Slashdot Mirror
Innocent File-Sharers Could Appear Guilty?
daveo0331 writes " New Scientist has an article about what could be a promising defense strategy for people targeted by the RIAA. Basically, anyone on the Gnutella network can frame other users by making it look like someone is hosting RIAA music, even though they're not. Therefore, the RIAA's "evidence" against file sharers is theoretically unreliable and wouldn't stand as good a chance of holding up in court. No mention of whether this has anything to do with the RIAA's eagerness to settle the lawsuits out of court. The article is based on a research paper (PDF link, HTML version) posted anonymously to a web hosting service in Australia."
can you say those 2 words in the same sentence?
Je t'aime Stéphanie
How about an entire computer shared to the internet?, like this crazy guy did...
A number of people say they were wrongly accused by the RIAA, or that their children swapped music without their knowledge. The RIAA dropped one suit, against retired Boston teacher Sarah Ward, 66, when it was discovered she couldn't be sharing songs on pirate service Kazaa because she uses an incompatible Apple computer.
Thanks to google, here's the HTML version of the PDF.
Sure, karma whoring, but who wants to load a PDF? At least I didn't post a MS Word version of it!
-ted
Not really. The courts have decided there's legitimate uses for P2P and therefore they actually have to catch you in the act of violating the law to sue you. One concern here, though, is the Gnutella network doesn't, by itself, detect your IP. You can put whatever IP in you want and it'll appear that way to the rest of the network. Often, you'll see people with IPs in the 192.168/16 block on there. I could see how they could get your IP wrong this way and falsely accuse you because someone on the network claimed to have your IP. And this sort of thing scares me away from Gnutella.
Help me. I've been modbombed by a few people with entirely too much time on their hands.
Will this really stop them from doing anything? Like the poster said, they like to settle out of court, and they'll probably pull something like "Well, you should've been more protected against this kind of identity theft. Give us $10,000 in amnesty, and we'll go catch the _real_ theif."
- Sherman
How many of the people being sued by the RIAA actually use Gnutella? I would bet few to none. The vast majority are getting nabbed for Kazaa and other more popular, less geeky p2p clients.
When using a modem, or even Cable/DSL one is typically dynamically assigned an address. Many times these can change. It was stated in numerous articles that the RIAA found IP addresses for people, then subpoenaed ISPs for the users using those addresses.
Either due to ISP incomprehension, or RIAA non-specific requests, they most likely received a lot of information based on who was using that address after subpoena, not during copyright infringement.
Shawn's Tech Articles
there is no p2p service in which files pass through nodes. The bandwidth cost would be prohibitive. If user A sends file to user C what advantage is it to send through user B, apart from eating his b/w?
This would be like filesharing on irc send file data through irc servers. This would bring almost any server instantly down. So the files go through only routers etc in between but no acutal end users.
In these programs only the search information is gathered p2p. SO if kazaa runs a supernode it caches search info, passes it on etc.
Here you can possibly fake it as if some other machine has some files which it doesn't have or even a non existent user/machine etc.
There lies the hole.
Just because they've pointed out theoritical weaknesses in P2P apps doesn't necessarily raise a "reasonable doubt" about any defendant's activities. Is there any evidence that these vulnerabilities are actually being exploited out there? If not, I don't think this would hold much weight in court...
Oh yeah, and IANAL.
Stop by my site where I write about ERP systems & more
This is no "strategy", it's a cop-out. If people are sharing files, and they *really* believe they should be allowed to do so, they should fight on the merits of their position, and live or die on said merits. To cook up a tenuous argument that someone might have framed you, is a tacit admission that the arguments people have mostly been using to justify file-sharing are worthless, and that file-sharing itself is indefensible. Show some backbone, people.
You don't seem to understand the article. Infact, I would go out and call you a "big fat liar," but I'll try to be civil here.
You can't put whatever you want as your IP. That's stupid. In P2P networks, other peers connect to you. They know your real IP number.
Where you lie is when someone searches for a file (you search by asking your neighbors in Gnutella), you just put in a random (or not so random) IP number and claim that the machine returned a successful hit and send it back to the original peer.
Lo and Behold! That machine could be thought of a culprit by the RIAA if they don't verify by downloading.
now supporting:
cmdrTaco for president '04
michael for oval office intern summer '05
Furthermore, a worm/trojan could be released that secretly installs a Gnutella client and ACTUALLY downloads some tunes. Would ignorance be an excuse, when suddenly every computer in the world is filesharing? Tell you what, if I did fileshare copyrighted material, I would put up a fight.
