ISP Bans RIAA to Protect Its Customers

fader writes "Information Wave Technologies, a northeastern (US) ISP has announced that "it will actively deny the Recording Industry Association of America (RIAA) from accessing the contents of its network". Apparently this is in response to the RIAA (and MPAA, but they don't seem to be blocking them yet) plan to actively attack P2P users. All I can say is, you go, guys! I hope more ISPs will follow their lead."

Fugetabout it

[TerryAtWork]

It'll never last. They'll cave under legal pressure right away.

Re:Fugetabout it

[fishnuts]

An ISP is not obligated to provide full, unhindered access for, to, or by anyone elses network. The RIAA has no legal grounds to force Informationwave to open up access to their network, for the same reasons private retail outlets and restaurant establishments can choose not to serve anyone they feel might cause harm to their establishment or other customers. RIAA is big, but not big enough to reverse precident.

Re:Fugetabout it

[Peyna]

I'm curious what illegal things they have done? They maintain a private network and can give access to it to whomever they please, and most certainly do not have to allow another private entity access to it. Exceptions are in the case of a warrant for one of their customers where the FBI needs the equiv of a wiretap or something, but those are limited cases. I can't demand that AOL give me access to their mail server if I am not one of their customers, and this ISP can deny any incoming traffic they wish as long as doing so does not violate their contract with their customers.

Re:Fugetabout it

[the+grace+of+R'hllor]

Uh, why? It's not as if they have to allow access to its network from anywhere. Especially to a group that has expressed a desire to do something detrimental to their service.

The customers are the only ones who might be even a little miffed at this, since it could be argued that they are restricting the client's abilities on Internet. And I couldn't imagine why anyone would sue their ISP over something this good.

Re:Fugetabout it

[GreyPoopon]

They'll cave under legal pressure right away.

I'm not so sure about that. Since their network is a private one, they certainly have the right to blacklist anybody they want. Should they share that list with other ISPs, there may be some problems. But setting up their own list is not illegal. Furthermore, should they see this thing out, they may eventually have more business than they can even handle.

RIAA may be able to take them to court, but it would probably be worth the $$$ to fend them off.

Re:Fugetabout it

[KUHurdler]

Well, not that I agree with it in any way...

But I can see the argument that they are allowing their users to create a "crime" and keeping the "authorities" from stopping it.

Re:Fugetabout it

[cciechad]

They are quite within their rights to deny access to anyone that violates their TOS. I'm sure that there is a clause in their TOS RIAA would be violating by disruping peer to peer networks running over thier networks.

Re:Fugetabout it

[rmadmin]

I work for a small ISP, and RIAA's size doesn't scare me. Like you said, we don't have to open access. RIAA bringing a lawsuit to you for blocking their sites (or their traffic) from your network, is the same as a porn site operator doing it. Both situations, you are protecting your customers, and if they want RIAA to have access to their machines, they can go to another ISP, its simply their choice.

Re:Fugetabout it

[biohazard99]

But if a traceroute stops at the ISP edge router, how can the RIAA prove an individual customer was sharing/downloaded a file. The burden of proof should lie with the accuser, if AOLTW or Universial can't find the guilty party, they are SOL.

Re:Fugetabout it

[Paladin128]

If the traceroute ends at the ISP router, the ISP is thus legally responsible to either stop the user themselves, or face charges.

This is still far better than letting the RIAA actively attack unsecured home PC's. I'm glad someone has the balls to do this. Unfortunately for me, Verizon is the only broadband provider in the area. I highly doubt they will take this stand. I'm hoping SpeakEasy and other friendly providers will follow the bandwagon.

Re:Fugetabout it

[dschuetz]

Since their network is a private one, they certainly have the right to blacklist anybody they want.

Tell that to the folks who ran the SPAM mail-relay blacklists. If I recall correctly, one of 'em got sued and forced to remove someone from the blacklist. That was a private list, maintained by private individuals, utilized on privatly-owned systems, and they still got sued (and lost). (Someone help me out on the details here, please.)

So, just because they have a *right* to block the RIAA, doesn't mean that a judge will agree. And, in the end, that's all that matters -- whether you can convince a judge (or jury, or cop). If you can't convince them, or can't afford to try, then you've lost, no matter what the law says.

Re:Fugetabout it

[corwinss]

They'll cave under legal pressure right away.

No, I don't think they will. Perhaps you didn't see their way of avoiding this. Very ingenius if you ask me.

Information Wave will also deploy peer-to-peer clients on the Gnutella network from its security research and development network (honeynet) which will offer files with popular song titles derived from the Billboard Top 100 maintained by VNU eMedia. No copyright violations will take place, these files will merely have arbitrary sizes similar to the length of a 3 to 4 minute MP3 audio file encoded at 128kbps. Clients which connect to our peer-to-peer clients, and then afterwards attempt to illegally access the network will be immediately blacklisted from Information Wave's network. The data collected will be actively maintained and distributed from our network operations site.

This provides them with a way to avoid any action by the RIAA. They are basically saying "hey - I don't want you sending destructive files to my users, but I do agree that illegal copying is bad."
Note that anyone who downloads the proxy files belonging to the ISP will "be immediately blacklisted" from their network. They are definitely not supporting illegal p2p downloads. Also, they will make the list of blacklisted users publically available on their website. They will still be busting you, just in a different way.
In this case I have to say, that this was a shrewd business move. They have in one step both protected their customers and protected themselves from the RIAA and any lawsuite they could possibly think up.

Re:Fugetabout it

[TerryAtWork]

Yes they are, actually. If they can get legislation tabled to commit vandelism to stop a 'crime' they are GETTING COMPENSATED FOR BY EVERYBODY WHO BUYS A BLANK CASSETTE OR CD ROM then they can show up at your ISP with a warrent or have their lawyer threaten the ISP lawyer who will tell the ISP to let them in.... The ISPs will cave. This is the very sort of thuggery the RIAA is good at.

Re:Fugetabout it

[Silverhammer]

Blockquoth the poster:

If I recall correctly, one of 'em got sued and forced to remove someone from the blacklist. That was a private list, maintained by private individuals, utilized on privatly-owned systems, and they still got sued (and lost). (Someone help me out on the details here, please.)

I'm not sure that you do recall correctly. Yes, several blacklists have been sued, but none of those suits have succeeded as far as I know.

Re:Fugetabout it

[LinuxOnHal]

I don't particularly like them, but this sounds like the kind of thing Earthlink might do, speaking of other ISP's. I've always been impressed with the privacy policies that they enforce, as well as their new software, which actually includes a popup ad killer. If they had broadband in my area, I would probably switch to them, because I support their ideas.

Re:Fugetabout it

[PMuse]

Spammers have taken people to court for blacklisting and won. Unfortunately. With the funds and the firms the RIAA has at its disposal, they might just be able to win such a case.

Worse, the RIAA can win the publicity war faster than the legal one. They could begin by telling the ISP's users that they will be prohibited from accessing any legal music so long as they stay with their ISP. And that's just where the FUD starts.

Re:Fugetabout it

[dschuetz]

Yes, several blacklists have been sued, but none of those suits have succeeded as far as I know.

Okay, here's a /. story from 2000:

An Anonymous Coward sent in "Direct Magazine is carrying the story Yesmail Gets Restraining Order Against MAPS Blacklist (curiously dated July 17). YesMail has apparently obtained a restraining order preventing MAPS from entering it into its Real-time Black-hole List." (discussion here)

Naturally, the original article is gone, but the comments are there. From the summary, it appears that a judge did at least agree to a temporary restraining order against a blacklist.

An update a couple months later says:

droleary writes: "Something of an update to this Slashdot article, a Yahoo News story reports that a number of large ISPs are caving in to a massive lawsuit brought by Harris Interactive regarding the delivery of their "online polls" (aka, spam, according to MAPS). I find it disturbing that large ISPs are so willing to let external agencies control what runs through their systems."
(discussion)

I couldn't find any further details, but assuming nothing changed, I'd say that several "large ISPs are caving in to a massive lawsuit" says that the suit was successful. Maybe not legally decisive, but at least successful (for the plaintiff).

(I'm sure there are more instances and other details out there, and possibly later reversals-of-caving, but I wanted to at least show one instance where private-ownership of the resources didn't help.)

Re:Fugetabout it

[imperator_mundi]

Just a pair of issues I'm thinking about

1) Is RIAA holding any right outside US?
2) If RIAA starts attacking people, maybe people would start to react, and with millions of enemies around the net I wouldn't be the one in charge of net security by RIAA
3) If it's possible to block P2P why still it working (with all the people writing viruses "jsut for fun", I could hardly believe that there's no one wanting to freak out millions of internauts at the same time)

Re:Fugetabout it

[biohazard99]

I don't think ends was the term I was looking for, perhaps "times out after" would have worked better. It is not the ISP's responsibility to do the RIAA's dirty work, if they want a search warrant, make them pay for it.

Re:Fugetabout it

[ninewands]

Further blockquoth another poster:

Blockquoth the poster:

If I recall correctly, one of 'em got sued and forced to remove someone from the blacklist. That was a private list, maintained by private individuals, utilized on privatly-owned systems, and they still got sued (and lost). (Someone help me out on the details here, please.)

I'm not sure that you do recall correctly. Yes, several blacklists have been sued, but none of those suits have succeeded as far as I know.

Furthermore, the suits have all been against maintainers (and publishers) of blacklists, not the ISPs that used them. The owner of a private network has just as much right to block traffic they deem undesirable (unsafe, whatever) as I have to eject a burglar, or other trespasser, from my home.

Re:Fugetabout it

[S.Lemmon]

You're missing the "and then afterwards attempt to illegally access the network" part. They're *not* blacklisting anyone who just downloads one of the fake MP3s - they're blacklisting only those that attempt an attack on the honeypot IPs after doing so. I think they're probably watching for stuff like port scans that they might otherwise ignore.

Re:Fugetabout it

[Silverhammer]

That's not a good example. Harris Interactive polls truly are opt-in. The ISPs in question were blocking packets specifically requested by their users, without sufficient explanation or notification.

Re:Fugetabout it

[anthony_dipierro]

I'm curious what illegal things they have done?

Sounds damn close to contributory and/or vicarious copyright infringment to me.

Contributory infringement is similar to "aiding and abetting" liability: one who knowingly contributes to another's infringement can be held accountable. In order to prove a contributory infringement claim, a copyright owner must establish the following elements: (1) some act of direct infringement (by end-users, for example); (2) that the defendant knew or should have known of the defendant of the direct infringement; and (3) that the defendant materially contributed to the direct infringement.

A person will be liable for vicarious infringement if he has the right and ability to supervise infringing activity and also has a direct financial interest in such activities. In order to prove a vicarious infringement claim, a copyright owner must establish the following elements: (1) some act of direct infringement (by end-users, for example); (2) that the defendant had the right or ability to control the direct infringer; and (3) that the defendant derived a direct financial benefit from the direct infringement.

Re:Fugetabout it

[Lonath]

RIAA may be able to take them to court, but it would probably be worth the $$$ to fend them off.

Didn't the RIAA just ask ISPs to block music4ever.com?

What would the RIAA say? "You must block all of the sites we tell you and you can ONLY block the sites we tell you!"

Please. The RIAA has already stated that it thinks it's ok for ISPs to block sites if the RIAA asks. If ISPs want to block other unsavory sites of their own choosing, I don't see how the RIAA can complain. Of course, this argument uses "logic" and "reason" and not "lawyerthink" so anything's possible I guess.

Re:Fugetabout it

[Dimensio]

Harris polls were NOT opt-in. That's what got them blacklisted. Also, MAPS is not an ISP, so it does not count. The ruling did not set any prescedents as to whehter or not an ISP could block Harris Marketing's mailings. Also, the corporate executives of Harris Marketing all deserve to be killed.

Re:Fugetabout it

[NewWaveNet]

I would have to agree. This battle has already been fought in court in relation to spamers being blocked from network carriers; hence I see no logical reason this ISP would get in trouble.

RBL, SBL, SpamCop... all these block lists are perfectly legal, and been tried. There is no battle to fight, but then again, we're talking about big money now.

---
CyberGivers.com - Searching for a Better World

Re:Fugetabout it

[Silverhammer]

Blockquoth the poster:

Harris polls were NOT opt-in.

Says who? IIRC, to participate in the Harris email polls, you had to proactively sign up for them (via the Excite portal, for example). If someone can show me otherwise, I'd love to see it.

Re:Fugetabout it

[Dimensio]

MAPS had (and likely still has) documentation on their website. Harris was blacklisted for a reason.

Re:Fugetabout it

[Silverhammer]

Blockquoth the poster:

MAPS had (and likely still has) documentation on their website. Harris was blacklisted for a reason.

So give me a link.

Re:Fugetabout it

[dossen]

Spammers have taken people to court for blacklisting and won.

Any links or other references to back it up?

Re:Fugetabout it

[Chexsum]

I dont think so Tim.

Re:Fugetabout it

[raju1kabir]

Sounds damn close to contributory and/or vicarious copyright infringment to me.

Say it's established that some percentage of the people are shoplifters.

Further say that I run a hotel.

There's a store next door, and sometimes people shoplift things from the store.

The store is sick of it, so they hire some thugs to tackle to the ground anyone they see carrying a purse, and then rifle through the purse.

My guests do not enjoy this - they're walking through the lobby of the hotel, and next thing they know, they're being tacked by random thugs.

So I hire a bouncer who doesn't let that store's thugs into my hotel anymore.

This strikes me as perfectly within my rights. There's no proof that my hotel guests in particular are notorious shoplifters. And there are plenty of reasons not to want to be tackled that have nothing to do with being guilty of shoplifting.

that the defendant derived a direct financial benefit from the direct infringement.

If I don't have usage-sensitive charges (and, specifically, a markup over my costs on those charges), then I don't derive a direct financial benefit from the infringement. And in any case, the financial benefit I would derive if I did have usage-sensitive charges, has nothing to do with the particular content being trafficked.

Re:Fugetabout it

[anthony_dipierro]

If I don't have usage-sensitive charges (and, specifically, a markup over my costs on those charges), then I don't derive a direct financial benefit from the infringement. And in any case, the financial benefit I would derive if I did have usage-sensitive charges, has nothing to do with the particular content being trafficked.

You'll probably win the vicarious copyright infringement case, with that argument. But direct financial benefit isn't necessary for contributory copyright infringement. Maybe you'll win that, too, so two years later after you've spent your last penny on lawyers' fees you'll finally be able to get back to providing insane amounts of bandwidth to your criminal clients.

Re:Fugetabout it

[Dr_Cornholio]

Can I just point out that ISP's have been allowed to block mail servers from across the globe that allow mass spamming because of the inconvenience and the excess traffic they cause. This is no different from the RIAA attemtping DOS attacks of people's computers. It creates an excess of traffic and will assuredly inconvenience IWT's customer base, let alone what other little pieces of spyware that would more than likely be installed on said user's computer (Don't think it won't happen!) I take my hat off to IWT for taking the step to protect its private network, its customer base and its ability to service its customer base efficiently. Also, have you seen the RIAA website? I don't think anyone is really gonna miss that piece of propaganda!

Re:Excellent news

[agentZ]

Me too. Especially if they can recover from the /.'ing they're going to receive now. (Will they ban /. too?)

Wow....fake files...

[Vengie]

That takes guts. They are going to actively search&seek out the RIAA drones! Unfortunately, they will be placing "fake" files on gnutella....the question being, are those fake files worth the gain of having a major isp on "our" side?

Re:Wow....fake files...

[gerf]

They are going to actively search&seek out the RIAA drones!

Yes, but even better, they blacklist the RIAA drones. Now, if they would distribute that list, and if others would be able to add to it, we could basically kill off their intrusion into our computers. I really don't like the idea of big brother/ big business snooping through my stuff. And i don't think you do either. Regulators!!! Mount up!

Re:Wow....fake files...

[Hektor_Troy]

the question being, are those fake files worth the gain of having a major isp on "our" side?

That depends. If you just want to be able to leech away on any and all music, then it's not worth it.

If you just want your fair use, the RIAA off our backs and just want to use the network to discover new music that was put there by the artists themselvs, then it certainly IS worth it.

They're not putting up fake files of legal music, just fake files of illegal music. And that is quite fair in my humble oppinion.

Re:Wow....fake files...

[SeanTobin]

My guess is that they will just return them as search results. No point in actually sending a dummy file. Unless the RIAA's drones require a download and not just search results. The smart thing would be to not actually download the song because of the massive increase in bandwidth needed, but then again this is the RIAA.

Re:Wow....fake files...

[nuggz]

Don't steal copywritten mp3's, or attempt to, or mp3's that look a lot like current top 100's and you'll be fine.

Re:Wow....fake files...

[Vengie]

Actually....i'm one of those strange netradio people.....and /dare i admit it/, i like listening to streaming wktu. Yeah....well....what can I say. So very little of this affects me =)

Re:Wow....fake files...

[dijjnn]

fair perhaps, but moronic. how are they distinguishing them (apart from the actual data in the files). naming schemes like

MeTaLlIcA-u n f o r g i v e n 2 (ILLEGAL COPY).mp3

right... that's gotta be entrapment.

Re:Wow....fake files...

[mephistus]

It's not like people haven't been spoofing files and renaming them for years now just to be annoying. Then again it does make one wonder if the RIAA folks are actually smart enough to see if the files they download actually are the songs they say they are. I think this whole thing is going to get horribly out of hand with tactics like this. As much as I really love the idea of an ISP taking a stand for their customers who have no means to really fight back or stand up against these loud mouth bullies, it makes me wonder what their next ridiculous plan will be?

If you really want to piss off the RIAA, stop listening to the crap they shove down your throat every week on the radio and various music channels. Do yourself a favor, go to a show at a club and run into a band you've never seen before but might actually really dig. Not to mention buying their small run CD after the show helps them out a lot more than buying from Amazon or Sam Goody.

The simple fact is the only way you'll get the RIAA to listen is to keep your money in your pockets and out of their hands. Buy albums online at small friendly places that carry bands you may have never heard but would possibly like. I've never met anyone who's said they've started going to live shows and regretted it. Musicians make their money on tour more often than these crappy record contracts.

So the best way to keep those RIAA bastards off of your computer is to first make a backup of your stuff. Yeah, we all have the CD's to all our mp3s :-p Then really stick it to the bastards and stop giving them your money.

Re:Wow....fake files...

[grahamm]

The problem with keeping your money in your pocket is that the "industry" (record or movie) will not believe it. Instead they will cite the decrease in revenue as evidence of increase in piracy.

Re:Wow....fake files...

[ceejayoz]

It's only entrapment if law enforcement personnel are doing it.

Re:Wow....fake files...

[topham]

and, it's only entraptment if they are ACTIVELY encouraging you to commit the crime.

Now, the word "ACTIVELY" can be interpreted in many ways, but, simply having what someone is looking for (copyrighted files, car, etc.) isn't enticement to steal it.

Parking a Porche in a poor end of town is, in some cases, considered enticement. Silly, but true.

Re:Wow....fake files...

[seanmeister]

are those fake files worth the gain of having a major isp on "our" side?

Hmmmm...

"files with popular song titles derived from the Billboard Top 100"

THOSE fake files? What's the problem? It's mostly fake music anyway.

Re:Wow....fake files...

[EllisDees]

So what? They still won't be getting your money, which will cause actual harm to their business. They cannot make a law that says that you have to buy new CDs.

Re:Wow....fake files...

[Elbereth]

Well, parking a Porsche in the poor side of town... and leaving the keys in the ignition would be enticement.

Re:Wow....fake files...

[psoriac]

No, entrapment is perfectly legal. An undercover police officer can come up to you, offer you a bag of powdery white substance, and ask "hey man you wanna buy some coke?" and, if you complete the purchase, arrest you on the spot.

What is NOT legal is if he pulls out his gun and FORCES you to buy the bag of powder.
Essentially, they can facilitate your doing something illegal that you would have done anyway, but they can't force you to do something illegal.

Re:Wow....fake files...

[dh003i]

Rather than just putting up the fake files and letting their users waste their time downloading them, they should set up a service which users can connect to and it'll prevent their P2P clients from returning results for those fake files. Users would need a password for this service, which they'd have to change regularly (i.e., weekly), thus the RIAA couldn't get access to it.

Jus to ensure the RIAA can't get access to this service, they should block the RIAA and any of its member organization or member individuals from accessing the particular site needed to log into the service.

While I disagree with them blocking their users access to RIAA.org, as their users should be able to go wherever they want, its not really a big issue. Who goes to RIAA.org to look at their nazi propaganda anyways?

If customers really want to go to RIAA.org, they'll complain and the ISP will stop blocking RIAA.org.

Re:Wow....fake files...

[Mark+Bainter]

% whois -h whois.arin.net NETBLK-RECORDIN50-191

RECORDING INDUSTRY ASSOC OF AMERICA (NETBLK-RECORDIN50-191)
1330 CONNECTICUT AVENUE NW SUITE 300
WASHINGTON, DC 20036
US

Netname: RECORDIN50-191
Netblock: 12.150.191.0 - 12.150.191.255

I also keep logs of people who access ports on my machine and regularly scan for indications they might belong to one of those organizations. (check reverse lookups, whois records, etc.)

