Slashdot Mirror
Has the RIAA Wormed 95% of P2P Networks?
DancingSword was one of many to submit links to a strange story about
the RIAA hacking back by sending a worm through the major peer-to-peer networks, supposedly with a 95% infestation rate. Hoax or not?
95% of networks is not 95% of files.
No mention of whether this affectes Windows clients/hosts or not. Any idea?
I wonder, If the RIAA sends a worm through P2P networks and shut's the networks down, can the RIAA representatives be charged with hacking?. Besides, not all files on P2P networks are illegal.
For some reason I think we may find out this is a hoax. Just guessing.
RIAA trying to scare us again?
Anyone who owns a dog knows that "to worm" means to _get rid_ of worms, not to infect with them.
hyacinthus.
why all my porn has been changed to Hillary Rosen with a strap-on.
Well a worm is a form of a virus, and it is a crime to create one... One would presume that the RIIA would not be stupid enough to try and play a vigilante.
.: Max Romantschuk
The actual exploit was posted on buqtraaq yesterday. You can find it here. That link has the original post from the group explaining what the exploit is, how the RIAA is supposedly involved, and it has the exploit as an attachment. Check it out and decide for yourself if it's a hoax.
This is the original posting.
Reading the posting, it seems unlikely.
SCO, Microsoft, P2P, what's your hot button?
This article may have more info that the one linked in the article.
Cruising the internet on my TI-99/4A @ a whopping 300 baud!
Hey, I found a copy of the worm's code:
;p
:]
RIAA - 0wn3d by....
oooh riaa want's to hack Filesharing Users / Servers ? - better lern to secure your own server...
Sorry Admin - had to deactivate ur accounts - they'll be reactivated after 2 hours
greetz : Rage_X, BRAiNBUG, SyzL0rd, BSJ, PsychoD + all the others who want to stay anonymous
wanna contact ? mailto:h4x0r0815@mail.ru
Oh, wait, that was the RIAA's web page. Never mind!
Maybe we can begin a list of all people in those 5%.
:
It reminds me of a old coldwar joke
In soviet russia, 98% of the population was satisfied with the current regime. But no matter who you speak to, you always encounter people in the other 2%
#include "coucou.h"
Reminds me of that "156 CD burners are really 421 burners since they're really fast!" argument they tried to pass off some time ago.
----- Wtcher Dragon, UDIC
Where does this leave the RIAA legally? The bill mentioned in the article that would allow the RIAA and other copyright holders to crack computers to prevent piracy is not law yet. Does that mean that this would be regarded as just another worm with the authors being thrown in jail (like the authors of Love Bug and others)?
I've got at least 7 mp3 downloads running right now and none of them appear to be infe($!$%. .AF0ERIAA.`/2#..-
Given the number of times the RIAA's website has been hacked, I'm guessing they're thinking the way you are...
You are not alone. This is not normal. None of this is normal.
Keeping in mind the number of times their website has been hacked I seriously doubt they have the technical ability to do this. Also keep in mind that no corporation is going to essentially admit liable without some impending legal action as a catalyst.
I sincerely doubt that this is true for a number of reasons. First of all, if they were hired to write the software for RIAA, don't you thing secrecy would both, be part of the agreement, and be completely necessary?
In addition, I find it had to believe that all the antivirus companies are sitting on their collective asses, and completely missed an infection that is supposedly on 95% of computers that participate in P2P.
Further, if anyone was to do something such as this, they would most certainly get in serious trouble for, what is essentially a widespread, illegial, interstate, wiretap.
In addition, I'd just like to say that there is no reason to put much faith in Gobles... As Theo said, he's more or less the next ``fluffy bunny". If anyone can be said to have a severe ego problem, it is him...
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
Man, I sure am glad I use the newsgroups for music rather than P2P apps... I seem to get better quality files as well.
-- Windows security? Sure, which ONE would you like? -me
I doubt you could get 95% of people on the Internet to agree on anything, much less taste in music, and even if this worm/virus infected every MP3 on a computer, 95% infestation seems really, really unlikely.
On the other hand, this (worming P2P clients) has been talked about a lot in the past--and there are already viruses spreading via P2P, though the community seems to detect them pretty quickly--so I wouldn't put it past the RIAA to do something like this. Much less this Gobbles character; he's pretty infamous on the Bugtraq mailing list for trying to make fun of / piss off as many people as he can. (Incidentally, Gobbles is also known for overstatement, and as he was the one who stated the 95% figure in the article . . . well, you decide.) And it would of course be trivial to "phone home" to the RIAA with information about shared files on the computer.
So while I could believe the existence of the worm, I seriously doubt the 95% infestation figure.
Forget the RIAA bashing, the Gobbles guys know what they do. That said, this is very un-gobbles from what I've seen from them in the past. Not the technology, but the comments in the source, for example. Then again, they're supposedly a large group.
From the little info that is available, I'd give them a 50-50 chance that it's true. That would be interesting.
Assorted stuff I do sometimes: Lemuria.org
Gobbles Security has posted crap like this before to security sites and this is in keeping with their other posts.0 security &sourceid=mozilla-search&start=0&start=0&ie=utf-8& oe=utf-8")
;PpPppPpPpPPPpP
t AA oJEBzRp5chmbAP4gwAJ sFFhywKWzMoiT/Qiy4FV +r1inukA==
v d+ GYydWzUQCgjq3Ofe2n
- ----END PGP SIGNATURE-----
(http://www.google.com/search?q=gobbles%2
It seems to be an obvious prank.
See below for text of latest post.
[snip for lameness filter]
"Putting the honey in honeynet since '98."
Introduction:
Several months ago, GOBBLES Security was recruited by the RIAA (riaa.org) to invent, create, and finally deploy the future of antipiracy tools. We focused on creating virii/worm hybrids to infect and spread over p2p nets.
Until we became RIAA contracters, the best they could do was to passively monitor traffic. Our contributions to the RIAA have given them the power to actively control the majority of hosts using these networks.
We focused our research on vulnerabilities in audio and video players.
The idea was to come up with holes in various programs, so that we could spread malicious media through the p2p networks, and gain access to the host when the media was viewed.
During our research, we auditted and developed our hydra for the following media tools:
mplayer (www.mplayerhq.org)
WinAMP (www.winamp.com)
Windows Media Player (www.microsoft.com)
xine (xine.sourceforge.net)
mpg123 (www.mpg123.de)
xmms (www.xmms.org)
After developing robust exploits for each, we presented this first part of our research to the RIAA. They were pleased, and approved us to continue to phase two of the project -- development of the mechanism by which the infection will spread.
It took us about a month to develop the complex hydra, and another month to bring it up to the standards of excellence that the RIAA demanded of us. In the end, we submitted them what is perhaps the most sophisticated tool for compromising millions of computers in moments.
Our system works by first infecting a single host. It then fingerprints a connecting host on the p2p network via passive traffic analysis, and
determines what the best possible method of infection for that host would be. Then, the proper search results are sent back to the "victim" (not the hard-working artists who p2p technology rapes, and the RIAA protects). The user will then (hopefully) download the infected media file off the RIAA server, and later play it on their own machine.
When the player is exploited, a few things happen. First, all p2p-serving software on the machine is infected, which will allow it to infect other
hosts on the p2p network. Next, all media on the machine is cataloged, and the full list is sent back to the RIAA headquarters (through specially
crafted requests over the p2p networks), where it is added to their records and stored until a later time, when it can be used as evidence in criminal
proceedings against those criminals who think it's OK to break the law.
Our software worked better than even we hoped, and current reports indicate that nearly 95% of all p2p-participating hosts are now infected with the software that we developed for the RIAA.
Things to keep in mind:
1) If you participate in illegal file-sharing networks, your computer now belongs to the RIAA.
2) Your BlackIce Defender(tm) firewall will not help you.
3) Snort, RealSecure, Dragon, NFR, and all that other crap cannot detect this attack, or this type of attack.
4) Don't fuck with the RIAA again, scriptkids.
5) We have our own private version of this hydra actively infecting p2p users, and building one giant ddosnet.
Due to our NDA with the RIAA, we are unable to give out any other details concerning the technology that we developed for them, or the details on any of the bugs that are exploited in our hydra.
However, as a demonstration of how this system works, we're providing the academic security community with a single example exploit, for a mpg123 bug that was found independantly of our work for the RIAA, and is not covered under our agreement with the establishment.
Affected Software:
mpg123 (pre0.59s)
http://www.mpg123.de
Problem Type:
Local && Remote
Vendor Notification Status:
The professional staff of GOBBLES Security believe that by releasing our advisories without vendor notification of any sort is cute and humorous, so
this is also the first time the vendor has been made aware of this problem.
We hope that you're as amused with our maturity as we are.
Exploit Available:
Yes, attached below.
Technical Description of Problem:
Read the source.
Credits:
Special thanks to stran9er@openwall.com for the ethnic-cleansing shellcode.
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify
wlwEARECABwFAj4jBA0VHGdvYmJsZXNAaHVzaG1haWwuY29
oKmMyRIxA74KZfAVv3MsEBKCZxRMA
=OjMp
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify
wj8DBQA+IwO0HNGnlyGZsA8RAuusAJ49gGSCJzKlRpn+7b9
WBnlQNf4GeyaFTit5N0=
=RBjc
Who are you? The new #2 Who is #1? You are #617565. I am not a number, I am a free man! Muhahaha.
I think RIAA is too keen to kill the networks that are slowly killing themselves. Take gnutella which when you search for a song you will get several different names for the same song, some other song wrongly labled, a few more truncated files and the rest are hosts which have been turned off days ago.
There is no point RIAA attacking now when the networks are a mess. They shoud save their main thrust for when these problems are fixed. In the mean time publisize these problems and that its more hassle than its worth.
Mouse powered Chips, Open source Processors and Lego
...then it's an illegal act, period. Unless the Berman Bill is retroactive to a date prior to this supposed worm launch, it occoured before the bill is ever passed, and is illegal no matter what.
