IFPI Employee Describes P2P Sabotage Activities

Maxwell'sSilverLART writes "From The Reg: Matt Warne, an employee of the international version of the RIAA, admitted that he helped the organization spread garbage and random noise on the P2P networks. Apparently, they used multiple DSL connections to present the appearance of separate users, disguising the origins of the files. His group has stopped, but he claims several of the big record companies are still doing it themselves. And here I thought all of their garbage came on CD."

Just block 'em at the firewall.

Here is a list of P2P Unfriendly IP's you can block.

OverPeer:65.174.255.255
OverPeer:65.160.0.0-65. 160.127.255
Ranger:216.122.0.0-216.122.255.255
R anger:204.92.244.0-204.92.244.255
MediaForce:65.1 92.0.0-65.192.0.255
MediaForce:65.223.0.0-65.223. 255.255
MediaForce:4.43.96.0-4.43.96.255
MediaDe fender:66.79.0.0-66.79.255.255
RIAA:208.225.90.0- 208.225.90.255
RIAA:12.150.191.0-12.150.191.255
MPAA:63.199.57.96-63.199.57.128
MPAA:64.166.187.1 28-64.166.187.192
MPAA:198.70.114.0-198.70.114.25 5
MPAA:209.67.0.0-209.67.255.255
NetPD:207.155.1 28.0-207.155.255.255
NetPD:128.241.0.0-128.241.25 5.255
UnknownC&DCop:64.106.170.128-64.106.170.192
BayTSP:209.204.128.0-209.204.191.255
Vidius:207 .155.128.0-207.155.255.255
GAIN(spyware):64.94.89 .0-64.94.89.255
GAINCME(spyware):66.35.247.0-66.3 5.247.255
GAINCME(spyware):66.35.229.0-66.35.229. 255
MediaDefender:64.225.292.0-64.225.292.127
RI AA:208.192.0.0-208.192.255.255
Xupiter.com:63.236 .32.50
Xupiter.com(mirror):63.208.235.30

I get dozens of hits to each IPchains rule everyday when I am using P2P.

Re:Just block 'em at the firewall.

[Uninvited+Guest]

Where did this list come from? How can I verify its legitimacy? Even more important: how can I discover new addresses which should be blocked?

Re:Just block 'em at the firewall.

I got the list from http://www.shareaza.com 's security forums. Shareaza is a modern Gnutella client with integrated security features. I do not personally use the built in firewalling stuff though. I wrote Iptables rules to block them all. If you would like to verify the authenticity you can just use a tool like Sam Spade for your windows box. Although you will have to be warned that several of the above listed IP's are listed as belonging to some holding compay or another. I would not know where to begin in writing a tool to automate this, but if you have the skills than by all means please do so:) In the mean time you can just read shareaza's forum.

Yeah

[GigsVT]

I've come across some of this stuff, mostly I got mp3s that were the right length, but just silence rather than what the file was named.

They find their way into my playlist if I am not careful, and when I am using it for background music while intensively coding I usually don't notice when one comes up, but it scares the shit out of me if a really loud song comes on after it. :)

Re:Yeah

[jc42]

mostly I got mp3s that were the right length, but just silence

They'd better be careful with this. Remember that last year John Batt got into trouble for including a silent track on his CD. John Cage's estate charged him with copyright infringement.

If a recording company is responding to copyright violations by sending around unauthorized copies (or derived works) of John Cage's copyright on his famous 4'33" composition, they deserve to be punished to the maximum extent of the law.

--

The basterds!

[Chocolate+Teapot]

Matt Warne, an employee of the international version of the RIAA, admitted that he helped the organization spread garbage and random noise on the P2P networks

He shared his Brittney Spears mp3s.

Nothing wrong with it

[aridhol]

Why should the music industry be prohibited from putting junk on the network? If the user gets frustrated enough when trying to download music illegally (and yes, copyright infringement is illegal), maybe they'll actually spend money to buy music.

Why is there no great uproar when a private user puts misnamed files on the network? Or when software goes online? Why do we save our complaints for when the legal owners do something against the spirit of the system, rather than when someone else does something against the law?

Re:Nothing wrong with it

[thelexx]

"Why do we save our complaints for when the legal owners do something against the spirit of the system, rather than when someone else does something against the law?"

Simple. In all cases of them being deceptive, it's just that, pure deception. With the assumption of guilt on the part of everyone who might download. Not all cases of downloads are illegal however.

I don't see anything wrong with this.

[thinkliberty]

I don't see anything wrong with this. If it makes it harder to pirate the music and it isn't a DOS against the network or another person. So what? If the copyright owners want distribute blank songs or garbage songs on p2p networks. Let them do it. It would also be interesting to find out if they paid the artist for using their name on a product they are distributing.

They have a right, in a way

[image]

Look, as much as I resent the RIAA, I have to say that they have a total right to fill up P2P networks with bogus files that look like copyrighted material.