Unfortunately, there's no guarantee they won't hire an outside party to do the dirty work, in which case more careful study of access logs is required.

Regardless, I'm guessing that ISP simply blocked the above netblock at their border firewall, with possible exceptions for standard services like SMTP and HTTP.

Re:Wow....fake files...

[Alsee]

Users would need a password for this service, which they'd have to change regularly (i.e., weekly), thus the RIAA couldn't get access to it.

The RIAA could just subscribe. Or, more specificly an employee of the the company that the RIAA pays to do P2P scanning would subscribe.

-

Re:Wow....fake files...

[wasteve]

Sure, but they can get the government to create a tax on blank CDs to cover "losses due to piracy".

Re:Wow....fake files...

[Erasmus+Darwin]

"Who goes to RIAA.org to look at their nazi propaganda anyways?"

Well, I've seen the RIAA member list linked quite often by people interested in completely boycotting the RIAA...

You average music listener doesn't give a shit about the RIAA. It's an industry group. Most people going to the site already have a firm stance on the issue of the RIAA one way or another. Blocking the site is just a silly token gesture that hurts the actual activists.

Re:Wow....fake files...

[spasm]

"Unfortunately, they will be placing "fake" files on gnutella....the question being, are those fake files worth the gain of having a major isp on "our" side?"

Yes, but fake files of top 100 songs. Who gives a shit if there's hundreds of fake britney files out there?

Re:Wow....fake files...

[Natchswing]

> They're not putting up fake files of legal music, just fake files of illegal music. Actually, a more accurate statement is "they're putting up fake files of bad music." I'm sure if I were looking for the latest Britney Spears song, Celine Dion song, or some Backstreet Boys I might find a fake, but I have yet to find some fake Artie Shaw or Helen Kane. The RIAA is actively trying to kill the number of people listening to Britney Spears while not even putting a dent in us with good tastes in music. How exactly is that bad?

Great!

[nemui-chan]

Thats awesome! I really hope they can last though, instead of following the normal trend, i.e. "Screw the RIAA!! Err... wait... you're an RIAA rep.. err.. I meant, we like you guys, do whatever you want." Its about time someone stood up for the rights of the little man.

does anyone really think they use their own ips?

[HarryLLee]

My bet would be some unscrupulous hackers would be contracted to carry out the riaa's bidding. in fact, I'd guess that's how they are alredy keeping an eye on things.

RIAA wins!

[CrazyJoel]

"Information Wave will also deploy peer-to-peer clients on the Gnutella network..."

So, on the flipside, people also risk downloading fake mp3s if they don't check the length of the song.

Re:RIAA wins!

[Fat+Casper]

So, on the flipside, people also risk downloading fake mp3s if they don't check the length of the song.

Isn't that also a public service? "Did you really want that Backstreet Boys song? Tough. You'll have to try again."

Whoa whoa whoa

[theRhinoceros]

Information Wave will also deploy peer-to-peer clients on the Gnutella network from its security research and development network (honeynet) which will offer files with popular song titles derived from the Billboard Top 100 maintained by VNU eMedia. No copyright violations will take place, these files will merely have arbitrary sizes similar to the length of a 3 to 4 minute MP3 audio file encoded at 128kbps. Clients which connect to our peer-to-peer clients, and then afterwards attempt to illegally access the network will be immediately blacklisted from Information Wave's network. The data collected will be actively maintained and distributed from our network operations site.

How about this part of the article? Honeynetting your ISP with fake mp3s to confound RIAA meddling is way more proactively defiant, IMO, than simply blocking traffic from riaa.org.

Re:Whoa whoa whoa

[bpfinn]

So will the activity of the RIAA show up in places like The Honeynet Project? (Look out blackhats and record execs!)

Re:Whoa whoa whoa

[FleaPlus]

I'm not sure if it's just me, but that doesn't sound like the ISP confounding the RIAA, but rather confounding potential leechers of servers on their network.

Re:Whoa whoa whoa

[Spazzz]

Sounds like this is a golden opportunity for us to get on our soapboxes and literally "be heard". Instead of completely fake files, how about recording diatribes and verbal assaults against the RIAA in mp3 format and distributing those under phony filenames? They'll have to listen to the files to see if they're actual copyright violations, right?

Network Information

[Beatbyte]

I work for an ISP also and would like their network information so I could pass it along to the boss to block.

Does anyone have their IP blocks?

Just because they gave the DOJ a handjob doesn't mean we can't get around that.

Re:Network Information

[suso]

While this sounds nice and all. Blindly blocking network blocks can be a bad idea. I'm sure if the information on what IP blocks the RIAA uses to scan networks got out. Several people would just add those blocks to their firewalls and forget about it. Then later when the RIAA retaliates by changing their provider or getting new IP blocks and giving back their old ones, everyone would end up blocking someone having nothing to do with the RIAA. We have to fight them on the legal front, not the technological one.

Re:Network Information

[Beatbyte]

If they change their IP address blocks then I can change the ones I block. And I personally can't afford a lawyer to fight them. Besides, I don't like drones taking up bandwidth on my network angering my customers.

Re:Network Information

[suso]

Yes, of course you can. But if you read what I said, I was talking mainly about the people who will add the rules to their firewall and then forget about them. This would be especially bad if an ISP did this. There are plenty of brain dead people out there who don't keep track of why they do things.

Re:Network Information

[Richard_at_work]

We have to fight them on the legal front, not the technological one.

The problem is, if we do either we sink to their levels. But we cant do nothing. Hmm i wonder if they will calss this action as in violation of the DCMA?

Re:Network Information

[BollocksToThis]

Hmm i wonder if they will calss this action as in violation of the DCMA?

Only if messing around with other people's computer systems could ever be classed "copyright protection". Which it can't, as it doesn't try to PREVENT copying. It's more of a "copyright violation backlash".

Support your local ISP(those that ban RIAA)

[epicstruggle]

Im planning on sending my isp an email asking them to follow suit. We should also look at the next logical step in this fight against RIAA, which is targeting one or two senators who have/are supporting the actions of RIAA and the DMCA. Maybe then we can be taken seriously.

epicstruggle

Entrapment?

[JaseOne]

Isn't offering up fake MP3's and then acting upon people that download them a form of entrapment? I'm all for what they are doing in regards to blocking the RIAA website, but the assumedly fake MP3's was a bit much IMHO. Jason

Re:Entrapment?

[jon+doh!]

i don't think so. leaving a car with the keys in it in a parking lot for thieves to steal isn't entrapment. i've seen cops do that before, this is pretty much the same thing...

Re:Entrapment?

[nuggz]

Isn't asking someone for something illegal with the implied suggestion that you are offering corresponding goods in return be entrapment?

If you go on a peer to peer copyright infringing mp3 sharing network, there is an implied assumption that you are also offering content as your "payment" for access.

It isn't entrapment if you just stand around waiting for someone to attack you.

Re:Entrapment?

[unDiWahn]

They arn't acting against people who simply download them -- if I read the article correctly, they're "decoying" themselves as hosting MP3s in order to lure RIAA into launching an attack on them. In this case, they've identified a RIAA attacker, and thus block that IP/computer from their network.

It is, still, a fuzzy form of entrapment I suppose, but at least in this case they're waiting for that person to make an attack on their computer, thus making the aggressive move.

Re:Entrapment?

[Alranor]

I don't think so, entrapment involves getting somebody to do something that they weren't already planning to do. (but i'm neither a lawyer or an American, so correct me if i'm wrong)

In this case, the person has already searched for the mp3's and tried to download them.

Re:Entrapment?

[gallen1234]

Entrapement in what sense? If the police were doing this then maybe. As a private organization the ISP can do whatever they like (legally) to determine if someone is trying to compromise their network. The results may not be admissible in court but I don't think that's their goal.

Re:Entrapment?

[JaseOne]

I can see where this is leading though, when is the RIAA going to start doing similar (if they aren't already)?

Then I think it would be a more classical form of entrapment eg. user downloads fake file, RIAA only finds out about user from downloading the fake file and then takes action on that.

Things could really get interesting...

Jason

PS. Anyone seen a record store in a major shopping centre not doing good business lately? I know I haven't...

Re:Entrapment?

[God!+Awful]

The results may not be admissible in court but I don't think that's their goal.

Entrapment? Come on... Don't you watch Law & Order? It's only entrapment when performed by a police officer or by someone who could be considered an agent of the police. If it's not entrapment then there's no reason why it shouldn't be admissible in court.

-a

Re:Entrapment?

[Fat+Casper]

It isn't entrapment if you just stand around waiting for someone to attack you.

Tell that to Bernard Goetz.
#@*&$% juries.

Re:Entrapment?

[benjamindees]

leaving a car with the keys in it in a parking lot for thieves to steal

This isn't entrapment, but it also isn't stealing either. I'm sure you've heard the expression "possession is 9/10ths of the law". If you "find" something just lying on the street without any form of protection, you have no reason to believe it is "owned" by anyone. The presumption is that things are not "property" unless a reasonable effort is made on the part of the owner to keep them. Leaving your keys in your car in a public parking lot is not making "reasonable effort" to keep anything.

Re:Entrapment?

[Krojack]

I don't see anything wrong with it. Look at all the drug bust that are set up with undercover cops. Also female cops pose as hookers to lure in people.

-Krojack

Re:Entrapment?

[topham]

Taking posession of a car not registered in your name and not lent to you buy the owner IS stealing.

People steal cars here all the time with the keys in the ingition. Not unusual. It is still theft.

(While you, and I may think the owners are stupid it doesnot change the law.).

(Note: this is common here in the winter as it is -30C to -40C (-40f) and it can be difficult to start a car at such temperatures. Although, they do it because they are bloody lazy and don't want the interior to cool down.

Re:Entrapment?

[Krojack]

Wait till someone does an attack (Ex: RIAA) then block them. Self defence? I would think so. I block about 2 IP's that I don't know per day on my personal firewall from IP's that have hit ports on my computer more then once in a days time.

Re:Entrapment?

[Mercaptan]

Since there seems to be some confusion, I'll throw up a more formal definition of entrapment.

A person is 'entrapped' when he is induced or persuaded by law enforcement officers or their agents to commit a crime that he had no previous intent to commit; and the law as a matter of policy forbids conviction in such a case.

However, there is no entrapment where a person is ready and willing to break the law and the Government agents merely provide what appears to be a favorable opportunity for the person to commit the crime. For example, it is not entrapment for a Government agent to pretend to be someone else and to offer, either directly or through an informer or other decoy, to engage in an unlawful transaction with the person. So, a person would not be a victim of entrapment if the person was ready, willing and able to commit the crime charged in the indictment whenever opportunity was afforded, and that Government officers or their agents did no more than offer an opportunity.

On the other hand, if the evidence leaves a reasonable doubt whether the person had any intent to commit the crime except for inducement or persuasion on the part of some Government officer or agent, then the person is not guilty

That said, assuming the ISP isn't acting in concert with law enforcement, they're allowed to do whatever they want to keep out RIAA. RIAA would only have rights to pursue recourse if they had a contract with the ISP in some vendor-customer relationship. The ISP's actions don't constitute an attack against RIAA, although I'm sure RIAA would love to spin it that way.

This is great but...

[ldopa1]

I am sure this is the start of a huge slew of lawsuits. UserFriendly had a strip about this on Sunday. You can view it here. It raises an interesting point. The comic implies that anyone with a big enough footprint can ignore/swat the RIAA if they want.

That said, I think that the banning of the RIAA from networks is a start. Now they need to ban the spoofers and companies like MediaDefender who spend all of their bandwidth downloading files from YOUR computer to keep other people off.

I particularly like how they'll enforce this

[jht]

The idea of using a Gnutella honeypot and then using access logs to "spot the fed" is terrific - it'd be nice to see more ISP's stand up to the RIAA this way.

I used to think the balkanization of the Internet would be a Bad Thing, but I'm not so sure now given the kind of tactics we're seeing the record and movie giants use.

Re:I particularly like how they'll enforce this

[Aknaton]

> using a Gnutella honeypot

If they use real, copyrighted MP3s, wouldn't they be liable for civil action? And if they used fakes, or legal MP3s merely renamed, then they would make it harder for Gnutella users as well?

Re:I particularly like how they'll enforce this

[ecs05norway]

Only for Gnutella users who are seeking out and downloading pirated - illegal - material. In other words, only two groups of people will be harmed: 1) The people seeking to steal songs from the RIAA 2) The RIAA proxies seeking to steal connectivity from the ISP's customers. People downloading legally-shared material will just say "Oh, some idiot's got another copy of the new Britney Effing Spears album. Jackass." and go on with what they were doing.

Re:I particularly like how they'll enforce this

[Aknaton]

Thanks. I can live with that, although I'd wager that a lot of people are trading music that they don't have the right to redistribute.

Bad Idea

[zmalone]

Maybe it's just me, but it seems like a bad idea to block consumer access to an IP or range of IPs. They are perfectly justified in preventing incoming connections to IPs they control, but I would be angry if an ISP I payed money to began restricting the content I could access, just because there is the threat of an attack. Where do they draw the line?

Re:Bad Idea

[Fat+Casper]

Maybe it's just me, but it seems like a bad idea to block consumer access to an IP or range of IPs.

Now there's a news flash. Tell that to the RIAA. If they believe you, maybe they'll drop their lawsuit trying to force the ISPs to block consumer access to an IP or range of IPs that the RIAA doesn't like.

The internet is giving the RIAA a taste of its own medicine. I just wish the ISPs being sued were smart enough to come up with this first.

Re:Bad Idea

[legojenn]

I wonder if the RIAA could just subvert their firewall by signing up for service on their ISP.

Just a thought...

j

Re:Bad Idea

[Fat+Casper]

They could sign up for service, but they would very quickly violate the AUP and get booted.

Which brings another thought: how many complaints of "your customer cracked my box" will it take for the RIAA's current provider to boot them?

Honeypot protection

[nuggz]

I like this. Actively monitor for any hostile action and block it.

People should not be punished or harrassed for doing things that may appear to be illegal, at least if the accuser doesn't perform a reasonable inspection before making accusations.

Conversely why can't people just not steal the mp3's?

Re:Honeypot protection

[phillymjs]

Conversely why can't people just not steal the mp3's?

Because the RIAA refuses to sell them in a way that encourages people to pay for them: High quality files in a DRM-free format, at a price so cheap per song that people would rather pay it to get a file of guaranteed high quality than waste the time trying to find a perfectly-ripped, glitch-free copy somewhere for free. Do you know how many times I've had to keep re-downloading songs from Gnutella because they're cut off at the end or have glitches in the middle from the CD skipping when the song was ripped? It's not a fun thing to do with a speedy broadband connection, much less the dialup connection that the majority of people still use.

If the RIAA charged, say, 5 to 25 cents per song, or a more expensive x dollars-per-month all-you-can-download plan, with NO DRM CRAP, they would make a killing. Why don't they?

They're greedy.
They like the profit margins they maintain with their extortionate CD pricing.

They're cheap.
The startup costs for their own MP3 server farm would be pretty hefty, and that's money that (in their eyes) would be better put to use stuffing Hilary's couch cushions and mattress, and buying laws that prop up their existing business model.

They're lazy.
They don't want to have to strive to create more high-quality content. By only selling album-length CDs (the purchasable single as we know it is being killed off), they can effectively force you to pay $20 for that one song you like, because the other eleven on the CD make you bleed from the ears because they're so terrible. In all my years of CD buying (pre-Napster, of course), I can still have enough fingers to count the number of CDs I have where I love every single track on them. I could have a nasty accident with a bandsaw and that would still be true.

They're stupid.
They just can't see that if they sell something cheaply enough and without onerous restrictions, people won't be motivated to steal it. Every time they come close to this idea, the services they launch are too expensive and/or use some proprietary file format locked down six ways from Sunday, or have other consumer-hostile aspects.

~Philly

Re:Honeypot protection

[nuggz]

they can effectively force you to pay $20 for that one song you like,

No they don't, you want to pay $20 for that one song, otherwise you just wouldn't buy it.

Stealing something because you think it costs too much isn't reasonable either.

I stopped buying CD's for this reason.

Previous History?

[shftleft]

Due to the nature of this matter and RIAA's previous history, we feel the RIAA will abuse software vulerabilities in a client's browser after the browser accesses its site, potentially allowing the RIAA to access and/or tamper with your data.

I'm all for sticking it to the man, but has the RIAA actively attacked end users before? I know it has used legal means to shut down sites, but is there really any precedence to base this decision on, or is it a marketing ploy to try to get more anti-RIAA folk to join up....

Re:Previous History?

[Fat+Casper]

...has the RIAA actively attacked end users before? I know it has used legal means to shut down sites, but is there really any precedence to base this decision on...

Yes, there is.

Don't read much, eh?

Re:Previous History?

[shftleft]

"Yes" - A request by the RIAA to be able to attack.

"there" - as I said earlier, and I quote "I know it has used legal means to shut down sites", webcasting sites are NOT "end users".

"is" - mere speculation that the RIAA is the culprit of the worm, no proof given.

Don't read much, eh?

Re:Previous History?

[aardvarkjoe]

The only one of those stories that meets the requirement of "RIAA actively attacking end users" is the worm, which we don't know was created by the RIAA. It's possible, but it's equally possible that it was one of the same kids who write the OE virus of the day. To my knowledge, should they try to DOS p2p network users, that will be their first direct attack on end users. So the original poster was correct, and your snide comment was not.

Re:Previous History?

[Fat+Casper]

A request by the RIAA to be able to attack.
This is not an attack in the past, but it is a public statement that they intend to do so. It is always better to secure yourself after a warning instead of ignoring it and waiting to be victimized.

webcasting sites are NOT "end users".
End users listen to webcasters. They see no difference between webcast and radio. Forcing webcasters out of business is an attack on webcasters' fans, the end users. Do you really think that end users aren't hurt if their providers are actively hunted down?

mere speculation that the RIAA is the culprit
Yeah, but it filled out the sentence of URLs nicely.

My point is that the RIAA, long satisfied with limiting themselves to fucking the artists, has been at the forefront of attacking end users for some time. They victimize all of us by buying lawmakers and bullying hardware producers. All that aside, their stated intent to break into end users' computers is all the precedent I need.

Real time RIAA black list?

[Memetic]

Clients which connect to our peer-to-peer clients, and then afterwards attempt to illegally access the network will be immediately blacklisted from Information Wave's network. The data collected will be actively maintained and distributed from our network operations site.

Nice, but many networks would need to do this to make it really worthwhile, afterall RIAA no doubt have many other targets they can choose before they need to to go to informationwave.

ISP Karma

[SeanTobin]

If ISP's had karma, Information Wave Technologies would have just hit the cap. I just sent an e-mail to them at thier riaa@informationwave.net address expressing my thoughts... you should too. Imagine what thier management would do if they got 25,000 e-mails stating how much people liked thier service?

(Yes, I know what would happen... thier mail server would go on strike, and be burned because it was too close to the exploding webserver)

Re:ISP Karma

[UserAlreadyExists]

Doesn't anyone realize that being nice to users isn't the only reason for them to do this?

Blocking RIAA DOS attacks against any of their users who may be targetted saves them bandwidth, which saves them money, which increases profits!

Other ISPs are perfectly happy catering to RIAA by cutting off users who share lots of (copyrighted) files, for the same reason. By removing the 10% of users who use 90% of bandwidth (mostly through P2P) they save big $$$ and they can shift blame to RIAA for the dissatisfaction. It's one of those odd situations, where more customeres != more money.

This may not be the best idea...

[Darkninja666]

While I think giving one to the RIAA is great. But I think this is wrong too. I want no one and no corp deciding what should be accessed across their backbones/routers/etc. This is as bad as the RIAA trying to sue ISPs for NOT blocking offending websites. Now all a judge has to ask is "Is it possible to block access to a single website?", and the RIAA will give this ISP up as an example.

Everyone should be against any censorship!! May the RIAA burn in hell , but this ISP is no better....

Hell, this will proubly be modded down to hell, but think about what this could do to all our freedoms....

Re:This may not be the best idea...

[diamondc]

You have no right to tell a backbone provider to not stop blocking a website or block of IPs. If you really have a problem, just sign up with a different ISP with a different backbone connection to the Internet. And if enough people stop signing up with an ISP that blocks certain websites, no doubt the ISP will stop blocking.

Re:This may not be the best idea...

[Stonehand]

You wouldn't happen to be a spammer, would you?

FWIW, there is no guaranteed freedom to send data over somebody else's network unless they're a common carrier.

Re:This may not be the best idea...

[bwt]

Everyone should be against any censorship!!

I don't think you understand what censorship is.

When a private entity decides which speech will be available on its private resources, that IS free speech, not censorship. If you don't like the choices that entity makes, get your own resources and compete with them. An ISP is not a "common carrier" and thus they are completely within their rights to adopt ANY content policy they choose.

Censoring blackhole lists is a violation of free speech, not an act that upholds it.

Re:This may not be the best idea...

