Legalizing Attacks on P2P Networks

miniver writes: "Rep. Howard Berman (D-Calif.) wants to legalize DoS attacks on P2P networks such as Kazaa and Morpheus by 'copyright holders.' The Washington Post reports on his proposed legislation here. Berman's bill, to be introduced in the next several weeks, would attempt to minimize the illegal trading of copyrighted songs and other content on "peer-to-peer" (P2P) networks by permitting copyright holders to use technology against pirates. As can be expected, the RIAA is in favor of the proposed legislation."

DoS?

[niloroth]

where does it say anything about DoS attacks? From the article:

"His bill would allow copyright holders to set up decoy files and use other techno-tricks like file-blocking and redirection to throw P2P pirates off the trail, but it would forbid those holders from employing tactics that would damage or destroy pirates' own computer systems"

And further along....

A copyright owner should not be allowed to damage the property of a P2P file trader or any intermediaries, including ISPs," Berman said. "(I) wouldn't want to let a particularly incensed copyright owner introduce a virus that would disable the computer from which copyrighted works are made available ... "

Don't get me wrong, I don't think this is a good thing, but I also don't think we need to blow it out of proportion, who does that really help in the end? No one.

Re:DoS?

[Salsaman]

DoS == Denial of Service. Setting up a decoy file is a denial of service (the service being downloading the original file).

DoS does not always have to mean flooding a network (though that is the most common DoS attack).

Re:DoS?

This is from News.com's article about this issue:

In the announcement of the bill, Berman cited some of the tools that would be protected by the legislation, and which copyright owners have expressed some interested in using.

These tactics include:

interdiction, in which a copyright owner floods a file swapper with false requests so that downloads can't get through;

redirection, in which a file swapper might be pointed to a site that doesn't actually have the files they're looking for;

and spoofing, in which a corrupt or otherwise undesirable file masquerades as a song, movie or other file that people are seeking.

Note the interdiction part, that's a DoS attack right there. They'll either overload the pipe, or at least use up all the connections.

No, he doesn't want to legalise DoS attacks

[KNicolson]

Sigh, not even the submitter is reading the story these days:

His bill would allow copyright holders to set up decoy files and use other techno-tricks like file-blocking and redirection to throw P2P pirates off the trail, but it would forbid those holders from employing tactics that would damage or destroy pirates' own computer systems.

It seems like a futile attempt, however, as people can always route around trouble, and if such tactics become commonplace, software will soon adapt so even the most clueless newbie can be autoupdated with the latest and greatest roadblocks to avoid.

Re:No, he doesn't want to legalise DoS attacks

[interiot]

DoS attacks actually don't damage the target's computer at all, they merely disable the network connection while the attack is ongoing. I read the above paragraph to mean that DoS attacks would specifically be permited.

Re:DMCA vs this

[cosmosis]

There is only one flaw in your argument - going after specifically targeted songs is one thing, but a DoS attack disables the entire network regardless of what is crossing its wires. Now if you still think they have a right to do this, then by this same logic, banks should have the right to disable the entire transportation network, as some people use that network to carry large sums of cash they just got done steeling it from their banks. Or we should just allow cars, as some people use them for infringing purposes - robberies, hit and runs, drunk driving, reckless endangerment, kidnappings, etc.

READ THE ARTICLE, READ THE ARTICLE, READ THE ARTIC

[Erasmus+Darwin]

It appears like this only makes it permissible for copyright holders to set up decoy songs. So it'd no longer be illegal (it was illegal before?) for them to put up mp3s with the names of RIAA-protected artists that're really just noise. In short, no big deal, as far as I can tell.

Everyone who has already knee-jerked at the Slashdot summary and decided that this means the RIAA can start ping-flooding people on P2P networks needs to read the article.

Re:/. ahoy!

[dirkdidit]

I wonder if Rep. Berman has a website? If yes, you know what to do.