This supposed worm disables functions of a computer. Therefore, it is malicious, as is anything that modifies system performance without the user's knowledge and consent.
If this is true (95% infection rate? Doubt it), then we have one heck of a piece of ammo to use against the RIAA, if indeed they contracted this worm. The Price Fixing settlement, in that case, is just the beginning.
Blog Prophyts - Right On, Man
An exploit of this nature is of dubious legality
Dubious? How is there any doubt? Assuming this passes the farmer test (it's not just bullshit in a bag), how can there be doubts it's illegal. At best, it's invasion of privacy. At worst, it's cyber terrorism as defined by the Patriot Act.
The existance of a P2P client doesn't a criminal make, especially since the example given in the article by the l33t hacker is a perfectly legal file: the public MP3s (written to celebrate each OpenBSD release).
It's junk, like the quad-browser yesterday.
The biggest thing to fear is that the RIAA will use this to make up more numbers.
Never confuse volume with power.
Currently, systrace is available for OpenBSD and NetBSD, but work is going on to make it available for Linux as well.
So, any program you have that opens untrusted content (xmms, mplayer, mozilla, etc) can be run with systrace, and you can selectively enable certain types of activity all the time... disallow certain activities allways, and be prompted for selective approval or denial of everything else.
Even though I believe this to be a hoax, it's certainly true that it could be done, and something like systrace is needed to guarantee a bug in a program you run can't be used to take over your system.
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
This is a hoax. If you check the PGP signature, you can see that it isnt valid.
http://phreakinb.com
What is this attack REALLY classified as?
a) Worm - Automatically attacks other systems, taking advantage of security holes to infect
b) Virus - Usually infects executables, requires the user to run it in some form, will try to infect other "transport media" (i.e. other exectuables or in this case other MP3s)
c) Trojan - Comes in an infected package (Executable, exploited MP3, etc.), normally does not spread, it just runs and does damage.
I know these aren't exactly the most accurate descriptions, these days the lines between each are somewhat blurred.
But if it's a) or b), this virus/worm could spread to places where it would be affecting "legit" users who have done nothing legal. So even if that P2P hacking bill passed (has it?), the RIAA would be overstepping their "rights" within the bill the moment the virus spread too far. A trojaned copyrighted MP3 that only infected people trying to play that one MP3 would be a different story.
retrorocket.o not found, launch anyway?
I don't believe this is true because if it is they will have committed a very serious criminal offence in many countries and will be going to prison.
Sig is taking a break!
I'm sure if you are only sending/receiving legal mp3 files you won't run across this worm. And we all know that slashdotters never download illegal files.
Assuming that the RIAA has created a p2p worm wouldn't it be the height of stupidity to announce it's existence? On the one hand they can generate some fear among p2p users and get a slight decrease in trading. On the other hand, if it really exists it is going to be found in very short order. If it's found by the wrong people (to them) then this is going to backfire in very short order. Once the details are known, I don't imagine it would be very hard to inject loads of spurious info into their violator database.
The SecurityFocus posting has lots of bragging about how network security tools won't find their exploit. I beg to differ. They aren't going to dodge tcpdump running on a machine that is a gateway for an infected machine. The way gnutella is supposed to work is known. To a trained eye, their "cleverly crafted" network requests are going to stick out like a sore thumb. In any case, just knowing a thing exists greatly simplifies finding it. We'll know in short order if they're hoaxing or not.
If my computer, always running current AV software, were to somehow become infected with any sort of hack, virus, or other unauthorized software that I could trace back to the RIAA, I would be suing them faster than you can count to 3.
In fact, I kinda hope it happens just so I can do it.
If the RIAA can't find security consultants skilled enough to protect their own site, I'll never believe they found security consultants skilled enough to infect 95% of the computers they target.
I take back what I said--ok, so the RIAA may not have the brightest lightbulbs, but they can outsource.
:Peter
BUT...
Unless I am mistaken (already happened once today), this is just a buffer exploit. By the end of the work day, there should be patches for mpg123, xmms, and any other open source mp3 player affected. Then what is the RIAA going to do? Bang its collective shoe on the table and scream "Kill them! Kill them!"?
Let me guess, it was a graphical multi-headed worm using vernum encryption. I bet this thing was laying dormant on some PDP11 at a univerisity. Oh paleeezzeeee!
Got Code?
pardon me, I'm cranky when I don't have enopugh coffee in the morning, but ...
I have tended to see the RIAA as becoming a terrorist organization, via their adopting of terrorist tools and tactics.
This vs the usual thievery that they practice, and that occurs in the USA, which continues its march toward becoming a kleptocracy.
"It is a greater offense to steal men's labor, than their clothes"
With all the new laws won't the RIAA get life in jail. Spreading Worms and Viruses is now Terrorism isn't it?
Need help finding the flow? http://www.myspace.com/naturalismandbalance
"where it is added to their records and stored until a later time, when it can be used as evidence in criminal proceedings against those criminals who think it's OK to break the law." Ummm...don't they realize that "wiretapping" millions of computers without a warrant is a threat to our privacy rights? Personally that is an even bigger offense then copyright infrigment!
Unstable Apps: Our Android Apps Don't Suck
Probably a hoax.
So, the RIAA itself is giving away copies of its copyrighted material. Wouldn't that amount to an explicit permission to download and copy?
Followed by the ostensible list.
mplayer (www.mplayerhq.org) WinAMP (www.winamp.com) Windows Media Player (www.microsoft.com), xine (xine.sourceforge.net), mpg123 (www.mpg123.de), xmms (www.xmms.org)
I don't know much about media players but is this even possible? Media files are supposed to be data and should not be able to control the player. I would have believed the post if only Microsoft's Windows Media Player is listed. After all, I would expect as much from the inventors of Outlook, Word and Excel.
And then there is ...
Gobbles could learn a few things from watching cop movies. You don't warn your targets you're tailing them! That is unless you really aren't tailing them.
Honestly now.
We're supposed to believe they've come up with a way to get a buffer overflow that affects all major MP3 players, and reports back to some clandestine P2P host which is actually owned and operated by the RIAA? I'll believe it when I see it show up in a packet analyzer -- Unless they've found a way to develop code so malicious that it even hAx0rZ other computers simply by being near them.
More likely what they've done is taken a single exploit, and said, "Gosh. Here's these RIAA guys we don't like. Let's say we claim the MP3 research we did was actually funded by them in order to shut down P2P networking. Let's claim we've got a way to get all the popular MP3 players, and then say we control 95% of the file-sharing hosts, just to spice things up.
"Now we have this exploit which is pretty impressive on its own, but now it gets carried by the RIAA scare, and gives them even more of a bad image, since we're saying they're hiring people to hack computers for them."
Who here honestly thinks the RIAA wants to walk into court, carrying reports from hacked computers as evidence? That kind of evidence doesn't just damn the filesharers. And for such an illegal contract, why would the NDA only cover technical details? You know the RIAA would be at least smart and paranoid enough to restrict any and all mention of the hack.
P2P is working all fine for me ( legal stuff of course ;-). Either way Kazaa isnt the only P2P software out there, and different apps use different security models. This would not only cost the RIAA alot in programming hours, its a very short-term solution. Newer versions of P2P patched against exploits and worms come out in days.
The RIAA is much better off suing popular P2P groups while newer ones mushroom all over. I'd say theyre running out of options and hacking the P2P networks isnt one of them.
"Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
More commentary including thoughts on some of the implications here:
x ml
http://www.virusbtn.com/news/latest_news/gobbles.
Score:-1, Funny
Blah, blah, blah. There are a lot of paranoid folks out there who run TripWire (or some other) integrity checker on their systems. The "exploit" claims to "infect" the player's software. Somehow I think someone from the paranoid masses would have started asking questions about their checksums by now.
So, has anyone downloaded the source example from bugtraq, compiled it, and seen what happens?
Praying for the end of your wide-awake nightmare.
Over at SourceForge eMule is one of the largest downloaded clients on the list...
Change one byte of any file and the MD5 hash for said file changes. This is nothing new or even that clever but it does stop bad files from spreading around the network.
As I understand it, Kazza is still number one when it comes to P2P file sharing. When I last opened Kazza it reported 4 million users. Kazza also uses a file hash to allow segmented downloads as do most P2P clients these days.
These **AA infected files would be a drop in the ocean and they would not spread far. If this is a hoax then it's not even a very clever one.
This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
Am I simply tired, or does the above statement seem to say that independant artists can beat on the RIAA if the RIAA attempts to block distribution of their works via P2P networks? After all, the independant artists own their own copyrights and can therefore distribute their works however they like...
This would be a lot easier to swallow if the RIAA.org wasn't so blatently easy to hack, then you could reasonably assume that the RIAA even knows a decent hacker let alone contracts them.
But seriously, let's say this isn't a hoax. Big Effing Deal. So the RIAA gets one day to make the P2P networks all DDOS themselves to hell. Yippie. That's just one day of interupted service. Within hours of this hyrda going off there will be virus definitions and patches from all the anti-virus vendors to fix the issue. And all of the software that is being exploited would also recieve patches.
Does anyone seriously believe that any significant percentage of P2P users are going to suddenly say "wow the RIAA has been right all along I better start paying for things" because they get exploited by Hilary & Friends?
I mean seriously here, the dilema is: a) Don't pay for anything and risk getting hacked by the RIAA *maybe* once. b) Pay for everything.
Wow that's sure gonna be a tough choice for the P2P crowd. What an insane waste of money for the RIAA to even bother with this nonsense.
Only 10% of the computers were really infected. But they were FAST computers, so they count as 95%.
95%?
I'm getting deja vu on made-up statistics here
"Wise men talk because they have something to say; fools, because they have to say something" - Plato
Systrace is a nice toy, but unfortunately a flawed concept. There's a whitepaper from the NSA about the why, look on their selinux site (www.nsa.gov/selinux)
Assorted stuff I do sometimes: Lemuria.org
From the announcement:1) If you participate in illegal file-sharing networks, your computer now belongs to the RIAA.
