Slashdot Mirror
Mission: Infiltrate the P2P Network
prostoalex writes "Wired News unveils the secrecy behind Overpeer, the company whose mission is to infiltrate peer-to-peer networks with low-quality audio and video files, or corrupted chunks of data which carry the same name and have the same size as originals. Apparently OverPeer even managed to procure a USPTO patent on (a) producing an advertising digital music file by deteriorating or damaging a sound quality of an original music file of a record of a cooperating record corporation; and (b) distributing the advertising digital music file through the communication network."
or corrupted chunks of data which carry the same name and have the same size as originals.
Isn't there some magical algorithm that produces an unique checksum number for a file, and if it were missing chunks wouldn't that reflect in that magical number? Don't most P2P networks use this magical MD5 checksum algorithm to ensure files aren't screwed up?
Gee, you would think the patent office would realize they just awarded a patent to the same guy that sells server pixie dust.
I know some P2P networks just match file size and name, but I'm pretty sure most of the good P2P networks check a file's MD5 to see if it is the same as another. If the MD5 matches, it's probably the same file, despite having a wildly different name.
Unless Overseer or whatever found a reverse algorithm for MD5, I doubt very much that they could degrade the qualify of a music file in such a way that the MD5 doesn't change.
From the article:
2) Collect illegally produced digital music file.
3) Edit illegally produced digital music file (damage sound quality).
4) Distribute digital music file on network.
All of these are illegal under the DMCA.
Oh, I get it, it's ok to break the exact same laws you're trying to get the general public to stop breaking. I know, lets run around and rob the thieves and rape the rapists, that'll get them to stop too. Why didn't we think of it before?
<sigh>
Damien
What the are doing is essentially sabotage, and shooting themselves in the foot besides. Those persons who delivered us anartistic offal on CDs have merely found a way to do the same over P2P networks. The reason the recording industry is doing so poorly has nothing to do with the P2P red herring, but rather, is entirely due to a dismal lack of quality.
Fast machines, powerfull AI, impulsive invention,... All I lack is a good espresso machine!
Tit. Tat.
I might not like it, but this response seems pretty logical to me. The Industry has declared war on P2P as the source of their dwindling profits. (I'm not going to argue the validity, that's irrelevant.) Of course they're going to try to sabotage these networks any way they can.
This puts the ball back in the court of the P2Pers. So what's the next step? Seems to me it won't take long for someone to come up with either a moderation system or IP blocking scheme that will force the Industry into a different line of attack.
When are these people going to learn that if they spend 6 months developing a technology to "protect" their copyrighted info, it will take 6 days (if that) for someone to defeat it?
Dime to donuts someone has a way to beat these bogus files within the week...
-mh
People will just delete the junk and keep the good copies (think about spam).
The good copies get moved to the "good stuff" directory (available for download) and the bad stuff goes to
"On some level they understand that P2P users are also potential customers -- record buyers, video renters or gamers -- and don't want to alienate them"
Well if you want my business, then maybe you should give me a sample of what you have to offer, and not just waste my time in the first place. But then again, If I can buy a complete movie on DVD for even as low as $5 on sale, or $20 not on sale, why would I want to pay $18 for a CD with maybe 15 tracks if I'm lucky.
Either way, these businesses need to figure out how to attract my attention, rather than ram their practices which are tried and proven to be not working, down my throat. Can't open my wallet that way!
Mine means my own, but how can this be if I owe for it?
They're getting PERMISSION from the copyright holders to do this. They're not collecting anything. Record companies will say "Hey, you have full right to distribute fake Metallica files" and you know what? It'll be LEGAL. Turn! Brain! On!
It's the age old Pissing in the well trick.. if you poison the source then people wont use it.
Unfortunately there are at least 90-100 more talented programmers and solution finders to every employee they have out there that will find a way to detect or reject their junk. This company has nothing of value to sell to any interested party, just like macrovision is 100% worthless (both 1 and 2 are easily removed without effort and only $5.00 worth of electronic parts, or a simple $10.00 box that can be purchased most anywhere called a "video stabilizer")
Let them do their worst, let the companies waste their money on this snake-oil salesmen. i dont care, it will never affect me, and by the time the first 2-3 of their supposed files get in the wild there will be patches to kazaa-lite , open nap servers, and gnutella clients that simply will not list these files.
Do not look at laser with remaining good eye.
all this discussion of checksums and the like is totally irrelevant. quite ignoring the fact that its the host that supplies the checksum (if its too be of any use in selecting potential downloads), its very unlikely that any two renditions of the same audio file would be identical. CD-based digital audio is not a bit-for-bit perfect transfer medium (hence error correcting h/w and s/w in the drives). Rip a CD on two different drives and the chances that some bits will be different in the resulting files are really pretty good.
Checksumming only works if the assumption can be made that there is a single unique version of the file. That isn't true in the most common cases.
The measure may be as simple as letting one listen to the song as it is downloaded, and having the users "moderate" it, à la Slashdot.
What we have is a huge cluon deficit on the part of the record companies.
As long as the focus is on how to violate copyrights we will never be able to do the much more complicated and involved work of convincing artists to ditch the hindrance of the publishing industry and take advantage of new technologies to reach a bigger audience for a lower investment (and, given the spectacularly rotten economics the biz offers musicians, make more money to boot). Everybody wins except the recording giants. Ah, that sounds like work. Better get back to pissing and moaning that they're slipping poison pills into your free stuff.