Rep. Howard L. Berman
Have fun!! ;)

Re:sounds like a free ticket

[Erasmus+Darwin]

"Who's to say that my garage band's copyrighted work isn't being pirated, we'd betterd DoS them to make sure"

Try re-reading the article. All it's saying is that you can offer up a fake version of "(your garage band)-(your hit).mp3". It's not carte blanche to take down the P2P server or even other users sharing your file.

Re:SO....

[Verizon+Guy]

Actually....

It's soooooo 16-June-1998, the original air date of South Park Episode 217, "Underpants Gnomes."

"Collecting underpants is just phase one!

Phase 1: Collect Underpants.
Phase 2: ???
Phase 3: Profit!

FYI, of course

Re:Obviously, he's been bribed

[robkill]

Take a look at the PAC contributions made to Berman opensecrets.org $37500 from entertainment company PACs, easily the largest category. Communications and Electronics, both individual and PAC contributions dwarf all other contributions. $185K from "TV/Movies/Music." Top Contributors are Disney, AOL/Time-Warner, and Vivendi. He's in the RIAA's back pocket all right. Now we just need to get the mainstream press to report this and question his motives.

Re:DMCA vs this

[God!+Awful]

There is only one flaw in your argument - going after specifically targeted songs is one thing, but a DoS attack disables the entire network regardless of what is crossing its wires

Are you sure you know what you are talking about? There are many types of DoS attacks. You can DoS attack a whole network, a single host, or just a single protocol. The effect of targetted decoy tracks is to disrupt the activities of people who are specifically looking for those tracks (a DoS attack). The rest of the users (who are presumably trading recipes or something) shouldn't be affected. Neither the article, nor the message you replied to, was advocating other types of DoS attacks, such as ping-bombs.

-a

Re:what fun!

[NiGHTSFTP]

Yes, gnutella clients do support hashing. Gnucleus, Xolox, Morpheus(gnucleus 1.9), and others.

Its not really standardized yet, check out the GDF

http://groups.yahoo.com/group/the_gdf/

More Links:
Gnutella v0.6 Handshake Summary - http://www.gnucleus.com/research/connect.html
Gnu tella v0.6 Handshake - http://groups.yahoo.com/group/the_g...king%20Proto col (Yahoo account required)
Gnutella V0.4/0.6 File Transfer Summary - http://www.gnucleus.com/research/transfer.html
Gn utella protocoll specification v0.4 revision 1.2 - http://www.clip2.com/GnutellaProtocol04.pdf
HTTP/ 1.0, RFC 1945 - http://www1.ics.uci.edu/pub/ietf/http/rfc1945.html
Gnutella GUID tagging - http://groups.yahoo.com/group/the_gdf/message/1397
"Ultra"peers - http://groups.yahoo.com/group/the_g...Ultrapeers.h tml (Yahoo account required)
ISO 8859-1 character set - http://www.htmlhelp.com/reference/charset/
"HUGE" - http://groups.yahoo.com/group/the_g...Proposals/HU GE/ (Yahoo account required)

Re:Lawsuit, anyone?

[rodgerd]

I think they care a lot. About making sure that no-one can record, sell, or even give away music through in any way without their memebers getting involved. Why, competing companies and individual musicians might make money! And making money when you're not an RIAA member is the same as theft!

Want to know who's funding Rep. Berman's campaign?

[ActMatrix]

Check out OpenSecrets.org if you want to see who's financing this guy's campaign. Top donors, surprise surprise, are: Walt Disney, AOL Time Warner, Viviendi Universal, Viacom, DreamWorks, and Sony. Gee, no bias there.

Sellout Senators

Now if you all direct your attention to Howard L. Berman: 2002 Politician Profile, you will see just who's been primarily contributing Berman.

Re:DMCA vs this

[symbolic]

Consider this portion of the article:
The DMCA has been used to threaten suspected copyright violators, but questions about what constitutes legal sharing and illegal piracy continue to dilute the law's power.

This suggests that the DMCA isn't even clear. The proposed legislation would allow the RIAA to make that determination, which is clearly not within its jurisdiction. The RIAA is a professional association, not an extension of the government.

Just the same, I wish all those who are proponents of illegal file sharing would pull their heads and realize that they can do far more damage to the RIAA if they just stop buying its product.

