Slashdot Mirror
Legalizing Attacks on P2P Networks
miniver writes: "Rep. Howard Berman (D-Calif.) wants to legalize DoS attacks on P2P networks such as Kazaa and Morpheus by 'copyright holders.' The Washington Post reports on his proposed legislation here. Berman's bill, to be introduced in the next several weeks, would attempt to minimize the illegal trading of copyrighted songs and other content on "peer-to-peer" (P2P) networks by permitting copyright holders to use technology against pirates. As can be expected, the RIAA is in favor of the proposed legislation."
No wonder we never understand politicians.
RIAA can suck my CD's
-- RTFM:Slackware::Beer:Saturday
On one hand a DoS attack is an act of terrorism, but it is OK if you are a record company? Hmmm.
The dogcow says "Moof!"
Fuckers.
I use Macs for work, Linux for education, and Windows for cardplaying.
DMCA = use technology to pirate copyrighted works, break the law
This = use technology to stop people from pirating copyrighted works, be a good citizen
Boiling this down to its essences, there is neither contradiction nor illogic. Copyright infringers are by definition in the wrong and copyright holders should have the legal means of stopping them.
I have been pwned because my
Yes folks, your Fourth Amendment rights are going up in flames to special interests. Fight it or enjoy it.
They want to make it ok to take the law into your own hands, well, their hands anyway.
Isn't it the job of the local,state and federal law enforcement agencies to enforce the laws? Deputizing the RIAA doesn't really sound like a good idea.
-c
I have discovered a truly remarkable proof which this margin is too small to contain.
AS usual, the laws all apply till they come pointing at you. Ala the American Taliban's who the law is not good enough to convict so they just ignore it and the American media campaigns every day to say its the right thing to do.
Laws are laws and were a nation of Laws. AT least they want to legalize it as opposed to just doing it and saying its ok...
You're absolutely right: people automatically think flooding or hacking when they hear DoS. But denial of service attacks can mean rendering a network virtually useless in what it's supposed to provide. In the case of a web server, you use up so many connections no one else (ie: valid clients) can connect. In the case of Morpheus, you imitate so many false matches that clients can't get valid results (they can't retrieve the information, even though the information is available and the server -- or network -- should technically be able to produce it).
The RIAA has already started doing this -- by posting songs with repeated choruses or large sections of the songs faded to silence, but the calibur has been relatively small -- you can usually pull off a legitimate copy after a few searches.
Legalizing this operation would give the RIAA a defense for using these mechanisms, and they could avoid [further] bad publicity. They would also be permitted to store massive amounts of slightly varied mp3 names that house illegitimate or incomplete songs, register numerous Kazaa/Morpheus/etc. accounts and attempt to pose as valid song providers, flooding the network with useless information.
His bill would allow copyright holders to set up decoy files and use other techno-tricks like file-blocking and redirection to throw P2P pirates off the trail, but it would forbid those holders from employing tactics that would damage or destroy pirates' own computer systems.
P2P systems should copyright and copy protect the out-of-band packets (the ones used to search, return search results, etc), then use the DMCA to prevent these types of DoS attacks. At the very least they should also specify in the EULA that intentionally supplying misleading files will result in being banned from the P2P network.
_______
2B1ASK1
As an example, one of the things that normally stops child pornography from getting too popular is that people are embarrassed to look at it, and will express strong social disapproval of anyone who makes it or uses it.
Another example is that if there's a social vacuum surrounding a P2P network, then there's not much incentive to donate bandwidth and disk space. Nobody gives you a pat on the back for running a useful node.
Free speech doesn't mean that the ideal social environment is one where your speech has no consequences.
Find free books.
Someone posts the IP addresses of the "legit hackers" on the web? You can bet that all the script kiddies will come out of the woodwork then...
As for the dummy files, what about a system that allows people to A) vouch for their songs, and B) give an MD5 hash?
Sure...pass this stupid bill; the ramifications will be FAR worse. You cut off one head of this monster, and 10 heads will grow in its place.
Instead of passing this shit, why not give people an INCENTIVE for buying the cds (like free coupons, chance to meet the band, concert tickets, login to their website, etc.)
This guy is obviously a made-man: paid-off, bribed, owned by the RIAA/MPAA -- in their back pocket.
This probably won't get passed, because numerous representatives will raise objections, as it'll prevent people from sharing non-copyrighted files. As P2P may be the future of communication, such a bill threatnes that very future.
