Slashdot Mirror
What Questions Would You Ask An RIAA 'Expert'?
NewYorkCountryLawyer asks: "In UMG v. Lindor, the RIAA has submitted an 'expert' report (pdf) and 26-page curriculum vitae (pdf), prepared by Dr. Doug Jacobson of Iowa State University who is the RIAA's expert witness in all of its cases against consumers, relating to alleged copyright infringement by means of a shared files folder on Kazaa, and supposed analysis of the hard drive of a computer in Ms. Lindor's apartment. The RIAA's 'experts' have been shut down in the Netherlands and Canada, having been shown by Prof. Sips and Dr. Pouwelse of Delft University's Parallel and Distributed Systems research group (pdf) to have failed to do their homework, but are still operating in the USA. The materials were submitted in connection with a motion to compel Ms. Lindor's son, who lives 4 miles away from her, to turn over his computer and music listening devices to the RIAA. Both Ms. Lindor's attorney (pdf) and Ms. Lindor's son's attorney (pdf) have objected to the introduction of these materials, but Dr. Jacobson's document production and deposition are scheduled for January and February, and we would love to get the tech community's ideas for questions to ask, and in general your reactions, thoughts, opinions, information, and any other input you can share with us. (In case you haven't guessed, we are the attorneys for Ms. Lindor.)"
How old are you?
You see, I'm doing a research paper on how long a human can live without a brain.
It was a joke! When you give me that look it was a joke.
"What the fuck? Just... what the fuck?"
to have your soul removed?
Why?
Sometimes, life itself is sarcasm...
What steps would you take to prove that a screenshot is 'authentic'? If I doctored a screenshot to include a list of songs, how would you discover the doctoring? How would establish that the song names contained the correct songs and not something else? Are all screenshots unalterable?
Describe the process of 'proving' that someone's home computer used a given IP address at a given time. Anywhere.
"We are all geniuses when we dream"
- E.M. Cioran
...to become such an expert?
Is it true that the abbreviation RIAA really stands for"Rectal Invasion Association of America"?
#1: How much did you get for your soul from the RIAA/MPAA?
#2: I've heard Iowa is boring, but you are aware that there are other ways to get out of the state, right?
#3: Why do you hate America?
#4: Can you explain how anyone thought Sony's root kit was even remotely legal?
#5: Exactly how does your client's right to liscense their music trample my right as a consumer to listen to music I've paid for?
But this is slashdot. A slashdoter who didn't build his own computer is like a Jedi who didn't build his own lightsaber!
Why does the RIAA suck so much?
To take one for Steven Jay Page of the Bare Naked Ladies
Have you _ever_ (and I mean EVER) made a "mix" tape? Did you give it to your SO/love interest?
Steven's argument being that effectively EVERY person in the music industry has done this at one time or another, and to be punishing their customers from doing effectively the same thing is hypocritical.
Like - did you listen to the alleged data to see if it was actually a copyrighted work? Does the copyright on those works all belong to the planitiffs?
Can they verify what IP address the alleded copyrighted work was uploaded from? (Eg: did it come from a single source only?) Go back a little further; can they produce anything that verifies Ms. Lindor's computer had the IP address they uploaded from at the time in question?
"History doesn't repeat itself, but it does rhyme." Mark Twain
How do you sleep at night
A lawyer posting an "Ask Slashdot" question? Isn't that a sign of the apocalypse?
Why do you hate freedom?
I'll just use my special getting high powers one more time...
On SOVIET LIMEWIRE, PORN FINDS YOU!
How can you justify your actions when any system of ethics that isn't based on meta-physics regards the RIAA, patents and censorship as the agents of evil.
Also, how do you avoid choking on satan's cock?
and
Aren't you worried that there may actually be a hell where people like you will burn someday?
Come /.! NewYorkCountryLawyer is trying to do something good here.
Can we get serious for a minute? Please?
do you sleep at night?
It used to be that some poor sap would ask a legal question in Ask Slashdot, and he would be told to seek the advice of a real, actual attorney.
Now, we have an attorney posting an Ask Slashdot because he doesn't know how to argue his own case.
This is sad. Sad, indeed. I seriously hope that you are not actually being compensated by Ms. Lindor for this legal "work".
They don't grade fathers, but if your daughter's a stripper, you fucked up. --Chris Rock
1. What measures will be taken to safeguard the integrity of the data and the data storage devices. You don't want your property destroyed in the process of investigation.
2. Ask for extensive access to all the equipment that will be used during the investigation to verify that the said equipment may not accidently harm your devices and data.
3. Ask for a comprehensive review of all the privacy-safeguarding mechanisms that the plaintiffs have in place for the retrieved data. Further, ask for an audit of the feasibility of the privacy safeguards as well as their effectiveness in actually protecting the privacy of the data.
Any guest worker system is indistinguishable from indentured servitude.
May work over here. Prof. Sips and Dr. Pouwelse expert witness statement seems to be what anybody being sued by the RIAA would want to find. The inability to prove they were involved in actual contribution. I think if you can get an intelligent judge or at least be able to explain what their findings mean; you should be able to get alot of cases thrown out. If not then appeal until you get the right judge. It seems that they have to go on hunting expeditions to try to even build a case otherwise they are close to slander by false accusations. I may understand it wrong, but their analysis shows you can't prove if anyone was involved by using the tools they do.
I eat Karma for breakfast, lunch, and dinner. That's why I don't have any.
just wondering
Ask them why they retain the services of a company found to have conducted unlawful electronic searches of an individuals computer, to provide their evidence of infringement.
Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
What truth?
There is no dupe
I saw at least one false statement in one of the filings. It's not a lie so much as a total lack of understanding of how IP networks really work and how far they can be pushed. Combine that with the fact he's been discredited in Canada and it should make the court ask questions.
In particular the statement that he was able to determine there was no wireless router in use at the time cannot be substantiated. It is possible to have a wireless router that NATs you right back to your public IP. In fact, I've done it (with out the wireless part) at least twice for different reasons.
If I were you, I would set up a demo that shows this and rub his nose in it.
I have this friend...
Has your acting as an expert witness for the RIAA generated any income whatsoever, either directly or indirectly? Has the RIAA provided you with any non-monetary gifts or perks?
Seriously, I would ask that.
Where do you live?
You know they're planting "evidence" on those machines even as we speak. How can they prove they aren't?
1. How much does DRM lower the value of purchased content? (How can restricted content be worth as much as unrestricted content)
2. Why does the RIAA not offer a service to compete with the P2P networks? (Offering DRMed content isn't a real attempt at competing, since it is a restricted product, only a legal method of obtaining unrestricted (non-DRM-encumbered) content counts here)
3. Can they prove that each downloaded copy of the supposedly uploaded files does not have a license for the content?
1) How can a digital copy harm sales when the people downloading it weren't likely to buy the bloody album in the first place?
2) What good comes to the artists from the rabid enforcement of copyright laws through frivolous litigation?
3) Do you like George Wendt and would you eat beans with him?
Well, to what end?
Sehr geehrter Toilettenbenutzer!
* How do you prove that the contents of the "shared" folder were actually shared with third parties? (I have a "shared" folder with music on my PC, to stream to my other PCs and my stereo)
* How do you prove the "shared" folder was not created automatically by the P2P software?
* How do you prove that the user was computer savvy enough to prevent the software from creating the folder?
an RIAA 'investigator/expert person thingy' had to listen to the music to find out if it was pirated, would he then have to arrest himself, take himself to court, sue himself and fine himself? IF you invite a friend over for dinner and play music, do you have to search your friends for recording devices to make sure they dont copy your music? If you play the music do you have to send the RIAA cash for every person except yourself who listens? Is it SAFE to even 'own' music anymore? Should we simply whistle something tuneless? Is Ginger Baker going to sue me if I beat out a rhythm on my steering wheel while listening to FM radio?
You might get a better response there (i.e., less noise than /.), especially since Groklaw is about legal issues surrounding tech.
What he should have said was:
The plaintiff wants to compel $person to surrender his computer for forensic analysis. For the judge to order this, their evidence must meet $standard.
Their evidence is $evidence. How can I show, from a technical perspective, that $evidence does not satisfy $standard?
They don't grade fathers, but if your daughter's a stripper, you fucked up. --Chris Rock
My father is an attorney, and he once told me that you never ask a question you don't already know the answer to, unless the answer cannot possibly hurt you. There are a few possible answers here:
1) I don't know.
If he doesn't know, he's not an expert on MediaSentry.
2) None.
At this point you enter into evidence a copy of The Mythical Man-Month or some similar tome, and quote figures on bugs per lines of code. You have now discredited him.
3) Lots, for example...
This will go over *great* with a jury.
This guy claims that the hard drive provided must be the wrong hard drive because it doesn't show any evidence of file sharing whatsoever, and MediaSentry claims there was file sharing. Maybe it's a bug in MediaSentry.
There's no failure quite as dissatisfying as a complete and total solution to the wrong problem.
Have you thought about this long term?
Is suing your customers really a good strategy?
Has any one on this thread purchased more than 1 CD last year?
Anyone planning to purchase them in the future?
read more rants: thunt.net
Did none of you read the PDF? The expert report says that the hard drive provided to him was *not* the one used to share the files. He doesn't discuss his methodology in any detail, but it's reasonable enough. He states that, based on his analysis of the hard drive that the machine was directly connected to the internet (not via a router), which is easy enough to tell from the IP address assigned, and that it does not and did not have Kazaa (apparently the p2p program used) on it. From the other links, it sounds like they're claiming that his isn't the hard drive they wanted, from the machine they wanted, and that they're trying to get access to the sons hard drive based on that. Assuming that the expert isn't totally incompetent and/or lying, he's right. If this hard drive is from the machine that had the IP addresses in the subpoena from Verizon (he says he has access to the Verizon information, but not whether or not the IPs match up), then you have a pretty airtight dismissal - no evidence of sharing, lets go home. If they're trying to claim that the son probably brought his machine over, you're going to have to rely on legal arguments rather than technical ones. It's certainly possible that he did, but I don't know enough about the law to say whether that matters in a case like this. The case is against her, not her son, so can't you argue for dismissal on that alone? If they're claiming that you gave them some totally unrelated drive, you're going to need to document where that drive came from. I assume you have all your ducks in a row with regards to the chain of documents and evidence for that drive. If you don't, then someone screwed up along the way and someone is going to pay for it - probably your client and her family. That's not something interrogation of this witness will help you with - his analysis of the drive is probably correct. What he's saying is that he didn't find the evidence the RIAA wants on the drive, so prove that's the drive they asked for and go home.