Re:Eye for an eye...

[elflord]

This is not illegal, so why do the record companies need a new law?

I think this is a good question. I suppose the answer is that if there's a law, it doesn't leave much to a courts imagination, and the record companies are seeking clarification. I think you're basically right though-- the law doesn't really put anything new on the table.

Re:Law against it?

[NanoGator]

I heard a story of a guy who put razorblades around his stereo. A would-be thief sued him over it and won.

There's another story about a guy who boobytrapped his wallet. When he was pickpocketed, it exploded and blew the thief's hands off. The 'victim' got to pay the handless thief for the rest of his life. (Note: That may be an urban legend.)

The law doesn't allow you to do things like that. I can only guess at the reason.

It seems to me that a DoS (yes I know that's not what the article's about, don't wast your time telling me I didnt read it) attack on P2P would fall under that law. If anybody does get attacked in any way by the RIAA, they could probaby take them to court and teach them a lesson.

What really irks me is that the law conflicts a bit. If I have the right to make a backup of a CD, shouldn't that allow one to make that backup available to others? The MPAA/RIAA calls that piracy. I don't call it piracy until somebody retrieves the backup who hasn't paid for a license.

I bought the Star Wars Trilogy Special Edition a few years ago. The tapes disappeared when I moved. I didn't sell them, they just .. well.. gone! The MPAA thinks that I should pay for the Star Wars Triology again if I want to watch it again. I think I should be able to download it if somebody was nice enough to backup their copy.

The law supports both what I think and what the MPAA/RIAA thinks. It is for this reason, that I do not believe that either of these organizations should be given the ability to pass judgement against me. Instead, USA should do what DigitalConsumer.org suggestions: Create a set of rights for internet users.

If the law says 'you can backup your media', then the RIAA cannot sue me for having an MP3 copy of a song from a CD I purchased. Since an MP3 is a backup copy (can't play an MP3 in the standard CD Player...), then transmitting it to somebody else isn't a crime. It's not my job to judge who's licensed and who isn't. That's between the RIAA and whoever is violating it.

Frankly, I see this as a serious flaw to the DMCA. It creates provisions for fair use, but doesn't define them. So really, anybody can twist the wording to their own ends. Imagine if gun laws were like that. It'd be like "You can own a gun,

Re:Scope should be expanded

[Fastball]

Ironically, there's an excellent movie starring Michael Douglas titled Star Chamber that deals with the consequences of vigilante justice. An excellent flick for law students and inquiring minds alike.

Re:SO....

[Alsee]

And was step 2 "Sell them on Ebay"

No. The joke was that every you ask "what's step 2?" they'd just repeat

Step 1: Steal underpants
Step 2: (silent pause)
Step 3: PROFFITS!

It caught on big here on slashdot because it captures the DOT.BOMB mentality perfectly. Step 1: get a million web hits per day with free content Step 2: .... Step 3: PROFFITS! And based on that bussiness plan people would run up the stock price from $5 to $50 per share.

-

Re:Not Exactly, Times Two

[GlassUser]

Firstly, you're not legally a copyright holder until you actually hold a copyright; that is, you have to have applied for the copyright to enforce it.

According to this explanation of the law, The Copyright Act of 1976 (Title 17 United States Code, Section 100 et seq.) allows natural copyrights without registration (basically that you hold a copyright to anything you create, and are not required to register with the Office).

Re:*cough* bulls--t *cough*

[GlassUser]

Yes... but I'm already assuming that the prosecution has enough evidence to actually bring the case to trial in the first place. Once that material is presented, it will be up to the defense to supply counter evidence of greater or equal credibility before he or she will be let go.

Only in civil court (eg the plaintiff is not The Government - "State of", "United States", etc). In criminal court (the state versus defendant), the prosecution must prove their case "beyond a reasonable doubt".

I am not a lawyer. This is not legal advice. Blah blah blah.

Link to Rep. Berman's comments

[heybrakywacky]

I'm kind of surprised this wasn't posted before (at least that I could find), but you can find Rep. Berman's comments here.