Someone already sort of asked this but they are modded at 0 and thus might not get heard that easily. I was wondering if anyone had a breakdown of just what P2P networking the RIAA is targetting. If you read the headlines all you would think is that this is between the RIAA and Kazaa. I remember when recently when we all joked about the actual kazaa names people were using and how many "kazaalite" users there would be.
So what's the deal? Any WinMX, EDonkey, Bittorrent users being attacked in this recent spat of 700 cases by the RIAA. Or is it just those Kazaa users?
If you wanna get rich, you know that payback is a bitch
That's the thing about innocence until proof of guilt. One has to show evidence that the presumed innocent logically has to be guilty. Not that they COULD be guilty. Not that they might as well be guilty. Not if they have the tools that would allow them to be guilty. Not even if the prosecution can't find anyone else that they think might be guilty.
It's things like these that can make harrassing people a real bummer for a litigious group in the long run. Still - fear and respectful loathing may still "work" in the short term. But again, that short-term respect and fear will die down if cases are ruled against them.
Ryan Fenton
Dude, if I had you as a parent, I'd watch your back. How is your lesson any better than a thug breaking a gambler's legs for not paying on time? I hope you don't own any guns... you just may become a statistic.
today is spelling optional day.
The RIAA has an amazing similarity to OJ Simpson. Still in search of 'The Real Filesharers'
First, as some have mentioned previously, all of the RIAA legal actions required that the ISP's map date + IP correctly to the right user. This has shown to be problematic, as a number of Mac users have been caught up in the lawsuits.
The RIAA cannot expect the ISP's to provide 100% infallable information. This alone is a bigger threat than the attacks mentioned.
On to the paper. You can find it via google.
For the duration of these items im going to assume that the networks in question are either FastTrack/KaZaa or Gnutella. These appear to be the networks currently targeted by the RIAA.
Scenario 1: Modifying Search Requests and Search Results in Transit
This is a non starter, as the RIAA have mentioned before regarding their tactics that they rely on MD5 check sums of files that are downloaded from the peer. Simply modifying search results or requests will not incriminate anyone given the method the RIAA is using.
Scenario 2: Spoofing the Originator of Search Results and Search Requests
This falls into the same problem as #1. This will not get someone targeted by the RIAA.
Scenario 3: Renaming a Contraband File to Match Incoming Search Requests
This is a bit more troubling, as the MD5 sums would match the contraband, however, the title may be something completely innocuous - "Slashot Comment Archive" for example.
I find it unlikely that the RIAA would target someone based on MD5's alone. Their tactics appear to use a search to identify potential infringing uploaders, and then a download to confirm contraband via MD5 sum.
If this is the case, then the search for contraband would likely miss this type of file, as it would be renamed to something else (also popular) but unrelated to contraband content.
This does remain a viable risk and potentially exploitable entrapment attack
Scenario 4: Impersonating Another GP2P User
This is another non starter in the same lines as #1 and #2. The RIAA is not using randomly selected user GUID's to identify infringers.
Scenario 5: Tricking an Innocent User Into Downloading Contraband from an Authority
This is a very implausible attack. The RIAA is using custom software to track the network, and does not appear to be uploading the files they are downloading for evidence, as would normally be the case with a standard kazaa/morpheous client.
The chances of downloading a contraband file from the RIAA crawlers seems nil, regardless of how spoofed search resulsts could direct them in this fashion.
In short, there is a potential for abuse, but the methods used by the RIAA prevent a number of these from working effectively. They search keywords and titles, and then confirm contraband with MD5 checksums of the uploaded content.
This is very hard to spoof without actually deploying the contraband on a peer with malicious intent. You are still liable if someone puts contraband on your client!
The biggest danger is still the ISP's inability to properly account for times and dates for each user associated to each IP address. This will continue to target innocent individuals, although the RIAA does appear to drop cases that are blatantly without merit.
On the edonkey net, information about who has what files is collected and managed by edonkey servers. Since the server protocol is open, anyone could write a server that deliberately misinforms clients about the location of RIAA files.
There's something that's bothered me about these lawsuits since the beginning: what proof does the RIAA have that a given person shared a file ? They're simply using logs of their software. But how is this being verified ? A log, afterall, is just a textfile; I can make one now that says Lars Ulrich was sharing my copyrighted works.
Not to mention they're also relying on the DHCP logs of the sharer's ISP. These were designed to aid admins, not to be 100% accurate. And, even if we assume that the RIAA's and the ISP's logs are accurate, most people these days have multiple machines on their home networks and often wireless access points. How can could one possibly prove that the internnet account holder did the sharing and not a neighbor sneaking on via wireless or a friend who stopped by with a laptop or a roommate ?