I read the PDF report from the RIAA's expert.
Seems that he's saying that the hard drive he examined contained NO TRACE of Kazaa ever being installed, and no trace of any "shared files". He goes on to say that the hard drive appeared to be hardly used, since there were very few user-created files. The implication is that the hard drive he examined is not the hard drive that was used to share music, or that it had been completely erased at some point.
I would ask him about the possibility that the hard drive was reformatted in the process of re-installing Windows, via an normal Windows CD or especially a "restore CD". And I would also ask him if it is possible that Ms. Lindor re-installed Windows because she was having other problems with the computer, and a re-install was the simplest way to fix those problems. I would also ask him if formatting the drive and re-installing Windows is a common way to repair computers that have become unusable due to viruses and spyware. I would also ask him how common spyware and viruses are, and how a user such as Ms. Lindor would be able to fix a machine infected with spyware and/or viruses without resorting to formatting her hard drive and re-installing Windows.
Basically, reformatting the drive is a perfectly legitimate thing to do when Windows, or any operating system, becomes "unusable" due to corruption of system files by malicious software. Just because her drive is "empty" doesn't mean she is trying to hide evidence. She may have done it simply to get her computer working again.
as I understand things, under the law of the land, which is also called "fair use" provisions of the copyright act, you can have as many copies of a licensed work as you want, as long as you always hold onto The One that the license came with, and only one is in use at any one particular time.
it is my understanding that you are also permitted to keep these copies on alternative media.
the questions:
(1) so if little boopsie decides to download an MP3 of "screaming babies," for instance, because little boopsie is unable to encode her own copy, what exactly law did she break? (2) and further, exactly what evidence did RIAA and their contractors, employees, etc. who have been cutting a flaming swath across the Internet use to determine that the downloaded MP3 would not, in fact, be the copy used under the original license.
for as we all should know, you never "own" music as a customer. (3) you buy a physical carrier and a license to use that music for personal enjoyment in line with the copyright law as it exists at the time of "purchase"/license. right?
(4) so who died and made you dictator?
if this is supposed to be a new economy, how come they still want my old fashioned money?
1) What kind of heartless bastard sues a 12-year-old-girl for downloading music? ...so you've never, ever compiled, listened to, or passed on a mixed tape in your life?
2) (as elsewhere)
3) THE WORDS YOU ARE USING TO REPLY TO THESE QUESTIONS WERE INVENTED BY OTHER MEN- YOU HAVE STOLEN THEIR WORDS! SUBMIT TO YOUR OWN WRATH!
(on the more serious side)
1) What kind of unholy ritual summoned you and Jack Thompson to besiege our world?
2) Was Hitler there physically, or merely in spirit? Or some kind of spirit-body limbo state, perhaps?
(on the most serious side)
There is no serious question to ask this guy. I hope RIAA gets sued into extinction and replaced.
So when exactly do they plan on suing ME?
The expert report says two things:
- based on the ip address (of what? how was it determined), he thinks the computer wasn't connected to the internet wirelessly (i hope he's smarter than this and is just leaving out details)
- he doesn't think the harddrive they've got was one that ever had kazaa or any media files on it. IOW, its not the "right one"
My opinions are my own, and do not necessarily represent those of my employer.
Can you prove that the user was not licensed to possess the file? Does he, a neighbor, a friend or otherwise own a license? Was this license temporarly used on this computer? if so then there is always going to be a trace of the file.
For example, I own a copy of Artist A's cd. I share this CD on a P2P network so that I can play it for my friend at his house (FairUse). I then delete the file when we're done.
Nothing unethical took place in the above scenario.
Technical side. Public IP? Was it static of dynamic? Can you prove he was the possesor of the IP address at the time of the alleged use?
As for Lindor's son's computer. No way in hell should they be allowed to have access to it. Prove that that computer was ever in the house of Mr. Lindor. Plantif's aren't allowed to go on wild goose chases for evidence when their cases start to fall apart.
It seems to me that the RIAA has way too much to prove here. Even in civil proceedings, it's just idiotic. Can they even prove that Mr. Lindor has caused them harm?
All they've got is someone, with a certain IP, may have downloaded a file that they may not have had a license for. There's a lot of maybes there.
More technical...
Had he ever used any anonymizing software?
Could their have been a worm or a trojan causing the sharing on his computer?
****HOW EASY is it for someone to spoof an IP address through one of these services?**** (very)
Given they've already searched his harddrive... Was it a used computer? Who else had access to said computer? Was a good faith effort made to correct any unauthorized licenses?
One thing I'd ask is why with so many free email servies like gmail/yahoo/hotmail/etc where emails are stored on the web and not one's home computer (as would be the case with outlook), why does the expert find the lack of emails stored on the computer indicative of foul play (page 5 of 7 of the expert report "...The hard drive I inspected, showed little usage at all, as evidenced by the lack of user created files and e-mails ....")?
There's no place like ALT+HOME
A teenage kid at home?
Oh, and (s)he does (not) use a computer?
Ooooh, and you never bought your kid some blank (recordable) media?
Liar!
Delta-Mike November Bravo Tango
Here's one for you:
Is it possible that the defendands computer was compromised in some way by a third party without their knowledge, and that the third party was the one who put the music on the computer and set it up to be shared?
I was at my brothers house over the xmas weekend and he was complaining about odd behavior on his Windows PC. The mouse simply stopped functioning properly in a number of applications, etc. He's on a DSL line but behind a router/firewall, with a software-based firewall and virus scanner installed. I decided to do a thorough check myself, however, and discovered that there was a directory containing over 2 gigabytes of porn that he knew nothing about. It was quite obvious that some sort of malicious software had made it onto his PCand turned it into some sort of porn file server, probably for some P2P network. Now my brother is no Windows expert but he's fairly savvy technically (college grad with a computer science major, MBA from a well respected business school). If he couldn't detect this going on with his own computer then how could a computer-illiterite person be expected to?
Is the RIAA just going to start asking anyone that has been to Ms. Lindors home within a specified time to hand over their computers so they can check to see if they were the ones that they are looking for?
Why do you hate pirates? They need to feed their families too.
How much of the money RIAA claims goes back to artists who created the music?
If I sample parts of a song (http://en.wikipedia.org/wiki/Sampling_(music)) and store them on my computer is just the proximity and how they are played that make it a crime? If I sample a song say at the packet level over a p2p network and then store them together is that a crime? If I sample them separately and store them together is that a crime? It is kind of like a man standing on a street corner pulling one hair out at a time and asking "Am I bald yet?" I am sure the RIAA would not want to destroy a music industry like RAP just to stop sampling. I think that just because proximity of my samples is next to each other should not mean that I have committed a crime it should be called compression.
Jacobson's company, "Palisade Systems" uses the risk of RIAA lawsuits as a selling point in pushing their spy software on universities. Clearly, the more successful RIAA lawsuits, the stronger this selling point.
l e.pdf (see page 8: "Security and Legal Risk")
http://www.palisadesys.com/documents/RABasicExamp
Jacobson appears to be working all sides of this for profit and reputation. He works in academia with a specialty of network security, sells network spy software to universities, and helps prop up the monitoring regimes through his "expert testimony" in the courts.
I would look for a basis to exclude Jacobson based on his financial interest in the outcome of the case.
I'd start by attacking his credibility. As you know, if you can prove he is not the expert he purports, he will be of no use to the RIAA. Read over every last document with his name on it. Find every last mistake he's ever publicly made. Get him to either support (with ridiculously flimsy "evidence") or retract those statements. If you can find enough ridiculous statements that are related to the case in any way for him to defend, you've won this stage of the battle.
(Obviously if it's not related to the case, you can't ask about it. But I'm sure something like "You wrote X about filesharing, yet several other experts disagree on your position. Can you explain to the court why that is?" would be fine.)
Just a start...
Wouldn't it be interesting if the RIAA's lawyers posted this "Ask Slashdot" question to gain two things:
(1) get feedback to tighten up their expert report
(2) prove that Ms. Lindor's attorneys are technically incompetent by bringing up this post in court.
That would be very interesting indeed.
What difference does it make to just rent a CD from the library for a really long time, get bored with it, and get over it, compared to doing the same by downloading? You're still getting your hands on the CONTENT for FREE.. goddammit.
... but you probably shouldn't:
Isn't your client's stupid business model costing him far more money than the file sharing is?
Stuff that might actually be useful to ask:
- As someone else said, how do you prove that the screen shots have not been altered?
- If the screen shots are backed up with packet captures, how do you prove that those were not altered?
- Given that both IP and MAC addresses can be spoofed, how do you prove that the defendant's computer was actually the source of the packets?
- Given that the titles of stuff on a file sharing network may have no relationship to the contents of the file, how do you prove that the file actually contained material copyrighted by the plaintiff?
- Each song that the plaintiff says that the defendant illegally shared/distributed was not actually written or recorded by the plaintiff, but by an artist. The copyrights were assigned to the plaintiff as part of a contract with the artist. For each song, prove that the plaintiff has valid control of the copyright by having met all the terms of the contract with the artist.
I really like this last one. If the RIAA has been stiffing the artists on their royalties or with funny accounting, they're going to have to run the funny accounting past a judge, and justify why they get to sue for copyrights where they are ripping off the artists. Even if they can give an accounting that passes the laugh test, it enormously increases their workload in the case.
