you could check to see if has been illegally distributed first"). Likewise, it would be ludicruous to track down the ISP of the Gnutella user every time you wanted to download something, just so you could phone him up and say "yes, I want to download roses_are_red.txt from you, but I need to know if you are distributing it illegally or not first").
I constantly argue with myself as to whether we have more or less democracy than before. Everytime I read another report on copyright extension, monopolies, etc, I worry that we are becoming more and more controlled by the megacorp cartels.
Then I compare to what we had 100 years ago. 100 years ago unions were practically illegal, or perhaps just coming out from that status. Standard Oil, the railroads, etc -- huge monopolies. ATT started its monopolistic practices in the early 1900s. The National Guard was called out to break up strikes in the 1930s. General MacArthur used the standing army to break up a demonstration by WW I veterans around 1930.
Any period I look at, the abuses were worse. I start to come out of my funk, and look at the LA police and Rodney King, Ruby Ridge, Waco, and realize that a lot more abuses are known publicly now, and widely distributed. This publicity is not what the powers want -- they want darkness and invisibility. This openness can only get better.
In just 5 or 10 years, home computers will have a standard web site package included, people will wear micro cams at all times as a matter of course, broadcasting back to the home computer constantly, available for the world to see or review, and public crime will drop drastically.
I come to the conclusion that the megacorps are fighting for (and winning) the rights to the corpses of obsolete prizes. They are waging death matches for nothing that matters tomorrow. The new life is proceeding without them, they don't know how to react, so they lash out in their old style methods, and will win precisely nothing useful.
--
Infuriate left and right
Ok, if I am downloading "download this" from that sell out band. (Like that would happen) They could see what my "user name" and IP was. Great, what the hell are they going to do with that ??? The user name they are going to see is jengo, which is my Linux login name. Then my IP which is from earthlink. Then you would say my email address/login id for earthlink is jengo@earthlink.net WRONG! If I gave you a list of 2,000 IPs, times and dates, and "user names". How long would it take to research every single one. Think how long it would take on 5 differant ISPs, let alone 1,000. Maybe its easy on AOL, but, not the rest of the world. Who on my side of the firewall did that download go to ? Me, my girlfriend, or the other 10 people that could have been connected. What about the company LAN ? My point is that all of that information MIGHT help get a couple of people. But, not everyone. Just my $0.02
until (succeed) try { again(); }
What gives you the right to the software he wrote? And where do you get that anyone's privacy is being violated? I hope that you don't illegally download musicians' copyrighted works, because I don't think that I could handle so much irony this early in the morning.
Cheers,
ZicoKnows@hotmail.com
Yeah, I agree that pirating software via Napster/Gnutella sucks, but these search engines are just as stupid. It'd be similar for going to google.com and running a search on a common word. Sure, you turn up 3 million URLs, but how many of them really have the CONTENT you're looking for, rather than just contain the word out of context somewhere... how do you tell the difference?
Until somebody comes up with a way of knowing that the file you found contains an actual song, rather than just a filename that appears to describe a song (this may even be impossible), what use are these searches?
It seems that alot of music savy people are looking towards these searches to protect themselves, but they are definitely not computer savy enough to realise that these searches are meaningless. The problem is that the lawyers and courts aren't computer savy either (Ask the 300K people kicked off Napster because of a filename).
Unix is user friendly, it's just selective about who its friends are.
I can see how this software may be useful for successful artists with enough money to attempt to prosecute people they suspect of distributing pirate MP3s. But I get the feeling that the author is hoping it will be used by smaller, less successful artists to protect their copyright. This leads to the question, what are these musicians going to do once they've got a list of IP adresses which are hawking their music? Smaller artists are unlikely to have the money to attempt to prosecute the pirates, so all they're going to be left with is the knowledge that their music is being pirated. Big deal. This software is of use only to the rich musicians and record companies - the people who are so rich that they are the people least financially affected by piracy. If the author of this software is unconnected with the RIAA, I wonder if he realises that the people his software is protecting are the same people who have been fucking him over for years with artificially inflated prices for recorded music.
Every gnutilla client/server should be capable of acting as a proxy for another, and requests should bounce at random through the network. Why doesn't it already work like this? Peer to peer transfers are so easily compromised...
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
If your search is done anonymously, and cannot be traced back to you, than how do you expect to receive results???
