Slashdot Mirror


Software To Stop Song Trading

Shippy writes "Palisade Systems is about to launch new software that can identify and block copyrighted songs as they are being traded online. However, the article fails to mention that it will also stop legal song downloads. The software blocks anything that's copyrighted, whether you already own the song in another format or not. Here's some snippets from the article: 'If installed in a university, for example, it could look inside students' emails, instant messages and peer-to-peer transfers...', and 'Jacobson said the identification process would not work on an encrypted network, such as is used in several newer file-swapping programs. However, the Palisade software could also act to block those applications from using the network altogether.' Great."

24 of 595 comments (clear)

  1. And, thusly... by McCrapDeluxe · · Score: 5, Insightful

    Encrypted protocols increase in popularity.

    1. Re:And, thusly... by NtroP · · Score: 5, Insightful
      The article claims that the software could block encrypted communications, apparently indescriminantly. I wonder how that would affect legit transfers like scp, ssh or vpn connections.

      I'm probably talking out of my butt here, but what if, instead of the entire "stream" being encrypted, just the "content" was, with a one-time, mutually agreed upon key? How would their software know the difference? It would never have the same "fingerprint" twice. Would it just block any traffic that looked like random noise?

      I can see this software pissing a lot of sysadmins off - could you ever be absolutely sure those "ghosts" you've been chasing weren't this software being over zealous?

      The parent is right though. This will just prompt those who wish to trade on P2P to take it to the next level. Especially now that the "Big Five" labels are trying to force Apple to charge $2.50 per song! If that happens I will stop buying songs from iTMS and say "screw the bastards, release the hounds", P2P here I come!

      --
      "terrorism" and "pedophilia" are the root passwords to the Constitution
    2. Re:And, thusly... by Nadsat · · Score: 5, Interesting

      Yes, McCrapDeluze: what you describe is the blowback, the reaction against the controllers.

      Technology tries to liberate. Technology was once thought of as the essence of freedom's revolution itself. Recall Apple/1984... recall www-idealism. Then technology turns against itself and tries to control. Porn regulation, satillite cameras, fingerprints, RIAA server-side 'intellectual property' monitoring. Liberation vs. control. Hacktivists and regulators engaging in battle royal.

      Sure there are always loopholes and entropy... but I fear the capability of technology to regulate and control will become so strong and so automated that only the most astute hacktivists or fleeting script kiddies will find sanctuary, leaving the rest of the populace to graze like sheep on genetic grass.

  2. WiFi. The 3rd Internet by DigiShaman · · Score: 5, Interesting

    I guess it's time to start bridging those WiFi networks around the world. If you can't beat em, fuck em. I start file sharing over WiFi networks. I look forward to the days of local BBSes again. (WiFi BBS?)

    --
    Life is not for the lazy.
    1. Re:WiFi. The 3rd Internet by dont_think_twice · · Score: 5, Insightful

      Posting this concept on Slashdot is easy. Doing it is a whole different matter ...

      Mod the parrent down as a troll... nothing to see here.


      I love it. Pure, honest intellectual fascism. Basically, you say "Your suggestion is impractical, so you should be modded down, and nobody should even see your idea."

      I don't have any problems with your objections to his idea, but why insist that he should be modded troll for saying something that you disagree with?

  3. Encrypt everything by Zorak+Man · · Score: 5, Informative
    --

    404 .sig not found
  4. Hmm... by LordK3nn3th · · Score: 5, Interesting

    How does this effect pay-for programs like iTunes?

    Also, is this RIAA-only songs being blocked, or other songs? Copyrighted doesn't always mean "undistributable". Someone may hold the copyright to something but may actually let people distribute it-- am I wrong there?

    --

    ---
    Never criticize religion on Slashdot. You will be modded down for "Troll" no matter how factual it is.
  5. what about my copyright? by Bhull · · Score: 5, Insightful

    how do i tell this software that i want people to trade MY copyrighted music? if they block my file swapping would that be some sort of anticompetitive thing? just because the RIAA and its labels own the majority of music being traded doesnt mean that all the music being traded belongs to them.