Your first question really outlines the problem with this litigation. The RIAA doesn't go after people for downloading a song here and there--they go after people with a few hundred, for the most part, because it's likely that they don't own CDs of all or even most of them.
Beyond that, anyone who gets caught should consider the costs of litigation and potentially losing vs. going out immediately and buying the CDs containing all the downloaded works. However, you still have to contend the with 'illegal distribution' aspect. Which is why, in turn, the suits are for sharing files and not simply for downloading them. It's the "to peer" part of p2p that gives the RIAA some apparent legal traction here. They wouldn't engage in widespread litigation if these were FTP directories or some one-way or half-duplex software client--they'd shut down the hosts and be done with it.
Item 5 is too vague, I can set my router to say whatever IPs I want, good net citizen doesn't do this but non-reputable... IP addresses are not.
Item 6 is simply a fishing expedition, IANAL but last time I checked this is legal but HIGHLY contestable. The rest of the content isn't very good as it's akin to saying that since *you* own a gun you may know who shot someone else *ANYWHERE IN THE WORLD* with a gun.
Item 7 isn't that good either but it *does* show that the person in question is related to the person there.
All in all I'd say what you have to overcome is the CSI/Law and Order effect of IPs being traced like a phone call to the exact address because that's what you're up against.
Also what are they using to take these screenshots, did they have a warrant (RIAA tends to forget they're NOT law enforcement). "We use encryption" is not a valid answer for that as both MD5 and SHA-1; standard hashing functions used to prove that data has not been tampered with have BOTH been proven to have collision domains (places where different data can have the same hash).
Ok, on to the questions. Since you didn't say the field of the
First off I'd ask about the screenshots and then if he brought out the encryption statement, I'd tear him apart on that, Stealing the Network: How to own the box, (a great book on network security, stories are fictional but the technology is VERY real), has some great layman's explanations for this. If they say it's proprietary then you can tear that apart with enough ammo for NSA people and such. (no one rolls their own crypto it's just too hard, just because *you* can't break it means absolutely nothing, CSS, Apple DRM, Comcast crypto anyone?)
Then I'd ask how they got the numbers for the values of their songs and I'd then rip apart the logic on that as I heard it's something like 730 a song, so then that means that a Vanilla Ice song makes as much money as something from The Game.
Then I'd ask about the full enforcement of the copyright laws and then if they felt exceptions should be given, and demand a yes or no from them. Then point out that the children of the CEO of Time Warner stole music and just leave it at that.
That's all I could come up with in five minutes. I tend to equate the RIAA lawyers to humans (but not *AS* humans) in two words "Mostly Harmless".
"Chinese Amazons, power armor, laser swords.... things just meant to be." - Shampoo, A Very Scary Bet
1. Where do you live?
2. Do you own any guns?
/Yeah, I'm kidding.
// As far as you know
"...the fair use of a copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified by that section, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." At what point has a crime been committed? The RIAA seems to think downloading something is a crime. What if you downloaded a file and then deleted it? Has a crime been committed? As pertains to 'fair use' - what if you're doing research? Say...research for a music history class, or production research? Seems to me that would fall under the NOT an infringement category. Not only that, but how can they prove the file you downloaded was actually a copyrighted song and not some file named the same? Furthermore, if the RIAA is getting into people's systems to poke around, that's a bigger crime, no? If you can back up software, than why not music? It's not specifically denied in the copyright laws, as far as I can tell. And if you can make a legal backup copy, I assert that you can choose the medium for that backup, i.e. an HDD, or a burned copy. Damn the man, fight the power.
You do know that the original line in the Shakespeare play was said by a thug of a murderous tyrant, right?
Please, for the good of Humanity, vote Obama.
Have you ever illegally downloaded any music online? Have you ever illegally copied music or had someone else illegally copy said music for you? (e.g. copying a CD, cassette tape, LP, etc.)
(I'm pretty sure the answer is yes since most of us have done this as kids.)
If so, why do you view it as wrong now compared to then?
On initial analysis, the gentleman does appear to be qualified to render "expert testimony". I assume that his bona fides are in order. The fact that jurisdictions outside the US don't acknowledge his expertise is irrelevant - this gentleman's qualifications appear (unfortunately) to be impeccable.
Many of my associates here on /. to the contrary, the plaintiff will probably have little to no difficulty establishing whether or not the suspect computer in this case was using the IP address from which the plaintiff alleges the copyright infringement took place. Likewise, based on the ISP records, the plaintiff will probably have little difficulty proving that their record of the shared content as identified from the plaintiff's computer is an accurate and correct representation of that IP address' activity. Attacking the accuracy of their data (showing a computer at the defendant's IP address was sharing files via P2P technology) will probably likewise prove unproductive; and as I'm sure you're aware, making allegations of misconduct without evidence on your part to support your allegations could be very bad for your professional situation. To my /. fellows, remember that this is a civil case - the standard is not "proof beyond a reasonable doubt" but rather "a preponderance of evidence". With that end in view, rather than attacking the assertion that illegal file sharing took place from that IP address you should try to establish whether or not Ms. Lindor's computer contains evidence of this illicit activity.
While Ms. Lindor has been named as the defendant, I would suspect that the plaintiff's case hinges not on alleging that Ms. Lindor actually performed the acts in question, but rather that by providing internet connectivity and/or computer equipment which was used to ostensibly perform this act, Ms. Lindor is liable for damages caused by this act. However, the plaintiff's entire case rests on proving that the physical connection used to perform this act terminates with Ms. Lindor's residence and computing equipment (areas under her control). You should have little difficulty finding your own expert in the IT field, one who can demonstrate ideas such as MAC and IP address spoofing to gain illicit access to a network. Your expert should also be able to establish that (barring an extremely involved investigation which did not take place at the time) these items, while intended to be unique to a single computer connected at a single point to the network, are in fact easily forged. It should then prove trivial to explain why these items can not be used to positively and uniquely identify Ms. Lindor's computer and network connection.
Finally, you might consider analyzing the state of Ms. Lindor's equipment. If she was using any version of wireless networking, that would imply an even greater likelihood that the acts in question were performed with neither the knowledge or consent of Ms. Lindor. Insecurity in wireless networks has been a problem practically since their inception; and while Ms. Lindor may still have some liability (much like the registered owner of an automobile may be liable for damages caused by a thief who stole that automobile), this may be a factor in mitigation or extenuation of the alleged infringement.
Incidentally, you should ensure that UMG is fully aware of what the news will make of all this after a verdict is rendered. "Single mother loses home, life savings to music industry" would make a great headline, and I'm sure you could find more than a few sympathetic journalists to write an appropriately scathing article to go with it. As you're well aware, the courts aren't the only courts in this country; the court of public opinion can be a monstrous thing to those unwary enough to stand in its path!
And do they pay more than your full time job as a professor?
Q: How many times can you slam your own dick in a car door?
Go ahead - no, I'll count for you...
then how can be assured the IP address, assigned to the computer where the alleged infringement occured, was indeed a public internet one, and not one normally associated with a NAT routing device?
Blogging because I can...
That is going against the "free warze" agenda here.
What next, someone pointing out that stuff like "they are teaching children it is wrong to share" is flawed as well?
- quote -
.
.
.
_ lindor_061226jacobsondeclaration
4. In connection with my analysis, I have reviewed all of the underlying investigative data for this case, including all of the data supplied by MediaSentry. I have also reviewed the information supplied by the defendant's Internet provider, Verizon Internet Service. In particular, I considered the following:
5. Based upon my review of the foregoing materials, as well as on my education and experience, it is my opinion and belief that defendent's computer had a public Internet Protocol ("IP") address and was not connected to the Internet via a wireless router. I base this on the data mentioned above, as well as on the registry entries recovered from the computer and the fact that there was no internal IP address here. Based on how IP addresses are assigned, it is not difficult to determine whether a computer was connected to the Internet via wireless router. This computer was not.
6. In addition, it is my opinion and belief, based on my education and experience and on the data recovered from the data recovered from the hard drive that I revieved, that this hard drive was not the same hard drive that was used to sharte copyrighted sound recordings as shown by the MediaSentry material.
- unquote -
http://www.ilrweb.com/viewILRPDF.asp?filename=umg
01. What data, you found no data on the HD indicative of Kazza filesharing.
02. What bearing on the case does a wireless connection make.
03. Is it technically possible to detect from the ISP, when connected through a wireless router.
04. Where was this detecting done.
04. Where does MediaSentry come into the picture.
05. What logs and where.
06. Since you have the ISPs logs why are they not sufficent to show file sharing.
07. Where is this other alleged HD alleged to be residing.
08. You claim you found the CV of Gustave Lindor on the 'clean' HD. Why would he leave his CV on an incriminating machine. What possible legal bearing does his residence have on the case.
davecb5620@gmail.com
Why haven't you fucking killed youselves yet fucktards? We don't need your shit anymore.
Unless the IP address is static, it's given out from a pool of said addresses by the ISP. Given that people are given out these addresses like library books (in that it's revolving from a pool of stuff), anybody who had that address could've been the one who downloaded files via kazaa. How easy is it to set your IP address manually? (of course the answer is "it's easy to set it manually.") Let's say that little Johnny decides to find out what his IP address is, can he do that? (IPCONFIG at command prompt) Can Johnny see what IP addresses are available by hitting them with some kind of a command? (a nice series of PING commands will do just fine) So if Johnny can manually set his IP address, and can find out what addresses are available, why couldn't he decide to change it, download some files, and then change his IP address to something else? The really good question is "What are you using to identify a specific computer ASIDE from the IP address?"
5) it is his belief this computer was connected to the internet with a valid public IP address _based on data recovered from the computer's registry_
.. unless you count a resume.
.. quickly. ... that'll be US$4000.00 please
6) this is the not same hard drive used to share copyrighted sound recordings. The hard drive displayed a "lack of user created files"
7) yet the disk did manage to contain a resume (generally, that's a user created file).
