Slashdot Mirror
Has the RIAA Wormed 95% of P2P Networks?
DancingSword was one of many to submit links to a strange story about
the RIAA hacking back by sending a worm through the major peer-to-peer networks, supposedly with a 95% infestation rate. Hoax or not?
95% of networks is not 95% of files.
No mention of whether this affectes Windows clients/hosts or not. Any idea?
I wonder, If the RIAA sends a worm through P2P networks and shut's the networks down, can the RIAA representatives be charged with hacking?. Besides, not all files on P2P networks are illegal.
why all my porn has been changed to Hillary Rosen with a strap-on.
Well a worm is a form of a virus, and it is a crime to create one... One would presume that the RIIA would not be stupid enough to try and play a vigilante.
.: Max Romantschuk
The actual exploit was posted on buqtraaq yesterday. You can find it here. That link has the original post from the group explaining what the exploit is, how the RIAA is supposedly involved, and it has the exploit as an attachment. Check it out and decide for yourself if it's a hoax.
This is the original posting.
Reading the posting, it seems unlikely.
SCO, Microsoft, P2P, what's your hot button?
This article may have more info that the one linked in the article.
Cruising the internet on my TI-99/4A @ a whopping 300 baud!
Hey, I found a copy of the worm's code:
;p
:]
RIAA - 0wn3d by....
oooh riaa want's to hack Filesharing Users / Servers ? - better lern to secure your own server...
Sorry Admin - had to deactivate ur accounts - they'll be reactivated after 2 hours
greetz : Rage_X, BRAiNBUG, SyzL0rd, BSJ, PsychoD + all the others who want to stay anonymous
wanna contact ? mailto:h4x0r0815@mail.ru
Oh, wait, that was the RIAA's web page. Never mind!
Where does this leave the RIAA legally? The bill mentioned in the article that would allow the RIAA and other copyright holders to crack computers to prevent piracy is not law yet. Does that mean that this would be regarded as just another worm with the authors being thrown in jail (like the authors of Love Bug and others)?
I've got at least 7 mp3 downloads running right now and none of them appear to be infe($!$%. .AF0ERIAA.`/2#..-
I agree. A healthy dose of scepticism is needed here. First of all, if the RIAA really *did* want to infect the p2p networks with a worm, they would make GOBBLES sign a non disclosure agreement.
Could this be FUD straight from the RIAA to scare people into not running p2p apps? Is it a rumor started by GOBBLES to create a stir against the RIAA, or is it legit?
Who cares? I'm gonna fire up my gnutella client and share open source software until the day that p2p is illegal.
I sincerely doubt that this is true for a number of reasons. First of all, if they were hired to write the software for RIAA, don't you thing secrecy would both, be part of the agreement, and be completely necessary?
In addition, I find it had to believe that all the antivirus companies are sitting on their collective asses, and completely missed an infection that is supposedly on 95% of computers that participate in P2P.
Further, if anyone was to do something such as this, they would most certainly get in serious trouble for, what is essentially a widespread, illegial, interstate, wiretap.
In addition, I'd just like to say that there is no reason to put much faith in Gobles... As Theo said, he's more or less the next ``fluffy bunny". If anyone can be said to have a severe ego problem, it is him...
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
Forget the RIAA bashing, the Gobbles guys know what they do. That said, this is very un-gobbles from what I've seen from them in the past. Not the technology, but the comments in the source, for example. Then again, they're supposedly a large group.
From the little info that is available, I'd give them a 50-50 chance that it's true. That would be interesting.
Assorted stuff I do sometimes: Lemuria.org
...then it's an illegal act, period. Unless the Berman Bill is retroactive to a date prior to this supposed worm launch, it occoured before the bill is ever passed, and is illegal no matter what.
This supposed worm disables functions of a computer. Therefore, it is malicious, as is anything that modifies system performance without the user's knowledge and consent.