Obviously, it's called all_your_file_are_belong_to_us.exe :-P
That was my first thought. If this is on the level, then anti-virus software should be catching it.
After all the anti-virus attacks of the last few years, consumers and businesses alike have dumped a ton of money into anti-virus software. I find it hard to believe that a worm could get 95% penetration in this group.
These hackers are just looking for some recognition, that's all.
Wait a minute...
THAT'S NO STRAP-ON !
My beliefs do not require that you agree with them.
Now all we need is someone to build a scanner to check and see if my *LEGAL* MP3s I've created (read: legal = I own the CDs) are infected.
What kind of backlash can we expect from the tech sector on this?
Will this increase the amount of hacks against the RIAA's webpage?
What do I need to look for on my outbound log of my LinkSys NAT firewall?
Cruising the internet on my TI-99/4A @ a whopping 300 baud!
Ya know what pisses me off? If this is true, then users like myself have been illegitamately hit.
I have a copy of Metallica's Kill Em All on tape. My tape is pretty worn out. So I hit the Fastrack network to download the songs. Now under Canadian law, this is perfectly legal as I own an original copy of the album.
But now my PC is infected by a worm/trojan because a cartel ^H^H^H^H^H some 'company' believes that everyone who downloads MP3s are doing so illegally. Nice when a company thinks that everyone is a criminal. Congress really needs to wake up and start protecting the people again, and not mega corporations. And other countries need to shove back when the US tries to push it's own laws onto them.
It's better to burn out than to fade away
To anyone who's read their advisories in the past this comes as no surprise. Gobbles's sole motivator here is to draw attention. From their security advisories that sound as if they're written by a third grader, to their advisories posted in comic form on their highly deceptive website www.bugtraq.org I've seen little from them that demands respect.
Besides, if they were working with RIAA, wouldn't the RIAA also have paid them a few bucks to secure their site? If they have, wow, bang up job so far.
scott
This is obviously a clever, drawn-out way to post a real bug. The whole part about the RIAA is just to get you to read their bug post at the bottom. This is probably just an attempt to inject some amusement into bugtraq. It seems rather obvious to me.
This is so obviously a joke its not even funny.
> Things to keep in mind:
> 1) If you participate in illegal file-sharing
> networks, your computer now belongs to the RIAA.
Im sure glad there are no illegal file-sharing networks yet!
> 2) Your BlackIce Defender(tm) firewall will not
> help you.
> 3) Snort, RealSecure, Dragon, NFR, and all that
> other crap cannot detect this attack, or this
> type of attack.
Admitting its an attack, and admitting you are purposly designing it to avoid current defences, that will look good to a judge.
> 4) Don't fuck with the RIAA again, scriptkids.
Oh, your 13 years old?
> 5) We have our own private version of this hydra
> actively infecting p2p users, and building one
> giant ddosnet.
So any future DDoS we now can blame on these people who openly admitted to it.
GO get em yahoo and ebay!
> Due to our NDA with the RIAA, we are unable to
> give out any other details concerning the
> technology that we developed for them, or the
> details on any of the bugs that are exploited in
> our hydra.
An NDA is a legal document which cannot in any way override existing laws.
They admit to breaking numerous laws, and yet think a legal document will protect them?
I guess they really must all be under 13.
As a matter of fact, if my PC acts strange in any way shape or form, they now have opened themselfs up to a lawsuit.
They also claim the RIAA now has an illegally gained list of the perfectly legal files on my harddrive. This would be the perfect time for a large company to sue and request discovery, which would allow someone (generally feds, but still) to collect evedence (IE take any/all of their servers on the public network which ever have/had connections to a p2p network) which will cost them time and resources and frustrations. Then hopefully some evedence will be found as well.
My only wish is that alot of companys able to afford the legal fees open petty lawsuits aginst them for admitting all the crimes they have commited, if for nothing else than to cause them grief. Can also be used to harass the RIAA a little (Would be much better if the RIAA admitted this was true, but that will never happen.)
Turn the stupidity of the system aginst the enemy for a change.
The idea of an mp3 hacking the computer through the player is only slightly more credible than that of a txt hacking the computer through the text editor.
RPM's greatest asset: ability to catalog every installed file, including MD5 checksum, ownership, timestamp, mode, size, etc. So any "worm" has to not only trojan target files, by RPM itself. Good luck.
BTW, since all my executables are installed and owned by root, and since I log in as myself, wouldn't this so called worm need not only a buffer overflow in the executable, but some way to elevate its privileges to root? The bugtraq posting makes no claim that it does this.
Here are a few key B.S. things from his buqtraq post:
Yeah right. If there was any NDA, he wouldn't be posting this message to bugtraq.
Really? If it did I would be on the phone with the FBI getting GOBBLES the cyberterrorist thrown in jail. Breaking into other people's computers is illegal. If the RIAA was actually involved in this they would face a class-action lawsuit big enough to drive them to bankruptcy....think 95% percent infection rate and all those people suing them for theft of services, etc.
Look, the RIAA may be DOSing the P2P networks, but I just don't think they're stupid enough to break into people's computers. The P2P vigilante bill never passed, so these guys would be begging to go to jail.
Why are we posting trolls from other places? Doesn't slashdot have enough of its own?
Life is too short to proofread.
Gobbles is very tongue-in-cheek. Their posts, while they contain actual, working exploits, are meant to be funny. They deride or praise the list moderator, poke fun at script kiddies (shout outz duudz), and are generally pretty damn funny.
This is no different.
My main .mp3 playing machine has no internet connection at all. No modem, no NIC. I get my .mp3s from another machine, burn onto cd-rom, and then transfer over to the main machine and play or create audio compilations.
.mp3, the moment I play it, something should be going on, the hybrid should be cataloging all my .mp3s. Since I have several thousand .mp3s, I would suspect my hard drive to start spinning as the worm runs its course. Yet my drive stays down.
I have yet to see any kind of activity where some program attempts to access a dial-up or network connection.
So if I've got an infected
Methinks this is FUD on the part of the RIAA.
So rise up, all ye lost ones, as one, we'll claw the clouds.
force the makers of MP3 players to recheck their source code to ensure that such holes DON'T exist, this would be a way to do it. Publish an exploit, link it to all major players, invoke the RIAA demon, and watch the coders scramble. Right now:
- Coders are, I'm sure, crawling through their code to look for and fix any security holes,
- Users are running firewalls and packet analyzers to check for any worm-like behavior,
- Some P2P users are taking a second look at checksums.
If such vunerabilities exist, I'm sure they won't for much longer. If the Berman bill ever becomes law, there won't be much to hack.
The scary thing behind what was posted to Bugtraq is that it explicitly states that all digital media on the system is cataloged, and the list is sent to the RIAA. This assumes all digital media on a system is an illegal copy.
Yes, it does. And it shows what criminal, despicable, disgusting excuses for human beings work for, or with, the RIAA.
Sure, if the worm comes into your system over a P2P network, there's a good chance that at least *some* of your mp3s are pirated, but there's no way to differentiate pirated mp3s and those you ripped/encoded from your own CD collection.
All of my mp3 and ogg files are ripped from my own rather large, but no longer growing CD and Vinyl collection (because now I do not buy CDs, ever, nor will I, ever again). All of my avi's are recorded from my own television, my own animations, or my own media, and are not traded, ever. Indeed, none of my stuff is traded, ever.
However, I did install gtk-gnutella in order to download the hiliarious fan fiction Star Trek episode "Savage Empire", because the web site distributing the files had been slashdoted. A perfectly legal download, for which, if this story is true, these unlawful thugs have infected my machine.
I have enough money, and the will, to persue a very harsh lawsuit against these fucks if this story has any veracity, and if I am infected, and I will not hesitate to do so.
"In Corporate Fascist America You and Your Data Belong to the Copyright and Media Cartels. Bend Over and Enjoy the Ride, Consumer."
The Future of Human Evolution: Autonomy
Well, bad sentence construction usually indicates an American. Apparently, the US public education system is merely designed to instill a yearning for low quality cars, fast food and WWE into it's students - spelling, grammar, mathematics and any kind of art or culture seems to be off the menu
Hm. Interesting.
By the way, where are you from, son? If I was to judge you from your post, as you have seen fit to judge others, I'd say, hmmmmm, let's see... Arrogant... Cowardly... ridiculously placing foot in mouth by mis-using it's while criticizing another nation's school system...
France?
Part of me would like to go in to sermon mode here and proclaim how this is yet another reason we should begin work on educating the public and organizing a major boycott of all RIAA and MPAA tainted media in a specific time period...like for instance, Thanksgiving holiday weekend 2003 (boycott runs Wednesday morning to Monday morning).
Unfortunately, the general public does not care.
Add to that the fact that to be an effective protest, all downloading of RIAA/MPAA material would have to cease also...quite frankly I don't think most of you could go 5 days without downloading something illegal on Kazaa...
I want a new quote. One that won't spill. One that don't cost too much. Or come in a pill.
They ask why I downloaded all these pirated MP3s, and I simply say "I own all of these CDs. Downloading them was faster than ripping them."
"Can you produce all of these CDs?"
"No sir, I am sorry to say that someone broke into my car and stole a large portion of my CD collection. Good thing I had these backup copies in MP3 format."
How do they prove that I didn't ever own these CDs? If they accuse me of something, it is up to them to prove that I am guilty. Sound like BS on my part? I honestly haven't downloaded many songs from P2P, not that much out there interests me right now. I have downloaded (or gotten from friends) MP3s of CDs/tapes/records that I used to own. If the *media* wears out or breaks, do I still have fair use rights to that music? Am I buying the music, or the media when I purchase it? Ozzy Osbourne's Tribute album to Randy Rhodes is awesome, but my tape wore out back in '88. So do I still technically own that music? Previously, there was no other way for me to get it unless I bought another copy (or if I had made a copy of the tape myself). With digital media, this is easy to do.
This is a point that I haven't seen discussed much, but a very valid point for file sharing. Of course, there is no way for me to prove that I once owned that tape. So what do we do, start saving all of our receipts? I want some of the music I used to have, and I am not about to go shell out $19 for something that I technically already own.