Doesn't seem like they know a whole lot and are just fishing. They have a computer IP address that was involved in file sharing, and (I'm assuming) Verizon's logs show it to be Ms Lindon's IP at the time. They have a hard drive image (how was that obtained, btw? legally?) that wasn't used to share files, in fact wasn't used for much of anything
If Ms Lindon has a wireless router, they'll never find the hard drive of the computer actually used. If they manage to confiscate a computer just on a fishing trip, some laws need to be changed
(1) If a wireless network is being used can you prove any supposed infringing activity was originated by the defendant and not a hacker with close proximity?
(2) Can you prove that any supposed infringing activity identified by IP address was not "spoofed" by a hacker to obscure origin and evade detecton?
(3) Can you prove that any supposed infringing activity was not initiated and controlled by an unknown party using one of the many documented flaws in the Windows operating system, completely out of the control and without knowlede of the defendant.
(4) Even if you can prove the defendants computer was the actual computer that performed the supposed infringing activity, with the well know security problems known to be in Windows, can you prove (as related to item #3) that the defendant was involved?
(5) Can you get records from the user's ISP that are assured to be accurate under penalty of purjury that show, unambiguosly that the user's MAC address is mapped to the TCP/IP address at the supposed time of infringement? (I.E. will someone at the ISP risk jail time for purjury on the reliability of the records? Especially when you say you intend to prove that they can't be, the ISP will run and hide and eliminate that avenue.)
(6) Can you prove that any infringing material suppossidly found on the user's machine was put there by the user?
(7) Was there "independent" monitoring of the inspection to insure that RIAA was not putting any infringing material in the computer in the first place, i.e. was the defendant represented and protected?
(8) What laws did you violate in your investigation?
Why do music CDs cost more than movie DVDs?
Music isn't harder to make than movies, especially when you consider that almost all movies have a soundtrack. A movie is film plus music, almost always.
Why does something that's obviously smaller in every measurable way (less work to make, less data on the finished product, etc.) - cost more?
Weaselmancer
rediculous.
Dear Slashdot,
Although I went to law school, I have no idea what "discovery" or "cross-examination" are. Since many of your readers installed Ubuntu on a computer, they are obviously qualified to try my case for me.
Could someone out there do my job for me, please?
So, from what I understand:
1> The RIAA somehow used a file on Kazaa to track the fact that someone at the IP address supposedly used by someone at Ms. Lindor's house.
2> The RIAA has searched Ms. Lindor's drives, finding some evidence of Kazaa... and yet they want to search the hard drives of her son, who is presumably an adult at this point who does not live at the same address.
What probable cause reason do they have to suspect the son, as opposed to everyone else who has been through the home, or even those who may have accessed any possible wireless network they may have in the house?
It may be worth asking the RIAA whether they have knowledge of everyone else who has been in, staying at, or invited to the residence over the past few years, and whether they were also investigated. Likewise, why is the son's home computer necessarily more of a suspect than, say, the father's work computer, the mother's work computer, any laptops the family or their friends may have access to, etc.
Also, ask the RIAA whether they have established the fact that the family does not or did not have wireless networking in the home at the time of the alleged offense. If the family could've had wireless networking in the house, then any of their neighbors could just as reasonably have had access to their network / IP address, and could've used it to download music over the internet.
So, basically establish a wide, wide array of possible suspects... and then say, given all of these, why is the son being targeted? What suspects have the RIAA ruled out from the long list you've offered to them -- do they truely have any kind of reasonable suspicion of the son, or are they simply on a fishing expedition?
Also, what was the mechanism involved in the RIAA's tracking of downloads anyway? Wasn't it a bit comparable to enticement or entrapment, with the mp3s in question being a kind of bait?
Mention the existence of webpage "links" to Kazaa downloads. Indicate that these links look like a whole lot of other links on the internet. Ask the people there whether they've ever clicked on or downloaded a link, and whether each time they did so, they were 100% positive that what they downloaded or opened had a legal right to be there. Point out that there have been cases where the RIAA has questioned the right of the artists themselves to make their own songs available for download.... so how is the public to know when it is and isn't legally permissable for them to do so?
Point out how common it is for artists nowadays to make free links to download some of their works selectively available, often to promote their website and encourage people to drop by. Artists do this. Labels do this. Online music magazines do this. Online music sales companies do this.... and the public basically has no way of determining whether such downloads are legally permissible, or, whether once such tracks are legally downloaded, whether they can copy the tracks to another computer, move them to another players, share them with their friends, etc. How do we know that the person who downloaded the allegedly infringed tracks didn't suspect the tracks were legal to download?
Disclaimer: I know nothing about the issues in this case, other than what I infer from this report.
Given that he says that he does not believe the hard drive image he examined came from the drive used to do the file sharing, his comments about examining registry keys (or anything else in the image) to determine that the computer wasn't connected via wireless are completely meaningless. The registry keys are stored on the hard disk drive. If this isn't the drive that was used for the sharing, then the contents of the registry on this drive are completely irrelevant to the question of how things were configured when the sharing took place.
That he would be willing to say that the machine wasn't connected via a wireless router, or indeed anything about how it was or wasn't connected when the sharing took place, when he does not believe that the drive image he's examining came from the drive in use during the sharing, and that he doesn't even mention that the registry he's looking at isn't, by his own determination, the relevant registry, completely discredits him. With the drive contents, and therefore the registry, off the table, he has exactly ZERO evidence for the conclusion he reaches about wireless... and he surely knows that. He's deliberately contradicting himself, and that ought to be sanctionable, although I imagine it probably isn't.
Even if he turned around and said that he was wrong, and the image he's looking at was the one in use at the time of the sharing, I don't think I'd be so blithe as he is about saying "Based on how IP addresses are assigned, it is not difficult to determine whether a computer was connected to the Internet via a wireless router". There are a lot of ways to assign IP addresses, and some devices, like wireless routers, go out of their way to be "invisible" when they participate in some versions of the address assignment process.
Expert opinion is all well and good, but I'd think you'd need more than "because I say so". He should be forced to provide detailed reasoning to support his claim about wireless. I wouldn't want to reach that sort of conclusion without at least examining the alleged wireless router and its configuration, and he does not mention having access to the router. I'd also have expected him to have looked at which interface drivers were installed and active on the machine, and at whether there were any traces of its having detected wireless hardware. If he did that, he did not see fit to report it. A conclusion based on "how IP addresses are assigned" is really suspicious, and he should be forced to provide a step-by-step explanation of his reasoning about the IP address assignment process... which step-by-step explanation should be subjected to step-by-step expert critique.
Although he's probably right that any installation of file sharing software would, under realistic assumptions about who was trying to "clean up", have left a detectable trace on the drive image, it would be possible for the right sort of highly technical person to wipe out the traces he mentions looking for, as well as other traces he doesn't mention looking for. Even a relatively non-technical person could have wiped them out by completely zeroing the drive and reinstalling... the effect would have been the same as putting in a new drive from the point of view of the image he has.
Anyway, h
"Why do you think that US copyright laws apply to Russian businesses?"
I'm referring to the RIAA 1.65 Trillion dollar lawsuit against AllofMP3, of course.
Since this is the discovery phase, I'd ask plaintiff to produce documentation substantiating the validity of the copyright for each claimed infringement, along with a complaint from each rights-holder or designated representative for each instance of alleged infringement.
I'd ask for specific evidence that establishes the defendant as the perpetrator of the alleged infringements, especially evidence that excludes the possibility of defendant's computer having been used, perhaps unknowingly, by an outside party - friends, hackers, etc. The presence of an 802.11 connection could make this especially tricky. It shouldn't be too hard to come up with numerous examples of people's PCs being taken over for illegal purposes, thus decreasing the strength of the 'preponderance' that shows defendant committed alleged infringements.
I'd ask for information supporting plaintiff's allegations of damage. Given the high likelihood that all of the infringed properties are available anytime, from any internet connection, by any subscriber willing to pay $6/month to Yahoo! Music Unlimited, any claims for damages beyond $6 per month total (or, more precisely, whatever fraction of the $6 the rights-holders would actually receive from Yahoo), are obviously egregious.
...to become a witness for our side?
Someone (from the EFF?) who was debating an industry hack on F/OSS vs proprietary software suggested this as a question for any industry hack. The point is that they are paid mouthpieces, not advocates in any sense of the word, and expert witlesses are much the same.
Blasphemy is a human right. Blasphemophobia kills.
Lawyers always like to ask questions they know the answers to, and ones that compel a different perspective than one that is being presented by opposition.
Here are some that I would ask (IANAL):
1. Is spyware/malware/virii/etc commonly found on the internet today?
2. Can some malware imitate P2P activity?
3. Is reformatting the hard drive and reinstalling windows a feasible way of removing spyware?
4. Can IP addresses be changed, altered, or in any way 'spoofed'?
Given that: 1, 2, and 3 are true, it would substantiate that no human intervention might have caused this activity seen by MediaSentry, and also give reason why Mr. Raymond caused "spoilation of evidence".
And given that 4 is true, it substantiates that it might not have been anyone in this continent.
Maybe the legal staff needs a little explanation as to why these questions are *so* important and hopefully clarifying things.
1. Screenshot http://en.wikipedia.org/wiki/Screenshot
There is *no* way to prove where a screenshot came from. There is *no* audit trail, no chain of custody, no way to verify where the screenshot came from. NOTHING. Practically speaking it is *very* simple to completly fabricate screenshots. I'm not saying prosecution would do that, but very substantial doubt is easily established by asking the parent's questions.
2. Chain of custody on the PCs in question
Has the chain of custody been established and verified? Do you know the PC hasn't been tampered with by prosecution? Obviously you can't say that outright, but what they are claiming is almost impossible to verify.
3. What were prosecution's discovery techniques?
Substantial doubt can be established by punching holes in their discovery methods. Screenshots is a good example. Easily faked. Or maybe it's just a case of "the wrong man" because it's not clear who did the stealing which doesn't question the prosecution's standing as good lawyers so much. There will be many holes you can drive a bus through and slashdot is just the place to clarify/verify. I for one will be happy to volunteer if it sets some precedent. mpapetATyahoo.com.