If this is true (95% infection rate? Doubt it), then we have one heck of a piece of ammo to use against the RIAA, if indeed they contracted this worm. The Price Fixing settlement, in that case, is just the beginning.
Blog Prophyts - Right On, Man
An exploit of this nature is of dubious legality
Dubious? How is there any doubt? Assuming this passes the farmer test (it's not just bullshit in a bag), how can there be doubts it's illegal. At best, it's invasion of privacy. At worst, it's cyber terrorism as defined by the Patriot Act.
The existance of a P2P client doesn't a criminal make, especially since the example given in the article by the l33t hacker is a perfectly legal file: the public MP3s (written to celebrate each OpenBSD release).
It's junk, like the quad-browser yesterday.
The biggest thing to fear is that the RIAA will use this to make up more numbers.
Never confuse volume with power.
Currently, systrace is available for OpenBSD and NetBSD, but work is going on to make it available for Linux as well.
So, any program you have that opens untrusted content (xmms, mplayer, mozilla, etc) can be run with systrace, and you can selectively enable certain types of activity all the time... disallow certain activities allways, and be prompted for selective approval or denial of everything else.
Even though I believe this to be a hoax, it's certainly true that it could be done, and something like systrace is needed to guarantee a bug in a program you run can't be used to take over your system.
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
This is amusing, actually. Tell me again how one puts a "virus-worm hybrid" into a non-executable file and have it infect mp3 players on multiple platforms? Oh, and do it so that none of the millions of people listening to MP3s notice? While maintaining compatibility with things like handheld players? Oh, and let's not forget the linux people running programs like Integrit, which would let them know if something had modified their mpg123.
Please, I can't even believe this got posted.
End of lesson. You may press the button.
Assuming that the RIAA has created a p2p worm wouldn't it be the height of stupidity to announce it's existence? On the one hand they can generate some fear among p2p users and get a slight decrease in trading. On the other hand, if it really exists it is going to be found in very short order. If it's found by the wrong people (to them) then this is going to backfire in very short order. Once the details are known, I don't imagine it would be very hard to inject loads of spurious info into their violator database.
The SecurityFocus posting has lots of bragging about how network security tools won't find their exploit. I beg to differ. They aren't going to dodge tcpdump running on a machine that is a gateway for an infected machine. The way gnutella is supposed to work is known. To a trained eye, their "cleverly crafted" network requests are going to stick out like a sore thumb. In any case, just knowing a thing exists greatly simplifies finding it. We'll know in short order if they're hoaxing or not.
So, has anyone downloaded the source example from bugtraq, compiled it, and seen what happens?
Praying for the end of your wide-awake nightmare.
Only 10% of the computers were really infected. But they were FAST computers, so they count as 95%.
I think it's interesting, and I'm glad it was posted, although my first reaction was the same as everyone else, BOLLOCKS! But as lots of other people, including the mighty Register have pointed out, Gobbles has a good record for making apparently silly claims, letting people scoff, then proving them wrong. I think the real story is "Gobbles makes outraegous claim, what the hell is he up to?"
Speculation: Theoretically, I guess it's possible that there's an overflow in a library widely used in mp3 players. Remember the SMTP vulnerabilities last year, or the zip library hole that affected everyone from RedHat to Microsoft? Heh, that's the trouble with those pesky BSD licensed libs ;) Suppose Gobbles did find a zero-day hole. Remember that 95% of p2p users are going to be Windows users, so they're probably all using the same OS libs in their clients - for network access, say, if not for mp3 playback. Bear in mind that this worm would be pretty silent - it wouldn't be throwing rude messages up on the screen, it'd be sneaking around and trying to hide itself... Suppose it was only released in the wild a week ago. Perhaps it used the Kazaa auto-updating features to distribute itself over the network . Hmmm, this is actually starting to sound feasible. Now, obviously if the RIAA hav done this, then they're in deep, deep trouble: even the copyright mafia and Bush junta would have a problem trying to make out that this is anything but deeply criminal action. Posit: Gobbles, or another ethically challenged researcher, decides to try to discredit the RIAA... what better way to do it? Can you imagine the 9o'clock TV news headlines if there turns out to be a whiff of fire behind the smoke?
