WiFi Hotspots Elude RIAA Dragnet

mblase writes "A CNET News article discusses a problem the RIAA is having with its copyright enforcement strategy: public wireless hot spots. Normally, the RIAA notifies the ISP when a user is found to be violating their copyrights, but in this case, the ISP is powerless to do anything. Key quote: '...unless the administrator keeps detailed logs of everybody's account use - which is not required by law - she may well not know who was swapping files.' I wonder how long it will be before those detailed logs ARE required by law?"

What account?

[chill]

The free WiFi hotspots I've used don't require accounts at all. They just serve bandwidth and you connect thru DHCP.

Are they going to log MAC addresses? Good luck. I can use ifconfig on my Orinoco card and set the MAC. 00:00:00:00:00:00 and a prepaid debit card in a pseudonym works nicely on the AT&T Wireless hotspot in the Denver airport.

Re:What account?

[Cipster]

My question is though why go through all that trouble for a few MP3's?
I think this is precisely what the RIAA is aming for: make it risky or inconvenient enough that people will stop using Kazaa etc...
Most people use those services because all you have to do is double-click on a few songs, go to bed with Kazaa on and the next day you have whatever music you wanted.
I doubt there will be a big group of people Wardriving for Tunes.

A free world through bad security.

[Bob+The+Lizard]

"I wonder how long it will be before those detailed logs ARE required by law?"

An interesting point occurs to me. One of the great things about the many 'anti-hacking' laws passed around the world is that most (if not all), have little (if any), requirement for systems operators to take reasonable steps to keep their systems secure.

So if I open up a Wi-Fi shop, and keep detailed logs, of all my paying users, but don't bother to secure the setup?????

'Yes officer, you can have the logs of my customers. Unfortunitly it dosen't cover the several thousand p2p users, who have creaked my system, and you want..... Yes thats correct, removing the howto from the MOTD would reduce this, but I'm under no requirement to do that.' :-)

Re:Dynamic IP's Extra

[KrispyKringle]

I don't think so. The benefits of logging (detecting unauthorized or illegal use such as spam, computer vandalism, abuse, or trespass, and preventing other more heinous activity) far outweigh, for most ISPs, the minor inconvenience of dealing with a few occasional subpeonas, I would think. Hundreds or thousands of letters are sent, certainly, but not nearly as many cases of user information requests happen.

Granted that Verizon was willing to spend quite a lot in a protracted legal battle, but I think they'd be more willing to do that then stop logging. There really is a huge incentive for ISPs to log, even if they no longer charge by the hour.

Of Anonymity on the Internet and in the Real World

[GillBates0]

As much as I have come to hate the RIAA and it's dictatorial attitude off late, I really don't think online anonymity is the thing of the future. True, we would all like to be anonymous, and protect are so called privacy: online and elsewhere, but I just don't see it happening anytime soon, or maybe ever.

Consider anonymity in the real world. It's almost impossible to do anything really worthwhile completely anonymously. True, you may get along for a while, but sooner or later, you would need a job, a place to live, maybe a phone...the list goes on....and it's pretty much impossible to do any of these without proving your identity. You just cannot get along without remaining completely anonymous, in a fast developing world.

Maybe in lesser developed countries, you would not need an SSN or ID, but you would need alternate means of identification nevertheless, unless ofcourse you prefer to exist illegally under multiple identities.

With the Internet fast becoming part of our lives, and the ever broadening range of stuff that can be done online, it's but natural that some measures to establish identity come into force some time or the other.

People may argue that in the offline world, you are able to perform certain activities anonymously...say relax in a lounge chair in front of the fireplace...but BAM....as soon as you interact with society, anonymity is gone....Poof.

The problem with the Internet, is, that you are *always* interacting with some computer, somewhere, which does not belong to you. This is not true with the real world, if you're sitting lounging on a chair, you're interacting with the chair which belongs to you, thus ensuring anonymity. Anonymity on the Internet, on the other hand, is and will remain to be a very hard thing to achieve.

I guess that's a long enough rant for this time of the night.

Who's gonna upload from a coffee shop?