My beliefs do not require that you agree with them.
Where to begin.... I'll only deconstruct the SecurityFocus message.
First, the fact that these programs have exploits is no surprise, but one media clip (probably MPEG (maybe MP3)), since while Windows Media Player and WinAMP offer universal playback, do ALL of them? Could one file even hit exploits in all these programs?
Second, since each is likely to have a different vulnerability, the amount of worm data in a file would be a decent chunk. Wouldn't it be noticed?
Third, an NDA would state that there can be no mention of it until it is ACTIVATED and USED. Now, Ad-aware-style programs will pop up to clean it if it exists.
Fourth, how many files would this have to be to get 95% of P2P users? The only way it could is by infecting every file you share, but SOMEBODY would have to notice that, whether the file size changes or some A/V data is thrown out.
Also, the idea of "specially formatted P2P requests" to inform RIAA is laughable. Even if the P2P software itself were compromised, a firewall user could notice it. Furthermore, consider the average media collection - hundreds of MP3s. Considering it would have to send artist name and song name, the amount of data would be well over 1MB unless compressed, and even then on dialup users it would have to be staggered.
Also, what kind of backend would this take? Multiple servers, a huge internet connection. Considering how big the P2P networks are, wouldn't this have to be a massive monitoring system? There aren't that many locations with these resources INSTALLED, so finding the facility would not be hard.
And why mention you have a IDENTICAL worm that you use to build a DDOS NET? Simple. Get those who don't care about privacy too much kicked up about that.
Finally, this sounds very strangely like RIAA-induced hypnosis - here are a few lines which show that they probably are lying and not even working with RIAA, just agree with RIAA's ideas.
"victim" (not the hard-working artists who p2p technology rapes, and the RIAA protects)
4) Don't fuck with the RIAA again, scriptkids.
Until we became RIAA contracters, the best they could do was to passively monitor traffic. Our contributions to the RIAA have given them the power to actively control the majority of hosts using these networks.
There are some spelling mistakes. There are factual holes that they cover with the claim of an NDA. In short, the probability of a hoax is about 98%.
Jeez.
He's trying to make a point - that running all this P2P crap blindly on your systems, -especially- Windows boxes, is a security nightmare.
Think about it; he's managed to get thousands upon thousands of people worldwide nervous and antsy about whether or not their boxes are in a semi-0wned condition. Why?
Because it's within the realm of possibility that something like this could be done. Not by the stupid RIAA, who can't even secure their own Web site, but by somebody a) more skilled and b) motivated to do something Really Bad, like build (and use) a gigantic DDoS network, or steal any kind of account/password info it can find, or any kind of documents which might contain proprietary information, etc.
The intellectual property aspect of filesharing aside, I personally think that anyone who runs a P2P app is asking to get burned. There simply hasn't been the kind of scrutiny turned on these things that we see on other types of apps and utilities (and we already know that the concept Gobbles is preaching about is valid due to the earlier KaZAa worm, etc.).
easy enough to write a counter exploit that hunts down and removes the Gobbles virus/worm
And then send the riaa a fake list of digital media
- We are the slashdot. Resistance is futile. Prepare to be moderated -
He's a little dork. I know, it's not terribly conducive to intellectual discussion to use words like "dork," but the word exists for a reason, and this is as good an example of that reason as I can possibly imagine. For one, "GOBBLES Security," which for a long time pretended to be a whole group of people, turned out to be one teenager. For those of us who were at DefCon X this past year and saw him talk, well...you know what I am talking about here. For those of us who remember when he first started posting on the vuln-dev list on SecurityFocus, well...you know what I'm talking about too. As for the rest of you, I implore you, do a little research, because this dork thrives upon people not knowing what a child he is. I wouldn't believe him if he said he had proof that Bill Gates was a capitalist.
For your security, this post has been encrypted with ROT-13, twice.
This is like saying you can embed a network-aware virus inside an image file. Even if such exploit is feasible (I really doubt it), the worm could easily be stripped on the fly by each p2p client or by the mp3 player. Also, I'd like to point out:
- If the worm exits, one could reverse engineer it and point it back towards the RIAA's machines and DOS their servers. It would give them a taste of their own medecine (DMCA).
- may be it's time to switch to OGG ?
there's no place like ~
According to the Bugtraq post, the exploit GOBBLES posted is not related to those supposedly funded by the RIAA, and was supplied only to prove that GOBBLES is not bluffing.
Keep in mind that GOBBLES has an odd sense of humor, and a penchant for disinformation, and no great reputation for being socially responsible. It is highly unlikely that GOBBLES would be able to obtain employment from the RIAA.
Given all that, GOBBLES has a flair for showmanship - the pseudo-russian posts to Bugtraq in 2001 are attention-grabbers, that made GOBBLES visible in the security community.
This new bit of hyper-FUD will no doubt cause all the P2P coders to take a harder look at their programming, and if the worms actually exist the end result will be stronger MP3 player software.
"It took us about a month to develop the complex hydra, and another month to bring it up to the standards of excellence that the RIAA demanded of us."
Are they anything like the standards of excellence used by the RIAA webmasters?
WhatEVA
Another thing, people seem to be missing the boat on the legality issues as well. Yes, this probably is illegal, but it is exactly the sort of thing that would be legal under proposed legislation (not passed, but not dead either as far as I know). I'm too lazy to post a link to a relavent /. story, but I'm sure people can find it if easily enough.
Earlier the RIAA focus appeared to be on impeding the transmission of illegitimate files. Although that might be legal, they wanted immunity from prosecution for screwing up or crossing the line. Obviously (?) they should not get it; if they want aggressive means they'll have to persuade the gov't to do the intrusion. The more expansive idea of allowing them to install malware is nuts. We don't use the posse any more.
But also insane are the current punishments for hacking, equating the activity with terrorism. It's a serious offense, but the law is based on hysteria that robs the courts of the ability to make intelligent sentencing decisions. The RIAA is right to fear it.
*
My Q is who was the idiot who thought putting executables in MP3 files was a good idea? Can this be defeated at least as the default? The same one who thought up scripts in email? Whatever stunts the RIAA can pull, anyone can, profiting from the relative anonymity of P2P.
MP3 files should be data, like a JPEG. Throw the clown who created the security hole in jail and fix the problem so the RIAA and everyone else can't touch a thing.
Doesn't sending virii fall under the Anti-Terrorism Act? Couldn't every employee be held accountable for terrorizing the world, and pretty much all be fined and locked up in jail for doing this if it were true? This would be a MAJOR National Security breech because more than likely some of the Government cpu's have this worm, which would be catestophic. Couldn't they technically get the death penalty for this?
Though their "lines of bullshit" have a habit of turning out to be improbably true.
I don't pretend to know much about the gory details of how it works, but P2P has never struck me as the best way ever invented to ensure the integrity of your system.
Last week a client asked to bring his PC into the cybercafe to download some files using eDonkey. After a couple of days, my observations were that
So I told him to take his eDonkey elsewhere... is there any way to know what you are really connected to with this sort of system?
Virtually serving coffee
a simple solution that I am shocked not to see on slashdot yet - convert to Ogg.... the slashdot knee jerk herd mentality reaction - it's spiffy.
Please give your mod points to others, Im at the cap. They will appreciate it more
If a worm can get root privilege, it can install a rootkit as a kernel module. This module can be invisible within the kernel, can hide processes/connections from system calls (i.e., from anything that runs on the machine), send/receive information through backchannels and so on. Because the rootkit is god, it is impossible to tell whether or not one is running unless you know exactly what to look for.
There exist several well-known kernel module rootkits out in the open; if the Gobbles/RIAA worm or anything like it existed, chances are it would use a similar technology. There Systrace would not detect it.
If you're a hacker, then, yah you'll get busted. However, if you're protecting your IP, then all the sympathetic biz types will smile in your direction.
Remember, there is a huge difference between law for the common man - you and I - and law for the corporate man/company, i.e. Enron, etc. We've already got Berman leaning in that direction and I don't see the RIAA sweating it. When people are faced with extinction, they'll do anything.
And frankly, for everyone that says it's impossible to do this, well I ask why? And think of this, no one is mentioning anything along the lines of numbers of possible infected files. The latest Britney hit only has a worm for Windows? Well, then we'll just tuck one into -Song X- here for all you Xmms users; albiet there are probably not nearly the numbers as Win users. Point is is that there are millions of files on p2p networks. Why assume just one is infected? I could see the RIAA uploading entire catalogs for each and every platform. I dunno, I'm not dismissing this yet; I think it's very possible.
Think it's time to look at the 'ol source..
I realize that pirating is illegal, but wouldn't intentionally infecting machines/networks with virus/worm/etc also be considered illegal?
Wasn't there something in the patriot act that discussed federal jail time..
Or as they now powerful enough to be exempt from the law?
---- Booth was a patriot ----
If it's a RIAA operation, it's probably psychological warfare rather than a technical operation. If the RIAA can make people afraid of file-sharing networks (or of being arrested for possession of illegal MP3s; and possession of more than a certain number may automatically count as trafficking/piracy under US law), they can make people log off, or even better, delete their MP3s. Then they sell you back your MP3s in DRM-locked pay-per-play format and laugh all the way to the bank, and the apparatchik who thought up the scheme gets a hefty promotion.
If this is followed up with carefully spun news stories of SWAT teams raiding MP3 pirates, arranged just so that the sufficiently paranoid can put two and two together, then it is more than likely that this is part of a disinformation campaign.
A great number of users aren't in America, and I doubt if the RIAA were stupid enough to do this attack they would be clever enough to restrict to US users.
If for instance they got a UK users there are a number of UK laws that would be applicable includding the data protection act. In short the RIAA would be guilty of illegal activity for mearly trying to get details of the contents of my HD without a court order. Downloading that knowledge and altering files on my PC would be seen as a serious infringement of a number of laws and I could reasonably expect to win very large damages in a UK court, irrespective of whether there was illegal material on the PC or not.