It Is the Nature of Information to Transgress Artificial Boundaries
Another amazing fact was the mod of this post. You make a very broad statement. 'P2P is good for the world'. Why is that? I know why it is good for you and me. It make it easier for the technology haves to download the music, games, videos they love so much. but why is this good for the world? How does this help society in anyway? Don't get me wrong I think the level of crap produced by the Music industry is at epic levels. However, the movie industry and game industry have been producing some major pieces of work. Yea they may be over priced and poor people may not be able to afford them (but I bet these same people can afford a kick-ass system to run those games on).
Or maybe you just wanted to try out the full game. Whatever. It don't matter. What makes this P2P good for the world?
Nothing. Don't try to justify your behavior. You can't. It's like using drugs. You don't use them to make you a better person. You use them because you can and it's fun. So please, don't try to make yourself out as any better than the 'scum' that would try to stop you. There is no honor among thieves.
The P2P concept is awesome. It is a great way to quickly exchange ideas, papers, shareware/freeware, etc. But when was the last time you downloaded anything other than copyrighted material from a P2P system?
I think you guys are pretty confused about MD5s.
Billions of crap files have exactly the same MD5 as your favorite Brittney MP3. This is because (duh) the MD5 is much shorter than the file itself.
True.
Where I think you are confused is about the nature of MD5.
MD5 is not just another hash function. It is cryptographically secure. This means that you will never ever, in the life of the universe, be able to find nor contrive / construct a file with an identical hash. That is the whole point of MD5. Otherwise digital signatures and certificates would be meaningless.
The price of freedom is eternal litigation.
There are many ways of justifying actions other than through the morality of those actions. I don't read books to make me a better person, I read them "because I can and it's fun." Perhaps reading makes me a better person (sometimes yes, sometimes no), but that's not why I do it. Does that mean I can't justify reading? And yes, sometimes drugs can make people better, too. Recreational drugs can make people less tense, they can give people new perspective, they can introduce people to whole new worlds of experience. Do they do this for most who use them? Probably not. But there is more "honor among thieves" among recreational drug users than exists between record labels and their consumers.
It's this puritanical stance that has really started to get me over the last few years. "Just because it's legal, doesn't make it right", true, but just because someone doesn't think it's right, doesn't make it so. Everything doesn't have to make the world a better place to have justification.
That aside, I do agree with your thesis. "P2P makes the world a better place" is one of the most specious and nebulous statements I've heard in a great while.
"You use them because you can and it's fun."
Whoa there buddy, there's a lot of things that humans do because they can and it's fun. Not everything needs to be done to improve one's person.
For example, unless you're a hardline religious conservative, sex is the first thing that comes to mind. People don't use that exclusively to procreate, and it's exercise value is arguable... in fact it's a great way to spread disease. We still do it of course, because it's fun.
Of course, moving off to your more reasonable point of "What makes this P2P good for the world?". The value is that people can examine things before purchasing them, which the can't legally do now. If you play a game and it sucks, too bad. Buy a movie and it stinks, so what. Buy a CD and it's full of crappy remixes and vapid lyrics, oh well (don't give me that "but you would have heard it on the radio" stuff, the radio doesn't play what I like to hear in these days of consolidation).
So, I download music online. If I like it, I buy the album. If it sucks, I don't. Yes, it's illegal. So is speeding. So is oral sex in the southeast US. So is lighting firecrackers in the northeast US. So is breaking curfew for teenagers. So is passing on the right. So is making a loud noise past 10pm. So are a ton of other things that people blow off on a regular day because they are fun, and it's stupid for them to be illegal.
Oh, and something else that's illegal.. Civil Disobedience, which is really what P2P is. Call it Corporate Disobedience, or Copyright Disobedience, or whatever you like. What it really does is show Corporate America that people hate their methods of media distribution so much they'll do whatever they have to to get around it.
And, finally, the Artists. Isn't all this P2P shit bad for them? Hell no! I never would have heard of the Cruxshadows, Claire Voyant, Attrition or The Shroud if it wasn't for P2P (you'll never hear them on the radio), but now I bought all their albums AND go see their shows. Since they don't make jack off the albums but they DO make money (the artists, not the record companies)off the shows, I think that makes it good for them too.
First of all, it pays our bandwidth and the infrastructure. I'm all for that, obviously.
Second of all, it destroys the validity of their statistics about how many files are downloaded. Their statistics on how much cash they lose through this already are bogus, but now they can't even give good numbers on how many files are transferred, because 3/4 of the downloads may be wasted through broken fake files.
Third of all, this will lead to more cool research in cryptography. There will be papers about how to make this kind of attack more difficult and how to build trust metrics between anonymous peers (and that are very interesting problems, you should consider doing research in the area!).
In the short run, this pays for bandwidth with the profits of the record companies. More bandwidth will be used to do more file sharing. One day, RIAA will understand that they are financing the infrastructure of the enemy and shut overpeer down.
In the long run, RIAA will raise the price for CDs even more, to pay for overpeer and the infrastructure of the P2P people. That will cause even more people to not buy their music but download it instead, hastening RIAA's run towards obsolescence.