"None are more hopelessly enslaved than those who falsely believe they are free." -- Goethe
Wait a minute...
THAT'S NO STRAP-ON !
My beliefs do not require that you agree with them.
Ya know what pisses me off? If this is true, then users like myself have been illegitamately hit.
I have a copy of Metallica's Kill Em All on tape. My tape is pretty worn out. So I hit the Fastrack network to download the songs. Now under Canadian law, this is perfectly legal as I own an original copy of the album.
But now my PC is infected by a worm/trojan because a cartel ^H^H^H^H^H some 'company' believes that everyone who downloads MP3s are doing so illegally. Nice when a company thinks that everyone is a criminal. Congress really needs to wake up and start protecting the people again, and not mega corporations. And other countries need to shove back when the US tries to push it's own laws onto them.
It's better to burn out than to fade away
To anyone who's read their advisories in the past this comes as no surprise. Gobbles's sole motivator here is to draw attention. From their security advisories that sound as if they're written by a third grader, to their advisories posted in comic form on their highly deceptive website www.bugtraq.org I've seen little from them that demands respect.
Besides, if they were working with RIAA, wouldn't the RIAA also have paid them a few bucks to secure their site? If they have, wow, bang up job so far.
scott
Gobbles is very tongue-in-cheek. Their posts, while they contain actual, working exploits, are meant to be funny. They deride or praise the list moderator, poke fun at script kiddies (shout outz duudz), and are generally pretty damn funny.
This is no different.
force the makers of MP3 players to recheck their source code to ensure that such holes DON'T exist, this would be a way to do it. Publish an exploit, link it to all major players, invoke the RIAA demon, and watch the coders scramble. Right now:
- Coders are, I'm sure, crawling through their code to look for and fix any security holes,
- Users are running firewalls and packet analyzers to check for any worm-like behavior,
- Some P2P users are taking a second look at checksums.
If such vunerabilities exist, I'm sure they won't for much longer. If the Berman bill ever becomes law, there won't be much to hack.
The scary thing behind what was posted to Bugtraq is that it explicitly states that all digital media on the system is cataloged, and the list is sent to the RIAA. This assumes all digital media on a system is an illegal copy.
Yes, it does. And it shows what criminal, despicable, disgusting excuses for human beings work for, or with, the RIAA.
Sure, if the worm comes into your system over a P2P network, there's a good chance that at least *some* of your mp3s are pirated, but there's no way to differentiate pirated mp3s and those you ripped/encoded from your own CD collection.
All of my mp3 and ogg files are ripped from my own rather large, but no longer growing CD and Vinyl collection (because now I do not buy CDs, ever, nor will I, ever again). All of my avi's are recorded from my own television, my own animations, or my own media, and are not traded, ever. Indeed, none of my stuff is traded, ever.
However, I did install gtk-gnutella in order to download the hiliarious fan fiction Star Trek episode "Savage Empire", because the web site distributing the files had been slashdoted. A perfectly legal download, for which, if this story is true, these unlawful thugs have infected my machine.
I have enough money, and the will, to persue a very harsh lawsuit against these fucks if this story has any veracity, and if I am infected, and I will not hesitate to do so.
"In Corporate Fascist America You and Your Data Belong to the Copyright and Media Cartels. Bend Over and Enjoy the Ride, Consumer."
The Future of Human Evolution: Autonomy
Well, bad sentence construction usually indicates an American. Apparently, the US public education system is merely designed to instill a yearning for low quality cars, fast food and WWE into it's students - spelling, grammar, mathematics and any kind of art or culture seems to be off the menu
Hm. Interesting.
By the way, where are you from, son? If I was to judge you from your post, as you have seen fit to judge others, I'd say, hmmmmm, let's see... Arrogant... Cowardly... ridiculously placing foot in mouth by mis-using it's while criticizing another nation's school system...