I'm assuming that US law is the same as UK law in that illegal methods cannot be used in order to obtain evidence and any case based on that evidence would have to find not guilty?
Fourth, how many files would this have to be to get 95% of P2P users? The only way it could is by infecting every file you share, but SOMEBODY would have to notice that, whether the file size changes or some A/V data is thrown out.
This one's EASY. All need be infected is one or two Britney Spears mp3s ("Oops, I did it again" is a sure bet) and you'd nail EVERYONE because it is virtual certainty that everyone on P2P networks has at least one or two Britney Spears songs. Go ahead, you can admit it.
In Bushworld, they struggle to keep church and state separate in Iraq as they increasingly merge the two in America.
IANAL, but believe me, any and all governments land hard with both steel-shod boots on the backs of people who spread worms and viruses. Look what happened to the asshole who created melissa. Multiply by a couple of orders of magnitude and there it is. Life in prison.
Now the world has gone to bed, Darkness won't engulf my head, I can see by infra-red, How I hate the night.
In the world of buffer overflows, all data is potentially executable content. (In an older version of Microsoft Outlook, even the subject line of an unopened email could infect your computer.)
I am still a law student, but I took my criminal law final 4 days ago, so I'm pretty up on 4th amendment law (standard don't take this advice disclaimer applies). But with only 1 semester behind me, I know there are vast holes in my knowledge and understanding. However, here is my analysis:
A search is not legally considered a search if someone voluntarily shares the information with the public. For example, the police can get a list of the phone numbers you've dialed and see your bank records or look through your trash without a warrant. As people are voluntarily sharing lists of their mp3s over p2p networks, compiling the very same list for use in a criminal prosecution would absolutely be legal.
Now, the RIAA is on shaky legal ground because of the method they've used to compile the list -- they would certainly be liable for any damage they caused to your machine via this exploit -- but proving actual damages would be very difficult. And, as far as I know, they'd be well within their (legal, not moral) rights to prosecute you if you went after them for hacking your machine. They might not be as stupid as they seem...
Systrace is neither toy, nor flawed. It works very well, and is quite easy to use. I think it's clear you've never used it, and are just trying to pass off your own preference by enstilling fears about the competion.
There's a whitepaper from someone about why, look on the internet
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
I can only imagine the hell the music industry will go through if they create a technological war with the geek population. They might pull a nice trick and win the first round but then the worlds geeks would take notice and be shaken out of their lazy habbits and be really pissed off. Once all those geeks fix their security holes I'd imagine their first line of business would be to return the favor. Is the RIAA so sure of it's own systems that they'd pick this kind of a fight? Some of us can do some pretty nasty tricks but tend not to out of laziness and generally being upright citizens but if you attacked us first then all bets would be off. They do realize that everything from their corporate web servers to their home phones and personal bank accounts are suspect to revenge - don't they?
Besides there are those of us developing our own much more advanced P2P networks with 100's of gigs of high quality data of our own. Networks that would make it very hard to disrupt things. Squash the shitty P2P networks to much and it just makes it easier for us to get enough users on our networks to reach critical mass.
At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.
I started noticing corrupt files on gnutella about a year and a half ago- at which point I abandoned the network. I also abandoned kazaa because it was getting too popular and I figured it would only be a matter of time.
I am 100 percent certain that the networks I currently participate have neither been wormed nor filled with corrupted files. It is very difficult to get a corrupted file when the releasing group identifies each file they have released with a unique hashcode, filesize and name. Additionally, it is hard to sue a network when 99 percent of the servers are overseas, in countries with no laws regarding file sharing.
I would name the networks I am currently participating in, but everyone who has a business knowing is already there.
Come on, this is about as realistic as the computer jargon you hear on TV.
"My Subnetwork ping redistributer is down! I need to reboot my LAN before the virus infects my ethernet cable and gets everywhere!!!"
And yet I see people saying "this is probably not true" or "this may be a hoax", or "if they're doing this it should be illegal!". Come on. For Christ's Sake, this is totally idiotic and anyone with an iota of computer knowledge should immediately dismiss it.
I don't care if Linus Torvalds himself came out and said he'd done it, I'd laugh and point.
"First, all p2p-serving software on the machine is infected, which will allow it to infect other hosts on the p2p network."
/usr/bin/limewire
/usr/bin/limewire: Permission denied
[bash@localhost]$ echo >
[bash@localhost]$
If you read the artical, you'll see that they code they released was for a UNIX Mp3 player, which means they certanly have the capacity to infect Unix machines using mpeg123, I doubt windows programs would be much harder, and I DID just upgraded winamp to cover up a buffer overflow problem in the id3 tag...
An MP3 based virus is possible these days, and it could easily spread to all your mp3s once activated. (even on unix, since obviously your mp3 player is going to have access to those files, unless they are read-only)
autopr0n is like, down and stuff.
Lets not forget who were dealing with here.... these are the same people who claimed confiscation of thousands of cdroms in a raid, when in fact it was just several fast cd burners.... their justifaction of the false numbers... These burners were really fast, thus they were equivalent to thousands of "Normal" cd burners...
they probably just got it to run on a couple of systems and then multiplied that by the number of users on the p2p net.
The Code Ninja is swift with his tool, precise in his delivery, and deadly accurate in his execution.
catch the "worm" find out what the address it sends back to is and create a Distributed processing client that does nothing but sends random jibberish to that address.. if you get 95% of the clients pissed enought to install the fight.back.exe client you can have some real fun... and it needs to be distributed so as the "address" changes all the running RIAA-bash clients can easily be updated.
if they want to play, time to show them how hard we can play.
Do not look at laser with remaining good eye.
If you're talking about simply sending queries to a p2p network and storing the list of files that they have, that's not going to be illegal
But sending someone a virus that infects other mp3s certanly is.
autopr0n is like, down and stuff.
... They meant the EQUIVELANT of 95%.
In reality there is a total of 0.5% of infected computers. Some of these however have fast (over 1GHz proccessors), bringing the total percentage to the equivelant of 50%. Additionally some had large harddisks, allowing more illegal MP3's to be stored. Hence the equivellant of 95% whole computers.
and then they can be put into everybodies packet filters.
If the RIAA were stupid enough to do this their network connectivity would drop to nothing in a few days, and any ISP that continued to host them would also find it's packets directed to the bit bucket.
Now, what if someone else looks at the code (disassembled/decompiled or by finding a source copy) and exploits things to use the compromized hosts to launch (as mentioned) a ddos attack against some tempting target.
Now, who is responsible? In particular, who goes to jail or gets sued?
All the parties are guilty of some crime and certainly of contributing to the problem. The last guy in the chain is likely to be the biggest target, but the rest are certainly culpable.
Would the answer change if the ddos were the result of a bug and the hydra writer were under contract to the RIAA?
Or if the RIAA (or one of its major members) were itself the target of the attack?
Keep the lawyers busy for years and years this would.
As a side note I suspect that if such a beastie were built and let loose that the reporting itself would amount to a ddos.
I download many mp3s via p2p, easily putting me in the 95%, I ahve zone alarm running on my P2P, and have never had any hits attempting to go outbound, with the latest versions of zone alarm, they can't merely mimic application names to get through, wouldn't this BS be provable by someone out there monitoring outbound network traffic....I'm calling HS hoax
I have great faith in fools; My friends call it self-confidence. Edgar Allan Poe 1809-1845
Oh sorry guys, we didn't mean to infect the p2p networks, really. It turns out that one of the people responsible for manning our monitoring systems accidently infected the monitoring system with a virus which then found it's way into the p2p network. We're really sorry we know absolutely nothing about technology, oh and please go pay $18 for a cd instead of getting them off of a p2p network, it would really suck if you accidently got a virus because you used p2p.
"Not knowing when the dawn will come, I open every door." - Emily Dickinson
...for the seventh time? Yeah......whaaaaat-evr (in my best Squidward voice).
It's also illegal to snoop into other people's files. Just because it is sitting in an open file share doesn't mean that it's legal for you to copy it. If you take it, and then use it, you are consenting to anything it would do to you.
Using that same logic, I don't think they'll have much trouble defending themselves in court.
Free unix account: freeshell.org
This is from Winamp.com... Probably not exactly what the "worm" says is there as a security flaw, but even so...
"Some people just have too much time on their hands. Looks like someone out there discovered how to make programs crash by screwing around with the id3 tags in music files. We have taken measures to block anyone from taking advantage of you by adding a few security fixes to both Winamp 2.81 and Winamp3.
We would like to say that these builds have new features but in actuality they are the same versions of the programs that you already know and love. However, to be fully protected, we suggest that you download the latest versions of them from our site right away.
If you haven't downloaded Winamp since 12-17-2002 then you are vulnerable to the security exploit. "
graspee
If it does auto spread, I'll be looking for a listing on F-Secure or McAffee's website. It's the quickest way I find if something is a hoax. If it is real, I would expect it to have been discovered and included in the signature files. If it is real and not included, it would be bad publicity for the anti-virus guys. I don't think they would like to face the publicity of having a real worm ignored and permitted to propogate. The competition that did not hide a real worm would get my business in a hurry.
The truth shall set you free!
$ su /mnt/mp3/*.mp3 /mnt/mp3/*.mp3 /mnt/mp3/*.mp3
% useradd mp3owner
% chown mp3owner
% chmod 444
% exit
$ xmms
The masses are the crack whores of religion.
40% of this probably counts all the copies of Brittney Spears and Backstreet Boys songs squirming across P2P, often masquerading as different files. Personally, I'd rather take a real virus than these - an Antivirus can find trojans but none of them seem to have a feature to detect boy/girl-band of the moment type audio files.
I submitted that the other day, and got refused. Kicking myself for not taking a screenshot of the page too.
Probably with similair bugs in the programs. Remember the buffer overflow bug that existed in both WinAmp and WinXP? A single infected mp3 or wma file could take either application.
The fact that XP goes and reads the ID3 tags on every mp3 file was just icing on the cake. You know, there was a time where users got to decide which files should be opened, not the OS.