[fmaxwell]

I want no one and no corp deciding what should be accessed across their backbones/routers/etc.

The highlighting was mine but goes to show that the ISPs own the equipment. Their network is theirs to do as they see fit. Would you want the federal government telling you that you were not allowed to block IP addresses from accessing your network? If you don't like the ISP's policies, use a different ISP.

Your argument reminds me of the spammers who accuse ISPs of censoring them and limiting their free speech.

Censorship is when the government limits what you can see and read. It's not when a private ISP makes a business decision to block IP addresses.

Re:This may not be the best idea...

[tshak]

This isn't about censorship. ISP's block known DDOS attacks and other security threats. They're treating the malicious activity that the RIAA is performing as a security threat. If the RIAA want's to make a site dedicated to the DMCA and why it's such a great law, they won't get censored.

Re:This may not be the best idea...

[Christianfreak]

I have mod points but since there isn't a "-1 extemely uninformed", here goes.

I want no one and no corp deciding what should be accessed across their backbones/routers/etc.

There's the kicker their backbones/routers/etc.. If this ISP can't block whatever it wants then we need to make firewalls illegal ... here let me get you the IP to my DSL line there's a linux box there with no passwords ... that's just stupid.

And you didn't read the article, the ISP isn't stopping its customers from access the RIAA if they want to. Its using a honeypot of songs and people who download those songs and start attacking customers on their network get banned. Its simple. Its the same as banning script kiddies for trying to hax0r your website or banning spammers from SMTP servers.

Now all a judge has to ask is "Is it possible to block access to a single website?", and the RIAA will give this ISP up as an example.

There are pleny of examples of how websites can be banned. This doesn't add to it because they are banning individuals who are attacking their network, they aren't banning websites. Even if they were its their network, they can decide who should be on it. The RIAA telling ISPs to block music sites on the other hand has no legal grounds to try to control stuff they don't own.

I guess I shouldn't blame you though read /. long enough and everything becomes 'censorship'.

Re:This may not be the best idea...

[Courageous]

Well, I agree with you in spirit, but not in practice. In this case, taking a proactive step to assure that its users' computers are not ATTACKED ELECTRONICALLY is a good step and a wonderful political statement that's almost certainly in the best interests of most individual citizens and in particular its customers.

C//

Re:This may not be the best idea...

[deblau]

It may not be the best idea, but I believe it is a good one.

I want no one and no corp deciding what should be accessed across their backbones/routers/etc.

Let me point out a small flaw. If they own it, they can do whatever they want with it. You don't have to use any particular ISP. You can always go to another. What's that you say, there aren't any ISPs in your area that are morally safe? Well, you don't have to have internet access, do you? DO YOU? (If you do for work, and they pay for it, you shouldn't be putting pr0n and mp3z on it anyway.)

Hell, this will proubly be modded down to hell, but think about what this could do to all our freedoms....

I have, and that's precisely why I support it. This ISP should be free to do whatever it wants with its own hardware. Let me repeat for everyone who missed it the first time: Internet access is not a right. Until it is, you have no cause to complain that your "rights" are being taken away.

If you value freedom, and you see the Internet becoming closed, abandon the Internet. Create another network. Let the looters fight over the scraps of whatever value is left on the old 'net when the people producing that value are gone.

Re:This may not be the best idea...

[Sj0]

I am going to punch you. I have threatened that I will punch you. I have put the legal means into place that say that I can punch you without any legal ramifications.

When I take a swing at you, will you get out of the way, or will you accept my right to punch you?

Re:This may not be the best idea...

[Darkninja666]

When a private entity decides which speech will be available on its private resources, that IS free speech, not censorship. If you don't like the choices that entity makes, get your own resources and compete with them. An ISP is not a "common carrier" and thus they are completely within their rights to adopt ANY content policy they choose. Censoring blackhole lists is a violation of free speech, not an act that upholds it.

So by your arguement, AOL TW can and should stop all traffic it deems unacceptable. And that would be free speech.

I'm sorry but your thought is flawed, just because a private company has control over something, they still don't have the right to infringe on anyone's rights.(for example Microsoft, and their OS).

By the way, excuse the horrible italics and bold in my inital post. I was sleepy and not thinking straight :)

Re:This may not be the best idea...

[fliplap]

Uh, honeynet?
The entire point of a honeynet is to let people in so you can study how they got in and what tools and techniques are in widespread use.

But no, this isn't censorship, this is blocking someone doing harm to your users and wasting your bandwidth (yes i know they're just setting up dummy files, but its still a waste)

Re:This may not be the best idea...

[Darkninja666]

Interesting arguements....simplistic, but interesting.

Several people here have commented on the fact its QUOTE their UNQUOTE equipment, etc etc. And yet there are examples of when a company is restricted from doing whatever they want on THEIR equipment. For example: Radio stations, TV stations, etc. Just because they own the equipment to broadcast to millions of people, doesn't mean they can decide to broadcast porn all day long (not encrypted). The access to the internet should similar, allowing everything to your door. And you deciding what you want to read, see and hear.

And on my comment about the judge, what I ment was this: There is currently a lawsuit from the RIAA against several major ISPs. Now however much we hate it, the law is probly more on the RIAA side, due to current copyright law. And the judge is going to ask the ISPs why are you not blocking this website?
And this smaller ISP has shot several arguements such as:

• We are not in the business of censoring. - well now they shown they are.
• We don't have the time/manpower to block every website that might have offending material - The judge is just going to say, TRY.
• We are not here to make judgements on contend - there goes that one too.
• And many others...

Mainly, what I'm trying to get at is, this will cause more harm then good.

Re:This may not be the best idea...

[TWR]

So by your arguement, AOL TW can and should stop all traffic it deems unacceptable. And that would be free speech.

Yes, yes it is.

AOW/TW has nothing even close to resembling a monopoly on internet access, so government oversight isn't going to kick in.

Freedom of speech also means that you can choose what NOT to say. If you owned a newspaper (or maybe a web site), would you like it if you were forced to include items you don't want?

Passing and understanding a course on civics should be a requirement before using the phrases "free speech" or "constitutional" in a post.

-jon

Re:This may not be the best idea...

[bwt]

So by your arguement, AOL TW can and should stop all traffic it deems unacceptable. And that would be free speech.

Censorship is about "can" not "should".

But to your point specifically, they already do this. As to "should": I find their implementation of what is "unacceptable" to be obnoxious I don't use them and I encourage others to dump them.

Just because a private company has control over something, they still don't have the right to infringe on anyone's rights.

That's the free speech argument that web site vandals use. The catch is that you do not have a right to use another's resources, so their not infringing your rights if they to carry your speech.

For example, I have a right to put you in my killfile. I still have that right if I build a private network. I still have that right if my network becomes an ISP with paying customers (so long as I'm not deceiving them). And if I'm successful and oust AOL from the top ISP spot, then I STILL retain that right. So, yes, AOL could arbitrarily blacklist you or anybody else. In fact they do this on a much large scale when they lock out the other IM protocols.

for example Microsoft, and their OS

What does this have to do with the previous topic? Microsoft is an adjudicated monopoly. That is the problem with Microsoft, not something else. Again, the best response is to not use them, and to not shun speech that requires you do.

Re:This may not be the best idea...

[Bartab]

You're free to choose another ISP that routes all such material for you. After all, it is a free market.

Re:This may not be the best idea...

[Erasmus+Darwin]

"All outgoing (ie requested) traffic to the RIAA would presumably be legal."

Actually, the ISP is blocking that, too. Their rationale from the article:

"Due to the nature of this matter and RIAA's previous history, we feel the RIAA will abuse software vulnerabilities in a client's browser after the browser accesses its site, potentially allowing the RIAA to access and/or tamper with your data."

Sounds to me like the ISP is trying to make a political statement rather than just engaging in protecting themselves.

Re:This may not be the best idea...

[Sj0]

Judge:Why aren't you blocking this website?

ISP:Because they weren't trying to DoS us.

Don't try to cloud the issues. This isn't about free speech, this is about the RIAA and MPAA trying to make it legal for them to DoS individuals. If the law passes, you can be goddamned sure that they will constantly make use of this new tool. Perhaps you've never had to pay for bandwidth, but the costs can add up if rhe RIAA is constantly DoSing your customers. Ergo, block the entire network, their web pages, their infiltrators, their DoS engines, because to be honest, the RIAA and MPAA don't deserve to be on the internet with the rest of us more civilized individuals.

Re:This may not be the best idea...

[HiThere]

I pretty much agree with you, except in areas where one ISP owns over 50% * of the business. In those areas I don't believe the larger ISPs should be allowed to do this, unless over 75% ** of their customers vote to approve it.

* (and thus is, by my definition, a monopoly)
**(my definition of an overwhelming majority)

Re:This may not be the best idea...

[kcbrown]

Either the ISPs are common carriers, and thus should be completely immune to the machinations of the RIAA and its ilk, or they're not.

The RIAA and friends claim that ISPs are not common carriers and have sued as such. Information Wave Technologies is showing exactly what happens when an ISP is not a common carrier. The RIAA can't have it both ways, and removing the common carrier status of ISPs has consequences that probably aren't desirable from the RIAA's point of view.

As a general policy, I agree that what Information Wave Technologies is doing might not be a good idea. But as a specific response to the situation, I think it's a wonderful idea (in fact, they need to go further and block all access, in and out, to all websites owned by any RIAA members).

Re:This may not be the best idea...

[fmaxwell]

You pose an interesting point and one that I considered long and hard before posting. First, I don't think that an ISP has a monopoly if they there are other choices. If BobCom has 51% of the market because they are the most cost-effective choice, I don't think that BobCom should be federally mandated to open up their routers to every IP address on the face of the earth.

Nor do I want to be involved in a an opinion poll every time I get on the Internet where I cast my vote for which sites to block. I have enough pressure without feeling that I have to vote every day on whether my ISP should block sites like "www.we-spread-viruses.com".

Let's not forget that this article is about an ISP that is blocking the RIAA because of the RIAA's stated intention to, in essence, launch denial of service attacks against P2P networks. It's not like the ISP just decided that the content of the RIAA web site was offensive. They are exercising their right to protect their equipment, bandwidth, and users from malicious attacks.

Re:This may not be the best idea...

[fmaxwell]

You are an illiterate moron. The dictionary defines a censor as:

A person authorized to examine books, films, or other material and to remove or suppress what is considered morally, politically, or otherwise objectionable.

Did you see that word "authorized"? Did someone "authorize" the ISP to block the RIAA web site? And what entity could "authorize" the blocking of material that "is considered morally, politically, or otherwise objectionable." Gee, could it be the government, like they do with filtering software at public schools and libraries?

If one ISP blocks the RIAA's web site and it's available on 20 others in your area, it's not censored, is it?

Now I see why you post as an anonymous coward. If I was as stupid as you, I wouldn't sign my name to what I posted, either.

They're treating it like spam.

[Fat+Casper]

One of the ways ISPs deal with spam is by blacklisting sources of it and cutting them off as much as they can. IWT is starting a blacklist that is just as legitimate and perfectly targeted:

The RIAA has announced its intention to crack any boxes that it wants to and has even bought a bill that would legalize it for them. That makes the RIAA a big security threat, even bigger when you consider that they have no oversight and a long record of not caring about little things like rights. Any contact with their network makes you vulnerable.

Any security type would want their network protected from snooping of any kind. Especially from a company that wants to shut down anyone it doesn't like and is protected against liability for any damage it does. An ISP blacklisting a company that does this, or even just announces that it plans to, is protecting its customers and being a good citizen.

I think the idea is going to catch on.

Re:They're treating it like spam.

[garcia]

but then we have ISPs like ATTBI which decide to bow to MPAA pressures (and probably RIAA) and suspend user accounts until they contact the legal demands deptartment for TOS violations.

Are the "Big Boys" going to allow this to go on while the "smaller" ISPs block it?

Re:They're treating it like spam.

[T3kno]

If they do, the big boys will soon cease to offer broadband. No one will want it, as soon as I can get off it I will. Hopefully consumers (especially US consumers) will pull their heads out and realize that it is they who have the final say in what happens to a company. If you stop buying CD's as I have the RIAA will eventually listen. If you stop using ATTBI and switch all of the phone accounts you can off of their service they will listen. The beauty of capatilism is that we as consumers have the power to change things, the only reason companies are so big and powerful (which is a REALLY REALLY bad thing IMHO) is that we have allowed them to become that way. Homo Depot is the size it is because people stopped supporting the little independant hardware store. I for one prefer small independant hardware stores, a) because you get help, can ususally talk to a nice helpfull person, b) no hour long lines, and c) you are directly supporting your community instead of supporting a huge multi-national. The same goes for ISP's the little ISPs are worried about their customers, not about a corporate image and shareholders, so they will go out of their way to protect you as their customer.

ATTBI blocked my account for having a set up my BSD box with a static IP (it took them over a year to notice, and COX never cared), I got the service reinstated, told them that I was switching off of their service, we are in the process of changing my wifes cell phone service from ATT and I had the choice here at work about a long distance carrier recently and I specifically chose not to go with ATT. If we all did this companies like ATT and conglomerates like the RIAA and the MPAA will have to listen, after all they are only companies and the only power that they have is the power that we as consumers give them. Capatalism works, but we have to be the police, not the government.

Re:They're treating it like spam.

[Krojack]

Here is something like that. Wirehub! Internet Blackholes Explanation Blackholes is at blackholes.wirehub.net and uses 127.0.0.2 A records. Its purpose is to block SMTP connections from persistent spam sources, abusers scanning for open mail relays, abusers behind raped relays, open proxy servers, and IPs of spamvertizers and of spamvertized websites. Link: http://basic.wirehub.nl/blackholes.html

Re:They're treating it like spam.

[AlexCompy]

"If you stop buying CD's as I have the RIAA will eventually listen"

Err no, they will simply chalk it down to "piracy" and bribe (aka "lobby") the government for laws that give them more power.

Re:They're treating it like spam.

[akb]

The placement of this policy is not intended to hamper the RIAA's piracy elimination agenda or advocate Internet piracy, but to ensure the safety of our customers' data attached to our network from hackers or corporate espionage hidden by the veil of RIAA copyright enforcement.

They are only resisting denial of service attacks not DMCA required action of suspending user accounts.

Re:They're treating it like spam.

[tshak]

Actually this is where capitalism doesn't work, and why we need government regulation. You're assuming an educated consumer. You're assuming a consumer that isn't apathetic about said issues. This consumer is the exception but not the rule in the USA, which is why the general quality of products has severly decreased over the last few decades while the costs of said products have increased (inflation accounted for). Finally, you have this new concept of an Ogopoly(sp?). This concept is almost proven within large industries where although there is no monopoly, you have duopolies or more. For example, who cares if ATT limits your usage to essentially web surfing and email? So you switch! Switch to who? Qwest DSL who does the same thing (for example)? Competition is great, but it doesn't always work when you have a few megacorporations following each others suit. Finally, the entire captilistic model puts the maximization of corporate profits above all other priorities. Long are the days where you have a business passionate about making a quality product while making a humble profit. Profiting isn't bad, but business in America is summed up as the following: Maximize profit at the expense of your employee's (compensation, etc.), customers, and product quality. It's true that competition keeps this in check, but only to an extent.

Re:They're treating it like spam.

[heatseeka]

You are forgetting that capitalism is based on a single principle: to make money. What you say is true about caring for customers, being passionate, but in the end you do those things to attract other customers and to make more money. One starts a business to make money, not to help people. A pizza shop owner didn't open the restaurant because he wanted to keep the local community fed; he did it because he saw an opportunity to make a buck. Thats it. Its just the nature of capitalism, like it or not.

Just my $0.02.

--Dima

Re:They're treating it like spam.

[cwebster]

> ATTBI blocked my account for having a set up my BSD box with a static IP (it took them over a year to notice, and COX never cared)

you dont need to specify you were using BSD, that had nothing to do with it. Just the fact that you were using a static address is all you were doing to violate the rules. Just get a dhcp address, i have and my box hasnt gotten a new ip in over a year. static enough for me.

Re:They're treating it like spam.

[T3kno]

I'm using DHCP now, with dyndns. Little pain in the butt, but not bad. Stupid rule if you ask me though. If someone want's a static give it to them, 99.9999999% of the population doesn't know the difference, so you're not gonna run out.

Re:They're treating it like spam.

[cwebster]

never liked dyndns myself. Between myself and a friend we have 2 boxes hooked up to the local cable, both DHCP and we just run our own nameservers. works great.

Re:They're treating it like spam.

[bilbobuggins]

If you stop buying CD's as I have the RIAA will eventually listen

what???
yes, not buying cd's will certainly get them to stop complaining about people not buying cd's.
it's genius!

rather, maybe you should be buying cd's of _all these great bands your finding online_ to prove to the riaa that technology can actually HELP them instead of only hurt them...

Re:They're treating it like spam.

[T3kno]

Yeah, but if you ever get a new lease you will have to repoint your record, and are stuck with 24 hours downtime.

Re:They're treating it like spam.

[cwebster]

since we have 2 boxes, if one gets a new ip, it takes a minute to update the the record, and we have good data returned by one of our servers. It does take 24 hours to get fully back up with both listed servers working. Last time i got a new lease though was last june, so its not something we have to deal with often.

Re:They're treating it like spam.

[heatseeka]

Ok if you want to get techincal, then yes. There are many principles which are the basis for captialism. However, how many corporations stay in business when they do no make money? By definition, to be in business is to be working to generate a profit by providing a service or a product. If your costs exceed your revenue, you simply cannot afford to run the business and you close shop. Thus, the capitalistic society thrives on one's pursuit of money (accounting for human nature...)

No need to be rude...

--Dima

Excuse me????

[Gekko]

Uhmmm excuse me? Cave to legal pressure on what grounds? Any content provider can choose to not route traffic from any host they so choose. The only legal pressure could come from their customers if they want to access the RIAA website for some reason.

Re:Excuse me????

[GreyPoopon]

The only legal pressure could come from their customers if they want to access the RIAA website for some reason.

And to satisfy those customers, they could just summarize the RIAA website:

We, the Recording Industry Association of America, would like to offer you substandard products at high prices. Please be aware that those contributing to the development of our products are underpaid, and the funds collected from sales will be used to establish laws further limiting your freedom. We thank you for your patronage.

Re:Excuse me????

[GutBomb]

why? the people buying britney spears cd's don't give a damn

Re:Excuse me????

[Jucius+Maximus]

"The only legal pressure could come from their customers if they want to access the RIAA website for some reason."

Damn! Now all the boxes I r00t3d on the Information Wave Technologies network for the purpose of DDOS'ing the RIAA's network are useless! Drat! Foiled again! (j/k)

Re:Excuse me????

[GreyPoopon]

Either way, try and be patient with teenagers, they have so much pressure on them already(mostly manufactured by big media). It's up to those of us who have already been burned countless times by these people(riaa), to try and salvage what we can.

Actually, the latest economic hard times *may* help resolve this situation. Since most teenagers (not all) depend on money from parents to be able to afford this kind of junk, you may see a significant drop in sales because this is the type of expenditure that will be the first to go.

Re:Excuse me????

[Doug-W]

Unfortunately any drop in sales is due to piracy. Therefore the RIAA needs to take even more extraordinary measures to combat this significant drop in sales.

Re:Excuse me????

[pbrammer]

The only legal pressure could come from their customers if they want to access the RIAA website for some reason.

Why would that be a problem? With a stateful firewall, there would be no problem letting their customers visit the RIAA's website. BUT, RIAA would have an extreme problem trying to connect to those user's machines.

-Outbound (customer) traffic is unrestricted.
-Inbound (Internet) traffic could be restricted to allow everything but RIAA's domains/IPs.

Besides, that setup would really be a slap in the face to RIAA. Na-na-na-na-na... I can see you, but you can't see me!

Phil

Re:Excuse me????

[Anonvmous+Coward]

Just wanted to say I thought that was really funny. :)

Not very practical or ethical

[rob_from_ca]

While I admit, an action like this has an appeal in a very gut feeling kind of way, as a method of striking back against an unfair, almost unstoppable opponent, if we really sit back and think about it it's not a very workable solution. First off, it's censorship. We may not like the message, but ISP's blocking particular groups for their beliefs or acitivities is a pretty slippery slope. It's not so exciting if AOL decides to ban "hacker" groups from accessing AOL (or AOL customers from accessing them) because of the content (or activities) involved. Policy based filtering creates a fragmeted network, where company A's network can't reach customer B, etc.

Two, it's unworkable. Certainly whoever the MPAA/RIAA will employ to do their dirty work will be smart enough to come from a different location once they realize their IP's are blocked. This solution would be a little better if they had a system in place to block IP's that were actively attacking a P2P network, or a client, or a browser, etc. I see no problem with temporarily blocking small netblocks or IP's to stop an attack.

Remember; we'd cry bloody murder if the situation was reversed, and we'd be right to do so.

Re:Not very practical or ethical

Two, it's unworkable. Certainly whoever the MPAA/RIAA will employ to do their dirty work will be smart enough to come from a different location once they realize their IP's are blocked. This solution would be a little better if they had a system in place to block IP's that were actively attacking a P2P network, or a client, or a browser, etc. I see no problem with temporarily blocking small netblocks or IP's to stop an attack.