However, rest assured, that if this bill passes, counter-measures will be taken. There are ways to deal with people offering fake files. There are also ways to make a network resistant to various types of attacks.
Normally, the attackers of the network have the advantage, but not in this case. In this case, P2P, the P2P community has the advantage b/c we have far more programmers, and the code is open, and anyone around the world can contribute.
social sciences can never use experience to verify their statemen
Let's see when radio first came out the record companies freaked. They figure that no one would buy a record if you could get here it over the radio. They were wrong.
::sigh::
When the tape cassette came out, the record companies freaked, everybody would copy thier friends tape or tape off the radio. They figure no one would buy would buy their tapes. They were wrong.
When the vcr first came on the scene, the movie industry freaked, who would go see movies if you watch it for free? They figured people would stop going to movies. They were wrong.
Don't have the stats but I would guess that the above three all made them more money than without them.
Now, we have recordable cd's and dvd's, and they are freaked. Who will buy music/movies if people can copy it over the internet?
I believe I am sounding like a broken record, but these folks are obtuse.
Rep. Howard Berman ought to read up on message digests and then try his "file decoy" strategy. Many P2P's today employ some kind of hashing which isn't too easily fooled by file naming dissemblance.
When I think of DoS, i think of ping flooding with big packets. Ping flooding pirate computers to give cruddy bandwidth??? All I can see is lawsuits on their hands. Internet traffic usually goes through anywhere from 4-8 routers. That would mean 4-8 routers would suffer the effects of a ping attack. If this were to be done on a large scale, the whole internet would be crippled. After all, Yahoo.com traffic goes through the same routers as MP3 files, and if the RIAA attacked thousands of hosts at once...
:P
A lot of WAN links are rented. Local ISPs do pay for the bandwith that they use. You don't think the RIAA would be able to get away scott free from lawsuits comming from cable ISPs only able to offer their customers 8 kilobytes a second to the website of the user's choice? I wonder when the RIAA will realize that the people who pirate on P2P networks normally wouldn't buy a music cd anyway. I suppose they have the right to place dummy files or whatever, but not cripple the internet. Seems like the RIAA is just wasting time on this P2P thing. If they didn't want P2P networks, well they should have used Microsoft tactics on the companies when they were small -- buy them out
The problem with this, if you didn't see it already, is not that it allows them to attack, it's that is gives them the ability to enforce the law.
It makes the copyright holder a law enforcer without all the nagging issues about due process.
If something like this is passed, how likely do you think it would be that is would include statues for just cause or disclosure? They could empy it just on the off chance they "think" something illegal is going on, and if they get in trouble they can plead ignorance. It could vary easily be used by companies against individuals or companies against companies.
A good example -- and one where I pick on microsoft too -- would be easy. Owing that this legislation simply says "copyrigth holders" and not "musical copyright holders", it could be used by anyone. So, suppose Microsoft wanted to buy some technology from a company, and the company didn't want play ball? Well, Microsoft could do around the clock DDOS attacks to tie up all ther bandwidth (which the company would be unable to stop, as it would be illegal under such a law), and cause the company to be able to do no business and as such go out of business -- and they could do this all under the guise of "well, they were using a pirated copy of Excel 97".
And suppose it doesn't lay out what kind of retaliation is allowed, or on what medium? Suppose ClearChannel Communications (who own 87% of all radio in the USA) "though" that some mom&pop station iun Bumsville, Iowa was inteding to rebroadcast one of their programs? There stand a good chance that CC would be allowed (under such a law) to jam the offending stations signal until they got satisfaction.
Ever play Shadowrun, a game where giant corporation war against each other?
Hilary Rosen's speech was about her love of money and her desire to roll around naked in a pile of money.
And how's this different from a DoS attack? Does really matter if you offer decoy files instead of sending decoy packets? In both cases, your intent is to disrupt the service.
Considering that flooding a P2P network is easiest when you have the greatest resources to throw at the task, it's hard to imagine that this recourse would be viable for any but large corporate powers or those lucky enough to find themselves in the RIAAA's, etc, best graces. Thus this technique would have the effect of extending the monopolies of the most dominant players, and would choke off P2P distribution paths that could be used by any dangerous upstart rivals. Maintaining their distribution monopoly has, of course, long been the recording industry's primary concern.