4. Chain of custody on the files in question
It's possible that the files were transferred to them lawfully. Can prosecution establish a chain of custody on the files in question? Files on a computer is impossible to establish as fact the time/date the file was written. The opposite example is how easy it is to establish the time/date a shoplifter was in a store. A store employee would testify, "Because I saw them there" or "I caught them." There's no such analogy in file sharing.
5. Doctrine of First Sale
Check out the doctrine of first sale. That's a long-established precendence that may help you.
I'm shooting in the dark, but I want to help. I have a good server and some bandwidth, if you need a way to collect expert advice from the techies in maybe a wiki or slashdot style site let me know. It'll take a couple of days to set up. I'll do it for peanuts just to establish some precedent.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
Apologies for presumably teaching one's grandmother to suck eggs, but if this expert has been retained in every RIAA suit so far, it becomes necessary to ask what remuneration he has received for his work, and how that compares to his Iowa State U salary. There was a thread on Groklaw you might refer to, where Cravath Swain Moore sought similar financial details from one of SCO's experts, and I think there should be a transcript with the relevant citations where such information was compelled.
Similarly, one might seek to determine what his role actually is at Iowa State, and how that permits him so much time to be an expert witness - if his position is a sinecure, and he does not publish, then how expert can he be?
- Sig files: contemptibly familiar the second time around.
Since the founding reason for copyright law was to advance science and useful art, has our current copyright law passed a reasonable "limited time" given by the constitution?
Does a 50 year copyright help art and science more than a 25 year copyright?
Does a 100 year copyright help science and art more than a 50 year copyright?
Does a 500 year copyright help science and art more than a 100 year copyright?
Does the RIAA have some limit it years beyond which it will enforce its copyright monopoly less?
Or does RIAA go after duplicaton of a 40 year old song written by now dead artists the same as a song that was bought by a RIAA corporation last week? (all profit is good profit?)
If there was some reasonable limit of the copyright enforcement imposed by RIAA, then people may have a little more trust of it.
How well he sleeps at night, helping to sue single mothers, the elderly, children, and the grieving families of dead people.
So much for not asking Slashdot for legal advice :P
Well fine there is a lot of thoughts here if you find something use full good. For the rest of you please pick this a part if I am wrong (because I would like to know to).
He is a Professor of Electrical and Computer Engineering. Ask him what experience he has with software in general, electrical and computer engineering deal with the hardware not software in general. Ask him at those security conferences what he spoke about? In all likely hood it has to do with network security that is all this guy dose. He has no credential to analyze the disk image of your client. What he can and did tell you is that yes the computer was linked to the internet and yes it was possibly using the p2p client program. It dose not indicate that any copyright material was transferred to or from the computer. Actually the Wikipedia article gives a pretty clear idea of MediaSentry (http://en.wikipedia.org/wiki/MediaSentry) and the unreliability of the evidence they give.
Odd thought to MediaSentry is hired by the RIAA what integrity do they have? A good analogy would be: A Shop owner realizes that he has been robed. He hires someone to point the finger and find who did it. They look at what is there and see 10 people in the store but can not figure out who did what so they say they all involved and provided evidence to such e.g. they were all in the store and here is a photo to prove it. The shop owner goes on to sue all of them.
Now it gets better. In section/point 6 of the 'expert' report he states that this is "not the same hard drive that was used to share copyrighted sound recordings". By that no amount of analysis will show stolen files. (I found a gun in your home, it was not the one used in the murder but further investigation might show something!) Now he might be referring to the fact that the defended formatted his computer. (Think using an eraser to clean a page, this information is gone but if you look really hard you might still be able to read it) In ether case if this is true then the information he used to like the ip address of the computer would be a lie since the logs and anything else on the computer at the time of the crime would have been erased.
Next: Cleaning up the blood. As anyone hear can tell you if you have ever tried to remove Kazaa or any other file sharing program it is near impossible to do. If Kazaa was on the computer there should be some evidence unless A) it was formatted or B) you paid a vary skilled computer technician to clean it up or C) it is a different hard drive.
Last but not lest there is the who done it clause. They can show that it was his computer but can not show that it was him. On that same note if there are no loges from the system unless they have the Mac address (This is a unique id assigned to every peace of network hardware. Though in reality it is not and can be copied) from the computer they can not even say that it was that computer that was hocked up.
If it's one question; Where do you live?
If I'm allowed more; Do you own shutters?
and; Do your families believe in mercy killings?
Are there or have there ever been any operating system exploits that could allow someone to remotely connect and allow said "hacker" to upload and share copyrighted material? I know very well of one small business that had a virus that set up a hidden FTP server of French porn. Would the small business be liable in this case?
I'd ask "What rights are granted to a consumer when he/she purchases an audio recording?"
For example, is one allowed to download said album if the original copy is destroyed? If a consumer purchased a cassette, are they eligable to obtain the CD release for free? If not, why?
I've attempted to ask this several times to RIAA reps without response.
She knows it all.
http://www.groklaw.net/
Better to spoof both MAC and IP addresses - sure, there's a chance of data loss/collision/etc., but that'd be easy enough to handle, I think. When the cracker notices collisions, he merely shuts down. Yon victim sees an unremarkable (but transitory) network issue, thinks no more of it and goes on with life, fat dumb and happy!
Are there or have there ever been any operating system exploits that could allow someone to remotely connect and allow said "hacker" to quietly upload and share copyrighted material? I know very well of one small business that had a virus that set up a hidden FTP server of French porn. Would the small business be liable in this case?
IANAL, but here's what I'd ask:
1) Your 'expert' testimony has been discredited numerous times in other jurisdictions. Why do you believe it will stand up in this jurisdiction?
2) You state that the hard drive you examined contained no traces of file-sharing software or infringing files. Does this not warrant that the case against Mrs. Lindor be dismissed?
3) Are you aware that your actions are harming your case against the Lindors?
4) Are you aware that you are leaving yourselves open to a countersuit on the grounds of malicious prosecution?
Patrolling ftw
What is your IP address and can I have your computer now?
Okay, okay, getting serious now.
If the evidence he says he has (log files, screenshots and what-naught) are real (meaning he has them) how can you prove that those logs/evidence are real?
If the Computer was behind a router (as he mentioned) how did you obtain a screenshot of the person's harddrive as the computer involved is said piracy, would have had no direct IP address for you to refernce it. No reference, no access to computer. No access to computer, no screen shot.
No matter how good the logs, unless you have a copy of the TCP/IP packets that were involved in the piracy and am able to put them together on a computer to form the pirated song, you can't tell that that data that was transferred was the actual said MP3 and not the regular tcp/ip communication data that happens regularly on an Windows OS. So... Do you have a copy of said packets?
just because verizion replied to the subpeona, doesn't mean a crime has been done. Why was this submitted as evidence that the defendant has done something?
If I know of an IP address, even I can do a tracert command on it. And the trace command only stops reports as the IP of the internet (ip addres of the router), how can you prove that said trace logs are accurate and can connect the action (if any existed) are linked to his computer?
And lastly, and seriously, what is your IP address and can I have your computer now? Because if I have just that, I can provide all the same evidence you provided, assuming, of course, you actually have them and have gotten them through legal means. (because there's no way via the TCP/IP protocol you could have accessed someone's computer directly and have gotten an image of the defendant's computer unless you have done one or all of the following: a) gotten physical access before b) somehow gotten the user to open a connection in which you had full, unrestrian access to the hard drive, usually done by tricking the defendant or installing rootkits/malware c)Some how gotten his username and password into his computer, aka more hacking.)
All the evidence he's given so far, and even his statements, says he has no evidence to prove that his computer was the one that done the crime. If we can subpeona anyone because we think, grab what little we know about the person, and throw wild allegations around, then we can subpeona *anyone* (yes, that includes your son/daughter/spouse/friends. And hence we can subpeona you because you have a connection to them.) Hey, I think it's great that someone is asking for a broad opinion as well as asking for input from a tech community. Keep up the good work guys.
please... let me sleep... a little more... yay, no longer annonmyous coward.
Could someone else have done it?
Could you frame someone? There are things like IP spoofing. Could someone have spoofed your client's IP address?
Could the computer have been a zombie (taken over by a hacker) and forced to share via P2P? (Hacker motivation: seeks more zombies, pollutes P2P network with zombie software and real software to gain credibility)
If the client has a wireless network, could the neighbors or a hacker who went war driving have downloaded the songs via wireless.
Is the computer owner responsible for all actions of anyone who used the computer? Did other people have accesses to the computer that could have installed kazaa and downloaded the songs?
Can you tell which user was logged in when kazaa was active? Do all users use the same account? (Administrator?) How many people had access to that account? Guests, friends, visitors?
Does the client have DHCP enabled? or is it a static IP address? Could other users on the same network (same ISP, different household) as the client get the same IP address via DHCP or statically set it and use their IP address when the client's computer is off?
Good luck!
Firstly, when is "more cowbell" too much?
Secondly, how many notes are too many?
Thank you, I await your informed response.
Eve Fairbanks says I drive a hybrid!LOL
the above poster has given us a solid, coherent, on point reply, please reward him appropriately.
every day http://en.wikipedia.org/wiki/Special:Random
Here is a simple demonstration that can give concrete examples of how IP address does NOT equal person.
1) Buy a broadband router (LinkSys or whatever).
2) Take the router and plug it into the network in the courthouse. Every modern courthouse has an internet connection. (The clerk next to the judge likely has a PC with a connection)
3) Take your laptop and wirelessly connect to the router.
4) Goto: www.whatismyip.com to show everyone what your (public) IP address is.
5) Now, goto http://www.dnsstuff.com/ and lookup that IP. Since it's a govt issued IP it will likely say that under the whois.