Read the article again. They are employing a honeypot client on their side, with dummy files, to establish connection links. Then they find that they are getting smurfed from the same client who searched their drive a few minutes ago, and poof! A new IP address is added to the blacklist.

Add some reverse DNS lookup and logging, and you have grounds to file an internet attack under the DMCA umbrella and get some accounts closed, heck, maybe even get some cash out of the weasels if enough evidence is collected.

Re:Not very practical or ethical

[gallen1234]

but ISP's blocking particular groups for their beliefs or acitivities is a pretty slippery slope

I disagree in part. Blocking someone for their beliefs is indeed the first step on a slippery slope. Blocking someone for their actions isn't. This is consistent with recent interpretations of the First Ammendment. It's okay to talk about doing bad/illegal/unethical things. It's not okay to actually do them. I think it's also consistent to take steps to protect yourself from someone who has actively discussed doing bad/illegal/unethical things.

Re:Not very practical or ethical

[rob_from_ca]

Yes, but they also said they would be blocking the RIAA's website for their customers, presumably so the RIAA can't exploit a browser bug to infect their systems.

Plus, it's not like they can't use one netblock to scan the P2P network, then a totally different one to try and take down the copyright infringing systems, totally avoiding the "honeynet."

It's really just not a very useful idea.

Re:Not very practical or ethical

[Blowit]

Remember that a private ISP is just that. Private. Therefore, they have all rights to censor any matter they feel they want censored from their network. If you don't like it, go to another provider. I myself am happy they are taking a stand against DoS by the RIAA. I would consider doing the same.

Whomever they employ will also get marked on they honeypots. Once marked, a lawsuit can be issued on both the company that the RIAA employed to openly attack the ISP's network and the RIAA. The DCMA can not protect against DoS or attacks on a network. This is just clearly an attack of someone's network and is considered as breaking and entering. Unless the RIAA is willing to pay $50,000/month to allow such activity to go on within an ISP's network. With hundreds of thousands of ISPs worldwide, the RIAA would be bankrupt in a few hours.

Re:Not very practical or ethical

[Sj0]

The message is probably 32 N characters, followed by a small amount of code. That type of speech is illegal. It's called "hacking". I shall now kick you in the nuts. Don't try to block it or get out of the way; It's my right to send the message of pain to your gonads.

Personally, the whole industry is a joke; how criminal can we become before someone actually notices?

Re:Not very practical or ethical

[Sj0]

freind, you seem to misunderstand the dilemma; the reason that all these things are happening. THE RIAA ARE TRYING TO MAKE IT LEGAL TO THEM TO DOS NETWORKS!

Great, but...

[setzman]

This is good, but there's a small problem. It should be interesting though to see what the **AA will do in return, as in complaining to Congress while filling their pockets with cash. Since we all know that Congress can be easily persuaded by cash, don't see surprised to hear one day that blocking the **AA from accessing your computer is a now violation of the DMCA/other new laws enacted in reaction to this. They will probably also say that firewalls are illegal as well, but that's just about the brain power I think most people up there have.

Very interesting

[bigmouth_strikes]

Someone bullying the bully, at last.

It is also interesting how they mention that they will fake Gnotella clients sharing popular songs, in an attempt to trick RIAA to try and hack them.

It is encouraging to see that the grassroots are being helped by the ISPs, which means that the ISPs have realized who their customers are. Everyone should call their ISP, demanding to be protected from RIAA!

Unfortunately, seeing how the broadband ISP market is consolidating into a few players with local monopolies, it is unlikely that this will spread to the major ISPs. Like someone mentioned in an earlier comment, I doubt that AOL/Time-Warner have the guts or even interest to pull something like this off.

Hold up one second...

[banzai51]

While we should all applaud their efforts to stop the RIAA from being all intrusive, please also understand that they are also actively entrapping users. They are setting up a 'trap' on a P2P client with artists/songs in the top 100. If you connect, you get banned.

Re:Hold up one second...

[Cowculator]

Read the announcement again... they said that people who connect and then attempt to illegally access the network will be banned. They won't blacklist you unless you try to DoS or crack them afterward, since that's what will distinguish the RIAA and its minions from normal users.

Re:Hold up one second...

[DirkDaring]

"If you connect, you get banned."

And? So what?

Re:Hold up one second...

[Fat+Casper]

If you connect, you get banned.

Don't like to read, do you?

Clients which connect to our peer-to-peer clients, and then afterwards attempt to illegally access the network will be immediately blacklisted from Information Wave's network.

See? IWT isn't being evil, they are simply keeping their network secure.

RIAA wins either way

[Str8Dog]

Doesn't anyone else see this as a win/win situation for the RIAA?

If the RIAA is allowed to DDOS people of the net, they can go after the big boy file traders.

If on the other hand, ISPs start blocking traffic based on DDOS attacks, the net gets devided into small islands of net and the whole file trading comunity is cut off from each other anyway.

Hell pretty soon we are going to have zoning laws similar to television anyway.

This is cool, but what are doing about it???

[skribble]

I think it's cool what this ISP is doing, I hope they're successful, but the bigger question is what all the other people are doing. A small ISP isn't going to change anything alone.

The thing is we all need to help fight the RIAA, and the laws it's lobbying for, and the best (legal) way to do this is to just stop giving them money. Don't buy there product, and encourage others not to also. If nobody buys there product, they have no money to lobby. If they have no money to lobby then their silly laws won't get passed.

PolySci 101: The intent of political leaders in the U.S.A. is to grab as much power and money as possible, while maintaining just enough credibility with the public to get re-elected. So a good (read 'effective') politician wounldn't pass a law like the CDMA or this new fascist crap being pushed by the RIAA if they weren't getting something. The sad fact is, voteing with your money is much more effective then voteing in elections.

So fight on!!! There's a lot of excellent, often better music out there *not* published by the big music industry. Give these people you money, not those that want to take your money and screw you with it.

We've been had!

[Idarubicin]

Wave will also deploy peer-to-peer clients on the Gnutella network from its security research and development network (honeynet) which will offer files with popular song titles derived from the Billboard Top 100 maintained by VNU eMedia. No copyright violations will take place, these files will merely have arbitrary sizes similar to the length of a 3 to 4 minute MP3 audio file encoded at 128kbps.

Wait! Isn't this the sort of thing that we're usually all up in arms about when the **AA threatens to do it?

Fake mp3's, with popular song titles, on a popular p2p network, wasting our bandwidth and time...go figure.

I offer this conspiracy theory: Information Wave is a front for the RIAA. Watch for black helicopters in your neighbourhood.

On a more serious note, I applaud this move. The RIAA and its affiliates and members see no problem with wasting our bandwidth with bogus clients and files. That bandwidth costs our ISPs, backbone providers, and--ultimately--us, money. It's almost as bad as spam in that respect, though at least there are nontrivial bandwidth costs on the RIAA's side in this case. Dinging their signal to noise ratio (possibly, hopefully) might make it too costly to annoy the rest of us. Throwing some of the RIAA's crap back at them seems like a reasonable, proportionate response if handled carefully and responsibly. (I hope Information Wave gets some good legal advice before they start doing this.)

Re:We've been had!

[DirkDaring]

"I hope Information Wave gets some good legal advice before they start doing this."

ISPs regularly block Asian and other sites because of spam mail. Can't they just say 'We block the RIAA... because we can. We don't need an excuse?'

Dirk

Re:We've been had!

[Stonehand]

Hmmmm. Unless doing this is considered an accessory...

However, the RIAA is not a law enforcement organization, no matter how much it wants to be. If the RIAA gets evidence, they /should/ be going to the police rather than acting like vigilantes, no matter how much Congress bends over for 'em.

Re:Another story - RIAA sues network providers

[chazzf]

Terribly sorry, you must have missed this:

RIAA Sues Backbone ISPs to Censor Website

~Chazzf

RIAA IP Space

[buck09]

Enjoy...

RECORDING INDUSTRY ASSOC OF AMERICA (NETBLK-RECORDIN50-191) 1330 CONNECTICUT AVENUE NW SUITE 300 WASHINGTON, DC 20036 US Netname: RECORDIN50-191 Netblock: 12.150.191.0 - 12.150.191.255 Coordinator: EGAS, JACK (JE332-ARIN) jegas@riaa.com (2027750101) - Record last updated on 11-Aug-2001. Database last updated on 19-Aug-2002 21:20:16 EDT.

Re:RIAA IP Space

[jeffy124]

not so fast.

You must also deal with the RIAA's member companies, not just RIAA itself. It is technically the labels who own the copyrights and would be the ones to "enforce" those copyrights by hacking. Also, not all of the member companies are in favor of hacking consumer systems -- for example, AOL/TW & child company Warner Music are opposed to it.

Re:RIAA IP Space

[jeffy124]

thinking this out some more...
just because AOL/TW is opposed to it, doesnt mean Warner Music is gonna not make use of the law. For example, HP is opposed to the DMCA when it comes to OS security, but that didnt stop one of their lawyers from trying.

Re:RIAA IP Space

[dwhittington]

It's a good first step to block RIAA & allifiate company registered blocks.

However, its not like the RIAA cant go out and purchase a broadband link w/ netblock regisitered to some other ISP as a method to get around their network being blocked.

My .02

Re:RIAA IP Space

[Unipuma]

That might raise an interesting question...
I admit I haven't read the legislation that is being proposed, but if it says the RIAA can legitimately hack away (or crack away, you know what I mean ;), does this also include member companies?
I don't think Sony corp. (for example) would be allowed to hack under this legislation.
And what would happen if they hire an organisation to do the hacking for them? As I don't think that right now the RIAA employs hackers, so they would most likely try to hire someone to do it for them.

Re:RIAA IP Space

[hyperizer]

Not to mention, you'll have to block whatever consultants they actually hire to do their cracking. Good luck with that.

Re:RIAA IP Space

[jeffy124]

the legislation states "copyright holder" - meaning the labels, movie production company, movie distributor, publisher, etc. By using the term "copyright holder", it eliminates the law being specially crafted specifically for the MPAA/RIAA.

The RIAA is a cartel, not the actual copyright holder. For example, OPEC (the oil industry cartel) does not pump/distribute the oil, it's member companies do.

Sony would have the right to hack, but only if it's their copyrighted material, iow, music published by Sony's record label.

Also, there is a LOT of FUD about this law. There is oversight - in that when a "holder" launches an attack, they have to inform the Justice Dept ahead of time, including how and what copyrighted work(s), and probably some other details. Also, they are limited in what they can do. IIRC, they can only perform non-intrusive attacks, such as Denial-of-Service, instead of hacking in via a security hole to delete files.

Unfortunatly, there is a clause granting immunity, which also allows for immunity from unintentional damage. This is basically a loophole allowing "accidental" damage. For example, if Disney finds someone hosting a video file "Snow White", takes some sort of action, and it turns out "Snow White" was the school play and not the movie, then Disney is not liable if the file gets "accidently" destroyed.

As for hiring a third party to perform the attacks, that's probably gonna happen and be permitted. But the ISP will be able to figure out who's attacking anyway, as they're using a honeypot simulating a P2P node hosting spoofed Billboard 100 mp3's. Anyone who attacks the pot get blacklisted.

Re:RIAA IP Space

[jeffy124]

read the article. you'll see how this ISP will handle that. (hint: honeypots)

Re:RIAA IP Space

[Amazing+Quantum+Man]

the legislation states "copyright holder" - meaning the labels, movie production company, movie distributor, publisher, etc. By using the term "copyright holder", it eliminates the law being specially crafted specifically for the MPAA/RIAA.

Then of course, we all can go crack the RIAA computers. If not, we can get the law overturned under the "Equal Protection" clause of the 14th Amendment.

See my .sig for details.

Re:RIAA IP Space

[supabeast!]

"for example, AOL/TW & child company Warner Music are opposed to it."

That hasn't stopped AOL/TW from supporting the RIAA financially. Perhaps if a few big ISPs blocked traffic by AOL, Sony, Bertlesmann, those companies would think twice about continuing to fund the RIAA. This would work well with AOL/TW, which have political reasons within the computer industry for staying available. AOL needs people to have access to Netscape and AIM to keep from losing (More.) ground to Microsoft.

Re:RIAA IP Space

[HiThere]

How do you know that they are opposed? Do you believe how they spend their money, or what their PR agents say?

Personally, I believe they way they spend their money, and the organizations they choose to associate with.

Re:RIAA IP Space

[jeffy124]

news articles about the proposed legislation.

think about it -- AOL/TW has a LOT of customers through their ISPs -- AOL and RoadRunner. RIAA hacking == loss of business, especially for RR. They definitely do not want RIAA hacking into their networks. I would not be surprised if either ISP takes action similar to that of the ISP in this story.

Re:RIAA IP Space

[jeffy124]

actually it is oversight. If you actually read the proposed legislation, DoJ has the authority to deny attacks, and prosecute if their denial order gets ignored.

Brilliant!

[rocjoe71]

Nice to see smaller companies standing up to the mega-money corporations instead of just allowing them to act irresponsibly...

This Kind of Restriction is Good, Then?

[reallocate]

So..restricting Internet use is OK if you're restricting people you don't like?

If you can do it to them, they can do it to you. Pretty difficult to argue otherwise.

An ISP that blocks or restricts RIAA use of the net is legitimizing the practice they purport to oppose. This is not the way to fight this particular battle.

Re:This Kind of Restriction is Good, Then?

If you can do it to them, they can do it to you. Pretty difficult to argue otherwise.

Actually pretty easy to argue otherwise. The ISP is proactively banning someone who has stated their intention to break into their customers' computers. By that same logic, there's no reason to ban me or anyone else who uses the network for its proper purposes.

Re:This Kind of Restriction is Good, Then?

[RickHunter]

And by his logic, ISPs shouldn't ban problem users. IE, those who attack other machines and disrupt service for their own ends. (Spammers and script kiddies, for example.)

Re:This Kind of Restriction is Good, Then?

[hexile]

They aren't restricting the Internet. They are providing a service *which you chose to pay for and use*. If you don't like the service they offer, then don't buy it. They aren't forcing a blacklist on anyone, other than their own customers. What the RIAA is trying to do is force everyone to blacklist anything deemed inappropriate by the RIAA by force of law. If you don't like Information Wave Technologies practices, then don't buy their service. If you don't like the RIAA's practices, tough luck, because they're trying to make it the law.

Re:This Kind of Restriction is Good, Then?

[taphu]

An ISP that blocks or restricts RIAA use of the net is legitimizing the practice they purport to oppose.

Sorry, this is like saying any homeowner that puts a lock on his door is legitimizing the practice of burgurlary. In both cases they are protecting themselves (and clients) from illeagal actions that they know some people are trying to perform. Also, in this matter the RIAA is not "restricting Internet use," they are gaining unauthorized access to peoples computers for the purpose of prosecuting those people based on the information they find there!

I mean really. That's illegal in so many ways it's not even funny.

Re:This Kind of Restriction is Good, Then?

[reallocate]

If an ISP takes action against someone who has stated an intention to commit an illegal act using the ISP's facilities, I agree -- the ISP should report it to the authorities and act to protect its other customers.

As a political instrument, intended to thwart the RIAA's efforts to change the law, however, this kind of "good guys restricting the bad guys" activity will fail. The 'bad guys" will simply point to anyone's restriction of Internet use and call them hypocrites. Restrictions on freedom restrict freedom, regardless of their souce.

Re:This Kind of Restriction is Good, Then?

[sporty]

Um, depends on your perspective of things. One entity is going to DoS annother entity. Forget who the entities are, just think of them as just entities.

What can you do about it?
- the user can drop packets
- the isp can block traffic
- the isp can take the offender to court for disruption of service

So now what do you propose to do on the threat of an attack? Simple: prepare for it. The RIAA upstream obviously won't cut them off, so the ISP's themselves will have to protect themselves.

In a land of no laws (or few), especially the internet, it is best to protect your assets since no one else will step in. Especially if the RIAA is going to flood not only one member of your isp off, but the entire isp!

Re:This Kind of Restriction is Good, Then?

[@madeus]

So..restricting Internet use is OK if you're restricting people you don't like?

Well yes - of course!

It's common practice to restrict crackers, hackers, DDOS attackers and even anyone who looks at you funny.

If it's your network, you can limit what routes you will route to and from.

This is how peering and even transit operations work (some trasit agreements and many peering arrangements between carriers limit what netblocks may be access via them and peers do the same too).

If you can do it to them, they can do it to you. Pretty difficult to argue otherwise.

They _already_ do it to us, as do all large large corporations an private companies and anyone with a private IP range!

People can restrict access into and out of their network, it's not a new thing.

An ISP that blocks or restricts RIAA use of the net is legitimizing the practice they purport to oppose.

Erm How? Do RIAA want to block all the traffic into their network coming from joe user?

We *wish*!

Re:This Kind of Restriction is Good, Then?

[Art+Tatum]

Of course, the problem with restricting Internet use is when the *government* does it. Heh, reminds me of all those people who cry "censorship" when some private organization doesn't allow something. Private parties can do whatever they want--it's the government that's dangerous.

Re:This Kind of Restriction is Good, Then?

[gorbachev]

It's a private network. They can block whoever they want for whatever reason. It's their business.

If their users don't like what they do, they can choose another ISP. It's not like ISPs are a scarce commodity.

Proletariat of the world, unite to kill RIAA/MPAA

Re:This Kind of Restriction is Good, Then?

[mad+flyer]

You really are a populist sucker. They plan to block an organisation who said "we will hack you to death" and you play the sissi "it's against free speach lalalala"... open your eyes, shut your mouth. And if you don't understand let computers to people how know what to do with them.

Re:This Kind of Restriction is Good, Then?

[reallocate]

This ISP's intent is laudable, but unless AOL, et al, emulate them it is a quixotic campaign. How, exactly, will this ISP's action help defeat the legislation the RIAA is sponsoring? If it passes, Information Wave's actions will be illegal. Then what will have been gained? I'm arguing that outside the tech community -- where Congress lives -- the very real differences between what the RIAA wants to do and what Information Wave is planning will not be apparent.

Re:This Kind of Restriction is Good, Then?

[LordNimon]

The freedom to commit a crime is not a freedom you want to support.

Re:This Kind of Restriction is Good, Then?

[Restil]

Fine. I'll give them this. If the ISP blocks the RIAA from accessing their network, I'll agree that the RIAA is perfectly within their rights to block the ISP from accessing THEIR network. I promise I won't raise a fuss about it. And neither will the ISP. :)

Many ISP's have top level filters. My ISP scans my email for viruses and replaces the message when it finds one. Some ISP's offer (or enforce) content filters. Many cable providers block all the below 1024 ports to prevent people from running servers. Saying that it is the policy of the ISP to block a specific website because they consider that site to be dangerous is well within their rights and doesn't tread on the rights of their customers.

-Restil

Re:This Kind of Restriction is Good, Then?

[reallocate]

Don't believe I used the phrase "free speech". But, listen: If the RIAA or anyone else commits an illegal act -- like trolling around in my computer -- using my ISP, then my ISP needs to do something about it. If they don't, their customers may take legal action against them. The RIAA wants to make it legal for them to break into my property and look around. That would be a restiction of my use of my property in my little corner of the Internet. If the RIAA-supported legislation becomes law, then an ISP who restricts their ability to engage in legal activity will, presumably, be acting illegally.

Whatever their motivation, Information Wave probably deserves an "A for Effort", but I believe that the RIAA will simply use this as "evidence" that more legislation is needed to thwart ISP's who support and facilitate their customers' ability to "steal" copywritten product. The fact that the RIAA is wrong is irrelevant. Congress will believe them.

Re:This Kind of Restriction is Good, Then?

[Rev.+DeFiLEZ]

As much as I agree that this isnt the right way to fight this battle there is a a logic difference in the 2 types of "censorship"

1) the ISP is protecting themselves from a group of ppl that want to "hack" any machine in search of copyrighted material, they have no responsibility for the stability of the machines they search.

2) RIAA is forcing ppl to shutdown websites that they dont agree with (most recent being the chinese web-site of _links_, there were no mp3s they were links) RIAA doesnt get the traffic, they dont lose bandwidth resources, their systems arent gettings unauthorized/unwelcome connections

All of this over Britney_Spears_Song_of_the_Week.mp3, as much as I dont like pirating songs, (i have _three_ mp3s I dont own the cds for, and I will buy the singles the next time I am near a music store)I think abitrary connections, with risk of data loss (and other stuff) is unacceptable.

this is like putting up a brick wall on the end of everyones driveway (at the risk of it falling over and crushing a car) to stop drunk drivers

-rev

Re:This Kind of Restriction is Good, Then?

[tshak]

This has nothing to do about restricting people we don't like, and everything to do with banning malicious networks. Just like a DDOS will get your subnet banned (at least temporarily), so will any other threats to security. This is not about content censorship or favortism.

Re:This Kind of Restriction is Good, Then?

[Loki_1929]

"So..restricting Internet use is OK if you're restricting people you don't like?"

Hello, this is your ISP.