France?
Where to begin.... I'll only deconstruct the SecurityFocus message.
First, the fact that these programs have exploits is no surprise, but one media clip (probably MPEG (maybe MP3)), since while Windows Media Player and WinAMP offer universal playback, do ALL of them? Could one file even hit exploits in all these programs?
Second, since each is likely to have a different vulnerability, the amount of worm data in a file would be a decent chunk. Wouldn't it be noticed?
Third, an NDA would state that there can be no mention of it until it is ACTIVATED and USED. Now, Ad-aware-style programs will pop up to clean it if it exists.
Fourth, how many files would this have to be to get 95% of P2P users? The only way it could is by infecting every file you share, but SOMEBODY would have to notice that, whether the file size changes or some A/V data is thrown out.
Also, the idea of "specially formatted P2P requests" to inform RIAA is laughable. Even if the P2P software itself were compromised, a firewall user could notice it. Furthermore, consider the average media collection - hundreds of MP3s. Considering it would have to send artist name and song name, the amount of data would be well over 1MB unless compressed, and even then on dialup users it would have to be staggered.
Also, what kind of backend would this take? Multiple servers, a huge internet connection. Considering how big the P2P networks are, wouldn't this have to be a massive monitoring system? There aren't that many locations with these resources INSTALLED, so finding the facility would not be hard.
And why mention you have a IDENTICAL worm that you use to build a DDOS NET? Simple. Get those who don't care about privacy too much kicked up about that.
Finally, this sounds very strangely like RIAA-induced hypnosis - here are a few lines which show that they probably are lying and not even working with RIAA, just agree with RIAA's ideas.
"victim" (not the hard-working artists who p2p technology rapes, and the RIAA protects)
4) Don't fuck with the RIAA again, scriptkids.
Until we became RIAA contracters, the best they could do was to passively monitor traffic. Our contributions to the RIAA have given them the power to actively control the majority of hosts using these networks.
There are some spelling mistakes. There are factual holes that they cover with the claim of an NDA. In short, the probability of a hoax is about 98%.
I don't pretend to know much about the gory details of how it works, but P2P has never struck me as the best way ever invented to ensure the integrity of your system.
Last week a client asked to bring his PC into the cybercafe to download some files using eDonkey. After a couple of days, my observations were that
So I told him to take his eDonkey elsewhere... is there any way to know what you are really connected to with this sort of system?
Virtually serving coffee
Come on, this is about as realistic as the computer jargon you hear on TV.
"My Subnetwork ping redistributer is down! I need to reboot my LAN before the virus infects my ethernet cable and gets everywhere!!!"
And yet I see people saying "this is probably not true" or "this may be a hoax", or "if they're doing this it should be illegal!". Come on. For Christ's Sake, this is totally idiotic and anyone with an iota of computer knowledge should immediately dismiss it.
I don't care if Linus Torvalds himself came out and said he'd done it, I'd laugh and point.
I download many mp3s via p2p, easily putting me in the 95%, I ahve zone alarm running on my P2P, and have never had any hits attempting to go outbound, with the latest versions of zone alarm, they can't merely mimic application names to get through, wouldn't this BS be provable by someone out there monitoring outbound network traffic....I'm calling HS hoax
I have great faith in fools; My friends call it self-confidence. Edgar Allan Poe 1809-1845
40% of this probably counts all the copies of Brittney Spears and Backstreet Boys songs squirming across P2P, often masquerading as different files. Personally, I'd rather take a real virus than these - an Antivirus can find trojans but none of them seem to have a feature to detect boy/girl-band of the moment type audio files.
This is not surprising, since it's clear that Gobbles does not like Theo, but it is significant if it is true.
Gobbles?
Jesus, then it's probably not real.. anyone remember his "security alert" about awhttpd? Basically, the "vulnerability" he described was Lynx retrieving the file from his local filesystem via a file:// URL-type.