What, you are not able to pirate a copy of some new album? Poor baby. Pay for it. You _really_ are ripping off the artist if you steal it. Yes, you are also ripping of the RIAA (which I don't care about). But don't complain that your organized theft ring is being hampered by the rightful owners of that property.

I despise the RIAA and how it treats their artists. But for the love of all that is right, don't *steal* in reaction. That is certainly not going to make the artists lives better.

Buy from alternative record labels. Go see your friends bands live. Write your own music. Read a book. Play with your computer. Make out with your girlfriend. Or, if you really want that album, pay for it. Or don't and boycott the bad labels. *That* choice is yours.

Re:They have a right, in a way

[brain159]

Have we FORGOTTEN all the perceived angst and trauma about usage-prevented audio CDs (sharpie marker deprotection, all that)??

If I buy a CD and find I'm totally unable to rip it, I can and will go searching for the tracks on p2p. If/when every "CD" that comes out (including from the smaller dance music labels I like) is similarly mangled, a few people will manage to rip it (carefully via analogue, or whatever) and the music will still proliferate over p2p.

If, in order to get the music I've paid for into a format I regard as usable (mp3s or oggs) I have to go get them off p2p networks then I've gained no *actual* value from the purchase of the "CD".

Metallica is in on this too...

[Tofino]

Everything Metallica has released since Master of Puppets has been garbage :).

EULA?

[Tar-Palantir]

I haven't read any P2P app EULAs, but I wonder if some of them might try including a clause that "You agree by using this Software that You will not attempt to degrade the effectiveness of the Network in any manner, including intentional distribution of flawed or nonsense files."

Now, IANAL, but it seems like the outcome of such an action would be positive for the geek community:

• The RIAA might simply stop.
• They might sue, and have EULAs ruled not binding (this would be negative in the sense that they could continue the monkey business, but good overall).
• The P2P companies might take them to court and win. Wouldn't that be nice?
• 
  
  Anybody see why this wouldn't work (unless some clients failed to put the clause in)?

Funny and true story

[Amsterdam+Vallon]

I actually e-mailed Richard Stallman a couple years ago when I realized a great way to spread the GNU message.

My question was whether disguising pro-GNU songs (such as these) as Billboard Top 40 hits and sharing them on Peer 2 Peer networks was a "right" thing to do.

He suggested that I not do it, but did thank me for a good laugh.

This reminds me..

[Maeryk]

I have been running Limewire, and has anyone else noticed that no matter WHAT you put in the search box, you nearly immediately get three hits back with exactly that title and an appropriate extension? One is a broken move file that just locks your player, and two others are pr0n teasers.. but that must be a large server with a fast pipe... because it consistant, and it is FAST.

Has anyone run into this with any of the other P2P clients, or is it just limewire specific?

(I would think that would be a better way to tie up the services anyway.. just have a remote server that responds to incoming searches with a couple of crap files. Get enough of them doing it, and the S/N ratio will get so screwed people will stop using it.)

Maeryk

Re:This reminds me..

[theLOUDroom]

I use limewire and I've noticed the same thing. Here's what I do about it:

1. Start Limewire and let it get connected.
2. Search one something weird like "frobittzly."
3. Open up the settings and add any computer that replies to my list of blocked ips.
4. Repeat the two steps above until I get no search results for things which shouldn't exist.
5. Use Limewire as usual.

It's a waste of time in the end

[stratjakt]

P2P networks are already chock full of bad 'rips' full of pops and skips, or poorly/wrongly encoded (like 56k mono), misnamed songs, and so on.

Eventually the people who get 'into' it figure out who enjoys the same sort of music they do, and who tends to have quality mp3s on their sites. So the metalheads migrate together, and the hip hop fans, etc.

If they stray outside their 'clique' and get a garbage tune or two, they delete them and move on.

They also 'poison' newer, profitable releases, and I've found that a huge chunk of the P2P'ers are there for older or more obscure music. The fact that there's a garbage version of Britney Spears' latest floating around doesn't bother a Deadhead or someone looking for underground punk tunes in the least.

So, I suppose it could discourage a handful of 13 year old newbies if by luck they manage to get the garbage files the first time they try it. But it won't 'kill' the networks.

Who's complaining?

[Sloppy]

Why should the music industry be prohibited from putting junk on the network?

No reason they should be prohibited, and I haven't seen a single poster suggest that they should be. This is news (sort of) because it's moderately interesting, not because it's some horrible atrocity.

be careful what you say about the riaa here

[circletimessquare]

be careful what you say about the riaa in your posts, or they'll use the same tactic here, on slashdot, and post random garbage comments to drown out the anti-riaa noise...

wait... garbage posts on slashdot!? it's already begun! how much are those trolls getting paid?!

A quote from a Honest Artist

[esorense]

This might be a little offtopic but I thought it was interesting. I attended a Spoken Word Event by Henry Rollins. He discussed his views on P2P and downloading music off the net. His basic view was go ahead download my stuff. "I would rather have your time than your money," he said. Amen. I liked it so much I added it as my sig, sorry about the repetition.