We have reviewed your previous post to "slashdot.org" and have determined that you are unhappy with any restriction of internet use. We apologize for our mis-understanding of your needs and have currently removed all restrictions for your account. Please note, that your email account now has 12,392 mail messages on our mail server. 12,385 of them appear to be spam or "mass-mailer" viruses, however we have not blocked them as per your request. Thank you, valued customer.

Re:This Kind of Restriction is Good, Then?

[vladkrupin]

On the other hand, the internet is going to be restricted no matter what - 100% free flow of traffic is a pipe dream, and it's only going to become more and more restricted each day.

By making a restriction like that we sacrifice some of the notion that 'information wants to be free'. Richard Stallman et al would have killed me for this, but sacrificing something you'll lose tomorrow anyway for the sake of setting up a precedent is a pretty good trade-off, IMHO.

I can also name a couple more benefits, like (1) I am just curious to see if you can get sued off the face of the planet for this and (2) RIAA will see that they can't take access for granted - they assume they can cut people off, but can not receive the same treatment themselves.

I can even go as far as to say that this does not really make internet more restricted. It's like a filter, akin to blocking SPAM, thus making internet a more valuable resource. Doing this will simply increase the signal-to-noise ration of the internet for this ISP's customers, thus making it more valuable. (after all, you did pay for that SPAM filter and ad blocking software, didn't you? And do you feel that you just voluntarily made yourself less free? I don't think so either)

Re:This Kind of Restriction is Good, Then?

[reallocate]

What this is really liable to do is convince Congress of the "need" to prevent the owners of the net's infrastructure from imposing their own kind of vigilante justice. Here's how it will go: If one ISP can restrict RIAA then the next ISP can block, say, access to certain religious sites because they think the sites spread evil thoughts. That's how it will be spun to Congress. In the end. this will simply ensure that any RIAA-supported legislation that passes will explicitly include prohibitions on ISP's doing what Information Wave says they will do. I.e., when it becomes legal for the RIAA to break into my computer, it will be illegal for my ISP to stop them.

Re:This Kind of Restriction is Good, Then?

[Bartab]

Any company providing routing has the right to not route other peoples packets. Generally they do, as thats what their customers pay for, but for specific issues (attackers, spammers, RIAA, etc) then the benefits outway the negatives, in a business manner.

If your packets cost more than they would lose by not routing you, you will not get routed. This is simple economics.

Re:This Kind of Restriction is Good, Then?

[MasterKayne]

The freedom to commit a crime is not a freedom you want to support.

If they are successful in buying a law alowing this it will no longer be a crime.

Re:This Kind of Restriction is Good, Then?

[Omnifarious]

IMHO, crimes are not made by laws, my comments in the article about card counting not withstanding. :-)

Re:This Kind of Restriction is Good, Then?

[reflector]

If one ISP can restrict RIAA then the next ISP can block, say, access to certain religious sites because they think the sites spread evil thoughts.

ISPs are perfectly within their rights to do so. They are PRIVATE companies.

Re:This Kind of Restriction is Good, Then?

[vladkrupin]

using this logic we should just bend over and wait for RIAA to do you yourself know what. While ultimately the result will probably be the same, this is not the option that appeals to me the most.

On the other hand, I don't know enough to even decide whether I mostly agree or disagree with what you had to say. But thanks for bringing up the interesting idea anyway.

interesting idea....

[jeffy124]

in the article, it says they're also gonna set up a bunch of honeypots that act as P2P nodes and appear to be hosting Billboard 100 mp3 files. In reality, those mp3 files are spoofed, and are not the actual songs.

They're gonna use that pot to see who's accessing their network, and if the RIAA should cross the line with that pot, the accessing IP gets blacklisted.

Unfortunately, the loophole is that the RIAA can keep generating IP's out the wazoo, creating a whack-a-mole type of situation.

Re:interesting idea....

[Loki_1929]

"Unfortunately, the loophole is that the RIAA can keep generating IP's out the wazoo, creating a whack-a-mole [tuxedo.org] type of situation."

Not quite. In this situation, the whack-a-mole game has been modified so that steel plates are welded over holes where the mole has previously appeared. Judging by IPv4's limited IP space, and our reckless usage of said limited space, I'd say it's simply a matter of time before the RIAA is SOL. Start by blocking their netblock; that should keep them scratching their heads for a few months.

Re:interesting idea....

[jeffy124]

that's true that there's limited IP space, but the game is similar to blacklisting open mail relays used by spammers. You're never gonna get them all.

Also, I suspect that the ISP's honeypots will be found by RIAA, and they'll note to not go after those machines. So the ISP, too, will have to find ways to catch the RIAA. I think a solution would be for various groups/ISPs/individuals to set up their own honeypots, and share their blacklist info, much like anti-spam activists.

Re:interesting idea....

[NoBrainNoMeatNoNuyen]

Unfortunately, the loophole is that the RIAA can keep generating IP's out the wazoo, creating a whack-a-mole [tuxedo.org] type of situation. They probably will, as will the subcontracters who carry out the work. But odds are they'll all be working within fixed ranges of IPs. As long as someone out there is proactively looking for them and occasionally posts lists of IP addresses and DNS entries for the RIAA hack squad they can be blocked by the ISPs, network managers, and by savvy home network users. Kinda like those host files that block a few thousand DNS entries that host pop-ups and adware. BTW - how would one go about getting info on which IPs are being used by Overpeer, Vidius, NetPD, Media Defender and MediaForce? I'd love to add theirs to a bogus routing table sometime in the not so distant future....

Banning the RIAA : The Beginning of the End?

[daemones]

So by taking this step, do the ISPs take responsibility for threats on their network? What sort of practical precident will this set requiring ISPs to ban organizations and IPs that are considered a "security threat."

After that, how long before P2P becomes such a threat?

OC3

[bsDaemon]

For more information on Information Wave high-speed access services, please e-mail sales@informationwave.net with your requirements and location for special pricing and/or discounts.

This is probably the neatest thing i've ever seen. an isp offering OC3 to your house. heh.

Keep in mind these two words: media conglomerates

[rainmanjag]

I truly applaud this ISP's efforts. Right on, y'all.

There've been a slew of comments about how maybe AOL will adopt this policy given enough consumer pressure or maybe RoadRunner will or any other major ISP. Think for a second about that.

There is a reason these groups are called media conglomerates. They have faces across many different media. Those who provide the Internet connectivity medium also provide the musical content medium. AOL and Time Warner are all owned by a conglomerate that makes records.

But again, right on to those smaller ones who take a stand like this. Maybe if we reward them with our business, we'll put the conglomerates in their place.

and what happens....

[pfankus]

No copyright violations will take place, these files will merely have arbitrary sizes similar to the length of a 3 to 4 minute MP3 audio file encoded at 128kbps. Clients which connect to our peer-to-peer clients, and then afterwards attempt to illegally access the network will be immediately blacklisted from Information Wave's network.

...when the machine that connects to these arbitrary p2p clients ends up inside the IWT network? Are they blacklisted as well? It seems as if they are trying to gather addresses to ban RIAA access, no?

Re:and what happens....

[shepd]

>...when the machine that connects to these arbitrary p2p clients ends up inside the IWT network?

Simple. Issue them a warning under the DMCA, and tell them that due to violating their TOS (ie: No violating the law using their internet service) that their service will be terminated immediately.

It would be better...

[Kakarat]

..if the RIAA's ISP blocked these attacks on their side from ever leaving their network. I'm sure they have their own abuse policy. Now that would be hilarious.

Distributed Honeypots

[Mr.Sharpy]

It seems like it would be a good idea to implement this as distributed honeypots instead of one on ISP's network. Otherwise, what would stop the RIAA attack drones/bots from just blacklisting the blacklist and ignoring the honeypot.

Re:Distributed Honeypots

[Drakin]

Well, seeing this is an ISP setting out the honey pot, they have a range of IP's they could use... so in effect, the RIAA would have to ignore the entire group of the ISP's IP addresses in it's searches...

Either way, the ISP wins. .it eather catches the RIAA hackers, or the RIAA hackers have to blacklist the ISP's IP range because they could all be potential honeypots... which would result in the RIAA being blocked if they attack...

That is, unless the RIAA downloads a selection of files to check the validity of them...

Re:Distributed Honeypots

[Karl+Cocknozzle]

It seems like it would be a good idea to implement this as distributed honeypots instead of one on ISP's network. Otherwise, what would stop the RIAA attack drones/bots from just blacklisting the blacklist and ignoring the honeypot.

By throwing them curveballs. Expire DHCP on these machines every two hours... Write a script that changes the hostnames on the machines after each DHCP renewal... Give the honeypot machines "customer block" ips... If the RIAA wants to just ignore your entire customer IP block, they can avoid attacking your honeypots and thus exposing themselves to your blacklist.

BUT... By doing so they'd be de facto "allowing" an entire ISP to "pirate" (their term, not mine) as much music as they want. So, of course, their superiors would never let that come to pass.

Of course, if they tried to track everybody via MAC addresses, you'd have to do a little creative kung-fu... But spoofing a MAC address can't be that hard: My $100 linksys router does it just fine, so I imagine the equipment available at this ISP can easily handle the task.

Re:Distributed Honeypots

[tswinzig]

Otherwise, what would stop the RIAA attack drones/bots from just blacklisting the blacklist and ignoring the honeypot.

Uhhh... then this ISP will accomplish it's goals of preventing the RIAA from going after their network, right? This ISP didn't claim to be doing this to help prevent the RIAA from attacking everyone, just their customers.

Re:Distributed Honeypots

[Bartab]

Of course, if they tried to track everybody via MAC addresses, you'd have to do a little creative kung-fu

PPP and PPPoE would entirely defeat this, as would any aggregate NATting.

Re:Distributed Honeypots

[Fujisawa+Sensei]

The RIAA Attacks will still comsume bandwidth that we pay for.

Re:Distributed Honeypots

[raju1kabir]

Of course, if they tried to track everybody via MAC addresses, you'd have to do a little creative kung-fu... But spoofing a MAC address can't be that hard: My $100 linksys router does it just fine, so I imagine the equipment available at this ISP can easily handle the task.

Um, a $10 56K modem "blocks" MAC addresses (and any computer with an ethernet card made in the past decade or so can spoof them).

MACs are only exchanged on the local ethernet. Nobody can block or track based on MAC addresses unless they have equipment physically located on your network (such as a cable modem).

I have sent them an email, do the same

[gosand]

I have just sent them an email of thanks and encouragement. I think everyone else who agrees with their actions should do the same. It is nice to see someone taking a public stand, and they should be encouraged.

riaa@informationwave.net

Questions

[sllort]

1. How do they intend to identify the specified IP ranges?
   
2. What if the RIAA anonymously pays consultants? There are plenty of people out there writing exploits who would love a regular paycheck, especially a fat one.
   
3. What if whoever the RIAA hires fakes their source IP?
   

I predict that this issue is more complicated that simply blocking the RIAA's netblock.

KWTCMA

Re:Questions

[Darth+RadaR]

What if the RIAA anonymously pays consultants? There are plenty of people out there writing exploits who would love a regular paycheck, especially a fat one.

Then they bloody well better not set foot in .au ;)

Re:Questions

[highcaffeine]

Too much trouble to read their press release? It's not that long. If you had read it, your first two questions would have been immediately addressed by the following:

"Clients which connect to our peer-to-peer clients, and then afterwards attempt to illegally access the network will be immediately blacklisted from Information Wave's network."

It does not directly address your third question about spoofed IP addresses, but they could address that at the routers.

Re:Questions

[Loki_1929]

How do they intend to identify the specified IP ranges?"

Easy, use this.

"What if the RIAA anonymously pays consultants? There are plenty of people out there writing exploits who would love a regular paycheck, especially a fat one."

Worried about consultants? Read here.

"What if whoever the RIAA hires fakes their source IP?"

I doubt the RIAA could manage to find anyone intelligent enough to forge ip headers. If they did, I'd imagine it wouldn't be too terribly difficult for ISP's to work together and backtrack the actual packets flowing through the routers.

Re:Questions

[sllort]

and then afterwards attempt to illegally access the network

That statement implies a stateful and intelligent "IDS". I was inquiring as to the nature of the IDS. Perhaps I should have been more specific. I apologize.

KWTCMA

Re:Questions

[Loki_1929]

Moderation Totals: Overrated=1, Total=1

Damn you RIAA! Quit modding my posts down, heh.

On a more serious note, how can meta-mod work on a comment that hasn't been moderated? I thought the purpose of meta-mod was to moderate the moderators, not get free mod points.

Re:Excellent news

[Zocalo]

Especially if they can recover from the /.'ing they're going to receive now.

Hey, if they can't survive the Slashdotting then there is no way they are going to be able to cope with all the customers they are going to get now. But if they can survive today I'm going to see if I can buy a *boatload* of their stock...

About time someone told the *AA's where to go!

P2P experiment

[Mr.Sharpy]

It would be interesting to watermark a popular song and release it into the wilds of the P2P networks and track how quickly it moves through the community.

Content of statement (in case it gets /.ed)

[gosand]

IWT Bans RIAA From Accessing Its Network

August 19, 2002

Information Wave Technologies has announced it will actively deny the Recording Industry Association of America (RIAA) from accessing the contents of its network. Earlier this year, the RIAA announced its new plan to access computers without owner's consent for the sake of protecting its assets. Information Wave believes this policy puts its customers at risk of unintentional damage, corporate espionage, and invasion of privacy to say the least.

Due to the nature of this matter and RIAA's previous history, we feel the RIAA will abuse software vulerabilities in a client's browser after the browser accesses its site, potentially allowing the RIAA to access and/or tamper with your data. Starting at midnight on August 19, 2002, Information Wave customers will no longer be able to reach the RIAA's web site. Information Wave will also actively seek out attempts by the RIAA to thwart this policy and apply additional filters to protect our customers' data.

Information Wave will also deploy peer-to-peer clients on the Gnutella network from its security research and development network (honeynet) which will offer files with popular song titles derived from the Billboard Top 100 maintained by VNU eMedia. No copyright violations will take place, these files will merely have arbitrary sizes similar to the length of a 3 to 4 minute MP3 audio file encoded at 128kbps. Clients which connect to our peer-to-peer clients, and then afterwards attempt to illegally access the network will be immediately blacklisted from Information Wave's network. The data collected will be actively maintained and distributed from our network operations site.

The placement of this policy is not intended to hamper the RIAA's piracy elimination agenda or advocate Internet piracy, but to ensure the safety of our customers' data attached to our network from hackers or corporate espionage hidden by the veil of RIAA copyright enforcement.

If you have questions, comments, or concerns regarding this policy, please e-mail riaa@informationwave.net.

common carrier?

[mikeee]

Yeah, but by doing this, are they risking their status as a common carrier?

When the RIAA comes and demands they cut off access to warez.org, they'll be in less of a position to say they can't/don't do content-based filtering. In for a penny, in for a pound; this may be shooting themselves in the foot.

Re:common carrier?

[fatboy]

Yeah, but by doing this, are they risking their status as a common carrier?

Score +1 Insightful

Re:common carrier?

[adam613]

No. They are refusing to carry inbound traffic which is known to cause harm to their network. Content-based filtering is refusal to carry outbound traffic. Big difference.

Re:common carrier?

No, they are not shooting themselves in the foot. The RIAA is using their network resources and their CPU cycles to actively crash nodes on their network. They are allowed to nullify damage done to their network by malicious acts. However, since there is no direct damage being done to the RIAA's resources (network, cpu cycles, etc) by this ISP's customers, the RIAA would have a harder time justifying blocking warez.org than this ISP would have justifying blocking RIAA.

Re:common carrier?

If you want to search someone's drive for illegally copyrighted material, go to the police or FBI and get a warrant. Anything else is illegal hacking. If you are trying to DOS a P2P user, you are DOSing the ISP and all its users.

Would you want to have internet service from an ISP who allows non-governmental (w/o a search warrant) entities to search your files? How about continual DOS attacks? The way I see it, by not allowing the RIAA to perform these actions, they are protecting their ability to provide its services to its paying customers.

Re:common carrier?

[perljon]

Because of malicious code on RIAA's website. Not because of content on RIAA's website. It's the same as filtering out viruses.

Re:common carrier?

[3rd_Floo]

They could just block all incoming non-established or related traffic from the riaa webhosts/ip blocks, that would still allow the isp's users to see the riaa's site, though why they would want to is beyond me! =P

Re:common carrier?

[edgrale]

When the RIAA comes and demands they cut off access to warez.org, they'll be in less of a position to say they can't/don't do content-based filtering. In for a penny, in for a pound; this may be shooting themselves in the foot.

How so? The RIAA has cleary stated that THEY WILL actively attack P2P users on any computer that is distributing music. They are protecting users here, not filtering.

Correct me if I'm wrong.

Re:common carrier?

[pyramid+termite]

Yeah, but by doing this, are they risking their status as a common carrier?

Perhaps, if they HAD such status. Although many ISPs would prefer common carrier status, I've yet to hear of a definable ruling that they have it. It's an issue that neither the courts or Congress has directly addressed yet. I'm sure in the next few years, it will be settled, one way or another.

Disagree? Please point me to a court ruling that says I'm wrong.

Re:common carrier?

[afidel]

For definitions and actual law related to common carrier status see Here
By my reading of section 202 they can make reasonable descrimination against people, and if cutting off people who are bent on harming your customers isn't reasonable I don't know what is.

It shall be unlawful for any common carrier to make any unjust or unreasonable discrimination in charges, practices, classifications, regulations, facilities, or services for or in connection with like communication service, directly or indirectly, by any means or device, or to make or give any undue or unreasonable preference or advantage to any particular person, class of persons, or locality, or to subject any particular person, class of persons, or locality to any undue or unreasonable prejudice or disadvantage.

Re:common carrier?

If xyz.com tells me that they will attack my computers then it is prudent that I block xyz.com from entering my network. IPS's have been doing this already from other know IPs that attacks are frequented from. Legally, who knows what a court would say. What I think ISPs should do is proactively push personal firewall use by all it's customers and then recommend that they block RIAA. They could also work with personal firewall vendors to come up with simple def files that could be updated as new threats from RIAA and its ilk arise, making it easy for a user to update there software to the current threat level. This would take the burden off the ISP and give the choice of blocking RIAA to the user. Then the RIAA couldn't make any argument at all since they can't tell an individual user what sites they must accept, yet:( Of course trying to get the regular user to keep their software patched is a problem in itself.

Re:common carrier?

[kimgh]

Is RIAA already doing this? The Berman law has not passed yet, AFAIK. So if they are already doing this, they are breaking the law and should be prosecuted, not just shut out. And if not, aren't we overreacting a bit?

Re:common carrier?

[kontos]

No! ISPs don't have common carrier status. If they did, they wouldn't be allowed to apply spam filters to email.

This of course begs the question: Should ISP be considered common carriers?

Re:common carrier?

[tshak]

They are not blocking access to RIAA.org, they are blocking malicious attempts to crack people's boxes. This is not censorship.

Re:common carrier?

[KillerCow]

When the RIAA comes and demands they cut off access to warez.org, they'll be in less of a position to say they can't/don't do content-based filtering. In for a penny, in for a pound; this may be shooting themselves in the foot.

How so? The RIAA has cleary stated that THEY WILL actively attack P2P users on any computer that is distributing music. They are protecting users here, not filtering.

Because they have demonstrated that they have the physical capacity to block access. They can no longer claim that blocking content is not possible, since they are actively doing so. The fact that they are protecting their users in this case won't matter. If they were compelled to block other access by a court order (or something else), then they would have to, since it is possible.

Re:common carrier?

[uncoveror]

Who says that the RIAA will wait for the Berman law to pass? They probably already have hackers doing their dirty work clandestinely. The law would just allow them to do it openly. They already have overpeer flooding P2P networks with bogus files. I wouldn't put it past an indusrty that exists to rip off children, charging up to 20 dollars for something that cost them one to make.

Re:common carrier?

[npsimons]

When the RIAA comes and demands they cut off access to warez.org, they'll be in less of a position to say they can't/don't do content-based filtering. In for a penny, in for a pound; this may be shooting themselves in the foot.

BZZZT, wrong, but thanks for playing! They are blocking potential attackers who have stated their intent to attack. That's just a common sense security precaution, not censorship.

As a side note, just how exactly will the RIAA "demand" they cut off access to warez.org? Is the RIAA one of their clients? No? Well, then I guess they don't have to do a damn thing they say.

Re:common carrier?

[gmack]

I can't picture the RIAA calling every ISP and asking them each to install filters for each warez site.

Although it would be amusing to see them try.

It's just too much of a a pain to call several thousand ISPs and ask for a block. That's why they are going after the backbones to do the blocking even though filtering there risks dragging the entire net to a crawl.

Re:common carrier?

[nmx]

They are not blocking access to RIAA.org

Read the article, fool. They absolutely are blocking access to RIAA.org.

Re:common carrier?

[Nogami_Saeko]

Do you think this makes a shred of a difference?

If the RIAA wants to go after websites, they'll hire some outside company to do it, not use their own servers...