  6. 'finger print' by Mattwolf7 · · Score: 5, Interesting
    But how can it determine?

    Palisade's version of the technology sits inside a network, rather than inside a file-swapping program. If installed in a university, for example, it could look inside students' emails, instant messages and peer-to-peer transfers, seeking audio "fingerprints" that could be compared with information in Audible Magic's database.

    If I send my friend an mp3 of me playing some music how can it tell that from me sending a copyrighted work? Is it reading the 'finger print' and then checking byte by byte? Isn't that going to kill traffic... But couldn't it be beaten by adding one extra byte to the file? Sending in another format?

  7. Umm... by Ryan.Merrill · · Score: 5, Insightful

    Wait... it did say that it can look into student's emails and instant messages right? So basically it is giving the University free right to look into student's messages and claim that they are merely looking for illegal songs. There has got to be something that can be done by the students at these universities to block this. This is a total invasion of privacy. If any university tries to impose this onto the students attending, the students must do something. Hopefully we haven't lost all of our rebellious nature.

  8. What is needed.. by bcore · · Score: 5, Interesting

    ..is a P2P app that can run over an SSL connection, disguised as web traffic. I'd bet that could beat this thing. Does such a thing exist?

    1. Re:What is needed.. by dolphinling · · Score: 5, Insightful

      What's wrong with just plain FTP over SSL? No one's going to be blocking FTP anytime soon...

      --
      There are 11 types of people in the world: those who can count in binary, and those who can't.
    2. Re:What is needed.. by syousef · · Score: 5, Interesting

      "What's wrong with just plain FTP over SSL? No one's going to be blocking FTP anytime soon..."

      I work as an IT consultant in Australia and work on site most of the time. Our clients - banks and insurance companies - certainly do do block FTP and SSL. They usually block anything that isn't HTTP or HTTPS on port 80. This is a genuine frustration for me as I often want to send log files and software to the HQ of the software firm I work for.

      To make matters worse one client I worked for had a policy of restricting access to external email and other content (games, porn etc.). They used web filter software which I won't name here for now. Lots of legitmate sites I'd want to get to for genuinely work related purposes were also blocked.

      I wouldn't be at all surprised if this is the method adopted by large educational institutions in the end. They won't be able to fight large corporates for very long with the limited funding they do have. It will only take a handful of large law suits to sway them towards censorship.

      Its an interesting world we live in now. It seems to have become standard practice somewhere in the late 90s to make product and then intimidate or sue your customers.

      --
      These posts express my own personal views, not those of my employer
    3. Re:What is needed.. by ultranova · · Score: 5, Insightful
      Oops. You can't sue someone for being suspicious. Yet :)

      Yes you can. You can't win, but you can drive them bankcrupt trying to defend themselves.

      It isn't about justice, it's about extortion.

      --

      Forget magic. Any technology distinguishable from divine power is insufficiently advanced.

    4. Re:What is needed.. by rixstep · · Score: 5, Funny

      What we should do...

      Is use steganography.

      We embed an MP3 inside a JPEG.

      Then, just to really screw them up, we embed the JPEG inside an MP3.

  9. so archive it by tintub · · Score: 5, Insightful

    Is this software going to intercept any archives (.rar, .tar.gz, .zip etc.), unarchive them and check them? I'm not against such software - Universities have a right to disallow file trading on their networks, just as I have a right to use an ISP which doesn't use such software for my home connection. However, I just think that this won't work, at least not without blocking or hindering so much legitimate use that everyone revolts against it.

    --
    sig under construction...
  10. This will work for about ten seconds by Poilobo · · Score: 5, Interesting

    If this is based on fingerprinting technology it would be pretty trivial to cutoff the Type 1 and Type 2 tags, reverse the content and stick'em back on. Reverse the process after downloading. Of course you could always UUencode the song and add a zip extension to it or a multitude of other tricks to hide what your doing.