Stop by my site where I write about ERP systems & more
haha good one... no they'd take your entire computer... in case you were storing some illegal MP3s in your printer cable *G*... Anyone have a link to a similar story, I'm sure there have been plenty of them (where an entire computer was seized, when only the hard drive was needed...)
--
Restating the obvious since nineteen aught five.
So they can get an IP address. That's all fine and happy. But who you gonna sue? They'd have to:
a) trace down everyone serving those copyrighted files, using nothing but their IP.
b) sue each and every one of them.
Good luck, and more power to them. You can't sue Gnutella like you sue Napster, since there is no such entity as Gnutella. Decentralization is the key. Gnutella is essentially nothing more than bunches and bunches of people acting independently to share files.
---
- Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
Not in the eyes of the law anyway, its copyright infringement. It isn't trafficking in stolen goods, it's trafficking in pirated goods. And there is a pretty big difference.
And anyway, the people who download copyrighted material are never at fault legally, only those that distribute.
ReadThe ReflectionEngine, a cyberpunk style n
...and you be a ho.
My Slash-Caddy be out of impound and I be ready t'do some Pimp slappin'! Ya'll be cold, towin' da Pimp's Caddy like dat. Ain't like I was parked in a "no-troll" zone or somethin'.
I remembers it cleary: I was cruisin' da ghetto, checkin' on my ho's. Dey all be doin' some good work, and da crack-head mod's be throwin' dat karma all ovah da place like it be a Hindu festival or somethin'. Bitches be all singing, "Mod-ey Krishna, Karma Krishna, Whoring Karma, Moderate Us". It be worse than the bus station, so I whack a few o' dem bitches wit da Pimp Stick.
Anyhow, I be scopin' da streets, lookin' fo some fool leavin' time on the meter, y'know? All a sudden I see dis sign all sayin' "Taco's Parking Lot - Censorship Free!", and I be thinkin', "Damn! Dat's just what my ass needs! A Taco!".
So I eases da Pimp-Mobile into a space, and as I leavin' dis pasty-lookin' geek shout out, "We support free speech! Speak your mind without fear!" I dunno what da cracker fool be jabberin' about, so I just go about my bidness straightenin' out da ho's. And lookin' fo' dat taco, 'cause da Pimp be gettin' hungry, you know what I'm sayin'?
I slaps a few ho's who be gettin' out a line, and gives a few others some o' dat good Pimp Lovin' dat dey always beggin' fo (but not Siggy. She be gettin' old and skanky an' I hear she just been playin' wit herself an' takin' karma outta da bank to make it look like she workin'). I never did find me a taco, so I Pimp Strut's my ass over to da Soul Food Diner fo' a bowl o' grits.
Then I be headin' back to da Caddy and damn if I don't get rolled in da alley by dem moderatin' sons-a-bitches! Dey all actin' like I be bad fo' da neighborhood, like I da one encouragin' da ho's! Mofo's took 8 o' my karma in under 30 minutes!
After dat I tell da pasty geek I want's to cruise a little in my Caddy, 'cause I be lookin' fo' dem mod thieves who jacked my shit, y'know? And then white boy tells me I can't get my wheels 'cause I lost too much karma! Tells me it be impounded, and if I gots a problem wit dat I needs to take it up wit some brother named "Pater".
Now I figure Pater be da muscles of da operation, and I already got jacked once already so I gonna play it cool, you dig? So I says to the pasty geek, I says, "Yo, sign be talkin' 'bout 'Censorship Free'. What up wit dat?" Whitey look at me and say, "That's right. You were censored and it didn't cost you a dime."
Take me 48 hours to get da Caddy out of da impound yard, and meanwhile all da ho's and crack-heads be runnin' around wit out a care in da world. Shit ain't right.
Then I checks out da car and it be all banged up and shit! Speedometer be stuck on 0, and I can't even pass an AC wit out a push from da mod's! It just be me and the FP jallopies pokin' along in da "Low Threshold" lane, like we ain't important.
'Course we still be blowin' by dat fool drivin' da NP-19. Homeboy ain't even got an engine and he still be tryin' t'cruise in style.
You wanna be a karma whore?
Fine, but don't forget...
Just running Gnutella on a PC and having copyrighted material available wouldn't amount to entrapment. I believe the standard involves coercion or enticement in order to make the suspect commit whatever act you're trying to target. Just like the cops can dress a female officer up and walk her down the avenue, waiting for a John to offer $20 for a quick "date"...
