Slashdot Mirror
BitTorrent Gives Hollywood a Headache
fudgefactor7 writes "Although the MPAA and the RIAA, and practically anyone else who has an interest in protecting their intellectual property rights online, are fighting against P2P programs like EDonkey, Morpheus, and Napster, BitTorrent is coming under even greater scrutiny, albeit with less actual success so far, and that is giving Hollywood a headache, since they really don't know what to do about it and they can't go to Cohen and moan. Once he let the genie out of the bottle there was no way to put it back in. And with the likes of PeerGuardian, et. al., it only gets harder for the corporations to put the virtual, and legal, smackdown on file sharing."
problem is with trackers outside of the USA...
The tracker is what facilitates the download, the person who runs the tracker has set it up with the intent to share the specific file being shared. The tracker site is typically also the root of all the sharing through being a base seeder as well. So, basicly this brings things back to the days of piracy over public FTP and HTTP download sites, just attack the one facilitating the downloads.
Man, you're so wrong. The tracker only hosts the .torrent files, if that! It's primary roll is to just keep a database of who is sharing what as that is the information the bittorrent client's request from it. This is why it's so hard for the MPAA to crack down on them, as it basically does the job of google but for a specific audience. It doesn't host or upload or share any copyright material, it just tracks those that do.
The problem with slashdot is that most of its users were bullied and stuffed into lockers as kids!
In some countries, like sweden, bittorrent trackers are legal. Since they do not spread copyrighted material but just link to where one can find copyrighted material.
:)
Also there is a court ruling from the BBS-time that says that the BBS administrators is NOT responsible for what the users do on the BBS (such as trading warez). It is argued that the same reasoning can be done for a torrent tracker. However if there are copyrighted material transferred without the copyrightholders approval, people that USE the tracker is still doing something illegal.
The industry has tried to remove torrents from piratebay.org, which is the biggest torrent tracker in sweden, with limited success. (they have even gotten calls from Microsoft when Halo 2 was up for downloading)
happily:
p ?f=41
r di an_2_review.cfm
:)
PeerGuardian is based around the idea of an open list of blocklists collected from known fake files/scaners etc.
The **AAs are not very sophisticated in their searching - man scans come from a very small number of ranges.
The ranges are found by:
1) Whois searching, If we know the name of the company we can easily find them by scanning whois databases. They *have* to give their company name (eg BayTSP) so they are easy to find.
2) Log comparison. PG collects a log of every ip you connect to against the time. If someone gets a letter we get them to cross-reference the time the infringement is said to be on the letter (this must legally be included) with the ips in their log. 9/10 it is an obvious IP doing the scanning that can be found.
see our forum on this topic here:
http://methlabs.org/forums/forumdisplay.ph
PeerGuardian is simply a low level firewall that blocks these ips. PeerGuardian 2 will be open source, and will update automatically.
We're also trying to make the database more open, by adding a system where all the ranges can be viewed on a webpage, and users can comment, report bad ranges, and vote on how useful a range is.
See the reviews of PG2 *closed beta* here:
http://www.afterdawn.com/guides/archive/peergua
http://www.p2private.org/review/
I expect PG2 to be out before the new year, but it will be out when its ready, not beforehand.
Thanks
Joseph Farthing
Administrator & News Editor
Methlabs.org
Joseph Farthing
http://josephfarthing.com
Or is there some technical reason that they can't do anything about them?
I believe Harlan Ellison successfully sued somebody who was posting copies of his stories to alt.binaries.e-books (or similar). He also tried to sue AOL, who settled out of court for an undisclosed sum.
See details here: http://www.authorslawyer.com/c-ellison.shtml
This is very simple:
:)
collecting the IP addresses of people connected to a tracker does not ammount to proof of infringement. You have to actually recieve some data from them to prove they are illegally transmitting copyrighted material.
Joseph Farthing
Administrator & News Editor
Methlabs.org
Joseph Farthing
http://josephfarthing.com
I was explained to that torrents are not easily traced because all the data is sent in small packet chunks.. I think it might be in 256k chunks.
:)
And that since all these data packets are being sent randomly from various sources, it would be much more difficult to actually point a finger at a source or destination.
It was described that sure you might be able to intercept the transmition of data, but you are not witnessing the transfer of a in-tact file.