Article here
Free unix account: freeshell.org
Comment removed based on user account deletion
Since it is not yet legal for copyright holders to go hacking at will, they have committed felony computer tampering. All we need to do now, is copyright our directories (the listing itself) so it becomes a DMCA issue.
Apparently, the school system you attended should have spent a little less time teaching effete snobbery and a bit more on English. Corrections:
Before criticizing someone else's English, you should at least know that "it's" is a contraction for "it is" and subject/verb agreement.
Rome taught me patience and assiduous application to detail. Virtues which temper the boldness of great, general views.
BZZZT! And thank you for playing. Here's your lovely parting gift.
Don't have any Britney MP3s. My daughters have some CDs, but have (thankfully) outgrown them. She's a no-talent with a lousy voice, IMNSHO.
Fascism starts when the efficiency of the government becomes more important than the rights of the people.
How could one go about doing a batch hex search of all his... files ... for a specific hex signature? I've been using hexcurses to try to find the shellcode from the exploit, but I can't look at more than one file at a time.
ok, so you exploit a buffer overflow in xmms, then what? how many people are running xmms as root? i'm kinda slow, so bare with my ignorance. how does a buffer overlflow in xmms give a "normal" user the ability to infect the operating system? how does one write a worm to infect multiple operating systems on multiple platforms efficiently? this sounds a bit hokey to me.
-- john
The RIAA's web site gets hacked so damned often that it's not really news. Well, okay, it is news, but it's news like "rained yesterday" or "somebody found another hole in IIS" or "CmdrTaco misspelled something."
Forward, retransmit, or republish anything I say here. Just don't misquote me.
This is not surprising, since it's clear that Gobbles does not like Theo, but it is significant if it is true.
Gobbles?
Jesus, then it's probably not real.. anyone remember his "security alert" about awhttpd? Basically, the "vulnerability" he described was Lynx retrieving the file from his local filesystem via a file:// URL-type.
A reply, showing just what an idiot this "Gobbles" is is here
I read the article, and a couple dozen expanded articles linked from there (including Gobbles' own long rants). To what degree it's true I can't judge (and I don't run any P2P myself). But I was struck by how much this Gobbles guy sounds like a script kiddie himself -- full of malicious glee at buggering someone else. If I were the RIAA, I'd be very, very afraid of what backdoors he'd planted that could come back and bite them in their own ass.
~REZ~ #43301. Who'd fake being me anyway?
"The apostrophe is used to indicated contraction and possetion"
The posession bit only works with proper nouns, such as "Mike's" or "Joe's." The posessive pronoun is spelled "its." If you had to include the apostrophy in the pronouns, you'd also be spelling the masculine pronoun "hi's".
If they have the same people securing their web servers as "infesting" peer to peer networks I don't think we have much to worry about.
j pg j pg
Please view some screen shots from the last 96 hours.
http://iworktoomuch.com/images/riaa.com-download.
http://iworktoomuch.com/images/riaa.org.jpg
http://iworktoomuch.com/images/riaa_tooled_again.
The apostrophe is used to indicated contraction and possetion, it's not used before the s in plurals. '...WWE into it's students' indicates possesion (ie students of the USA's (--see) education system) so the usage was correct. as for the sentement, yeah, that was a little generalised and bigotted. :)
http://illuminosity.net/learn/english/apostrophe/
From the page you linked:
The possessive pronouns its, his and her are all used without apostrophes. If you use an apostrophe in its, then it's the contraction for "it is".
So the usage was incorrect. it's == it is. Always.
P.S. It's "used to indicate", not "used to indicated"; "possession", not "possetion" or "possesion"; "sentiment", not "sentement"; and "bigoted", not "bigotted".
That said, if English is not your native language, I don't think it's fair to criticize you for using it incorrectly. *That* said, my second language is Spanish, and my Spanish spelling and grammar are impeccable, so it's not impossible to learn another language thoroughly. And, yes, I was educated in American public schools.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
the world portrayed in this statement is not the world as it is now. it is the world that will be some day if entertainment companies don't figure out a way to give the customer a better reason to buy their products. legislation will not make consumers want to buy content they don't think is worth money. people buy DVDs and video games more and more all of the time. unlike VHS, DVD has extra features. something extra was given to the buyer to make it worth the higher purchase cost and increased copy protection. the video game industry continues to flourish because it continually strives to make new, different products (at least visually) and it has kept up with copy protection over time. there is some degree of copyright control, but the consumer has also been taken into consideration.
the RIAA and the MPAA dropped the ball and now want someone else to clean up their messes. let them clean it up. don't allow any industry to become vigilantes protecting its own interests. banks are not allowed to hunt down suspects in robberies. it would be a terrible precedent to set.
these "free" copies being distributed on the internet are lower quality than the originals they come from. if the free stuff bothers the industry, the industry should give consumers a reason to buy original copies other than, "we want you to." put DRM all over it. require new players, whatever. but make sure the consumer has incentive to accept all of that. do not bite the hand that feeds you. the industry feels cheated. if consumers didn't feel cheated by what they are offered, they wouldn't go looking elsewhere for free alternatives. if the content were compelling, people would pay for it.
you probably shouldn't have read this.
What makes this hoax so good, if it is a hoax, is how utterly plausible it seems, even to a well-trained engineer. The only things that don't fit, actually, are their announcement, as many have said, and a small detail about application signatures, which I'll get to in a minute.
If their request looks like a regular query or other baseline P2P activity, it will be like finding a needle in a haystack the size of the empire state building to discover it by packet sniffing.
It gets worse. Fasttrack is encrypted over the wire. If anyone has the keys besides its creators, they're keeping quiet about it. You can't even sniff it, let alone begin the impossible process of distinguishing a few spurious bits of baseline-appearing activity (which could use the very nature of the network itself not to always be directed towards a specific host or set of hosts).
Talk of being protected from this by Symantec or another AV vendor is just talk. There is no mention of protection against this or any similar worm in the published databases. Generally these AV systems can only protect you from A) things they know about, and if we can't find this, neither can they, and B) things that might do harm, i.e. "You didn't just select the Format option, did you?" Further, there is nothing saying these guys would take our side over the RIAA's if there were a dispute about what was a virus and what was "legitimate." Especially if there were a hefty bribe on offer.
The government is not prosecuting over 99% of the people involved with Enron, and those guys turned the lights off in California. What makes you think they'll bite this particular hand that feeds them either?
Protection from personal firewalls is more tricky, and this is where the implicit proof that this is a hoax lies. Most personal firewalls are very dumb - they grant blanket permissions to an application, or not. A few will go farther (like Agnitum's excellent but utterly unstable product) and authorize only specific kinds of activity (so authorizing Winamp to call home to check for an update doesn't authorize it to call anyone else). But regardless, for P2P software, which talks to everybody, these firewalls basically just give up and let them do whatever they want.
But on the upside, almost all of them checksum the applications they are watching... so any virus/worm/whatever which attempted to modify your P2P software would immediately be detected and stopped. Hundreds of thousands of people would have noticed this worm, if it existed.
Hence, hoax.
Want to Know How to Cheat the GPL? Read On!
The partition which contains my MP3's can ONLY be written to by root and not any regular user under which file sharing programs operate (I am not stupid enough to run Direct Connect et al as root). To top that off, the integrity of my entire filesystem is verified by integrit and I get reports about changes made to my filesystem by email.
Oh yeah baby, this will fly.
See this mail, this chapter and the rest of the NSA paper
Saying that NSA has characterized Systrace as flawed is wrong, IMO.
/Styx
It's very possible if there's a buffer overflow condition in the decoder. In that case the MP3 player doesn't just "skip it". An overflow can cause the data to be written over-top of parts of the running program's code. Normally this just causes a crash, but if carefully designed, the overflow can be used to inject in exploit code instead. From that point on, the program is running altered code and you may never be aware anything's happened.
Well, no. Who's to say it will go for your MP3s, MPGs, etc? It might just infect your system instead. besides, systrtace will prevent your system from being taken over... Tripwire will only let you know when it happens, and then, only if you correctly anticipate what it is going to change.
It could just as well be in a few popular songs, and not try to spread at all. It gets downloaded and played on your system, and it gets uploaded from you by others, without touching any other files. Maybe all it does is make a list of your files, and sends the list back to the RIAA. In any case, systrace configured properly will stop it in it's tracks.
(No I don't believe it either)
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
YHBT
YHL
HAND
Assuming such an exploit exists, isn't it also equally plausible that someone who doesn't like the RIAA wrote such a worm that would appear to come from them in an effort to get them in legal trouble?
Clearly this is a contrived hoax.
Nevertheless, it could be instructive to consider the implications of how this could be accomplished. In doing so, we could establish a baseline and get a sense of things to look for if an exploit of this type were to be produced in reality.
Here is how I would create such a system, with an effort to address the many problematic areas pointed out by other readers. I invite all criticism.
1) A system can be created, using p2p protocols, to build a database of known infringing hosts. You simply ask p2p hosts for copyrighted files and make a note of what you get.
2) At a specific time, trigger a latent feature of software on the infringing hosts to expose personally identifiable information tying the infringing host to an infringing user for prosecution. This could be triggered by something as innocent as a remote system requesting an otherwise non-existant file with a special "trigger" filename.
3) The exposing feature would only be triggered on those hosts which have already been proven to be serving infringing material, only on those hosts which are within the requisite jurisdiction, and only after the proper warrants (authorizing the search) were secured. The information would simply not be requested from non-infringing hosts, or from hosts where the proper legal access could not be obtained. This should addresses any "illegal search" concerns.
4) It would be legal for a p2p client manufacturer to willingly include such a latent feature within their pre-compiled binary. This represents an "infection vector" which would not be detected by any virus scanning, or by looking for modifications to executables. Other infection vectors, such as the proposed MPAA "worm" would be technically possible, but likely untenable in a legal sense. The "infection vector" need not even be associated with the p2p application, a 3rd party DLL or service pack could provide an infection vector even on systems which use "historical" (existing prior to the development of this system) or open-source p2p client applications.