If they wanna prosecute people, they'll hire "investigators" who will probably work out of their homes on cable/DSL modems on any ISP in the country.

If they're allowed to DOS the P2P connections, they'll hire (or create) some big backbone-sized cybercop network host that will be able to deliver the attacks from a wide variety of (probably spoofed and constantly changing) IPs.

The only thing that blocking RIAA.org will do is maybe not allow their secretary to connect to the ISP's customers...

Re:common carrier?

[Afrosheen]

Don't forget the other two easy and convenient way to grab music and other copyrighted works:

IRC and binary newsgroups

Will the RIAA start requiring ISP's to block newsgroup access and irc ports on their network next? Where will they draw the line?

As someone famous once said, "greed knows no boundaries".

Re:common carrier?

[cortices]

I see this as being no different than blacklisting certain mail servers because of open relays. They are not filtering anything, merely denying access to *their* network due to justified concern regarding the well-being of said network.

cortices

Re:common carrier?

[C.Su]

Wrong. The article says that the ISP will prevent its customers from accessing the RIAA's web site (outbound traffic), in addition to taking other measures. This isn't much different than being asked by the MPAA to prevent customer's from accessing freemovies.com.

Re:common carrier?

[Decimal]

Yeah, but by doing this, are they risking their status as a common carrier?

Dunno, but I think there's more common sense at work here than others might think. I'm going to look into that ISP, and if I can get service from them where I am, they have my business! Just think how much advertising Slashdot is giving them.

Re:common carrier?

[Dimensio]

Yeah, but by doing this, are they risking their status as a common carrier?

ISPs are not common carriers. That much has been well-establshed.

Many ISPs block known spammer domains at the router level, this is no different except that the RIAA's abuse is of a slightly different nature.

Re:common carrier?

[cpmte]

this doesn't apply because ISP's don't have common carrier status

Re:common carrier?

[Spazzz]

Disclaimer: I am not a lawyer

To the best of my knowledge this is true, somewhat. A "stub network" ISP doesn't have common carrier status, however, a lot (all?) backbone providers, to the best of my knowledge, do have common carrier status. Think UUNet, Sprint, AT&T, Qwest, Level 3, etc. Joe's Bait Shop and ISP is a completely different ballgame, though. I applaud this ISP for taking such a measure. Does anybody know if they're going to publish the list of IP addresses they block? This would be great to add to an RBL type service for the rest of us to use.

Serves the sons of bitches right, after they pulled this bullshit.

Re:common carrier?

[raju1kabir]

Yeah, but by doing this, are they risking their status as a common carrier?

Score +1 Insightful

Score -2, non-sequitur. ISPs don't have common carrier status to begin with.

Re:common carrier?

[Robert+The+Coward]

NO They are an ISP not an NSP. They Only have to answer to there custmers. Whereas an NSP is more like a common carrier. An ISP provides direct access to custmers whereas an NSP provide access to networks like ISP think backbone, granted that line blurs sometime but for the most part they are separt. If UUNet decided it was going to block access to RIAA Network then that might be an issue.

It's only entrapment

[shepd]

If they either sue, or get the law the RIAA to court on the "evidence", since entrapment is a legal issue. I don't think it applies to private entities anyways.

I somehow doubt they'll do that, and they are a private entity, so no.

Information Wave blacklists

[LAI]

The announcement reads in part:

Information Wave will also deploy peer-to-peer clients on the Gnutella network [...] which will offer [dummy] files with popular song titles [...] Clients which connect to our peer-to-peer clients, and then afterwards attempt to illegally access the network will be immediately blacklisted from Information Wave's network. The data collected will be actively maintained and distributed from our network operations site.

If I'm reading this correctly, it looks like the situation IWT wants to prevent is that of RIAA agents "finding" songs being shared, then trying to attack the sharing hosts. If that's right, then even more kudos to them!

Comment removed

[account_deleted]

Comment removed based on user account deletion

Gated Communities as a legal precedent?

[dpilot]

First IANAL, don't even play one on TV...

The legal system runs on precedents, and the more you have on your side, the better.

Is the gated community a precedent for an ISP? A gated community can restrict access of outsiders to the interior of the community, but does not restrict members' access to the outside. Sounds kind of like what an ISP is doing in this case. I presume gated communities have provisions for police and firemen to obtain access, as well as desired visitors.

Are there precedents for salesmen or bill collectors (without an accompying policeman) gaining access to a gated community? I can see a better case for religious types, claiming Constitutional protection. But last I knew, the RIAA didn't qualify as a religion.

Re:Gated Communities as a legal precedent?

[WetCat]

only English (and American) legal system runs on precedents. In European law the text of law only has meaning, not precedents...

Re:Gated Communities as a legal precedent?

[reflector]

I can see a better case for religious types, claiming Constitutional protection.

Not even close. The fact that someone wants to spread religious dogma doesn't give them any special right to trespass.

If anything, the Constitution would demand that they be treated equally, and tossed out on their asses just like everyone else that tried to trespass.

Re:Gated Communities as a legal precedent?

[raju1kabir]

If anything, the Constitution would demand that they be treated equally, and tossed out on their asses just like everyone else that tried to trespass.

Have a look at this, where the Supreme Court recently addressed a similar question.

Re:Gated Communities as a legal precedent?

[reflector]

From what I could tell, it sounds like the Supreme Court agrees that they get the same protections that anyone else does. The poster I was replying to seemed to suggest that religious groups get some kind of special protections...

Surely they'll check before attacking

[SoftwareTechie]

I doubt they would launch an attack simply on the basis of a file name and size. They would need to listen to the file to verify that it was one to which they hold the copyright.

They may initially run a high-level 'finger-print' check and then those that pass are given a more detailed examination, with a final check being performed by someone actually listening to the track.

Re:Surely they'll check before attacking

[Sabalon]

No...it says people that download files from there and then turn around and start attacking will be blocked.

It all comes down to how smart the RIAA's find and kill stuff is. If it just goes by filenames, then this will work. If someone finds out that some song being billed as Linkin Park's latest is indeed someones static, then it won't work.

Re:Surely they'll check before attacking

[linzeal]

So copyright the static than sue the RIAA.

Re:Surely they'll check before attacking

[thulldud]

I think you missed something there. To be added to the blacklist, a site must 1) download the honeyfile, and 2) subsequently attempt an illegal access. My question is, what would constitute an illegal access attempt? Probably an attempt to scan their network?

How would such a plan work? Any attacker with two neurons left to rub together would initiate the download from one network and the attack from another. For that matter, they might even load port redirectors on other people's systems and completely camouflage their origin. Sure, this would be ultra vires, but it's none the less possible, even likely, considering the source.

A lone ISP can't effectively block this sort of thing on its own. But this statement at least will draw attention to the RIAA's sharp practice. That may be all we should hope for out of this, but that would be more than nothing.

Re:Surely they'll check before attacking

[Bozar]

How can you tell the difference between static and Nu Metal????

Their legal team will eat you alive! ;-)

Re:Surely they'll check before attacking

[Mercaptan]

Your requirement that the attacker have two neurons has already disqualified the RIAA from mounting such an attack.

Re:Surely they'll check before attacking

[robson]

If someone finds out that some song being billed as Linkin Park's latest is indeed someones static, then it won't work.

You might pick a different example, as replacing Linkin Park mp3s with static could easily be considered a public service.

Re:Surely they'll check before attacking

[Sabalon]

Yeah...It was the only band name that popped into my head. I was sitting there struggling trying to come up with a current act.

At first it said Spice Girls, then I realized they've been gone for quite some time. I guess I could have used Pink - only other current act I can think of.

oh wait - just thought of Britney Spears - how did I forget her.

Well, back to my Les Claypool

Re:Surely they'll check before attacking

[ShavenYak]

oh wait - just thought of Britney Spears - how did I forget her.

I don't know, but if you figure it out please tell the rest of us so we can forget her too!

Re:Surely they'll check before attacking

[AMNESIACX]

Yes, but now the RIAA have to be careful to screen all files beyond just the filename: extra effort required - cant be a bad thing.

Re:Surely they'll check before attacking

[Sabalon]

What I was thinking is that they'd then realize this ISP is just wasting their time and filter the isp from their hunt and kill programs, which would make this ISP a haven for filesharing.

Re:Surely they'll check before attacking

[thulldud]

Well, that might be true, but they could contract it out.

Btw, your screen name stinks.

censorship

[pr0nbot]

Just to play devil's advocate (I actually like their idea)...

How is this not censorship? Why does my ISP need to protect me "for my own good"? Surely it's up to me to secure my machine against intrusion and deal with those who might commit a crime if and when they actually do?

Re:censorship

[PMadavi]

They're not blocking them for your own good. They're blocking them to maintain the integrity of their network and to keep their customer base. If you get DoSed, and you know of an ISP that would block that attack, wouldn't you switch. They're doing nothing more than protecting their business, which is what the RIAA is claiming that they're doing. This has nothing to do with your own safety, but rather their ability to do business. If they don't block, somebody else will and suck up all the business. Let's face it. High speed is for downloading, not checking e-mail. These guys provide high-speed, they gotta make their customers happy and allow them to download what they want to stay competitive.

Re:Censorship

[WebMasterJoe]

So this isn't merely preventing the RIAA from entering the ISP's network, it's blocking any customer access to the RIAA site. What if I want to read what the RIAA has to say about a topic? The ISP has decided what the customer can and cannot read.

I understand your point, but I don't see this as censorship. Why? Because the ISP is blocking a malicious user (or one who threatens to be) from interacting with that ISP's equipment. Think of the ISP as a restaurant and the RIAA as an irate customer, threatening to march in and kick over the tables wherever it spots a customer it claims is stealing from it (the RIAA does not have jurisdiction to convict anybody of stealing). I think the restaurant owner is within his/her rights to protect his/her tables (and patrons) from the RIAA by not letting it enter the restaurant.

Are all our Government sites blacklisting RIAA?

[Viewsonic]

I would think they would pose a national security threat if they haven't yet. I could imagine some guy working for the FBI or some WHite House Janitor in the basement downloading some MP3 and then the RIAA disabling servers on the network. I would hope the heck that the US Government has them all blacklisted themselves by now.

round & round we go

[AnalogDiehard]

In other news, US Rep Howard Berman introduces a bill to outlaw ISPs using blacklists against the **AA.

Compromise neutral carrier status?

[sam_handelman]

Help, lawyers!

Now, filtering out SPAM shouldn't compromise your neutral carrier status - after all, it's a needed step to maintain the health of the network. Likewise, filtering out potentially damaging hackers, like the RIAA.

However, if they're smart, the RIAA is going to use this as ammunition in their struggle to get ISP's neutral carrier status revoked! Or, they are if they have any sense. If the ISP can block access to OUR site (for security reasons) they should block access to that site in china (b/c we tell them too.)

Scary.

Re:Compromise neutral carrier status?

[SN74S181]

That's an interesting point.

Now that this ISP is showing the initiative to actively filter the content it provides to it's subscribers, it looses Common Carrier status.

They can now be considered a content provider, and sued on the basis of the content accessable over their wire.

Re:Compromise neutral carrier status?

[topham]

It never had common carrier status.

Seriously, if you check into it you'll find they never qualified for it. They are not a regulated company covered by that.

Also, I suspect there would not be a problem as the originaization in question specificly stated their intent to take actions which are potentially detrimental to the ISP. They have a right, and expectation to protect their network from such users. (If it is a publicly held company their stock holders could sue if they did NOT take action to protect their assets (the network))

Re:Compromise neutral carrier status?

[SuiteSisterMary]

The argument here would be that the RIAA has publicially announced their intentions to attack the network. Therefore, they're taking active measures to protect the integrety of said networks.

Switzerland is a 'neutral' country, but if you're silly enough to send in armed troops to close down a bookstore selling photocopies, well, you'll quickly learn that pretty much every citizen is an army member.

Anyone have the IP addresses of RIAA, MPAA?

[farrellj]

Would love to get their IP addresses, and any company working for them to add to my blocked list on my firewall, and my customers firewalls.

ttyl
Farrell

Re:Anyone have the IP addresses of RIAA, MPAA?

[Arcturax]

If you are indeed a computer consultant who sets up firewalls for people, I would HOPE you would know how to get this on your own... It is not so hard to write a program or even a shell scipt which will take a web addy and spit back the IP.

I would also add

[oliverthered]

I would also add
Rebuilding corrupt/scratched or broke Vinal/CD's/DVD as fair use, especially old CD's that were sold as 'indestructible'.

You may still be licensed for any CD's/DVD's that have been stolen because in the UK at least you still own the stolen goods unless they are recovered or you claim on an insurance policy, even if the thief sells them.

at least that's what I use P2P networks for!

Re:I would also add

[Hektor_Troy]

That's the problem with the media conglamerates.

Consumer: "I bought this CD/DVD, so I should be able to do with it as I want."

MC: "No, you only paid to be allowed to listen/watch it under certain circumstances."

Consumer: "Okay. Now my CD/DVD is scratched beyond use. I want a new one."

MC: "Can't do that. You only get that one copy. You have to be carefull with your own stuff. It's not our responsibility."

Personally I'd like to get a VERY thorough rewrite of the copyright laws that affect _me_ meaning Denmark and the EU, but I'd also like a global and FAIR set of copyright laws.

Not just fair to me as a consumer, but also fair to the copyright holders. As it is now (at least in Denmark) it is seriously borked, giving consumers rights that are in no way fair, and removing rights that ARE fair.

Re:I would also add

[oliverthered]

Fair use normally say you can take a backup incase of ...,
All i am saying is that you can use p2p as global backup facility

Re:Excellent news

[uncoveror]

I hope techies will reward this ISP for their decision by patronizing them. Boycott the recording industry and do business with Information Wave Technologies if they have a presence where you live.

Way to Go!

[Quixadhal]

Awesome news. An ISP that actually has a backbone (really, pun not intended!)

Now if only the PC manufacturers would show similar courage, maybe we could convince the RIAA/MPAA that they are just companies and that even money can only go so far.

I think Rosen and Valenti just have an inferiority complex and are trying to be like Bill Gates. :)

uhm...NO

[bsDaemon]

First of all, 'entrapment' only applys to law enforcement agencies. That said, only in specifc circumstances. If you are coherced into doing something by an undercover police officer you would not normaly do, that is entrapment. If they step out from an ally and start offering you free samples of cocaine, then you take it and they bust you for posetion, that is entrapment. If you come up to the same cop and start asking for it, that's not entrapment. That's you soliciting illegal drugs. He was just standing there. Looking like a drug dealer isn't illegal, is it now? Nope. You just assumed. the RIAA is just assuming that they are volating copy right laws. The ISP isn't pushing it. Even if it was teh FBI sitting their hosting the files, it wouldn't be entrapment. It's not like they went into IRC and started telling people about their "cool" new archive. Dumb ass.

Re:It's still stealing.

[ldopa1]

Actually, it isn't stealing.

The supreme court has ruled time and time again that you cannot patent a sound. Nor can you copyright it. You can copyright it's composition (the sheet music), but you can't own a sound.

Never mind that argument. Think on this: I have several .wavs and mp3's on my computer of my own composition. I own the rights to their use, and I choose to distribute them freely. My sharing of MP3's is NOT illegal under any construct of the law.

However, the act of copying music from CD's without approval IS a violation of the law, provided I do it for profit. The profit doesn't have to be monetary. I can exact profit from the loss of sales the artist would normally enjoy. That said, seeing as I am not SELLING the mp3's, and study after study has proven that the sharing of mp3's BOOSTS sales, they have to PROVE that they suffered a loss from my activities.

It gets even more complicated than that - they only have Offensive Rights for protected works. They means THEY have to sue ME, and if they don't do it within 5 years of the infringement, they lose offensive rights to that work in TOTAL.

So go ahead and argue that people who share mp3'
s are stealing (and privately, I agree), but the RIAA and the artists themselves have the onus places on them to do something about it in court.

Some people are arguing that Napster, Morpheus, LimeWire et al are facilitating this, and are thereby guilty through association (in an "aiding and abetting sort of way). IF that's true, and I AM willing to scede that argument, then the RIAA and the artists need to take action against the manufacturers of CD-RW, DVD-RW, Casette tapes, mini-disc, VHS, Super-H, BetaMax etc etc etc, ad inifinitum. Anything less implies that they don't actually care about protecting their rights.

Re:RIAA IP Space (add UUnet's Web IP Space)

[Erik_]

As per the article, the provider is banning the RIAA website . So you might want to add 208.225.90.120 to the IP address space. Note that 208.225.90.120 is part of the UUnet Technology (Web Business Unit) IP Address space.

EMAIL THEM

[qwerpoiu]

If you have questions, comments, or concerns regarding this policy, please e-mail riaa@informationwave.net.

The RIAA will flood this address with a huge horde of lobbyists! It is up to us to counter that.

Please write a nice email to them praising them for this policy!

Come on, let's constructivly /. that email address!

Same old story

[mizhi]

Which is that the RIAA simply does not understand the tech industry or technology.

It's like allowing an 18 year old with a basic knowledge of physics to decide regulations for bridge building.

For a less abstract analogy, I know that my television has been stolen from me. I don't know who, but I know it had to be someone in my neighborhood. Using the RIAA as a model, I should be able to go into each of my neighbor's houses to look for this television, without their permission. And if I have a strong suspicion that I have found the violator, I am allowed to destroy the house. That's basically what the RIAA wants.

Re:Same old story

[revery]

For a less abstract analogy, I know that my television has been stolen from me. I don't know who, but I know it had to be someone in my neighborhood. Using the RIAA as a model, I should be able to go into each of my neighbor's houses to look for this television, without their permission. And if I have a strong suspicion that I have found the violator, I am allowed to destroy the house. That's basically what the RIAA wants.

Actually it's even better. You still have your television, they just built one identical to yours,
no wait, they built one that looks and sounds almost exactly like your TV, only smaller.

Re:Same old story

[Bytenik]

Would everyone please stop using theft analogies to refer to copyright violations .

They are completely different things with completely different laws.

If public perception is that music sharing is theft, then it will be much harder to get to the promised land of "Open Source Music".

Re:Same old story

[Wah]

only smaller

how about "only lighter"? (and this concludes today's message from the AIS [Analogy Improvement Service])

Re:Excellent news

[DSL-Admin]

As an admin for an ISP, I can say, that the ISP is not required to let their users have unrestricted access to the internet. Look at AOL, MSN.. MSN won't allow you to access an external SMTP server.. Also, from an ISP standpoint the RIAA just became the enemy. Part of our job is to protect our network from malicious attacks, this includes the crappy RIAA. I wish I could convince the owner to allow me to block the RIAA IP blocks...

Dangerous Precedent

[siskbc]

I know there have been a few things like this before, but I really don't like the whole scenario. Basically, as an ISP, you have to either open up your network to whoever wants it OR play cop and divulge client info (even guilty-client info).

Think about it - I can't think of any "real-world" situation where this would be allowed to occur. Let's say I own an apartment building, and I value my tenants' security, so I installed a gate. Now, the RIAA decides they think one of my tenants is bootlegging CD's. So they try to bash the gate down, but they can't. Now they sue me. Or, to avoid the suit, I install cameras in every apartment so I can see what all of my tenants are doing, all the time. And, when I catch someone, I write his name attached to a list on the front gate. Yeah, it's nice to have the gate, but now my landlord is no better than the RIAA.

That's exactly what's happening here. This is barely better than unfettered RIAA access. But this is still no acceptable solution. If the RIAA proposal were to be proposed in language people understand, they would be enraged. But it isn't, so they don't care. Great.

Re:Dangerous Precedent

[StupidKatz]

No one says the ISP is spying on their customers. The RIAA can point fingers all they want, but (at least the theory goes) the RIAA has to prove that someone on your network is doing something illegal.
Worst case scenario in the real world: RIAA supplies IP address, *then* ISP looks at that *specific* customer. Decent ISPs generally have neither resources nor interest in watching all their customers for "questionable" activity.

Stop trolling, please.

Re:Keep in mind these two words: media conglomerat

[JonathanF]

One technical note here: Road Runner technically isn't owned by AOL Time Warner (there are people on Insight Cable in Ohio who get Road Runner, and even some people in Newfoundland), so they aren't DIRECTLY controlled. That means that Road Runner could theoretically disagree with AOL Time Warner and protect the network from the RIAA's actions - which wouldn't be entirely unthinkable, as they still their own security obligations. AOL Time Warner would probably also know that they can't just toss out Road Runner, even if it contradicts them: no one would stand for it if they were suddenly forced to use AOL High-Speed.

Of course, let's not kid ourselves too much. Road Runner may well feel pressure on their side of the equation. We just have to remember that they're not completely beholden to the cable provider they're most commonly affiliated with.

Re:Keep in mind these two words: media conglomerat

[Aknaton]

You're right about AOL but what about AT&T? I didn't know that they owned any movie/music companies. Also, Earthlink and Mindspring are still independent, aren't they?