    Never underestimate the power of broke, bored, determined college students.

    --
    Sig (appended to the end of comments you post, 120 chars)
  11. Re:wouldn't it be simpler by Anonymous Coward · · Score: 5, Insightful

    I attend a Big 10 School, and while
    interviewing for a tech-related position with
    the head of dorm network-type stuff, I was told
    that well over 90% of the internet traffic (barring worms and the like) can be attributed
    to file-sharing. With the tightness of funds
    that today's universities are dealing with,
    maybe that bandwidth money could be better spent.

  12. Re:wouldn't it be simpler by LostCluster · · Score: 5, Insightful

    With the tightness of funds that today's universities are dealing with, maybe that bandwidth money could be better spent.

    Every college's Terms of Service says that their computer systems are for "academic use only" or some similar phrase, in part because they have to in order to get grant funding to pay for their bandwidth. You might not remember signing that TOS, but trust me, every student at a college has signed something when they accepted admission that basically binds you to everything the school ever puts out as a "rule" whether you bother to read it or not.

    So, forget the dream that they have to give you totally unrestricted bandwidth as part of the price of your dorm room. They never promised that to you, so if it goes away, tough.

    Colleges have mostly played dumb that P2P has been going on, trying to claim that they're just a common carrier that can't really coprehend what's fair and what's foul over their network. Once they start trying to block copyrighted content, they'll start becoming liable for whatever slips through their checkpoint.

    So... that's why any blocks we're going to see going up are going to be whole-protocol blocks or bandwidth throttles. They won't be blocking in the name of copyright protection, they'll be blocking in the name of bandwidth protection...

  13. Re:wouldn't it be simpler by UID1000000 · · Score: 5, Interesting

    This is a good point. Frankly make them sign a contract or a LOI stating that if they do anything illegal that they have to indemify the university of any illegal actions and take full recourse for the aforementioned.

    But if 90% of their traffic is P2P why not make it all internal traffic thus eliminating bandwidth costs? If there is a way to do this for instance block the ports that P2P programs use, hell block all the ports except 80 and then setup a VPN client with all ports open but restrict traffic to being only internal. Then the bandwidth load is reduced by 90% and the traffic (which would probably cut down) might come down by as much as 60-70%.

    If new items need to be introduced to the P2P networks on the campus then the students should have to go out and use their own, their parents or some cafes' then they can bring it back into the closed school network.

    What do you think of that?

    --
    UID 1000000 is just around the corner.

  14. JOIN THE RIAA TODAY! JUST FOUR EASY STEPS! by britneys+9th+husband · · Score: 5, Funny
    RIAA (RECORDING INDUSTRY ASSOCIATION OF AMERICA) is the first organization which
    gathers GREEDY RECORD EXECUTIVES from all over America and abroad for one common goal - being GREEDY RECORD EXECUTIVES.

    Are you GREEDY ?
    Are you a RECORD EXECUTIVE ?
    Are you a GREEDY RECORD EXECUTIVE ?

    If you answered "Yes" to all of the above questions, then RIAA (RECORDING INDUSTRY ASSOCIATION OF AMERICA) might be exactly what you've been looking for!
    Join RIAA (RECORDING INDUSTRY ASSOCIATION OF AMERICA) today, and enjoy all the benefits of being a full-time RIAA member.
    RIAA (RECORDING INDUSTRY ASSOCIATION OF AMERICA) is the fastest-growing GREEDY RECORD EXECUTIVE community with FOUR OR FIVE members all over United States of America. You, too, can be a part of RIAA if you join today!

    Why not? It's quick and easy - only 4 simple steps!

    First, you have to obtain a copy of THE COMPLETE WORKS OF METALLICA and listen to it. (You can download the music (~280mb) using BitTorrent, by clicking here.