A reply, showing just what an idiot this "Gobbles" is is here
If they have the same people securing their web servers as "infesting" peer to peer networks I don't think we have much to worry about.
j pg j pg
Please view some screen shots from the last 96 hours.
http://iworktoomuch.com/images/riaa.com-download.
http://iworktoomuch.com/images/riaa.org.jpg
http://iworktoomuch.com/images/riaa_tooled_again.
the world portrayed in this statement is not the world as it is now. it is the world that will be some day if entertainment companies don't figure out a way to give the customer a better reason to buy their products. legislation will not make consumers want to buy content they don't think is worth money. people buy DVDs and video games more and more all of the time. unlike VHS, DVD has extra features. something extra was given to the buyer to make it worth the higher purchase cost and increased copy protection. the video game industry continues to flourish because it continually strives to make new, different products (at least visually) and it has kept up with copy protection over time. there is some degree of copyright control, but the consumer has also been taken into consideration.
the RIAA and the MPAA dropped the ball and now want someone else to clean up their messes. let them clean it up. don't allow any industry to become vigilantes protecting its own interests. banks are not allowed to hunt down suspects in robberies. it would be a terrible precedent to set.
these "free" copies being distributed on the internet are lower quality than the originals they come from. if the free stuff bothers the industry, the industry should give consumers a reason to buy original copies other than, "we want you to." put DRM all over it. require new players, whatever. but make sure the consumer has incentive to accept all of that. do not bite the hand that feeds you. the industry feels cheated. if consumers didn't feel cheated by what they are offered, they wouldn't go looking elsewhere for free alternatives. if the content were compelling, people would pay for it.
you probably shouldn't have read this.
Is exactly what I will do if legislation like Berman's and all of the other stupid, dinosaur-Entertainment-cartel-protection-racket legislation passes.
As a professional in the IT industry and as an American citizen (NOT CONSUMER!), I care so much more about the usurpation of the American political process by and transfer of control over my rights regarding my personal property to big (mostly global) corporations than I do about what you mischaracterize as "piracy" -- piracy is commercial activity, passing out tapes for free on the streetcorner is not, and may even be protected under the Audio Home Recording act -- THAT I SIMPLY WON'T SPEND ANY MONEY ON ENTERTAINMENT AGAIN!
Read this, Rep. Goodlatte -- if that is really who you are -- over the past 5 years my income has been significantly higher than the national mean, due to my profession. I have spent an enormous amount of money on entertainment, computers and consumer electronics.
But with each step further into my home that the Entertainment industry attempts to exert power, my consumption has dropped and will continue to.
I do not, AND WILL NEVER own a DVD player thanks to CSS, region coding and other corporate attempts to control my private behavior.
I do not, AND NEVER WILL own an HDTV thanks to the broadcast flag and rules and legislation being proposed which seem to be designed to make things like the Linux computer which so empowered me (by, for instance, providing me with a learning platform which I used to leverage myself into this income bracket in the first place) illegal.
When ALL TV broadcasts are digital and protected, I won't be watching TV, and I'll just be one high-income but UNREACHABLE to advertisers "permanently potential consumer" thanks to you. Ask GM, Proctor and Gamble, and Pepsico how they feel about that. I will also be unable to view your campaign ads or those of like-minded fools who run for office in my district.
When ALL movies are only rentable on DVD (about 50% are only on DVD at my local Blockbuster now), I'll stop renting movies, AND MPAA MEMBER COMPANIES will stop receiving that much more of my large income -- as a frame of reference, I currently rent about 3 movies a week. By then, maybe even my wife will be so incensed that I'll be able to convince her of what I've been unsuccesful at convincing her in the past -- that we should stop going to movies alltogether.
If it gets to the point where music is only available on media or devices that are likewise crippled, I'll DISCONTINUE ALL MUSIC PURCHASES. I've already greatly curtailed my previously prodigious music buying behavior due to my outrage at this whole DRM regime bullshit.