It is also perfectly plausible that any organization with sufficient resources could squash any sort of offending content, beyond any specific type of media, rendering entirely useless existing P2P systems. Note, however, that by sufficient resources I don't mean just network resources. Rather, the most useful resource will be money. Since this is designed as a tool of harrasment, it's likely there would be lawsuits -- but small entities might not be able or willing to risk the cost of a lawsuit. That could work in favor of large entities in two ways: first to limit the ability of individual parties to sue those disrupting a network, and second to empower only the wealthiest entities to venture to disrupt that network. So once again the largest entities benefit at the expense of the little guy.
I don't see any mention of any special recourse unfairly targeted parties may have, but it's not far fetched to assume that by design any recourse wouldn't be very effective -- otherwse there wouldn't be any point having the law in the first place (It's hard to image much opportunity for recourse when the law is designed to inflict haphazard damage.) Without disincentives, why shouldn't companies spam & otherwise disrupt the P2P for any perceived or concocted reason?
Thus the system could be ripe for abuse, but without the opportunity for that inconvenient oversight afforded the wronged under our official legal system. But then again, that's why modern society doesn't tolerate vigalantes...
Of course these concerns are on top of the already harebrained notion that it would be a good idea to destroy the current implementations of an extremely popular emerging technology that can be (and is) used for legitimate purposes.
Finally, what's to prevent a broad interpretation of a law like this? At this point the details are too vague to comment on with certainty, but it's not far fetched to imagine that a few poorly worded lines could turn something like this in to another DMCA.
Fortunately for the 'net and the economy, it shouldn't be difficult to make someone -- even a typical luddite congressman -- understand that unleashing vigilante chaos on the Internet is a very bad idea. With only a small amount of luck this media industry power grab will be quickly defeated.
Finally, I would like you to consider that corporate censoship can be more dangerous than government censoship, since we do not have any direct individual control over corporate power as we do (theoretically) with our government. Plus, the more control corporate interests with agendas have over mass communication, the harder it is to democratically render grass roots changes. This self-reinforcing cycle of corporate media power is well evidenced by the proposed legislation.
Suprising, no. Meaningful, yes.
Campaign contribution is the same as if you tried to hand a cop a twenty before breaking the law.
There are laws against bribery in some contexts, why do we allow it in more important contexts?
A very close approximation don't you think? The RIAA gets to presume guilt and act towards anyone who they think may be violating copyright... even if they only find files with 'names' including their copyrighted material's reference. 'I hate tha Back Stret Boys.txt' is now a punishable offense and subject to DOS, Denial of Sovereignty.
In The Minority Report (I might get DOS'ed by Hollywood just for writing this), 'potential' murderers are hunted down and imprisoned because they 'will' commit murder. In the present day our government is considering a law which will allow a non-government body to hunt down and 'imprison' a person's right to fair use because they presume that it will lead to piracy.
In other news: guns, pencils, nunchakus, and gasoline are all deemed illegal because a person might in the future use them to commit crimes. Castration and hysterectomies are now required of all people because sexual organs and sex could lead to rape and/or abortion/murder. Literacy has been outlawed because it may lead someone to learn how to build bombs or start a revolution.
Cheers! Here's to the future of living in a prison state....
What ever happened to Life, Liberty and the Pursuit of Happiness
or even Life, Liberty and Property
...for those cynical historians out there.
Remember that fair use is part of Property, as in I can own a car AND I get to drive it, just not recklessly while in town.
A fool throws a stone into a well and a thousand sages can not remove it.
It is a DoS attack. It's just not aimed at any of the computers on the network, but at the network as a whole.
If they flood the network with fake files, then most downloads will effectively result in garbage files being downloaded. The network becomes essentially unusable - service has been denied.
Just because it's still capable of transeferring files doesn't mean that it's providing a useful service.
Cheers,
Tim
It's official. Most of you are morons.
So, I guess you're either a copyright holder or you're not.
Congratulations, America. Just over 200 years and you've developed your very own class system.
Is anyone else tired of seeing repeated stories, blatantly hyped stories, stupid stories, old stories.. etc. I think the quality control dept. is in need of help..
Just because you disagree doesn't mean it's not true.
A certain amount of "piracy" is CRUCIAL to keeping IP monopolies honest, and to keep prices reasonable.
When the day comes when there is NO WAY AT ALL to copy and distribute something (ie, unbreakable copy protection), the price of IP will have no brakes on it at all.
I'm not saying that it's right to "pirate" music/movies/software, etc, but that when the government grants what is, for all intents and purposes, a monopoly on IP to the IP rights holder (and the trend is to diminish if not completely eliminate any "fair use" rights), "piracy" becomes the only mechanism by which competition is introduced, and any pressure to NOT raise prices comes.