6) Now, using whatever p2p app they say was used, go find that same music (or similarly infringing material) and download it. Right in front of the judge. When it's complete offer the judge your services in defense of copyright infringement.
1 caveat: they might be "blocking" that app from the courthouse; not likely though. The idea is just to show the judge, before his very eyes, that you can infringe copyright in that very courtroom and FRAME him for it!
Now offer to the judge that, especially since they claim the hard drive they received is not the one they expected, it is entirely possible that someone stole your client's (specifically omit wireless) connection, just like you did today in the courthouse. Maybe when the RIAA comes looking, this time they will come looking for the judges PC and not yours.
Wireless routers, for simplicity of setup, NEVER secure the wireless connection. No WEP key is required and there is no MAC filtering. This is default, out-of-the-box behavior straight from bestbuy. It's TRIVIAL to borrow someone else's connection and cause trouble. It isn't even always MALICIOUS! Your neighbor could accidentally connect to the wrong router (Many brands comes out of the box with an identical network name). Seeing is believing -- show them how easy it is.
Obviously, we know several things:
* Screenshots are unreliable. They're easy to fake. I suggest you have a few fakes on hand.
* Thus, the chain of evidence *IS* the evidence and the only evidence. Make sure you know EVERY detail about it.
* You can't really prove which person was at the computer without something else to corroborate it, only the owner of the computer.
These are the biggest apparent gaps. You need to know everything about them and to dump as much as you can into the public record for us. You also need to document all the "I don't know" answers, because those will be the ones where you might hurt them the most.
Therefore, you should question him in detail on at least the following points:
* How are the screenshots taken. Who has access to them? What's the chain of evidence? How and where are all of these things stored? Are they stored in a secure manner? How would you know if they were altered?
- Make doctored screenshots. Have him "authenticate" the fakes. Bonus points if you do this in front of the jury. Double bonus if the infringing IP is that of riaa.com, sony.com or similar. WARNING: This is a public site. He may VERY well be reading this.
* Describe, in detail, the exact process by which you find those allegedly infringing upon your copyrights. Be methodical. You want to know the exact version of the OS they're running (not just "win XP" or "various"). You want to know EVERY program they use, even if it's MS Paint. You want them to produce the source code of any custom programs for analysis by outside experts. You want to know about any known flaws. You want to see any and all release or design notes, ESPECIALLY any bugs, source/versioning control, changelogs, etc. You want to know which exact version of their custom program found the infringement for this case. That does NOT let them off the hook on letting you examine prior versions or newer versions--old bugs DO stick around even when they've been "fixed" and you need to see both newer and older versions. I.E. if the bug has been fixed twice, you know it was there in the interim. Yes, they may put out protective orders and whatnot, but the more information about this you can get into the public record, the more they'll squirm and the more we'll reveal the sloppiness they're hiding. And I know they have things to hide, unless they're so clueless as not to know their own weaknesses. You can work both alternatives to your advantage.
* Describe how the ISP identifies the person associated with the IP. You may actually have to subpoena the ISP on this point, I suspect they'll just produce the letter and say that that's sufficient. It's not. We both know that even if the IP belonged to a computer using their internet service, they don't have any idea who's at the screen at any given time, only which account is active. And even this may be unreliable. You NEED to get every last detail about how they log the IPs leased out, how they associate them with their customers, where the data is stored, how long it is stored for, who has access to it, on what computers it's stored, how reliable those computers are (e.g. any records of maintenance, program changes or downtime), etc. You're the lawyer here. You know better than I how important being methodical in discovery is, and every detail may be significant. I suspect they'll have trouble producing everything. Records may not exist for some things, but this is also important--every gap is a gap in their chain of evidence. It takes only one broken link to destroy a chain... Get EVERY detail you can from this into the record and make sure it gets sealed or redacted as little as possible. All these details about software, hardware, and the human processes that work with them are of vital importance to us for technical analysis, just like case law, venue and precedents are to your case. Even the programs they don't use directly, like antivirus or firewall software may be important, not to mention the topology of thei
If the PDF document from Dr. Jacobson is all you have to worry about, you're in good shape. He specifically says that the hard drive he examined was not the one involved in the relevant file sharing. They don't have direct proof that the copyrighted works were ever really in the possession of the defendant. All they've got is traffic analysis from Verizon. To link that to the defendant's computer, they are relying on data from the hard drive (registry entries, etc). Some guest could have jacked a laptop into the defendant's internet connection for a while and done the sharing for all we know.
Presumably they do have the IP address which was involved in sharing linked to a MAC address but that doesn't prove anything, especially if Verizon validates connections by MAC address. Some ISPs do that but I'm not familiar with Verizon's practice. A number of consumer devices allow you to either "clone" or even enter any MAC address you want so you can fool your ISP into thinking that the device is actually the computer which you registered with that ISP. LinkSys broadband routers are one example of such a device. Dr. Jacobson's declaration makes it look like the computer which was using the hard drive he examined was not using such a device but so what? We know that that hard drive wasn't the one involved in sharing the file(s) anyway. The computer that was actually doing the sharing could have been behind any kind of NAT device, wireless router, etc.
I think that knowledge of MAC address spoofing is particularly relevant to this case, especially the easy way, using a device like a LinkSys router. You can also do it by hacking a Linux or BSD kernel but that's beyond the abilities of most people. You could also point out the possibility that someone could have stolen the defendant's IP address for a while using a technique such as ARP poisoning but that's a bit of a stretch.
In this new digital age...
What are you for? What purpose do you serve?
A band with a PC and a little extra equipment (which they can also borrow) can publish music to the world online. CDs can be produced cheaply, independent from Record labels. Marketing can be done by someone skilled at online marketing (something FOR SURE no record label has the talent to do). Concerts are booked by the bands manager, who can handle most of the other distribution tasks and hire and delegate where appropriate.
So again, I ask you; what are you for?
Ask him why a Record Exec's kids get a 'stern talking to' when caught while your defendant's kids get sued for *ALLEGEDLY* doing the same thing..
Stick to the fundamentals...
How does that RIAA know that a given computer was under the sole control of the current owner? A badly secured Windows PC may be under control of somebody a thousand miles away.
Or, more interestingly, "Where do you sleep at night, and are you a sound sleeper?"
This space intentionally left (almost) blank.
Point 5 in the experts paper, is that he establishes that the computer wasn't connected to the Internet via a wireless connection:
"Based on how IP addresses are assigned, it is not difficult to determine whether a computer was connected to the Internet via a wireless router."I assume this is to counter the argument that anyone could have been using the connection. It seems that from looking at a hard-drive it would be problematic to find how a computer was connected to the Internet at a specific point in the past. DHCP means nothing need be set, so I find it strange that the lack on an internal IP address would be proof against it. Ask the expert if there would be a record of an IP change on a specific date, and where that record is located.
In point 6, he mentions
"...that this hard drive was not the same hard drive that was used to share copyrighted sound recordings as shown by the MediaSentry materials"How can you be sure it's not physically the same hard-drive? Did MediaSentrys information include serial codes for the hardware? Had the hard-drive been formatted to repair a spyware-ridden Windows installation (addressed in an earlier post in this discussion). How invasive can spyware and trojans be?--Could someone externally have been using the defendants computer as a proxy if this was the case?
Perhaps the most compelling quote from the expert is
The hard drive that was provided and that I inspected, showed little usage at all, as evidenced by the lack of user created files and e-mails, and did not reveal the evidence noted above, which I believe the correct hard drive would certainly have shown.How much is enough user content? I know people who use their machine for Internet, including webmail. They don't have any office products installed, nor do they go to uni, or use the machine for work, their entire content floats around their temporary internet files directory, which can be wiped with a few clicks.
It may seem unlikely to an expert who is so engrossed in technology that he simply doesn't consider that someone might use a machine for simple leisure.
Also, what timestamps are shown for the system files, that should more accurately date the installation time, but even so, dates can be very easily changed. Keep hammering home how very malleable data is, it will help to give the defendant wiggle-room, but also make MediaSentrys information all the less solid.
Above all the specifics, ask how can MediaSentry be sure that the client was aware they were sharing files (I know people who have had horrific experiences using and getting rid of P2P programs) and that any infringement took place. How can they be positive that the files they recorded as being shared by the user had indeed been shared (transference of data), and were infact the songs they were named after (A rose by any other name...). If MediaSentry downloaded the file to check, how can they be sure others did? Especially in a world of P2P, where one downloader might get one file from a hundred sources, perhaps that if files were downloaded from the user, the user actually contributed 0 bytes.
There is such an incredible amount of doubt in anything like this. Use it to your advantage.
How can you be sure or can you prove that the content was not ripped from a bought CD or DVD? If the computer is connected to a wireless router, how can you prove or are you sure that the music wasn't put on the drive or was downloaded from an unauthorized leecher. How do you know or can you prove that the file title listed is the same song that is allegedly owned by the RIAA? Can you prove ownership of the content on the hard drive is owned by you? Do you have a certificate or document showing that you legitimately purchased the copyright? Exactly where and to whom was the content actually sent? Can you provide any log file, witness statement, or other proof that this transfer actually took place? Please provide dates and times. Exactly from where and whom was the content received? Can you provide any log file, witness statement, or other proof that this transfer actually took place? Please provide dates and times. Can you prove that any log files provided was not doctored or faked?
I know this guy and I can say without a doubt that he knows his stuff cold. I have had him as a professor and worked with him professionally. He knows exactly how networks work, how to hack them, and how to defend them. He actually has some very sweet classes and has sponsored some pretty interesting hacking projects (ie. setup a team to defend a network, setup a team to attack a network, and then say go and watch what happens).
So, the warning I would give is that it is unlikely that he will miss anything technically. All the questions I have seen related to technical problems with the RIAA arguments are pretty obvious and there is know question that he will know that those are issues as well. If you read the PDF you will see that he doesn't make any false claims as far as I can tell.
You might try asking your question on Groklaw, where there is a natural convergence of lawyers and techs.