Re:copyright infringement is illegal

[aridhol]

Hmm...I just looked at the definition of civil disobedience:

[R]efusal to obey governmental demands or commands

OK, so you're refusing to obey the law (meaning that yes, you admit that it's illegal but you don't think it should be).

[...]

means of forcing concessions from the government

Here's where I don't beleive that you're practicing civil disobedience. See, you're breaking the law from the privacy of your own home. This means that the government doesn't see that you're doing it, so you're not making much of a statement. You're not going to acheive anything doing it this way, and you know it. This makes it not civil disobedience, but regular lawbreaking.

If you really feel that it's civil disobedience, get a bunch of people together, set up a network in a public place (rented hall, maybe), and download there. Make sure the media is there, and hand out pamphlets telling what you're doing. Get your message out there. Face the risks of being arrested.

Until you do something like this, I say you are not practicing civil disobedience, but plain old lawbreaking.

Advertising.

[Moderation+abuser]

They should use p2p like a radio broadcast, put low bitrate encoded versions up for free, advertise sites where the high quality encodings can be purchased for $0.50.

The Cost of "Disinformation"

[davejenkins]

Disinformation, the act of spreading rumors, false orders, and couterfeit money is as old as warfare itself. Usually, the production cost' of disinformation is much less than the 'production cost' of truth. It's easy to spread a rumor about ambushed soldiers, whereas actually ambushing someone is pricey. Fake Confederate dollars were much easier to print than real ones, etc. Al Qaeda knows this, and it's rumor mill is going full steam.

Now to the immediate fight: the RIAA and record labels have decided to invest time and money into producing counterfeits and disinformation. The problem is that the very structure of P2P networks makes this overtly pricey:
1. The RIAA must proactively produce 'bad' Britney Spears
2. Some dope must download this 'bad' track-- but once they find it's bad, they delete it. The track never gets past that first copy.

Whereas 'legitimate' tracks get copied and passed around by everyone, because the legitimate tracks are keepers, and they expand virally.

Eventually, the RIAA will come under such heavy costs to maintain their disinformation campaign, that it would be cheaper to start using the P2P system to their advantage (theoretically)

Packrat P2P users do save garbage.

[ChaosDiscord]

However, more recent evidence suggests that the technique is being used by major labels in-house, instead, and the sheer quantity of junk files found on the peer to peer networks today - purportedly residing on individual's PCs - points to continuing "poisoning". Why? Because users abort a junk download, or quickly delete a file. The alternative explanation for the persistence of this noise material is that users are extremely inattentive, and that's difficult to believe.

The Register dropped the ball on this. There is a non-trivial number of peer-to-peer users who just download things because they can. Much like the core of packrat warez traders they're not so much interested in the specifics as trying to have the largest collection. (And when you get warez from one of these packrats, you'll often get software that's seriously broken.) They're not really going to listen to the two months of continious music they have, just a small subset. Clearly they're rather have real songs, but they never bother to check. It only takes a few of these people to create the impression that the network is full of garbage.

Yawn... MD5 Checksums

[Rayonic]

I guess that the RIAA's anti-piracy measures are getting so bad that they're circumvented well before they're implemented.

There are already networks out there that incorporate MD5 checksums in order to avoid bad files (example, example). Couple that with a simple checksum repository (example, example). Or maybe even a search engine (example), and you never have to download another bad file again.

Re:Fighting Fire With Fire

[PinkFloyd]

"File sharing is illegal - you are paying nothing for something."

No, file sharing is _NOT_ illegal. Copying and distributed copyrighted works is illegal. There's a world of difference between the two.

It's not that simple, buddy

[Cokelee]

If you really feel that it's civil disobedience, get a bunch of people together, set up a network in a public place (rented hall, maybe), and download there. Make sure the media is there, and hand out pamphlets telling what you're doing. Get your message out there. Face the risks of being arrested.

Hmmm, not quite. When it comes to those who care more people use P2P than don't.

See this is the internet and everything is distributed (not the hippie generation where your approach might actually work). Millions upon millions of people disobeying the law is infinitely more formidable than getting a couple hundred to take a fall for millions.

You see, if the civil disobedience came only from a few people in this situation they would be squashed and become an example, not a martyr for the cause.

By effectively eluding the government and **AA people are out rightly defying the law in masses. Meaning, if the government does not change its policies it will be forced to imprison its population. Because this cannot occur and have the government still exist, the masses will win over the few.

It's only a matter of time and determination.

I love(d) Norah Jones' Music...

[Newer+Guy]

So I went out and bought her CD, but found out that I can't play in to my computer (which IS my CD player by the way). "No problem": I thought to myself. Since I already own the CD (that I can't play), I'll go onto Kazaa and download the tracks. BIG PROBLEM, as every one of them has been altered with a 'swishing' tone every 30 seconds or so. In disgust, I returned the CD. If Norah doesn't want me as a fan, she can go fuck herself. Actually, I wonder if Norah (even) knows and appreciates how hard her label works at derailing her career?