So you could see that maybe it's some sort of mpeg stream or maybe part of a larger compressed archive, but it's just a piece of it. And once the next version of the torrent system comes along with the ability to transfer without use of trackers or servers, it becomes here-say on any legal action.
So does this packet chunk bit torrent stuff actually hold true? And if not, Why?
Well i suppose sometimes it makes sense for the seeder to start a tracker on his own computer, thats not the recommended way.
A properly run tracker should never host any data. Just torrents. A torrent is merely a file with checksums + some info.
How do you think for instance, www.thepiratebay.org (swedish) can stay online?
to hold up a case in court they have to actually *prove* the person is sharing the file.
/ 23 51242&tid=188&tid=123&tid=17&tid=1 06
getting a list of ips just won't be good enough without some sort of evidence
then again we have seen some stupid occasions where stupid takedown notices have been given:
http://yro.slashdot.org/article.pl?sid=04/09/20
Joseph Farthing
http://josephfarthing.com
There's some funny examples of various copyright holders' cease-and-desist-mails (and the replies they got) to a Swedish torrent site on: http://static.thepiratebay.org/legal/
One they day will get a clue and start hunting down the users instead.
I *was* going to say that here in Canada, (thanks to a supreme court ruling) placing stuff in a shared folder is legal (because it is) and doesn't qualify as distribution of copyrighted material. But then I stopped and thought for a moment and I realized that BitTorrent might not be protected by that. It could be said that an inherent function of the program is that when you run it you send material to other people, instead of just placing it in an accessible shared folder. I'm no lawyer, but I'd say us Canadians might have to watch out in the near future after all.
With BitTorrent you are forced to share. So when you start downloading something you are also sharing copyrighted material.
You fell for a small but important trap. Just because you are downloading something doesn't mean you are downloading copyrighted material. And just because you are downloading copyrighted material it doesn't mean you are doing anything illegal. And just because you are downloading copyrighted material and at the same moment share it to other people interested in the same material you are still not doing anything illegal.
Many people distribute their own stuff with BitTorrent, because so they only need to seed the material and have maybe to handle the amount for two or three complete downloads from their site. All the other people get their data from those who already got the block in question. This is a huge bandwith saver for all involved parties. Mandrake Linux gets distributed that way for instance, and you can also get other distributions that way, completely legal.
So different than KaZaA or other file sharing networks where you have to look out to find some legitimate use, with BitTorrent it's easy.
On the other hand: The article especially points out that one of the counter technics employed by MPAA and RIAA is to put bogus files with an interesting file name up for sharing. So people searching for a special file may end up with a file with the same name but a different content. Centralized hosting of "proven" files like Napster did made them liable for copyright infringement. Calculating checksums would only help if you could compare the checksums with a trusted database, which is open to the same type of liability, because the database has to calculate the checksums by using the original files. So infecting KaZaA with bogus files and forged checksums is easy. And you know how many files everyone is actually sharing, because you can just query the client and ask. This makes KaZaA and similar systems vulnerable to two types of attacks: Tracking people distributing immense amounts of files, and poisoning the data pool with fake files.
With BitTorrent it's different. Everyone seeding a file is taking technical responsibility for the correctness of the file. But the actual data blocks are coming from other computers. The tracker keeps track of the different computers sharing exactly this file. For every other file there is another tracker. So with the tracker data you can actually find out who's sharing a specified single file, and because of checksumming you can be confident that all people listed in the tracker are sharing the same file derived from the same original data. But you don't know which files else are being shared on the same computer, because their trackers are being somewhere else. So all a copyright infringement tracking bot connecting to that tracker gets to know is information about this single file. Quite ineffective, and if you go to a judge with an IP address and tell them: "From this IP this one file was distributed" he'll probably tell you that he has more important stuff to do.
So people sharing large amounts of data don't appear any different to the bot than people just sharing a single file. And poisoning the data is also not easy, because you can't spoof someone elses seed and tracker. So you have to establish yourself as a second source, with your own seed and tracker, and if you don't provide correct data, your seed will die out soon. There may be an attack possible if you hack BitTorrent yourself (it's GPLed, after all), and if you take part of the actually ongoing BitTorrent sharing, but send fake blocks to every request you get. But then the checksumming will detect you quite soon, and you loose again.