Slashdotters tend to be long on unsupported opinion and short on facts. In court I think you will need to be long on fact and short on unsupported opinion.
Change of subject. As an engineer, I would need to know more about the facts and opinions of the expert to give any helpful suggestions. We need specific facts to give relevant observations. I am guessing you have your own team of experts to tell you this though.
Everybody knows 3 people with my name.
Nice Lexus. When did a professor's salary start paying for those?
If you were blocking sigs, you wouldn't have to read this.
"Which orifice of Satan did you spawn _from_?"
How do you arrive at your figures of "losses" from piracy? Do you assume that every song downloaded is a lost sale?
Are there other programs besides Kazaa that can connect to the Kazaa network, like the detection software used? How would you detect these programs? What if these programs had been deleted? Have you done a comprehensive study on alternative software that connects to Kazaa networks? Can you provide a comprehensive list of all the programs that have been deleted from the system? Are you able to identify the function of each of these programs? Is it plausible that a virus or malware program could connect to the kazaa network? Is the computer completely free from malware that potentially could have faked this Kazaa information? If you were given a computer filled with malware, would you be able to seperate the malware programs from the non-malware programs, much unlike Steve Ballmer and a team of his top Microsoft engineers who were unable to do so? Are you sure you could find these programs? If the son is an adult, does that not mean if there was copyright infringement, it was not the current defendant? The defendant *has* already turned over all relevant information, and there was no evidence of the defendant infringing on copyright...
I'd ask for conclusive proof that the machine(s) itself was not exploited in any way during the time period in question. Can they prove that the files in question were placed there by the defendant(s) and not a remote hacker taking advantage of a flaw in the code.
We know that a large percentage of spam is transmitted by zombie pcs. If that's possible then so is the above scenario
ACK NAK RST
Beyond that, isn't one of the characteristics of FUD generally either inaccurate or incomplete data (to create the FUD)? In this instance, complete and honest disclosure will do the job nicely, no need to be deceptive, hence no FUD. After all, plenty of news items fill me with fear, uncertainty and doubt - especially news items about the government. That doesn't make it FUD, just troubling news.
Attorneys battling the RIAA turn to the geeks and nerds of the world who know the ins and outs of most every technology.
They use the facts, logic to support those facts, proof of inconsistency and inaccuracy, and common sense to start dealing blows to the RIAA.
Next up, Microsoft and HDCP/Driver Signage, Sony and Blu-Ray (Blu-Ray Plus in particular) and 'remote activation' of Blu-Ray drives, etc.
We are in the information age now folks... and a few years will start to show the signs of how quickly information is going to be used (and misused) by all parties. The RIAA is the easy one on the block to chop, because any signs of resistance and they stick their heads into the sand.
The price is always right if someone else is paying.
First I'd use their own witness to establish a possible defense for the alleged infringement. Then I'd point out how weak the argument for claiming the hard drive he examined is not the correct one. Finally, I'd establish that there is no evidence that the hard drive they're trying to subpoena contains any evidence of infringement and portray the whole thing as a big fishing expedition. Let me walk through these 3 in a little more detail.
1. The witness claims the computer was not connected to a router because of the IP addresses he observed in the registry. The addresses you'd typically use for a home router are non-routable ip addresses like 192.168.*, 172.*, or 10.*. These are special address ranges that don't appear on the public internet. Routers use them because you can guarantee that the IP addresses assigned to computers by the router will not conflict with any other address. While it is possible to configure most routers to use a different routable address, the assumption the defendant makes is probably reasonable. However, if no router is being used as the witness claims, then the attached computer did not have the protection a router's NAT provides from outside attacks. I would grill him on this. The theory I would push is that since the computer was insecure, someone else did the infringement but used the defendant's vulnerable computer to run proxy software to hide their illegal activities. This sort of thing actually happens quite frequently. If you search, you can find lots of software for doing this. Further, proxy software isn't that difficult to write. Anyone with a good programming background could easily write one, and anyone with a good understanding of networking who wanted to do something online without it being traceable back to them would likely use this exact technique. Virus scanners already detect many of these programs, but there are many, many more that the virus scanners don't know about yet. I would get him to admit this. There are many, many ways to hide software like this, so even if you look for it and don't find it, you can never be completely sure it isn't there. That's why many experts will tell you that if a system has been compromised, the only sure way to restore it to a secure state is to wipe it and reinstall everything. There's just too many ways to hide malicious software to be sure you found everything the attacker did.
2. I'd point out the many other conclusions one could draw other than, "this must be the wrong hard drive." One possibility is the proxy explanation I gave in #1 - kazaa wouldn't be on the computer in this case. Another explanation for the lack of files on the computer is that the defendant just didn't use the computer very much. Another explanation would be that the computer recently had the hard drive formatted and the software reinstalled - I believe this is undisputed. An explanation for the lack of kazaa files is that kazaa was never there in the first place. Essentially he's saying, "I was told the person using this hard drive was using P2P software to share files. I don't find any evidence of that on this hard drive, so this must be the wrong hard drive." Another explanation is that it's the right hard drive, but that kazaa was not being used and the defendant didn't even use the computer that much. If you try to say a format and reinstall would wipe away all evidence of kazaa, he might try to claim that the forensic software he used could still detect it as not all the data gets overwritten. This is true, but to counter this, ask "Is it possible the data you were looking for could have been overwritten when the operating system was reinstalled?" His answer will be yes. "Could your forensics software detect that data after it has been overwritten by other files or when the operating system was reinstalled?" His answer will be no.
3. Finally, portray the whole thing as a fishing expedition. Ask him about how widespread the problem of illegally sharing files with kazaa is. Ask him if you randomly just
1. Who do you think you are fooling?
2. How long did you think you could get away with it?
Basing the judgment that the computer was not on a wireless router on the IP address is not only incorrect, it is a huge problem with his statements. Simply ask, is it possible to have an external IP connected to an internal wireless system and then use Network Address Translation to connect that address to the external network (internet)? Answer: no, he is wrong. Yes, his statement and opinion is flawed.
Next, why didn't he look in the registry to determine exactly what driver was active at the time, and for what type of network card was that driver for? Wouldn't this definitely determined if it was on a wireless network? Did he not know this? Again, yes, then why didn't he say that to the court? No, what good are his statements?
Finally, are the methods used to determine an infinger's IP address sound? Yes, then why doesn't this drive have the data they expect (after all, it was he who said the data was unalterable)? No, then how can they subpoena anyone using that method?
BTW, IAACFE (I am a Computer Forensics Expert)
I used to work at Doug Jacobson's company, Palisade Systems, so I know a little about his qualifications.
While he is basically an ok guy, his technical skills are very limited. He is one of those guys who knew MS-DOS forwards and backwards, and he knows a few things about networking. In fact, he has a (questionable) patent on sending TCP RST packets as a way to do an inline firewall.
But in general, he is middling associate professor whose main expertise seems to be convincing people that he is a computer expert. He is a favorite of the hometown newspapers when they need a quote about something computer related, and I'm not really surprised that he would be an expert witness for the RIAA. But if he is the best that they could find, I wouldn't be too worried!
1. Has anyone certified that MediaSentry works as claimed?
2. Was this an independent investigator/lab?
3. Were these lawsuits (current litigating) initiated by experts using MediaSentry?
4. Has the RIAA ever sued people who don't own computers? (cite examples if needed)
5. Has the RIAA ever sued people who don't have Internet connectivity (amazingly some people still don't). (again cite examples)
6. Were those lawsuits initiated by experts using MediaSentry?
I leave the rest up to your imagination.
You have enemies? Good. That means you've stood up for something, sometime in your life.
Gave me a funny mental image...
:)
Imagine serenading your love interest, and calling her out to the balcony and holding up the radio to her room, hit play, and get a "Authorization Required, please contact RIAA"
Sorry entertainment on a boring work day, my apologies
The price is always right if someone else is paying.
I beleive a year ago maybe less(maybe more)a software engineer was caught speeding, when it was his time to go to court, he argued that the software used in radar guns really didn't have any predictable margin of accuracy(e.g. windy day)and that he requested the code be audited and analyzed; anyway after 10 minutes the judge found him not guilty and let him go on his merry way, speeding cases are still being beaten on this precedent today...unless you get a strange judge that is(think good will hunting)
Anyway my point is that, if mediasentry was the application used for the collection of information being admitted as evidence in a court of law;then shoudln't an analysis of how it actually tracks activity, traffic, etc. programatically be introduced as evidence as well during the discovery phase?
Seriously, without that it's like again, going to court for a speeding ticket and the only evidence against you is that someone said they *saw* you do it, sans radar gun...but unless someone takes a hard look at how they aggregate this *data* and the courts keep on allowing the 'AA's to file civil suits on a wholesale basis...then this means squat.
Thanks Florida!!!!
If it's not the same hard drive how can you possibly claim that registry entries indicate the IP address in use at the time of infringement wasn't from a wireless router?
I think a certain ASSociate Professor has committed perjury, or the defendant has ample evidence that he is incompetant, based on his testimony in that filing...
What I see on the provided 26-page vita in the category of refereed publications are just 5 refereed journal publications between 1980 and 1990, in areas far removed from detection of filesharing activity. There is a smattering of NSF grants related to supporting students with scholarships, training of faculty, a planning grant for a center and later funding for that security center, which does not seem to have research experience on issues relevant to the issues likely to arise in a filesharing trial.
Do you know of anyone better qualified than yourself, possibly with experience developing and using filesharing tools, developing and using rootkits, spyware, and IP spoofing techiniques, who is willing to serve as the RIAA expert?
The good doctor makes some cleverly written statements that build some very false assumptions:
"ripping"
He is passively criminalizing the term. The doctrine of first sale clearly establishes this is completely within the bounds of lawful behavior. Say it loud and often, "ripping is legal!"
"When files are distributed there is a set of identifiers that are used to tie the files back to the user. These identifiers include the IP address of the client distributing the files, the name of the file, file size and the content hash. In addition there are file descriptors that provide information like the artist name, album name, and description field....