Private implementations vs public "lists"

[StupidKatz]

People can do whatever the heck they want (blocking-wise) on their own networks. Anyone who says otherwise is a complete and utter fool. To say that a private network can't block access to and from an organization THAT ACTIVELY ADMITS THEY WANT TO CRACK INTO END USERS' MACHINES is akin to saying you have to invite burglars in for crumpets and tea, give a tour, and give them a spare key on the way out.
Absolutely stupid.

As for the ORBS list (or the one that was 'forced' to remove the blacklisted site), well, that was a bunk case. I can't remember the details; are you sure they won the suit? I do remember legitimate sites being removed from the list, but wasn't that because they fixed their mail relay? The spammers that sued... dang... they didn't actually win the case, did they?

Re:Excellent news

[perljon]

Use the legal liability argument as this ISP is. If the RIAA attacks your clients computers and destroys something of value, your company is liable for it. That should be argument enough.

whois.

[caluml]

[calum@womble calum]$ host www.riaa.org
www.riaa.org has address 208.225.90.120
[calum@womble calum]$ whois -h whois.arin.net 208.225.90.120
[whois.arin.net]
UUNET Technologies, Inc. (NETBLK-UUNET1996B) UUNET1996B
208.192.0.0 - 208.255.255.255
UUNET Technologies (Web Business Unit) (NETBLK-UU-208-225-90-D1) UU-208-225-90-D1
208.225.90.0 - 208.225.90.255

A couple of IPTables rules would do it... ;)

Serious Balls

[fire-eyes]

Its nice to see a company has such heaving huge balls of steel. Keep it up!

Website in case of Slashdotting...

[qwerpoiu]

h4xx0red! d0n7 m3ss w1th t3h RIAA!

R3g4rds,
1337 RIAA h4xx0r

Honeypot Information

[futuresheep]

Since most ISP's won't take this tactic, I'd like to know if they'd be willing to hand out their honeypot generated blacklists, so those of us that have the ability to, can protect our home networks as well.

Re:It's still stealing.

[howardjp]

I call bullshit unless you can produce a case.

If they have national numbers support them

[nurb432]

Put our money where it counts and support these guys, and anyone else willing to stand up and say "NO"

Re:Excellent news

[Jucius+Maximus]

"from the shot-heard-round-the-net dept"

More like, "from the, uh, ACK packet heard round the net dept"

Block RIAA members!

[supabeast!]

Instead of just blocking the RIAA itself, how about blocking RIAA members? Imagine if Sony, RCA, AOL/TW, etc.. had all of their internet traffic blocked by ISPs? It really wouldn't be that hard to get the consumers on the side of the ISPs, as the ISPs could argue that the RIAA and its members are promoting and financially supporting electronic terrorism!

Re:Block RIAA members!

[curunir]

Hmmm...blocking all AOL traffic...are you insane??? A small ISP that blocks all AOL traffic won't stay in business for long...if only because people need to send and recieve emails to/from @aol.com accounts. And that's not even considering the fact that %9x percent of the world's IM users use either AIM or ICQ.

Re:Block RIAA members!

[buss_error]

Imagine if Sony, RCA, AOL/TW, etc.. had all of their internet traffic blocked by ISPs?

On the one hand, if you have an AOL account, do I want your traffic in any case? On the other hand, would any AOL user ever know they had been blocked? I mean, really, most AOL users never leave AOL, right?

You got mail....stupid! (An early AOL voice over)

Re:Block RIAA members!

[supabeast!]

Not all ISPs are small. AT&T, Cox, Comcast, and Verizon all have just as much reason to follow Information Wave's lead as all the small ISPs out there. If a large number of ISPs hit RIAA members with a simultaneous traffic block, angry AOL members unable to access a huge number of internet locations would suddenly get really pissed - especially if the traffic blocks all redirected to a short explanation.

Re:Block RIAA members!

[supabeast!]

"most AOL users never leave AOL, right?"

The thousands of AOL advertising staff laid off this year only wish that were true.

Show them support with your wallets!

[WebMasterJoe]

I say, support these people with our wallets. Next time you want some web space, consider going with Information Wave. They seem to have some nice web hosting options; $10/month gets you a modest amount of space and traffic, plus PHP, Perl, MySQL, PostgreSQL, htaccess, FTP and POP accounts. Even if they're not the best deal you can find, they seem like a reputable bunch and not afraid to stand up for the rights of their customers.

If the RIAA gets what they want

[Wedge1212]

if the RIAA gets what they want i will be denying their access to my company. I personally dont mind if fellow employees download music or what not. Its their business. So i'll man an effor to protect them.

Nonsense

[FreeUser]

An ISP that blocks or restricts RIAA use of the net is legitimizing the practice they purport to oppose. This is not the way to fight this particular battle.

Nonsense. They are restricting system crackers from attacking their networks, and their customers. This is a longstanding policy for most ISPs, who blacklist SPAMmers and other neferious crackers who are looking to steal information (e.g. credit cards) or damage people's systems out of pure maliciousness.

The RIAA has chosen to become one of the above, and announced their intention to do so publicly. The ISP is responding in a responsible manner, both in terms of immediate security and in terms of long-term economic viability.

Think about it. If the RIAA and the MPAA are allowed to crack, and possibly destroy machines on the internet, or succeed in their more modest objective of turning the internet from an interactive publishing medium everyone can be hard on into a more-or-less one way, glorified interactive shopping network channel, how many people are going to be willing to spend $40/month or more for access?

Virtually no one, which means all of the ISPs in question essentially go out of business, or become a niche market. Either way, they lose.

AOL, Sprint, AT&T, and other large broadband players had better stand up to this as well ... if they do not, they are likely to see the underlying reason for why people are willing to pay for internet access go away, and with it their entire market dry up to virtually nothing.

That would serve the purposes of the MPAA, the RIAA, and other copyright cartels, but it would be devistating to the tech industry, the internet, and very directly to the ISPs in question.

It looks like one ISP has actually thought the consiquences through, and chosen the best alternative for dealing with it. I suspect any ISPs capable of reading the writing on the wall, and interested in projected earnings beyond the next couple of quarters, will likely reach similar conclusions.

Perhaps not AOL, which has come to be dominated by their media-cartel half, Time-Warner, but certainly AT&T and others should seriously be considering similiar measures to protect their networks, their customers, and ultimately their business.

Re:Nonsense

[reallocate]

I agree, actually. But, this isn't about what is "right". This is about what is politically possible. I believe that this action is likely to backfire and, in the end, provide more political ammunition for the RIAA. If they win, they can legally break into our computers. I take that to imply that ISP's will not be allowed to block them, and that I won't be allowed to add them to my firewall rules.

The stakes here are much, much larger than trading in MP3's of flavor-of-the-day music. Information Wave's actions are liable to be seen, particularly in Congress, as more evidence of the need to police and regulate technology. That is, Information Wave's actions will be perceived as more evidence of a technology company's ability to interfere in the actions of others. I.e., if they can interfere with the RIAA, then they can do the same thing to any entity. Follow that argument a little further, and you soon decide to impose heavy restrictions on the net (and ISP's) in order to "protect" all its users.

This is okay, right?

[mysticgoat]

I've got no technical knowledge of internet security. I have tried to keep up with general news about defensive strategies and tactics.

It looks to me like IWT's tactics are reasonable extensions of well-accepted defensive moves. Blocking an ISP that will not police its own members has been a routine defensive ploy for some time, I believe. The difference here seems only to be that IWT is able to act proactively (since RIAA has blatantly stated that they are going to violate the generally accepted code of good behavior). Is my thinking wrong about this somehow?

Similarly, their use of the honeypot tactic to identify and counter specific threats seems like accepted behavior, too. Again, is there something here that I'm not seeing?

It seems like the only real new thing that IWT is doing here is being public about their activities. This stuff is usually handled in the back rooms-- but then it usually involves finding some script kiddy's Mommy and making sure that she disciplines her child appropriately. To my knowledge RIAA is the first institution that has ever publically declared that it will violate the unwritten codes of behavior that keep the internet working. Making a public hue and cry about this seems like the moral equivalent of telling the brat's Mommy that she needs to teach her kid some lessons.

Other than being public about it, is there some way in which IWT's tactics differ from what you should expect your ISP to do to guard your interests?

At this point my livelihood is damaged badly when my computer system is messed with. I lose money for every hour of down time. But my livelihood is also damaged when any of my clients or my potential clients go down. Can RIAA guarrantee that neither I nor my clients will be recipients of "collateral damage"? I don't think so...

It is in the best interests of all of us who now depend on the internet in our jobs to oppose this threat from RIAA.

In related news.

[/dev/trash]

AOL has announced it is buying Information Wave Technologies.

Bernard Goetz != Entrapment

[nuggz]

He got convicted of possessing an unlicensed firearm. And used self defence as his defense against the attempted murder charge.

How does that fit into entrapment?

Re:Bernard Goetz != Entrapment

[Fat+Casper]

How does that fit into entrapment?

It wasn't entrapment; it was standing around waiting for someone to attack him. While his lawbreaking was quite minor, a jury found him civilly liable for $43 million. They found that Goetz acted recklessly and deliberately inflicted emotional distress on one of the muggers. What's reckless, did he miss with one of his shots?

If the RIAA were to sue IWT in New York City, they'd become our newest ISP. That'll make you shudder.

Re:Bernard Goetz != Entrapment

[nuggz]

They found that Goetz acted recklessly and deliberately inflicted emotional distress on one of the muggers. What's reckless, did he miss with one of his shots?

No, walking up and threatening to gouge someones eyes out with your keys, AFTER you shot them is inflicting emotional distress.
Shooting them a second time, while they are relatively helpless on the ground, with no further ability to harm you is reckless.

The immediate threat requiring self defense is over, further shooting wasn't necessary for his safety, and was therefore reckless.

Re:Bernard Goetz != Entrapment

[charon_on_acheron]

Not my definition of reckless. Say I'm standing around, not bothering noone, and a group of people attack me. I pull out a gun and I shoot them all once. Three of them drop to the ground, and two run away through a crowd.

Firing at the two fleeing crooks is reckless, as I may hit bystanders. But the three on the ground are still in my immediate presence, and still constitute a threat to me. One shot can knock a person down without causing serious damage. That person may be able to stand back up after a minute. Or rather, get to his hands and knees, while faking a serious injury, and lunge at me with a knife. Or even just roll on his side, pull out a gun and shoot me where I stand. There is no rule saying a knife-wielding mugger can't have a gun in his pocket, as backup. (Just because it is a movie cliche doesn't mean it isn't a real possibility.)

So if I have three attackers lying around me, they had better lay on their stomaches, with their legs out straight and hands on their head. Or else they are still a lethal threat to me, and I will put a bullet in their head to ensure my safety. Nothing reckless about it. Pure self-defense. I have the authority to continue acting until I believe the threat is gone. If that means three people go the the morgue instead of the ER, that is how it will be.

That being said, I supported Bernie Goetz, even after finding out he was high on drugs at the time. His right to self defense isn't waived just because he isn't stone-cold sober, even with using illegal drugs. And I don't carry a gun with me, so the above situation is purely hypothetical.

Common carrier doesn't apply

[macdaddy]

Common Carrier doesn't apply to ISPs. That precedent has already been set.

Re:Common carrier doesn't apply

[rsborg]

Common Carrier doesn't apply to ISPs. That precedent has already been set.

Here's some links:
the pdf file explaining why, and the
html-ization of the pdf from google

Re:Interesting idea - cut off their software suppl

[datarat]

Oooo! I like it!

(Is that 20 seconds supposed to be cumulative?)

"A rose by any other name..."

[_KhlER3L]

The ISP isn't stopping it's customers from obtaining content, on the contrary, it's protecting their ability to access content. What it is stopping is a threatening organization, stopping it from accessing their clients and disrupting their network. The ISP should have no trouble retaining Common Carrier as they do this all the time with regular hackers and spammers. _khl

Support these guys!

[i_want_you_to_throw_]

If you are in their service area, use their service. Support them!

blocking 208.225.90.0/24 is a weak protest.

[neitzert]

The RIAA is not going to use their corporate network for this; They are going to use disposeable connectivity such as DSL, cable, and dialup to launch these attacks.

The two questions I have for you armchair systems admins and network engineers are;

1. What good will blocking 208.225.90.0/24 and 12.150.191.0/24 do for your network?

2. What good will transit providers derive from blocking 208.225.90.0/24 and 12.150.191.0/24 from traversing their network?

This is a purile waste of time and energy, do the right thing; Call your congress critter, hack them back, or protest in some other more effective way -- a router or iptables entry is a weak protest.

...and on a another note, how long do you think it will be before the RIAA has trained dogs to search out illegal copyright infringing media sniffing every bag and person at the bus temrinal, trainstation, or airports? How long before they request the DoJ to randomly pull over and search automobiles for CD-R, Dubbed Audio Cassettes, or *gasp* portable mp3 players and arrest the driver/owners for interstate transport of stolen property and seize the cars for sherrifs auction? IMO this whole IP thing has gone so sideways that all bets are off, infact I'm suprised we havent seen a shotgun weilding hillary rosen on the covers of Time and Newsweek.

i can't wait

[Gavitron_zero]

until the RIAA attempts to break into my network here in Canada...where I'm fairly certain their little powers don't apply. I'll lawsuit them back to 8-tracks.

Re:i can't wait

[SpaceLifeForm]

Then watch out, they might come after you with a 45.

ping

[simpl3x]

ping... ping, ping... ping, ping, ping, ping, ping, ping, ping, ping, ping, ping, ping, ping, ping, ping, ping, ping...

where the hell did our bandwidth go?

Re:It's still stealing.

[Planesdragon]

It gets even more complicated than that - they only have Offensive Rights for protected works. They means THEY have to sue ME, and if they don't do it within 5 years of the infringement, they lose offensive rights to that work in TOTAL.

Where'd you hear that? Last I heard (IANAL, I live in the USA, but copyright is important to my professional ambitions) you don't have to defend copyright all the time. That's why some fanfics can exist.

Re:Excellent news

[vladkrupin]

These guys must've been using that magic 8-ball :) Thumbs up for userfriendly!

naive approach...

[frx]

Clients which connect to our peer-to-peer clients, and then afterwards attempt to illegally access the network will be immediately blacklisted

Well now, how easy is it to circumvent this ? You just need two IPs apparently unconnected, which is cheap to obtain...
The "and then afterwards" is terminally flawed

Confusing

[MoneyT]

Does this mean that the ISP will be recording the IPs of people accesing those files and if those IPs then attempt to illegaly access the IW Network, ban those IPs. Or does that mean that they will be checking to see if theri clients are accessing those files and disconnect their clients?

Why the Fuss

[maintec]

I don't understand why people get so pissed at the record and music industry for trying to stop the pirating of Music/Movies. Basically all I hear is whining and bitching because you all want to "Steal" Music and Movies that you haven't paid for. They (RIAA/MPAA) aren't really infringing on your rights, Since it is you who are acting illegially and downloading copyrighted material. The attitude of most people using the internet is if I can download it, it is my right to. Regardless if I didn't pay for it. Really we need to view this type of internet activity in the same light we look at real theft. Whether you download a song illegially or you rob a record store it should be viewed as commiting the same crime.

Re:Why the Fuss

[Todd+Knarr]

Most of the problem is that the RIAA/MPAA, in their zeal to stop piracy, want to stop all legal uses of their material that they don't approve of. For example, I do have the right to make copies of copyrighted material, if I legitimately own an original copy and the additional copies are for my personal use. That's been litigated, and every court decision on it's supported that as legal. I have the right to sell my legitimate copy to someone else without requiring authorization from or approval by the copyright holder.

Add to that things like the RIAA saying it's unreasonable to demand that they actually show proof of copyright ownership before being allowed to demand the take-down of allegedly copyrighted material, and we've good reason to be annoyed at the RIAA/MPAA.

Re:Why the Fuss

[Manuka]

Just because you did something illegal to someone doesn't make it any more legal for them to turn around and do something illegal to you. If someone steals your TV, going and burning their house down, as tempting as the idea might sound, isn't any more legal than it was.

Therefore, Even if you "steal music", RIAA is still "infringing on your rights (whatever those may be - broadband isn't a right)".

Re:Why the Fuss

[kilfarsnar]

This is absolutely correct. Whether one is stealing music or not is beside the point. What this amounts to is the police (or some authority figure) doing door to door searches just to make sure people are not breaking the law. Would the original poster be ok with this? Really? If so, I think they need to think it through a bit more.

probably wont get read but..

[hikeran]

well ... if i put a method of protection on my computer (firewall.. encrypt data on hdd) and riaa decides to "crack" aka .. "Bipass the protective mechanism" on my computer/network .. . Won't they be in violation of the DCMA?? ooohhh then i could sue them for just such a thing..

i dont think they can pass laws that allow others to break laws just because the want to...

It's stupid for the RIAA/MPAA To piss off ISPs

[dBLiSS]

The RIAA/MPAA having the ability to attack people running Peer-To-Peer servers is stupid on their part. This is just one example where they are alienateing themselves from people/companies that can help them. This ISP isn't going to help the RIAA or the MPAA because it's going to attack/have the ability to attack the ISPs customers. Not only is the RIAA pissing off customers (or potential customers), it's now pissing off the ISPs that Could have helped them..

Re:It's still stealing.

[MoneyT]

I think he meant that they had to sue him for damages within 5 years or else it''s considered that the artist (person whoever owns the copywrite) has accepted the activity as legal. Hence, fan fics can exist, in so long as the people are not sued by CW holders

Re:It's still stealing.

[MoneyT]

Some people are arguing that Napster, Morpheus, LimeWire et al are facilitating this, and are thereby guilty through association (in an "aiding and abetting sort of way). IF that's true, and I AM willing to scede that argument, then the RIAA and the artists need to take action against the manufacturers of CD-RW, DVD-RW, Casette tapes, mini-disc, VHS, Super-H, BetaMax etc etc etc, ad inifinitum. Anything less implies that they don't actually care about protecting their rights.

They did, they've fought all of these and in many cases still are. Hell they even fought the CD sampling machines in Wal-Mart. read here for more fun: http://www.janisian.com/article-internet_debacle.h tml

However, I would like to make the case that if they are going to charge a tarrif to offset piracy (as they do on cassette tapes, Audio CD-Rs and VHS tapes) Then they are giving me permission to use the music and files any way I see fit so long as I do not derrive a profit from it. THIS INCLUDES FILE SHARING.

totally ineffective, this is a PR stunt

[djtack]

C'mon, do you really think that when the RIAA tries to poison peer-to-peer networks with bogus files, that they are going to use their own netblock? No way, just like spammers, they will be using throw-away DSL accounts, and it'll change constantly.

This ISP is just trying to grab headlines...

Re:totally ineffective, this is a PR stunt

[KelsoLundeen]

Then how do you determine whether or not an intrusion into your network is a "legitimate" RIAA incursion or simply a hacker?

If the RIAA starts doing this -- attacking P2P networks -- then they'll *have* to have some sort of legitimate (again, I have no idea what this means in this context) credential. They'll either have to attack from a permitted domain (in which case, I assume, ISPs could easily block the domain) or have some sort of attack methodology (again, easily blocked, I assume, once you know what they're doing.)

Plus, this makes you wonder about RIAA sub-contractors -- agencies working for the RIAA and engaged in these attacks. Are these groups allowed to carry on the attacks under the aegis of the RIAA?

"No, we're not actually the RIAA, but we work for them, sir."

And wouldn't this suddenly become the number-one-most-attractive-security-loophole? Get employed by the RIAA as a "piracy stormtrooper" and suddenly everything is permitted.

Re:It's still stealing.

[ldopa1]

"Heard that" in Patent It Yourself (a book..). It's also available at the USPTO's website.

Another person replied to this post, and he/she is exactly correct. The same thing happens with trade secret infringment. If you don't attempt to prosecute within 5 years, you've essentially said "it's okay. It's not that important to me."

Re:It's still stealing.

[ldopa1]

Actually, no I didn't. Interesting. Do you have a source for this?

How does the artist collect their share of the tariffs for the 100 pack of CD-RW's I just bought? I imagine it can't be a huge tarriff.

Re:ORBS or ORBZ? Info on ORBZ

[SpaceLifeForm]

Here's what happened at ORBZ.

Another struggle, another stand!

[Primotheproton]

Folks, you should have learned your lesson from the American civil rights struggle. All it takes is one person who refuses to accept an ideal forced upon them by the government to incite a whole country! This may or may not be it, but here here to an ISP with BALLS!! An ISP we can ALL be proud of!

This reminds me of the old days

[night_flyer]

when we as BBS operators would ban Law Enforcement officials from entering our service, not that we had anything to hide (most of us anyway) but to keep them from harrassing our users.

How to determine RIAA crackers vs REAL crackers ??

[Dave21212]

If there is any chance that anyone could identify RIAA crackers from REAL crackers, the RIAA must be registering or keeping records of it's actions. Would any unrecorded or unapproved action then be classified as a REAL attack - along with REAL liability ? Would every report of cracking need to be cross-referenced or would they all be ignored ?

If ISPs report every instance of cracking by the RIAA, wouldn't the limited resources of the FBI be required to investigate so many 'approved' federal crimes that the real criminals would be getting away with more ?