And you know what? That's all fine by me. I own a guitar and a computer that can record music; I'll make my own music, and probably even give it away -- PROBABLY BECOMING ONE OF JUST MANY PROVIDING COMPLETELY FREE COMPETING PRODUCT for "consumers" to choose over that of your corporate pimps.
I have friends who own conventional and digital flim equipment.
I have a computer with which to compose and disseminate my views.
Unless you plan on making all means for individual citizens to produce their own entertainment and their own news media, you'll eventually fulfill the exact opposite goal of all this legislation; you'll help impoverish the very companies you're trying to protect. Let's see if they continue to fund your campaigns then!
Our forefathers died for (and grandfathers fought world wars for) freedom, NOT FOR DISNEY!
But I guess you can't tell the difference.
First, every time we buy a blank CD, DVD, VHS, or even audio cassette tape we are helping them out. There is a tax which we, in the US, pay every time we purchase any of the above. We also pay it every time we buy a radio, TV, or even a computer. So - we lose.
Every time we rent a CD, DVD, VHS, or even game cartridge - we are (again) paying this tax. So we lose there also.
Should we buy a book, a script, magazine, newspaper, or the like we are probably still paying this tax. So we've lost again.
Finally, even if everyone in the US refused to have anything else to do with the RIAA or MPAA they are still powerful enough to have new laws passed. As in "Atlas Shrugged," by Ayn Rand, if they can not take our money legally - then the thing to do is to change the laws so they can take it legally. After all - laws are nothing more than rules by which we play and those who have the money usually get to make the rules.
Sorry if this shocks anyone but the truth is that it is only because we respected each other, had a unified common sense approach to things, a scrupulous populus, and the knowledge that if you did wrong you would be held accountable for it - that we have made it this far. The "Anything goes" way of looking at things, not holding people's feet to the fire for doing something wrong, and (as bad as it might seem) not being willing to put to death those who really are doing terrible things to others (like Enron's execs who have ruined hundreds if not thousands of people's lives) that has caused us to come to this. What these people are doing is, IMHO, treasonous. Look it up. The act of "Treason" is where two or more groups (whether they be people, organizations, corporations, or whatever) attempt to remove the rights of their fellow citizens. According to the texts it is their "intentions" which merit this stamp So ask yourself this - what are their intentions when they attempt to force upon you their yoke of slavery? What are their "intentions" when they try to sneak, like theives, laws into Congress which remove our rights and preserve or expand upon their rights. What are their intentions? Those intentions are to take away your rights.
Now, someone will probably say "You don't go around killing people just because they are trying to get laws passed." That's true. You don't. Normally. But this is different. It is different because they are not trying to get laws passed for the betterment of mankind or to right an injustice. No. They are trying to twist the laws and our country (Heck! The world even!) to their needs. To enslave it. To enshackle it to their beliefs. Just like some religious cults have tried to enslave others to their will. It is an evil thing to do and it will have terrible consequences if it is allowed to endure.
Even if they were only brought up on charges it would shake up the corporate world enough that many things companies are beginning to attempt to do through the rewriting of our laws would be stopped. Companies would think twice about trying to change laws so they benefit only them and remove our rights. Which brings up - why do groups think they can get away with this? The answer is - they have in the past. The difference is the internet. Whereas before there was this huge time lag between when something happened and when we knew about it - now it only takes hours or minutes for word to be sent and a transgression found out. The problem is still though the complancey of many of the people in our country. "Oh! I might get involved." some whine. "I don't have the time." another chats. "It's not my place." a third comments. If you don't stand up and write your congressmen/women then you are already shackled. You already bear their mark. You already curl up at their feet, lick their hands, and eat the crumbs they throw to you.
So as always the question is - what are you going to do about it? Wallow in the filth on the floor or write and demand that these groups stop trying to infringe on your god given rights!
Someone put a black hole in my pocket and now I'm broke.