Do you think the RIAA really CARES if CD sales would fall by 50% if they jacked the price up to $60 a CD? No, they don't. Because they will find a point somewhere where they are saved money by being able to produce LESS, versus how many they can sell.
Indeed, the RIAA/MPAA would realistically rather have you IN a "pay to hear/view" situation than sell consumers copies of their stuff.
The upshot of all this is that "piracy" is the ONLY source of incentive for these guys to NOT jack up prices. Which is why they are so fanatical about eliminating it as a threat.
Of course, the best copy protection is reasonable prices. $20 for a CD, especially when I've not heard ALL the tracks is not reasonable. P2P is one way to do that before I do buy a CD.
There is also the fact that I'm perfectly willing to pay $30-40 a month for a fast, Napster like service. But they won't sell that to me at ANY price, which means that there is no way to obtain/swap MP3's legitimately.
=== The price of freedom is eternal vigilance
Moreover, this move makes for a more equitable social contract by placing the financial costs of copyright enforcement directly on the shoulders of those who benefit the most from said enforcement.
Isn't the free market grand? We ought to increase the number of representatives in Congress. With greater supply, the price should go down.
In the case of the current resident at 1600 Pennsylvania Ave, people didn't elect him. He was appointed by his cronies in black robes, aided and abetted by his bro', the sunshine governor, and the comanager of his Florida campaign, the lovely K. Harris. Anyway, the campaign-financing system, the primary system, the nominating conventions--they're run by the wealthy and powerful, not the mythical "people." Retards? Naw; I think they pretty slick. They get their goodies and the people get the shaft. What a deal. Oh, Patrick Henry, where are you when we need you?
How about real questions like "To protect yourself from terrorism would you be willing to give up your right to legal counsel?", "Would you give up your right to criticise the government?", "Would you endorse a law to curtail the information the press can give you?", "Would you be willing to revoke the 2nd admendment and make all purchases of handguns illegal for US citizens?", "Would you endorse a policy to register all persons of Islamic faith?", "Would you be willing to give the government access to all your personal correspondance or to all your property?"
Those are questions dealing with rights. Standing in line at the airport for two hours is an issue of convenience. Now when Americans confuse those two then it is a sad day indeed.
I don't want knowledge. I want certainty. - Law, David Bowie
Instead of insisting that you should be able to nail jelly to the wall how about a real solution? Take the money and power out of Washington, D.C. As long as liberals insist on centralizing all that money and power you are going to have this challenge (people seeking influence, etc). One of the crucial ideas of the American experiment was to put limits on how invting a target the central government would be because of all the limitations. As those limitations have crumbled the other results have logically followed.
Give them less power and less money and you won't have to gut the other parts of the constitution to protect elected officials from undue influence.
Why do people elect retards?
Because in America government officials are elected to represent the people. What better representation for the average American? Democracy works!
For the record, I am an American. I just get tired of seeing ignorant folks elect ignorant folks to office time and time again. Don't even get me started on Bush...
I will say this, being at the conference yesterday where he announced the dropping of the bill. If you do not think that there will some massive safe harbor provision and a good faith clause, you are deluding yourself. Fortunatly this bill will never pass, much like when the RIAA tried to add something similar to the PATRIOT act (after being rebuffed trying to do it as a stand alone bill). This spells disaster though because it opens the debate so skewed on one side that the "happy middle ground" will in fact be far away from what we would want.
2 interesting things to note though:
1) This cannot be done with out amending DMCA Sec 2101 (I believe that is the correct section) on circumvention devices. This could be the chance to finally make that it something workable, or put the Sony doctrine into statute and not just common law (common law that is being eroded as the Napster decisions showed).
2) I thought the most interesting thing Berman said yesterday (aside from this bombshell) is that when he came to Congress, he had no interest in IP per se, however being as he was the Congressman from Hollywood (I believe those were his exact words), he had to chose something to help his constituency out, and this was a great issue area for that.
If you object to this legislation (as you all should), contact his subcommittee office, they deal with this issue (not his personal office) at (202)225-4695. Of course, it goes with out saying, be polite and respectful and state your opinion with out flaming. If you want your position to be taken seriously, then you have to treat it seriously. Being a former hill staffer, nothing gets a brush off more than someone spewing out angrily and irrationally, HOWEVER, contrary opinions, stated well are always well regarded.
BTW, at the Q&A part everyone came out against this and told there objections to Berman.