Stop by my site where I write about ERP systems & more
At every ISP I have worked at (chief sysadmin), the only way we would release a username was a) Police investigation (not necessarily a court order) b) When we had enough facts surrounding the case that we felt comfortable giving the information to the asking party. This is extremely *extremely* rare. Usually, it involved someone we actually knew, or someone running a neighboring ISP, and we were both trying to track down an abuser or something. In this case, we would share information. If joe Musician called up and asked us for this information, we would simply tell him that he needs a court order in order to do this.
IANAL, but entrapment would be if NetPD actively contacted individuals and offered them bootlegs unsolicited (imagine the concept -- poison pill spam). Simply posting fake files and waiting for people to find and download them doesn't count. Compare to police officers posing as prostitutes or drug dealers. If they come up to you and initiate the deal, it's entrapment. If you go to them first, it's an arrest.
But I do agree that Media Enforcer isn't going to get very far against Gnutella. Perhaps they could try and get individual servers booted off their ISPs, but that's like fighting fire with a teaspoon.
Gnutella wasn't designed so that downloads were anonymous. It's as easy to find a user there as on Napster.
What Gnutella *does* provide is a decentralized structure. So if you find 300,000 people pirating your music, you can't sue Gnutella's creators to stop them -- they're not serving the data, they have nothing to do with it, and putting them out of business won't affect the user transfers. To enforce your copyright on Gnutella users you will be forced to sue them all individually. *That* is what scares the RIAA.
And although others may have mentioned it, Freenet is the next step beyond Gnutella. Not only is Freenet decentralized, but users on it *are* anonymized.
Genocide Man -- Life is funny. Death is funnier. Mass murder can be hilarious.
Slightly off topic, but there is a website, http://www.stopnapster.com that is advocating sabotaging napster. article on zdnn: http://www.zdnet.com/zdnn/stories/news/0,4586,2592 245,00.html
It doesn't seem that the editors are reading the stories they link to. Reading the ZDnet article myself, it doesn't look like a "poison pill" file to me. It looks more like just another search engine that uses the gnutella protocol to log IPs of the people OFFERING files. It does NOT appear to be a way to entrap people DOWNLOADING files. Indeed, that's entirely unnecessary, as peer-to-peer file transfers, by their very nature, return the IP address of the downloader.
2)
Speaking of entrapment... If this WAS a "poison pill" file, a) it's not a copyrighted MP3 anyway, and b) isn't entrapment illegal as hell anyway?
3)
In the IQ war between computer geeks and dirty metalhead types... I'll wager on the geeks every time. How long before a countermove is made by the geek community to nullify this problem? The obvious first move is forged IP headers emailing the file request to an anonymous hotmail-type account, or posting to a specified usenet group. That could be an option EASILY added to gnutella... or napster for that matter.
4)
There is STILL no "single point of failure" in gnutella. That is, no master servers to shut down. Metallica would have to sue ALL 300,000 individuals, were they using gnutella instead of Napster. Just prosecuting a few to set up as "examples" could enable a "selective enforcement" defence... not to mention a VERY bad PR incident.
5)
Just HOW MANY ways are there to make sure a visible IP address does not actually lead back to you? Perhaps I could set up my own anon proxy, and announce it to alt.cubans.who.hate.castro... and it would just HAPPEN to be noticed by someone who hates the RIAA and crossposted to alt.metallica/RIAA.die.die.die.
6)
Freenet.... 'nuf said.
john
Resistance is NOT futile!!!
Haiku:
I am not a drone.
Remove the collective if
Imagine all the people...
So I downloaded a file called cracked_vmware.zip?
You can't press charges on that, there is no law against clicking on a file name. If the file is fake, then I didn't download any pirated program.
Finkployd
In the US Legal system, not knowing the law is not a defense against your committing the infraction.
"Officer, I didn't know it was a 25MPH zone, I didn't see the sign because I was looking in the rear-view mirror at your blinking lights."
[
'cause piracy is the record industy buzzword as far as MP3 goes.
/. posted a link about this software. Its usefulness, IMHO, won't be tracking down those evil bastards who like music, but finding out what exactly all those evil bastards are listening to. Ratings. Tracking. The same thing will be needed when the bandwidth to share moving pictures becomes commonplace. In a distributed media environment the loss of control scares a whole bunch of people, what they don't realize is that control is the expensive and difficult part of their jobs.
I mentioned this the last time
Oh, and we'll probably have to change some laws...or quit funding the folks who would rather sue and ignore new tech than compete.
--
+&x