5) Since no "out of the ordinary" information would be sent until the moment the feature was triggered, network analysis would not detect the latent vulnerability. The only hint of a system compromise in this fashion would be the analysis of the date sent in response to a request for this non-existant file. Encryption could be used to obfuscate even that.
6) Since the p2p client has already been proven to be capable of sharing files with remote systems, no possible configuration of firewalling (or similar technology) would prevent the transfer of the requested personally identifiable data to a remote requesting system, provided the requesting system masqueraded as a simple p2p client requesting a willingly shared file..
7) The latent feature would be technically capable of performing any action the owning user is allowed to perform, inclusing relaying personally identifying information, compiling a list of all files on the system (or just those which are being illegally published), or any other action. In actuality, I suspect the latent feature would be only a stub allowing a more specific payload to be downloaded. This would allow the eventual exploit to collect only that information for which legal authorization to collect exists. This also allows the exploit to be developed for a specific hardware/os configuration. Most importantly, the development need not be done before this system is set up. Specific development could be performed up until the instant when the exploit needs to be delivered.
Such a system would, I believe, meet all the criteria of respecting user privacy, and acting within existing legal framework, while providing the access vectors which the proposed "MPAA worm" claims to offer.
No, I'm not really happy about what I've just written. Please shoot me down.
The thing about things we don't know is we often don't know we don't know them.
Is exactly what I will do if legislation like Berman's and all of the other stupid, dinosaur-Entertainment-cartel-protection-racket legislation passes.
As a professional in the IT industry and as an American citizen (NOT CONSUMER!), I care so much more about the usurpation of the American political process by and transfer of control over my rights regarding my personal property to big (mostly global) corporations than I do about what you mischaracterize as "piracy" -- piracy is commercial activity, passing out tapes for free on the streetcorner is not, and may even be protected under the Audio Home Recording act -- THAT I SIMPLY WON'T SPEND ANY MONEY ON ENTERTAINMENT AGAIN!
Read this, Rep. Goodlatte -- if that is really who you are -- over the past 5 years my income has been significantly higher than the national mean, due to my profession. I have spent an enormous amount of money on entertainment, computers and consumer electronics.
But with each step further into my home that the Entertainment industry attempts to exert power, my consumption has dropped and will continue to.
I do not, AND WILL NEVER own a DVD player thanks to CSS, region coding and other corporate attempts to control my private behavior.
I do not, AND NEVER WILL own an HDTV thanks to the broadcast flag and rules and legislation being proposed which seem to be designed to make things like the Linux computer which so empowered me (by, for instance, providing me with a learning platform which I used to leverage myself into this income bracket in the first place) illegal.
When ALL TV broadcasts are digital and protected, I won't be watching TV, and I'll just be one high-income but UNREACHABLE to advertisers "permanently potential consumer" thanks to you. Ask GM, Proctor and Gamble, and Pepsico how they feel about that. I will also be unable to view your campaign ads or those of like-minded fools who run for office in my district.
When ALL movies are only rentable on DVD (about 50% are only on DVD at my local Blockbuster now), I'll stop renting movies, AND MPAA MEMBER COMPANIES will stop receiving that much more of my large income -- as a frame of reference, I currently rent about 3 movies a week. By then, maybe even my wife will be so incensed that I'll be able to convince her of what I've been unsuccesful at convincing her in the past -- that we should stop going to movies alltogether.
If it gets to the point where music is only available on media or devices that are likewise crippled, I'll DISCONTINUE ALL MUSIC PURCHASES. I've already greatly curtailed my previously prodigious music buying behavior due to my outrage at this whole DRM regime bullshit.
And you know what? That's all fine by me. I own a guitar and a computer that can record music; I'll make my own music, and probably even give it away -- PROBABLY BECOMING ONE OF JUST MANY PROVIDING COMPLETELY FREE COMPETING PRODUCT for "consumers" to choose over that of your corporate pimps.
I have friends who own conventional and digital flim equipment.
I have a computer with which to compose and disseminate my views.
Unless you plan on making all means for individual citizens to produce their own entertainment and their own news media, you'll eventually fulfill the exact opposite goal of all this legislation; you'll help impoverish the very companies you're trying to protect. Let's see if they continue to fund your campaigns then!
Our forefathers died for (and grandfathers fought world wars for) freedom, NOT FOR DISNEY!
But I guess you can't tell the difference.
The only comments on this entire page worth reading are those labeled +5 Funny.
Build stuff. Stuff that walks, stuff that rolls, whatever.
Almost clearly a hoax. If not, one of the most pea-brained foolish things a corporaton (or conspiracy comprised of plural corporations acting in concert) could do. Worming another machine without consent violates, at least one or more of the Computer Fraud and Abuse Act, the Electronic Communications Privacy Act, or the Computer Crimes Act of the several States.
Aside from criminal responsibility, most of these laws provide tough, nasty civil remedies and, when combined with punitives for torts relating thereto (like civil conspiracy), could cost the companies their tickets to exist as corporations. This would be a plaintiff lawyer's dream.
And these companies know that.
They, themselves, while lobbying for the technology regulation bills last year explained how they would need special legislation to engage in this kind of self-help. The mere fact that they paid high-powered lobbyists to make that case to the Congress would probably be enough to satisfy the willfulness and intent elements of the civil actions.
In short, if RIAA is doing this, be thankful -- it will be a very fun year. For precisely that reason, it is a dead nuts lock that they aren't pulling such a boneheaded stunt!
1. Form a business
2. Create a new document storage system, which stores the data in the filename and which coincidentally has the suffix ".mp3"
3. Put some secret stuff in it
4. Install a file sharing client, and connect to a network
5. Worm sends a list of your "mp3" to RIAA
6. Sue RIAA for industrial espionage
7. Profit!!
"People that quote themselves in their signatures bother me" - athakur999
The flask paper has a one paragraph argument against system call interposition. Basically the time of check is not the time of use and there may be different names to address the same resource, in other word aliasing problems.
These are valid arguments that show problems for a system call interposition tool. However, Systrace is a hybrid system, it has parts in the kernel that allow it to get whatever additional control it requires. Aliasing is not an issue in practise because resource names can be normalized and the remaining aliasing problems are merely hyptothetical. The same goes for the TOCTOU argument. In practise, you can ensure that such race conditions are not relevant.
But let me ask you another question. Have you ever used a system that is based on Flask? Or do you know anyone who has?
On the other hand, Systrace is available for GNU/Linux, Mac OS X, NetBSD and OpenBSD.
Sorry but I don't buy it. This story reeks like a mushroom farm.
First of all, in order for an MP3 file to cause a virus infection the player or P2P software would have to handle the malformed MP3 incorrectly. There would need to be a buffer overflow or some other exploit available that could be used.
Second, anyone creating a worm such as this would be prosecuted and/or sued out of existence. Consider these problems:
If the RIAA infects one of it's own MP3's with a virus and places it on a P2P network, the placement of the file by them is implying consent for other's to download it. So they would infect (do damage) to a person who is well within the law.
If person 1 downloads a worm and his system becomes infected and person 2 downloads A LEGITIMATE file from person 1 and becomes infected then person 2 has been damaged by the creator of the worm even though he has done nothing illegal. So not even a vigilante law would protect the RIAA from lawsuits.
The thing that the RIAA does not care to acknowledge is that P2P networks have a legitimate use. Not all files traded violate copyright law.
The race isn't always to the swift... but that's the way to bet!
You said that you will never buy CDs again.
Let me suggest something: go to any New Year's Eve "First Night" event (Williamsburg, VA has one, for example. So does Charlottesville, Harrisonburg, Norfolk... but I think they're nationwide).
Take a bunch of money with you (the ticket only costs $7, and you'll be able to go to 5-8 shows before the evening's fireworks). Buy CDs -- they'll have been produced by artists too small to get or want RIAA representation. They'll have been hand-produced, essentially. If you hear something you like, then buy it. *Ask* them if they mind you sharing over P2P or internet radio -- they may actually say "Please do."
I think I remember buying something from a group called "Trapezoid". But the group wasn't half as good as the woman and husband team that relaxed from playing by doing performance art. As befits a family event, it wasn't pornographic performance art, either. One performance was a story about her mother's wedding hat; another was a story about her father's singing lessons. *Extremely* entertaining.
But go ahead and buy CDs. Just don't buy RIAA CDs. They aren't worth listening to, anyhow [unless it's classical or jazz... but you still can find good stuff elsewhere].
Correct Horse Battery Staple: 72 bits of entropy. Enter "Correct H" into google. When it generates the phrase, that's
It sure seems that the RIAA is opening themselves up to class action suits and civil and criminal actions. Would someone who is a lawyer give an opinion? This is also classed as "cyber-terrorism" afaik.
"...not that there's anything wrong with that." (Seinfield's a genius.)
With all the foaming at the mouth about how this is probably a hoax, etc., etc., no one seems to have bothered to check into the presented
. /tmp/sploit/mpg123/mpg123 sploit.mp3 .r amesize))
exploit. I did, last night. I found that mpg123 is indeed vulnerable to this attack, and I'll explain how:
mpg123's stream-handling mechanisms appear to rely on readahead to the next frame in order to verify the correctness of a file. Specifically,
in initial checks to see if the given file is a mp3 or a WAV, it will calculate the size of the first frame, and confirm that the next bytes
after that contain another valid mp3 frame header.
The frame header is a 32-bit value starting with 13 1-bits, then other pieces of information about the format, such as layer, bitrate,
sampling rate, etc. This is the key to the exploit: they create a frame header that indicates "MPEG 2.5" (low-sampling-rate enhancements),
layer 2, 160Kbps, 8KHz. The code at common.c:560 determines that the frame size thus should be 2877 bytes.
The problem comes when you look at common.c:158, which creates a static, fixed-length buffer on the function's stack (bad Bad BAD!). It turns
out to be 1920 bytes long (MAX_INPUT_FRAMESIZE). At common.c:240, a call is made to rds->read_frame_body, which is found in this case at
readers.c:282. It loops through the buffer up to the given size (which is 2877!!) reading in from the orignal stream into the given buffer.