    Second, you need to succeed in posting an RIAA "first post" on slashdot.org, a popular "news for thieves" website

    Third, you need to join the official RIAA irc channel #RIAA on irc.riaa.com, and apply for membership.

    Fourth, you need to pay the nonrefundable RIAA MEMBERSHIP FEE of FIVE MILLION UNITED STATES DOLLARS (US$5,000,000)
    Talk to one of the ops or any of the other members in the channel to sign up today!

    If you are having trouble locating #RIAA, the official RECORDING INDUSTRY ASSOCIATION OF AMERICA irc channel, you might be on a wrong irc network. The correct network is lawsuitnet, and you can connect to irc.riaa.com as our official server. If you do not have an IRC client handy, you are free to use the RIAA Java IRC client by clicking here.


    If you have mod points and would like to support RIAA, please moderate this post up.

    ______________$*________________________________
    | _____________&@_______________________._a,____ |
    | _________._______a_______aj#0s_____aWY!400.___ |
    | __ad#7!!*P____a.d_______#!-_#0i___.#!__W#0#___ |
    | _j#'_.00#,___4#dP______j#,__0#Wi___*00P!_"#L,_ |
    | _"#ga#9!01___"#01______"4Lj#!_4#g_________"01_ |
    | __"#,_________*@`_________`___-!^_____________ |
    | __#1_,%________$^_____________________________ |
    | __J1__$%______________________________________ |
    | __jk___58___RECORDING INDUSTRY_ASSOCIATION____ |
    | _______________OF_AMERICA_____________________ |
    | ______________________________________________ | (c) RIAA 2003, 2004
    ` _______________________________________________'

    --
    Hear recorded Slashdot headlines on your phone! New service beta testing. Just call (248) 434-5508
  15. I used to work for Palisade... by Anonymous Coward · · Score: 5, Interesting

    I was working for Palisade when they developed the first version of PacketHound.

    Actually, I should say when they stole PacketHound, since it was actually created by a coworker in his off hours, outside of Palisade. The CEO at the time fired this guy and sued the developer to gain the rights to PacketHound. Kind of ironic that they stole something that is supposed to prevent stealing!

    Like Palisade's original product, called ScreenDoor, PacketHound is just a packet sniffer that sends out TCP RST packets to disrupt connections. Palisade (and Iowa State University) actually have a patent on this, even though there have been firewalls and other programs (like Snort) which do the same thing, and predate the patent.

    Palisade itself is a tiny company that is milking this one patent/idea for most of its products. But they are somehow good at getting press...

  16. Steganography by markan18 · · Score: 5, Interesting

    maybe we just need to rename songs as .doc or .jpg. If that crap can still catch them, cram the song into real images or insert them into real office documents.

    One may insert them into icmp packets (ping still allowed??). What if i encrypt all my email, will encryption be outlawed? The war on file sharing is turning into a war on drugs, we all know how effective it is.

    I think anyone can still get packets and or out a given network can download and upload songs or anything. those big 5 labels are causing real damage trying to police the internet and deserves to die real fast

  17. Or SSH by Sycraft-fu · · Score: 5, Interesting

    I would LOVE to see a university try to block that. A small private one might (and I emphize might) be able to get away with it but a big one? Forget about it.

    Hell, our university REQUIRES SSH for many things. You can't telnet to the e-mail cluster any more, it's SSH only. Likewise the webmail is SSL only. You just don't have a choice, you'll use the encryption or you'll not use the system. My department is working on going to that. Going to be no telnet, no FTP, no unencrypted IMAP or pop. Everything will be SSH, SFTP (which is also SSH), or SSL. Unencrypted communications will be in-building only, or for things like the main website. You want to access any systems, you'll do it with an encrypted protocol, or use an encrypted VPN tunnel to get a local address.

    So either SSL or SSH would work well. They are just too useful and used for too many things. Try and shut that down and you'll find backlash like you can't believe.