These guys have the right idea, document, blacklist, AND report - treat the RIAA attempts like any other illicit action on their network !

Sorry, but you're dead wrong. RTFA.

[StupidKatz]

I quote, "No copyright violations will take place, these files will merely have arbitrary sizes similar to the length of a 3 to 4 minute MP3 audio file encoded at 128kbps. Clients which connect to our peer-to-peer clients, and then afterwards attempt to illegally access the network will be immediately blacklisted from Information Wave's network. The data collected will be actively maintained and distributed from our network operations site."

They're not listing OR blacklisting everyone who accesses their honeypot, just those that try to ATTACK it. Nowhere at all do they ever mention spying on their own users. You can't 'illegally access' an open network like a Gnutella honeypot unless you're doing something to disrupt it. (The difference between entering a library and entering a library whilst screaming and throwing molotov cocktails everywhere.)

They're blacklisting and posting people who ATTACK their honeypot. Not users who download the fake files.

ORBS, ORBZ, and others, dunno. I'm dumb. One of em

[StupidKatz]

RIAA and MPAA IP subnets

[chunkwhite86]

Does anyone have the IP subnets or class C subnets that the RIAA and/or MPAA own? I'd like to have my home IP router/firewall deny all access from the outside that originates from their networks. Anyone?

Would this prevent them from trying to actively attack a system in my home?

Re:It's still stealing.

[Planesdragon]

"Heard that" in Patent It Yourself (a book..). It's also available at the USPTO's website [uspto.gov].

Those are patents, not copyrights. Different laws.

Copyright lasts *much* longer, and can be foiled by a clean-room implementation. Patents only last a few decades (at most), and apply to the procedure even if the second party had no knowledge whatsoever of your patent.

I'd chalk this up as "yet another reason to see a lawyer if you're going to do more than meanginless speculation."

Only $8.95 a Month!

[dmarx]

I will seriously consider signing up with these guys. Finally, an ISP that cares about its customers!

Re:It's still stealing.

[ldopa1]

It actually covers Patents, Copyright, Trademarks, Trade Secrets and Service marks.

Chalk this up as "yet another reason to check the cited source before you decide it's irrelevent."

Or

Chalk this up as "yet another reason to stay quiet and look stupid than to speak and remove all doubt."

Re:ORBS, ORBZ, and others, dunno. I'm dumb. One of

[SpaceLifeForm]

Hmmm, the link disappeared.
Here is is again: ORBZ

Sounded nice, but....

[MrWorf]

Information Wave will also deploy peer-to-peer clients on the Gnutella network from its security research and development network (honeynet) which will offer files with popular song titles derived from the Billboard Top 100 maintained by VNU eMedia. No copyright violations will take place, these files will merely have arbitrary sizes similar to the length of a 3 to 4 minute MP3 audio file encoded at 128kbps

Now, this sounds alot like what RIAA proposes to do aswell. I mean, putting files out on the gnutella network that aren't actually what the pretend to be. Sounds very familiar.

And as someone else wrote, blocking RIAA is no better than RIAA blocking you. I'd rather have that it was an opt-in service, which, if you for some reason, feared RIAA (or wanted to make a statement) could ask the ISP to block it. However, this is unlikely to happen, since it would probably be too costly and few would apply for it.

So whats the solution then? Well, the ISP should monitor RIAA and if they attempt to damage or intrude on peoples network, sue them.

Other than that, now would probably be a good time to read up on firewalls and install/tweak one :)

We'll see...

[Mulletproof]

Anybody can say they'll oppose the RIAA, but the really test comes when they are under actual legal obligation to let them have their way. What will they do when the shit hits the fan? Follow the moral obligtion or buckle under? In otherwords, talk's cheap.

oh sure...

[Skuld-Chan]

I used to work for a content filtering company (they were featured here on slashdot in association with aol - but now going slowly away) and we used to do all our crawling over purchased qwest.net dsl lines - some of them were 7 megabits.

That way whenever someone complained about someone downloading all their web pages at 700KB a second and got our line shut down we just called qwest.net - and even if it was our third strike we could usually get the line turned back on.

Although a grass roots effort to slowly deny the riaa all access to the internet is a good idea.

Censorship

[Isao]

Here goes the karma...

Starting at midnight on August 19, 2002, Information Wave customers will no longer be able to reach the RIAA's web site.

So this isn't merely preventing the RIAA from entering the ISP's network, it's blocking any customer access to the RIAA site. What if I want to read what the RIAA has to say about a topic? The ISP has decided what the customer can and cannot read.

Welcome to China.

Re:How to determine RIAA crackers vs REAL crackers

[Arcturax]

Good, let that happen! The law will be repealed when the government realizes just how crackbrained this is in the first place.

If anything, they better take the clue now, because more and more ISP's are going to jump on this when they see how popular it is.

Re:blocking 208.225.90.0/24 is a weak protest.

[Arcturax]

But it sends a powerful message to the RIAA by saying that you will basically shut down their corporate mouthpiece to the masses if they continue in this.

It also shows congress the kind of war and chaos that will result on the internet if the RIAA passes these kinds of laws and that even those who run the internet are against it. Hopefully they will take the clue or we will see the type of wild west shootout on the web that will have them scrambing to repeal the law.

Playing into RIAA's hands

[thomasdelbert]

I'm sure that RIAA would LOVE to ALL ISP's honeynetting RIAA. Then they don't have to spend their own bandwidth to do that themselves.

Just my $0.02

Thought about that...

[Cl1mh4224rd]

Everyone should call their ISP, demanding to be protected from RIAA!

I thought about doing that, but then realized that "Save me from the RIAA, because I download music illegally" might not be the best thing to say to your ISP...

What great news to read...

[ColGraff]

While listening to the Total Annihilation soundtrack. Yeah, that's offtopic, but I hope for the Great War of Fair Use, and this constitutes such a glorious escalation of the existing fair use/drm conflict. Will we see ISPs and the RIAA/MPAA devoting more and more time to circumventing each other? Daily salvos of DDOS attacks by ISPS on the RIAA, and vice versa? Would be cool, albeit a bandwidth drain.

All glory to fair use, and damn the RIAA!

My ISP sez

[andyring]

I emailed my ISP, Internet Nebraska, and they basicaly said they would do the same thing:

From my understanding we would treat this just like any other unauthorized access into our system, and put an end to it as it arose.

On Tue, 20 Aug 2002, Andy Ringsmuth wrote:

http://www.informationwave.net/news/20020819riaa .p hp

I'm wondering if IN would ever consider something such as this.
-Andy Ringsmuth
andyring@inebraska.com

Internet Nebraska System Manager - manager@inebraska.com
6942

Re:blocking 208.225.90.0/24 is a weak protest.

[neitzert]

The nature of the internet is such that one can not censor another, there are too many methods of circumvention. Decss.c, this source although illegal is all over the net and will never be censored entirely. The RIAA's website is available via archive.org, google and a multitude of other caching servers - are you going to ask everyone to nullroute or filter those sites too? We could also address the idea of mirrors, alternate domains, alternate routes, renumbering of their networks, ad infinitum.

I agree with you that the DMCA act is one of the worst laws ever written. I agree with you that it should be repealed, yet a firewal rule set or null route on your backbone edge is not very effective in shuting the RIAA and their draconian law-lobbying down. The folks who signed that silly law have most likely never visited RIAA.ORG, however I'm sure they've had some pretty nice meals with their lobbiers and possibly received a few complimentary copies of britney spears latest release for their family members...

Real change will come about when people stop buying media from artists who work for labels and studios who are members of the MPAA/RIAA. That change will come from within the RIAA/MPAA, probably after a large internal restructuring, in efforts to save their dying model of profit taking. The change will not come from government in the repeal of the law. It is abundantly apparent that the body of government who passed the law is not so very clued about technology, or much else. Seriously, how often does one see laws struck from the books?

A filter on a network is like taking a cap-gun to a war, think bigger, think better, think smarter, and most of all think about the scope of the problem you are dealing with. There are much bigger things one can do with less effort that have more lasting impact on the situation.

this is what will happen (OT)

[xero_sign]

When the RIAA starts DDoSing people for using p2p software, that will affect other users on the offender's network. It will result in lowered bandwidth.. Now, I don't know about YOU all, but I am paying out the ass for broadband so that I have HIGH SPEEDS.. So honestly (and this is not a rhetorical question) what will it take to get to the point where I can have lower-cost broadband, download songs to check out (you know, kinda like going to a friend's house to listen to a record before you bought it back in the analog days) and decide if I want to buy it without the riaa hassling me????

Very nice

[Chris+Johnson]

This is nice- it's basically one simple message (or could be):

"We're all in favor of RIAA's LEGAL efforts to deter music copying, BUT they have stated intent to trespass on our users' computer systems and hack them. We don't feel they have any right to commit this crime, so we're blocking whatever avenues we can identify as potential hacking attempts."

Just spin it as, "RIAA want to hack and trespass, we can't allow that". Who could get in trouble for wanting to protect their users against hacking and trespass?

Ironically, I have used RIAA's website to good effect in the past. If you're doing statistical analysis of popular music, their gold/platinum database is useful. Full of junk and bad data, but still, it's on the internet available to all. But- it's not worth letting the RIAA crack your machine. Call it collateral damage :)

Re:It's still stealing.

[Planesdragon]

It actually covers Patents, Copyright, Trademarks, Trade Secrets and Service marks.

I suggest you read the book again, more closely. You seem to be confusing the specific subject matter with the book (Patents) with all forms of IP.

Your link was, btw, less than useless. "Patent it Yourself" is not a ready reference, and thus meaningless in this debate. Either quote the passage you think says that copyright needs to be enforced, or admit that you might be wrong.

Nothing I have ever seen at all, online or in class, hints that copyrights (or patents) can be lost by non-enforcement. Trademarks certainly can, but I have no knowledge that there is *any* way to lose a copyright or patent by simple non-enforcement.

Think about it--if simple non-enforcement could be enough to lose copyright, MS would have lost their copyright on half of their software by now.

No, You Don't Get It

[reallocate]

No. You don't get it. Using the tools of the net to thwart the RIAA is clever, but this game is being played way over the heads of ISP's. When Congress passes and the President signs this miserable RIAA legislation, you can bet that it will include a provision that ISP's can't legally stop the RIAA.

What Information Wave is doing will be perceived as demonstrating the ability of a private company to block consumer access to sites they don't want their customers to visit. It will not be perceived as an effort to prevent attacks on their network. All it will do is convince more naive legislators that the Internet needs more, not less, regulation.

By yammering away about preverving the "right" to copy and freely distribute music and entertainment, the community is playing right into the hands of the RIAA by letting them define the boundaries of the playing field. But, don't worry. Pretty soon, the feds will mandate the use of software that monitors and arbitrates downloads and the exchange of files across the web.

Have you ever heard of a protective order?

[Rares+Marian]

Puhlease get your head out of the clouds. The internet is a real thing. NO more fad, no more hype. It has challenges and opportunities, qualities and limitations, like any other thing we're used to.

There's no reason we can't apply the same things regarding the things people do each other (RIAA cracking other people's boxes) to the net as we would on the street or highway (robbery and carjacking)

International Attacks

[Mgdm]

What happens if the RIAA take action against a user based in another country? AFAIK the RIAA and the US Congress have no legal influence in the UK for example :o)

This could block YOU even if you don't use P2P.

[katarn]

I'm not sure they thought this thing all the way through.

They are blocking the RIAA (which I could care less about), and they are also blocking users of P2P software. So the moral is don't be a dweeb on their network, whither you are the RIAA or a P2P user, and you will not get blocked, right? Wrong, at least I don't think so. I go through an ISP which uses dynamic IP assignment, as do many many people in this world. You can see where this is going now, can't you? You could easily be blocked from their networks just because some pimple faced kid who just happened to have your IP address an hour ago tried to download Britney's latest crap. Assuming their blocks never expire, then it is logical that most ISPs entire address range will eventually become blocked. Hmmm, not good.

Re:This could block YOU even if you don't use P2P.

[katarn]

One more problem I just realized.

Many large corporations channel their internet trafic though proxy servers. One person in the company running P2P software could result in a company of thousands being being blocked.

Re:This could block YOU even if you don't use P2P.

[grishnav]

What? They aren't blocking the users of P2P networks, unless that user happens to attack the P2P network shortly after discovering the existance of the file. Pay attention! If you are a normal user, just downloading stuff, you are in the clear. If you make a connection to a server hosting a file, and 5 seconds later have a port scan going, you might be in for a little bit of blockage. Frankly, if you started port scanning ME after you started downloading a file, I'm blocking you right then and there, RIAA or not.

Re:Your Analogy is Flawed...

[dossen]

Damn... Now I'm even answering AC's.
But your final question is a valid one, an your post makes me wish you logged in, and I hadn't already posted on this page.

A little digging on Information Waves page reveals THIS page, where they say that multiple listings will be available, including flat-file and DNS.
So to answer your question: They seem very willing to make useful information available.

They also setup a trap to block Gnutella users....

[dpete4552]

"Information Wave will also deploy peer-to-peer clients on the Gnutella network from its security research and development network (honeynet) which [we] will offer files with popular song titles derived from the Billboard Top 100 maintained by VNU eMedia. No copyright violations will take place, these files will merely have arbitrary sizes similar to the length of a 3 to 4 minute MP3 audio file encoded at 128kbps. Clients which connect to our peer-to-peer clients, and then afterwards attempt to illegally access the network will be immediately blacklisted from Information Wave's network. The data collected will be actively maintained and distributed from our network operations site."

It's called Private Property, dummy

[Julian+Morrison]

Yeah, Private property, the thing which all you socialist types seem to forget.

ITS THEIR DAMN NETWORK AND THEY CAN DO AS THEY PLEASE WITH IT!

They have NO obligation to carry any IP packet they don't actively want to. They're an ISP, so they run the network to profit by providing for customers' desires. Realistically, they've decided that alienating the RIAA loses them nothing, while giving a helping hand to their paying customers will be lucrative. I applaud their entrepreneurial spirit.

Re:It's still stealing.

[ldopa1]

Chapters 3, 4, 5, and 6. Copyright, Trademarks, Service Marks and Trade Secrets, respectively. I'm too lazy to go out to my car to get it, but go to Borders and look at it.

Copyrights cannot be lost, but you can lose offensive rights to them, especially after they become widely distributed. Patents can be lost if you don't keep up the maintenance fees.

Congress Will Ban Blocking RIAA Activity

[reallocate]

Until the law says they can't block the RIAA. The RIAA legislation is an obvious threat to the net, but attempts to defeat the bill's intent (before it's even passed and signed) by clever gimmicks like this divert attention from the political arena, which is where this can be defeated. Again, if Congress passes the RIAA legislation, you really don't believe they'll allow an ISP to block the RIAA? They'll simply make it illegal to interfere.

The way to win this is to convince politicians that copying CD's, DVD', whatever, is not a crime. Most of them believe it is, and actions like Information Wave's will, I'm sure, be viewed as just another bunch of techies trying to sustain the free ride.

Re:It's still stealing.

[ldopa1]

I did, just after posting, and I found several references to the practice here in the US and in the UK. I didn't realize that there was a tariff on recordable media. Hmph. I would love to see where that money actually goes.

Re:They also setup a trap to block Gnutella users.

[grishnav]

"Information Wave will also deploy peer-to-peer clients on the Gnutella network from its security research and development network (honeynet) which [we] will offer files with popular song titles derived from the Billboard Top 100 maintained by VNU eMedia. No copyright violations will take place, these files will merely have arbitrary sizes similar to the length of a 3 to 4 minute MP3 audio file encoded at 128kbps.
Clients which connect to our peer-to-peer clients, and then afterwards attempt to illegally access the network will be immediately blacklisted from Information Wave's network. The data collected will be actively maintained and distributed from our network operations site."

In other words, they are not looking to trap Gnutella users, but trap people who query and begin downloads of popular songs and then make an attempt to drag their server down, ala. the RIAA's plan to search out music on popular networks and then "hack" (really sounds like cracking, to me) the computers of the people distributing the music.

Re:They also setup a trap to block Gnutella users.

[grishnav]

Doh! Messed up my tags... Should have previewed... let that be a lesson... let's try again...

"Information Wave will also deploy peer-to-peer clients on the Gnutella network from its security research and development network (honeynet) which [we] will offer files with popular song titles derived from the Billboard Top 100 maintained by VNU eMedia. No copyright violations will take place, these files will merely have arbitrary sizes similar to the length of a 3 to 4 minute MP3 audio file encoded at 128kbps. Clients which connect to our peer-to-peer clients, and then afterwards attempt to illegally access the network will be immediately blacklisted from Information Wave's network. The data collected will be actively maintained and distributed from our network operations site."

Re:What about research?

[grishnav]

Information of that nature is widely available from other source, plus the number of free, anonymous proxies is steadily growing. Guardster VPN and Anonymiser come to mind, not to mention Peek-a-booty. It's kindof a protect-the-innocent-unknowing maneuver, whereas anyone who seriously wanted to know such information can aquire it, and it's assumed that they know what they are doing and can protect themselves form the maliciousness of the homepage, wheres people who don't have a clue (who sadly, make up the majority) will be protected by the ISP instead.

Or, that's the aim, anyway...

*BZZZT* Wrong.

[achurch]

They are blocking the RIAA (which I could care less about), and they are also blocking users of P2P software.

Wrong from the start. They aren't blocking "users of P2P software", they're blocking "[c]lients which connect to our peer-to-peer clients, and then afterwards attempt to illegally access the network". In other words, if you try to download the files over P2P and then try to break into their system then your IP is toast, but just accessing the files won't get you anything, except a bunch of junk data. RTFA (carefully).

They Could Prosecute the RIAA

[herbierobinson]

The law the RIAA wants passed only allows the RIAA to act when copyright infringement is going on. If they catch the RIAA, trying to break into the honeypot, the RIAA will be just a guilty (i.e., 20 years jail time) as any other hacker.

Also, the law in question does not allow they RIAA to do anything which affects innocent parties; so, it essentially does not legalize DoS.

Re:They Could Prosecute the RIAA

[salesgeek]

I'm laughing at this whole thing... How many times in the past have hair-brained copy protection schemes been tried? How many groups have tried to take over the internet? People will just do what they always do - buy what they want. DRM will be customer service hell or hardware manaufacturers, software manufacturers, and especially retailers where people will take this shit back, probably nothing that resembles resellable condition.

Re:They also setup a trap to block Gnutella users.

[dpete4552]

They setup a trap to block Gnutella users who attempt to download any song on the billboard top 100. It has nothing to do with dragging their server down. They setup fake Gnutella servers with songs that have arbitary file sizes and mislabed (fake songs). Then when users attempt to download these songs they are blocked from the network and if they are "Information Wave" customers, then they need to go find a new ISP.

Re:Excellent news

[DEBEDb]

Let's see, in your example, it's several
million vs. 12 billion... You do the math :)

Take your own stand

[FermatsEnigma]

Want to take your own stand. Don't buy music. Email your congressmen/women over and over till they stop this plague of favoritism for RIAA and MPAA. Congressional email addresses can be found at http://www.webslingerz.com/jhoffman/congress-email .html among other places on the net. So let them know where you stand...daily if possible.

Re:It's still stealing.

[kspencer]

May I suggest you go out to the car and make certain you're referencing the same book? I just went to my reference shelf (I'm a librarian) and checked. Chapter 3 of that book is NOT Copyright. Indeed, the book touches on copyright twice. The first time is a small section in chapter 1 which briefly covers what copyright is and notes that the rules for copyright and patent are completely different, that for all but a small grey area what can be patented cannot be registered for copyright (and vice versa), and briefly mentions what falls into that grey area. The second time copyright is mentioned is in chapter 8, where the author discusses copyrighting the patent design and registration paperwork.

Re:It's still stealing.

[ldopa1]

Actually, you're exactly right. I just did that. I was thinking of another book which I was reading in my lawyer's library. (Moment to spam here: I just filed a patent application. GrayCary law firm helped greatly and did most of the work for free...)

While researching what parts of my software I could and could not patent, I was reading a LOT of books about the various avenues of intellectual property protection....

Re:It's still stealing.

[Planesdragon]

Moment to spam here: I just filed a patent application. GrayCary law firm helped greatly and did most of the work for free...

Cool beans. Hope you get it.

While researching what parts of my software I could and could not patent, I was reading a LOT of books about the various avenues of intellectual property protection....

Which explains how it's easy to get confused--and why it's a good idea to check with a lawyer before you assume something odd about the law.

The first thing the first lawyer who ever taught me a "law course" (all undergraduate stuff--I am so much not a lawyer) said about the law was "here are the basic rules, but there are exceptions for everything."

Then he went on to point out that the law didn't get so complex by design; it go this way because morons & businessmen kept finding loopholes and stupid ways to exploit what was said, forcing judges & gov't's to make the law more and more complex...

Re:After reading IWT's annoncement

[A_Non_Moose]

I suppose I should have qualified that with IWT as the SGT/Officer = IWT and the Agent as the RIAA.

Sheesh, mod, whatever happened to "Concentrate on *promoting* not *demoting*.

Read my sig.
.