[LostCluster]

This is just plain over before it started...

The RIAA dragnet is for uploaders because their theory is if they can scare people out of sharing, the non-sharing freeloaders will saturate the remaining uploaders so that the file-sharing network will cease to be useful.

But the coffee shop isn't the idea place to even set up a transient P2P sever. The P2P share would only exist when the laptop user is at the bookstore, which won't be that often to begin with. Any transfer in progress when the laptop user leaves the store will get aborted. Smart coffee shop owners have ADSL behind these shares, because they're expecting browsers not servers, so the upload speed won't be that pretty anyway.

This isn't a technology worth banning, it's not gonna be that useful to file-swappers in the first place!

Re:Who's gonna upload from a coffee shop?

[pla]

The RIAA dragnet is for uploaders because their theory is if they can scare people out of sharing, the non-sharing freeloaders will saturate the remaining uploaders so that the file-sharing network will cease to be useful.

And before that, they only went after companies, on the theory that only companies had the deep pockets to produce the software that make file-sharing possible. If they could scare companies away from creating file-sharing apps, the problem would cease to exist

Unfortunately, like their first approach, their second one will fail as well. And the RIAA WILL start going after progressively smaller fish. I'd say within a year we'll hear about their first attack on a group of particuarly heavy downloaders.

And, in the long term, don't feel too surprised when "plausible deniability", at least in the online world, turns into "plausible guilt". Run something like Freenet, where they can't tell exactly who requested a particular file, and everyone along the chain of the request bears equal "guilt" for the download.

Re:Of Anonymity on the Internet and in the Real Wo

[evilviper]

What you are missing is the level of anonymity.

On the internet, I have the equivalent of a Unique Identifier tatooed on my forehead.

In real life, if someone asks me my name, I can say "Hi, I'm Peter Smith", or perhaps say nothing at all. Online, it's incredibly easy (and regularly done) to automate the process of recording your IP address, and associating it with every action you take online... You can't refuse to give it, you can't shop somewhere else when they ask for it, you don't even get notification that they are doing it...

It's not to say you have true anonymity in public, unless you can change your physical appearance at a whim (to some extent that is possible), but the point is that you DO have some reasonable level of anonymity.

For instance, imagine that the FBI feels like fishing, and decides they want to know the identity of everyone who read about bombs, and politically dissenting material. For digital info, they simply have to ask for those records from each place, and correlate them. In the real world, they would need to track down everyone that was at each place, have them give a description, and then compare the descriptions. That doesn't make you anonymous, but it adds a large barrier to removing your anonymity, which, in reality, is all people really want.

Re:It's quite simple...

[Alien+Being]

I'm all for IP laws as long as they represent the interests of the people. A decade or two of exclusive trade rights ought to be plenty of time reap the harvest of nearly any creation, but 70+ years for a cartoon mouse is ludicrous. Let's just find the decendents of the guy who invented the wheel and award them ownership of GM.

Re:Dynamic IP's Extra

[drsmithy]

Don't think of ISPs protecting file-sharers, shift it to protecting distributers of child pornography.

Ah yes, the political equivalent of a ten year old bursting into tears. If all else fails, play the "but won't somebody think of the children" card.

In fact, I can imagine a strong legal case that providing untracable access to an IP network is an attractive nuisance that the ISP knew, or should have known, would be used in the commission of felonies. Big time liabilities lurking.

And should this same principle apply to anybody providing any form of anonymity to others ?

Re:Dynamic IP's Extra

[Ryan+Stortz]

Beautifull. If the RIAA doesn't agree to the EULA, then they can't prosecute. Then they'd most likely go to court over it, if they lose all ISPs can do this. If they win, EULAs are invalid.

Re:I always wondered about this...

[femto]

The *real* anonymity will come when freenet is implemented as a network layer over WiFi equipment, displacing the IP protocol. It might even be possible to also replace the datalink layer, eliminating ethernet addresses as well.

It will be impossible to gather IP addresses, as there will *be* no IP address. The only way of identifying a user will be to identify the chain of nodes though which the request passed. This will require extracting data from every user in the chain. A difficult task with no user keeping logs.