IANAL, but I don't see how any of these cases could possibly stand up in court, with or without security holes.
The "law" is no longer about the "truth", but who can spin the best "half-truths" (read: lies). And the best "lawyers" (read: lairs) cost $$$, so in short, he with the most money gets "justice" (read: their way). So anything the "little guy" (read: not much $$$) can win is to come up with a nice "open-source" "half-truth", of which this seems to be. That and all that framing stuff others mentioned ;)
"1984" was ment to be a warning, not a guidebook. You hear that Kim Jong-il!? BushCo?!
To publish something that relies on reverse engineering puts you open to charges under the DMCA. Reverse engineering PD software is easy (you have the source). Reverse engineering a closed source program isn't exactly impossible, look at Kazaa-lite, for example. However there are other PD clients to more popular networks such as eMule for ed2k (no disassembly required).
So you can still say that the RIAA's IP address is sharing movies and the MPAA's IP address is sharing MP3s for other networks.
About a year ago. There wasn't any punishment I'm aware of, but the network people didn't like the fact that they got quite a lot of those mails (big university, and obviously many people sharing).
what we need is someone to write a virus that installs inself on windows machines and honeypots the common various p2p protocols and gives results that the riaa hate like a few titles of briney, metallica, etc.
so when your ip address changes and your still listed as a valid source they get scanned and nailed with the legal mess.
that will put an end to this crap when they start suing innocent people in massive quantities.
members are seeing something, your seeing an ad
Downloading mp3 of music that you do not own is illegal. I taught my son a lesson by destroying his iBook. The lesson is that if you work hard and save your money to buy something, once you break the law with it, it will be taken away. By the time he saves enough to buy another laptop (which will be around two years based on his after school pay check) he will have learned that he was doing something bad and wont do it again.
So it's pretty obvious that you are a troll but you do inadvertently raise a good point about authoritarianism.
Destroying your son's personal property was an immature act. He knows it was a childish thing to do, and it caused him to lose respect for you as an authority figure and role model. You have eroded your ability to make moral judgments that he will respect.
If your child does not respect you, he will not listen to you. Because of the power you wield he will simply give the appearance of respect and obedience, but in reality will go behind your back and do whatever he wants. This is the behavior you are reinforcing. Why would he do any differently?
So in a way you are like the RIAA. The RIAA is destroying any respect the public had for it by suing its own customers for large damages, much like you destroyed your son's iBook. Now even if they had a valid moral position (e.g. sharing music is stealing from artists) people are disinclined to believe it, regardless of its veracity. Music sharing will go on - just behind the RIAA's back.
You and the RIAA both need to act like adults here and build trust by acting maturely. Then maybe you both will get the respect you desire.
THESE ARE NOT CRIMINAL CASES. There is NO JURY.
Of course there are juries in civil cases. What makes you think there aren't? It depends on the jurisdiction, but at least in the federal court system, in most civil cases you need only ask for a jury trial to get one, and only if both parties waive will you not get a jury (i.e., get a bench trial).
That'll help to provide reasonable doubt! No... no, wait... these are civil cases, not criminal. There's no burden of proof, no assumption of innocence, no "reasonable doubt" defence.
All that the RIAA has to do is to show that the balance of probability is that the person on the other side of the courtroom is who the RIAA say they are and did what the RIAA say they did. Now, really, how probable is it that Kazaa users (which is who they are targetting) are likely to be the target of a malicious prank that's only been claimed (anonymously, and not yet independently verified) to be theoretically possible on Gnutella?
Sorry for the nasty little wake up call, but civil cases aren't like Twelve Angry Men . If you're relying on this as a defence, I'd suggest changing your story to "a wizard did it", because that's a more probable explanation.
If you were blocking sigs, you wouldn't have to read this.
If you are using any version of windows NT, it is not always wise to open untrusted telnet links. By default windows will send the NTLM hash of the logged in user to the remote server, which could be auditted to recover the password in usually less than a day.
Depending on how the RIAA is getting their lists, the article is at best fallacious and at worst deceptive.
Supposedly the RIAA is going after people who've been sharing more than a thousand titles. It is highly unlikely the RIAA would've gotten this information by sniffing the network or by putting out queries; it would just be too impractical. Gnutella hosts will very often put a list of what they're sharing up in the form of a web page, and if the RIAA were reading the page, they'd be retrieving it directly from the user's verifiable IP.
Similarly, other networks have the option to "browse this person's list". From what I understand none of these networks route the results of such requests through any sort of indirection; the data is also transferred via a direct connection to the "offender's" machine.