There's a little problem with that, though: the buffer is only 1920 bytes long.
The result of this is that the stack is smashed, all the way up to the top of the function's stack and beyond, into the arguments given to the
function, which includes rds. The very next operation, at common.c:243, is to once again dereference rds and call head_read(). Except now
the rds pointer is overwritten, and it can call any code it wants. Game over.
To verify this, simply run mpg123 in gdb:
[omega@omicron sploit]$ gdb mpg123/mpg123
. .
(gdb) br common.c:240
Breakpoint 1 at 0x804c2b0: file common.c, line 240.
(gdb) r sploit.mp3
Starting program:
High Performance MPEG 1.0/2.0/2.5 Audio Player for Layer 1, 2 and 3.
. .
Breakpoint 1, sync_stream (rds=0x806d780, fr=0x806dbe0, flags=65535,
skipped=0xbfff9cf4) at common.c:240
240 if(!rds->read_frame_body(rds,dummybuf,frameInfo.f
(gdb) p rds
$1 = (struct reader *) 0x806d780
(gdb) c
Continuing.
Program received signal SIGSEGV, Segmentation fault.
0x0804c2ed in sync_stream (rds=0x41424704, fr=0x41424704, flags=1094862596,
skipped=0x41424704) at common.c:243
243 if(!rds->head_read(rds,&nexthead))
(gdb) p rds
$2 = (struct reader *) 0x41424704
(gdb)
GStreamer - The only way to stream!
I happen to be the author of a work I call my web page. On that page I have some MP3s of me singing a song I wrote called "Put them in your mouth and hum, RIAA bastard". I will be the first to go looking in RIAA and MPAA computers for my material if they make it legal. You should too.
Copyright isn't magic, it means you made something. You can have them too.
Carpe Deez
First, every time we buy a blank CD, DVD, VHS, or even audio cassette tape we are helping them out. There is a tax which we, in the US, pay every time we purchase any of the above. We also pay it every time we buy a radio, TV, or even a computer. So - we lose.
Every time we rent a CD, DVD, VHS, or even game cartridge - we are (again) paying this tax. So we lose there also.
Should we buy a book, a script, magazine, newspaper, or the like we are probably still paying this tax. So we've lost again.
Finally, even if everyone in the US refused to have anything else to do with the RIAA or MPAA they are still powerful enough to have new laws passed. As in "Atlas Shrugged," by Ayn Rand, if they can not take our money legally - then the thing to do is to change the laws so they can take it legally. After all - laws are nothing more than rules by which we play and those who have the money usually get to make the rules.
Sorry if this shocks anyone but the truth is that it is only because we respected each other, had a unified common sense approach to things, a scrupulous populus, and the knowledge that if you did wrong you would be held accountable for it - that we have made it this far. The "Anything goes" way of looking at things, not holding people's feet to the fire for doing something wrong, and (as bad as it might seem) not being willing to put to death those who really are doing terrible things to others (like Enron's execs who have ruined hundreds if not thousands of people's lives) that has caused us to come to this. What these people are doing is, IMHO, treasonous. Look it up. The act of "Treason" is where two or more groups (whether they be people, organizations, corporations, or whatever) attempt to remove the rights of their fellow citizens. According to the texts it is their "intentions" which merit this stamp So ask yourself this - what are their intentions when they attempt to force upon you their yoke of slavery? What are their "intentions" when they try to sneak, like theives, laws into Congress which remove our rights and preserve or expand upon their rights. What are their intentions? Those intentions are to take away your rights.
Now, someone will probably say "You don't go around killing people just because they are trying to get laws passed." That's true. You don't. Normally. But this is different. It is different because they are not trying to get laws passed for the betterment of mankind or to right an injustice. No. They are trying to twist the laws and our country (Heck! The world even!) to their needs. To enslave it. To enshackle it to their beliefs. Just like some religious cults have tried to enslave others to their will. It is an evil thing to do and it will have terrible consequences if it is allowed to endure.
Even if they were only brought up on charges it would shake up the corporate world enough that many things companies are beginning to attempt to do through the rewriting of our laws would be stopped. Companies would think twice about trying to change laws so they benefit only them and remove our rights. Which brings up - why do groups think they can get away with this? The answer is - they have in the past. The difference is the internet. Whereas before there was this huge time lag between when something happened and when we knew about it - now it only takes hours or minutes for word to be sent and a transgression found out. The problem is still though the complancey of many of the people in our country. "Oh! I might get involved." some whine. "I don't have the time." another chats. "It's not my place." a third comments. If you don't stand up and write your congressmen/women then you are already shackled. You already bear their mark. You already curl up at their feet, lick their hands, and eat the crumbs they throw to you.
So as always the question is - what are you going to do about it? Wallow in the filth on the floor or write and demand that these groups stop trying to infringe on your god given rights!
Someone put a black hole in my pocket and now I'm broke.
How could you send a list of files to the RIAA without snort detecting the connection?
a) Make a "request" to a not-obviously-RIAA server ASKING for the files in question.
b) Serve a file containing the filenames and make a "request" as in a) to advertise the existence the file.
c) "Ping" a not-obviously-RIAA host with a packet that contains the advertisement of a file-of-filenames as in B.
d) Store a file-of-filenames on another peer in the network, for RIAA to pick up later.
I could go on...
General form is to
- make what *appears* to be a legitimate request in essentially any protocol likely to be allowed through a firewall
- to a site that is unlikely to be identified with the RIAA.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
When you go into "the firewall MUST allow outbound traffic on that port" I suppose you just didn't read what I wrote thoroughly - since you are "arguing" exactly the point I just made.
Regarding checksumming, you say "I think someone else went down that path." Rubbish. If you, or anyone else, knows a way to evade this kind of checksumming, and not just for one, but for all of these tools at once, then that's news.
What you say, "Perhaps that's where the 95% that is being bandied about comes from - the other 5% have their kit together and are running better monitoring software" - come on! Think it through. It's not just that whoever has personal firewall (or any other monitoring) software wouldn't be affected - it's that they would all notice the attempt to compromise their P2P app - the software will alert them. That would spur an investigation in the community, and real news, etc. etc.
In other words, implicit, prima facie proof that this is a hoax.
Want to Know How to Cheat the GPL? Read On!
...that you are part of a tiny minority...
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
... suggests he has stopped taking the pills...
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
The programmers who work for the RIAA should feel ashamed! They are turning their backs on their own commmunity! ;)
in girum imus nocte et consumimur igni
Somehow it just seems appropriate for slashdot that someone would have no clue how to use basic system tools, but would be well versed in leet speak and lamer colloquialisms. Congratulations, you've made my day.
EOM
Can someone sue these cyber-terrorists yet?
(Need I remind people that what these people are doing carries a life sentence if an individual does it?)
It's been a long time.
There's no way that anything can modify your files if you've gone in and change the permissions, even if you have admin privs (of course, if you do have admin access, you can change the permissions back again)
If you're doing it over a network, there's no chance to change anything, unless microsoft actualy included exploit code in there software, and then never patched the exploit (which I doubt)
autopr0n is like, down and stuff.
Just saw this on cnet. They're calling it a hoax.
- grunby
Point well taken, and thank you for engaging in rational debate rather than flattery or vilification -- the
However, I have to take issue to an extent. Economic power has no direct influence over legislation/legislators who are already elected. But it is virtually (along with lawsuits -- which is why I oppose tort reform unless it happens after election/election-finance reform and tighter controls on the runaway capitalist fraud machine we call the American economy) the only power an individual has over corporations.
Any type of economic opt-out-ism, as you rightly pointed out, is of (possibly very) limited value (possibly not). But combined with public advocacy -- like this, and hopefully someday to a wider audience; corresponding w/ elected officials to try to educate/enlighten them, direct political pressure via support (financial and manpower) of alternate candidates, and any other legal means, it may be the best an individual can do (I hold out some slim hope for organized efforts like GeekPAC but the lack of any public progress reports is frustrating).
Anyway, I'm not at the point of buying a rifle and organizing a militia, and I don't have the money to buy politicians. Nor do I think illegal activity or violence are the answer. So until the hordes (even the Software Engineer hoardes, who are fairly well represented here) decide to join w/ me and constitue an overwhelming economic force to precipitate change, unfortunately ranting in fora like this, writing my representatives, and not buying shit sold by companies trying to dominate me are among my only options.
This is the nail in the coffin, I guess:
http://news.com.com/2100-1023-980649.html
Beware: In C++, your friends can see your privates!
I think "it's" for "it has" is pretty unexceptionable. "It's stopped raining," for example, or "it's been three months since I last bought a CD."
Quote from your first link:
:-)
See the Flask paper for a discussion of why system call interception is fundamentally inadequate.
How you jump from that to your conclusion is beyond me.
Assorted stuff I do sometimes: Lemuria.org
There are some that say "it's" == a contraction of "it is"... "always." There are some that say that "it's" has a possessive quality, such as "it has" (look [m-w.com] it up).
No, there aren't. The "it has" referenced by Merriam-Webster is not possessive, it's a contraction of "it" and the present perfect tense of "to be" (not the third person singular simple present tense of "to have"), usually used in front of a past participle of another verb as in "It's been fun". "it's" *never* indicates possession when used correctly.
These radicals maintain the belief that language is a means of communication, and if the thought is communicated then the language is successful. BTW, IIRC, FWIW, IMHO, (IANAL) these radicals have been reported to use "it's" in a non-sanctioned, perfectly understandable, possessive way.
'N othr radkls no crrect spelng studpi, cuz u cn unnerstnd n-e way.
The fact that you may, at times, be able to communicate effectively in spite of poor grammar and spelling in no way devalues them. The rules of usage exist to facilitate communication and reduce confusion. If you spend a couple of minutes thinking about, I'm sure you can construct a sentence in which replacing "its" with "it's" produces a sensible statement, but with a different meaning.
Don't confuse illiteracy with intelligent and purposeful rulebreaking. The latter often has merit; the former is merely regrettable.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.