Slashdot Mirror
Overpeer Spewing Bogus Files on P2P Networks
nimec writes "Zeropaid.com has posted news of a company called Overpeer which is the source of all the bogus mp3 files that are popping up on the various P2P networks. Zeropaid, in the news article, said: 'If you've encountered the "loop" files, in which a section of the chorus or hook is repeated over and over, you've been tricked by OVERPEER. OVERPEER are doing this with the full knowlege and consent of Interscope and Universal Music, in fact they are under contract to Universal and other major record labels, and will be doing a LOT MORE of this type of "interdiction" in the near future.' Right now this doesn't bother me because these bogus files are few, very spread out and it is easy spot them. I'm just afraid that over time people will keep downloading these bogus mp3s and become too lazy to delete them, like they are when it comes to incomplete songs."
This doesn't bother me one bit, it only affects people pirating copyrighted music so in that respect it's certainly better than trying to shut the network down.
... for people who download these thinking they are downloading the "real deal". At least the studios are using technical means and not legal means to attack those who break copyright (no I won't use the "p" word).
People who download songs and movies continuously only make bandwidth more expensive and/or capped for the rest of us.
I think it's kind of funny - we waited overnight to download "TPM" only to discover it was "Pearl Harbor" with the title changed.
I've got yet another work around suggestion.
Your p2p application (which supports metadata, hashes etc) will wait to add a downloaded file to the "shared" section until after you view it.
This would cut down on some short divx'd files (which won't play "out of the box") bogus mp3 files (overpeer) and whatever else.
A system which flags files as "ok" could come under attack because overpeer could just flag their files "ok" as well.
The system I suggested above would only of course work with files downloaded, not files you have existing on your computer. Of course through the hash system you could be verified against other people.
Overpeer... create mp3's backwards from one-way hashes! Good luck you bastards!
Considering we already have hash systems in Gnutella apps... they can suck me.
Get your Unix fortune now!
Sure there's recourse. It would be in the interests of the P2P software companies like kazaa to weed these dummy files with their next update. It shouldn't be that hard to detect a loop or whatever new trick they have up their sleeves. No real need for human intervention other than deleting the dummy files if the software fails to detect them.
Essentually this is a software war. One side will do x the other side will counter x. Kind of how AOL occasionally treats the wonderful Trillan IM client.
You don't really think that this is going to work do you? People will simply be annoyed and have to share more. Someone is going to have to pay for the increased bandwith usage and it's not Universal Music. So, Universal is stealing from cable opperators. It's like spam, but they don't even hope to make money off it.
You have not even thought that people might be trying to share files that were intended to be shared and are NOT owned by Unviersal Music. But that's like the big 5 music publishers, "No one but us can record music, right? Drool, Drool."
twitter, who has never bothered to download silly mass produced comercial music, is annoyed that Universal Music is going to waste his time. Universal, you suck.
Friends don't help friends install M$ junk.
I was thinking that a moderation system would work, if it's implemented correctly.
So what, if they wanted a list of the biggest pirates, they just ask for the highest moderated users.
" Instead of using "20 GB shared" it should be "2GB uploaded"
So only files, that somebody wants are counted... i could share 20gb of shit, so i know, nobody will download them.
But if you count the traffic you get the more important data."
Then the RIAA stooges download shitty MP3s from each other and have mod points to use against targeted songs.
Quemadmodum gladius neminem occidit, occidentis telum est
First they have have make multiple bandwidths. Some people don't like anything less than 320kb/s while others will go down to 128kb/s.
Second anyone who has half a brain will check the file halfway through (on 1Mb/s DSL that's about 90 seconds into the download) and if it's not good they'll blackball the file (files are grouped by name/size.)
Third, and maybe even better, they download the whole thing and stick BS on it. Actually I'm thinking of just labeling them Overpeer. Wait, won't effect me anyway, I just download mixes you can't buy on CD anyway, and stuff the record companies don't sell in the US, and bands that they don't think worthy of signing.
Fourth, and final, is that the RIAA, Overpeer (basically the whole bunch), can burn. Record sales are down to cookie cutter groups (N'Sync, 98 Degrees, who can really tell the difference) and they'll lead themselves into their own destruction at this rate. Going after used sales? When I was a poor brat that's how I bought 500 of my now 2260+ CD's. I couldn't afford anything but used discs.
laters.
This method only works as long as all sites are equally trusted. If p2p software develops the idea of a web of trust, this method will fail quickly. Basically, a web of trust allows a user to mark a site as trusted or untrusted. You trust sites that sites you trust trust. In other words, I mark my client to trust foo.net and bar.com, because they always provide good stuff. They trust me as well, and a few other sites like fubar.cc. Since one or more of my trusted sites trusts fubar.cc, I trust fubar.cc.
Eventually this evolves such that sites which post bogus music, low-quality rips and the like will not get used, because no one will trust them. And a good web of trust allows you to see the trust path that led you to a server, so that if you get something bad you explicitly can mark as untrusted the nearest site to that (since they didn't do a good screening job) even though they would otherwise implicitly be trusted.
-- Two men say they're Jesus. One of them must be wrong. - Dire Straits
So, everyone here is going on about how moderation, authentication, etc. is going to solve this problem. it would, if uploading and downloading songs wasn't usually illegal. A couple people have caught on to this, but most haven't.
The problem has two aspects:
1) If the systems has strong identities, then you have a confession from every uploader - as long as you can find them.
2) If you don't have strong identities, then those who would interfere with your system can hijack the identity system.
In the strong identity case, those few people who have uploaded most of the songs that are floating around suddenly find themselves targets. A well-funded attacker, especially one with the Law on their side, could use traffic analysis to track down the high-use users. Recall, they don't need enough info from the traffic analysis to get a conviction, just enough to get a warrant. Frankly, I don't believe claims that "my system is immune to traffic analysis." If the Law can tap into UUNet's big NOCs, they can watch the majority of US internet traffic. MP3's are pretty big, and a small population of users uploads most of the songs. It doesn't matter if your data is encrypted/chunked/whatever, the Law just looks for lots of traffic and tracks the big dataflows to their source. Once they find you, they find your secret key, and you're in jail. Secondly, a digital signature is forever. If you share a bunch of files in college, but then clean up your act and lead a respectable life (in the eyes of the RIAA), your digital signature stays behind. A gun that smokes until the statute of limitations runs out is a little scary.
In the weak identity case, you're no better off than in the no-identity case. The people who want to stomp on your little piracy garden are better funded and less constrained in their action than you. Everyone has infinite moderation points? What's to stop the bad guys (good guys?) from modding everything totally randomly?Much faster than carefully listening to each song and clicking a button. Legitimate rankings get lost in the noise. Use hashes or song fingerprints? What's to stop someone from transmitting the hashes/fingerprints from non-bogus media?
No, I'm afraid that the solution is the same as the solution to the wAr3z distribution problem. Small groups can share with full impunity (this is actually legal to do with music). But sharing music with perfect strangers is not just illegal, it means that the Man can play, too -- and do everything in his power to stop you.
The solution is really very simple. All people have to do is set their download directory different than their upload directory. Just because I download something, I don't want to automatically offer it to the world. What if it had a virus? Doing it this way I at least have the chance to clean the file before letting anyone else have it.
This action by overpeer, at the behest of the RIAA and the labels is harassment of music fans. What do they hope to gain by angering us? They stand to lose a great deal more. I call on everyone to Boycott the recording industry. Don't buy CDs, except used ones, which they get nothing from. If we put the corporate robber barons who hold the recording industry hostage out of business, then people who do it for the love of music can take the industry back.
The Uncoveror: It's the real news.