First of all, it doesn't tie anything back to anyone.
1. Is the IP address permanent? No.
2. Their PUBLIC IP address is in fact associated with their PRIVATE ip address at the time of the infringement is impossible to establish.
3. Can prosecution establish the computer cannot be under anyone else's control. As the average windows PC is easily infected. Remote desktop is quite easly enabled, I could go on.
4. The so-called identifiers are not unique in any way and can easily be changed by anyone at any time.
5. Hashes are not fingerprints. They do not uniquely and unequivicolly (sp) identify anything. I can make two completely different files that calculate the same hash.
To summarize, it's possible that there was copyright infringement, but it's impossible to establish this person did it and the files in question were actually infringed.
The only thing they have to do is produce CD's from which the songs were lawfully ripped and the doctrine of first sale protects them.
Even *if* they stored their lawfully ripped files in the so-called shared folder, They can't establish they were uploaded to other users when IP addresses are temporary and lack any verifiable association with a PC?
His document is stuffed full of half-truths that don't withstand any scrutiny whatsoever.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
I'm reading over the PDFs and typing this up as I read them, so it may seem a bi unorganized.
1) You state that because you found the resume of Gustave Lindor, Jr. on the defendants machine that this "document indicates he was living and working in Brooklyn, New York during the dates that the copyrighted music was being shared."
Point 7, Page 5 of the 'expert' report
a) How does this prove that Gustave Lindor, Jr. was using the machine and that he had not, for instance, e-mailed the resume to his mother (the defendant) for advice or recommendations of modifications to the resume.
b) How does this prove that Gustave Lindor, Jr. was actually at the machine, that the file was initially create on the machine or that Gustave Lindor, Jr. had ever touched this machine? (i.e. couldn't the file at least have been dictated)
c) Does this not mean that the case should be dropped against the defendant due to the lack of evidence found on machines that she owns?
d) How can you prove who was using the computer at the time of the alleged infringement?
2) From the 26-page curriculum vitae (I glanced over this one)
a) Are there any EE/ECE/CS courses that you did not include in this? Why?
b) Have you ever received a failing grade in any EE/ECE/CS course?
c) When was the last time you enrolled in aa EE/ECE/CS course? Course Name? Type? Grade?
d) Have any disciplinary actions ever been taken against you or have you ever been rebuked/censured (Note: no typo, I do not mean censored), by any University or Professional Organization such as the IEEE.
e) Have you ever cheated/plagarized on homework or a test?
3) What possible evidence could there be on Gustave Lindor, Jr.'s computers that would implicate the defendant in any of the charges against her? How would any evidence on Gustave Lindor, Jr.'s computers implicate the defendant and not Gustave Lindor, Jr.? How can the defendant be held responsible for any relevant activities by Gustave Lindor, Jr.?
4) What proof do you have that Gustave Lindor, Jr.'s computer was ever at the residence of the Plaintiff? Ever possessed on of the IP's in question? Has ever had KAZAA or any other file sharing program on it? etc... (I'd suggest having some fun and running with this one out of malicious mischief if nothing else)
5) How is this not harassment of the defendant and/or her family?
6) How can you positively completely 100% prove that any single computer ever possessed a specific IP address in the past?
Fly me to the moon Let me sing among those stars Let me see what spring is like On jupiter and mars
The linked PDF mentions data retrieved from various sources, but the specifics are not mentioned in the PDF itself. From what I read, he seems to claim that the computer in question was assigned the IP in question, and was not simply behind a NAT router/firewall with that IP. Since he makes no claims of attempts to find traces of MediaSentry software on the HD image, one can only assume that the IP in question was gathered by software scanning network traffic that would have been on the outside of any such router/firewall.
However, the only ways I know of to tell if an IP is assigned to a computer and not a NAT router/firewall, is to get that information directly from the computer or the router/firewall itself. Since I saw no mention of him having access to a router/firewall or logs from a router/firewall, one can only assume that he verified that the IP address was assigned to the computer based on data found on the HD image itself.
Now, if all of these assumptions are correct, the there is only one situations that can satisfy them and the claim that the HD image was clean:
The HD image contains evidence that it was being used by a computer that had the IP in question, and that image contains no traces of of file sharing activity.
Since he wants to check someone else's HD, it seems that he could not verify that the HD image given was attached to a computer using the IP in question, so I am left to wonder how he knows that the IP was not assigned to a NAT router/firewall at the time.
http://www.mhall119.com
See Magnetic force microscopy (MFM)
http://www.usenix.org/publications/library/procee
Nothing you erase is just magically "gone" unless you put *a lot* of effort into making sure it is gone. If the owner made sure that it was gone using a millitary grade wipe utility then statistically they should be able to prove that too! Even then they need proof that the owner was smart enough to be capable of performing this kind of disk wipe and a complete reinstall of the OS.
Is it possible to 'spoof' a DSL or cable connection, thus producing 'reasonable doubt' that her physical DSL or cable connection was used?
V for Vendetta: People should not be afraid of their governments. Governments should be afraid of their people.
I'd ask how he has determined that Kazaa was installed on the system. By his own testimony, see number 6 of his statement the hard drive they have was not used to share files or have any copyrighted materials on it. Isn't that sort of like saying, you stole that TV but you can't find the TV in question. How do you prove that he stole it? ________ He states that because he didn't find a private IP assigned to that PC, that it of course was not running a wireless router. Many sec. ops people will run NAT and utilize public IP addresses internally as the set aside private class 4 IP range is easily discovered. Also, a non-computer literate person could just as well assigned him/herself the IP that he was given from the internet provider and used that with a router. ________ What information provided by verizon ties a particular IP to that computer? How can he be sure that the IP found on the kazaa network was not spoofed? Or that the MAC address (if they even mention finding that) was not similarly co-oped?
Why do you hate freedom??
oh, or better yet:
please complete this sentence for me, "I hate my best customers because..."
one more...
"I deserve over 80% of the profits from the sales of other people's artistic works because...."
thanks, I'm here all week....
artists should get tech savvy, and sell their music direct to the consumer. any fly by night company can print you a couple thousand CD's a week, then just put em up on your site and use paypal or something to collect your money. better yet, why can't they make their own distribution deal with apple to offer their music on itunes? cut out all these bullshit publishers and middlemen. most of the people who pirate music anyway just dont wanna have to scour around the store or pay for a bunch of "value added" crap they don't want. just give em the music they want for a low price, and i think most people will pay it.
sometimes, i wonder if i'm the only conservative on teh intarweb. ah well, back to mah hogs and warmongerin'....
It does not appear to be mentioned but ethically I think you need to ask your clients if they in fact were infringing copyright. If so then you need to negotiate a fair settlement. Every one here seems to assume they are guilty and are trying to make a legal excuse or loophole for them to get off on a technicality. If they did the crime they need to suffer the consequences. All of that aside. Lets assume they are innocent. Who had access to the computers that may have shared the files. Are there any malware type programs on the system that would allow remote access and the subsequent infringement was caused by an outsider. Lastly is there publicly available access to the home network. That is where you need to attack the problem. If your clients have evidence on their computers that could prove their innocence then by all means turn it over. The RIAA's experts may be more experienced than yours at tracking down the real offenders any ways.
On average, how many babies do you consume in a week?
"How many roads must a man walk down?"
Frog blast the vent core.
knohow can you stand to look at yourself in the mirror every morning?
The Real Issue is... what you actually bought when you first started buying music so long ago. You bought a LICENSE to listen to a recording. You didn't buy the recording, the music on the recording, or even the magnetic or optical field that was imprinted on the medium. You only own the medium. Possession of the medium with the original recording constitutes possession of a LICENSE to listen to it in a non-commercial sense. This position (that you don't OWN your copy of the music - to do with as you please) brings problems to the RIAA.
When we transcript a recording to a different medium, it may not be possible to tell if we own the original medium, or in other words, whether we own a LICENSE to listen to it. All copyrighted material works like this, but thus far the pirating of music and movies has seen most of the action.
A real issue arises when we ask if possession of a DAMAGED original recording and a complete, undamaged (digital or otherwise) copy constitutes possession of a license or theft. I personally have bought Electric Ladyland three times and my latest CD is scratched beyond repair. I am interested to ask what steps the RIAA is taking to address the issue of medium-degradation and whether a copyright licensee can obtain a new copy of a product that he already owns a license for. I never bought a copy of Electric Ladyland - I bought a license. Additionally, almost nothing has ever been said about the sound quality associated with a license. The RIAA wants it both ways. Legally, this is not consistent.
FOR YOUR CLIENT: An issue with whether the RIAA can prove that your client does not own and has never owned original recordings of what he is alleged to have stolen. After all, he never owned any of these files, they have to prove that he did not have a license to listen to it.
I would make sure that that computer continues to operate efficiently. I would erase things that I don't need in order
to free up space, I would defragment the hard drive, and I would run Eraser to clean the unused portions of my hard drive
from any flotsam that could gum up the works. This would have nothing at all to do with any of this RIAA or court stuff,
it would be routine maintenance of my everyday working computer.
http://www.tolvanen.com/eraser/
I use Eraser every day, like brushing my teeth. Make it part of your daily routine.
IANAL, etc.
Even though the expert's CV is extremely padded with unrelevant crap, he is adequately qualified to testify on this topic. It'd be useless to try and somehow discredit him on his credentials. That said, you could briefly ask why he felt it was important to include "equipment grants" in his cv, but that'd probably waste the court's time. Given that their expert has good credentials, you could try and prove he is a biased expert given that he is employed by the police. This bias shows up in the report.
Regarding the expert's report, attack both his methods and the subjective conclusions he's made. To compile the report, the expert used two sources of data: Mediasentry, and a physical examination. As we can see in Dr. Sips article, Mediasentry is a simplistic program that does not produce accurate results. Ask the witness how familiar he is with the inner workings of Mediasentry, was he an original designer, has he read the source code, what are its limitations, how accurate is the data it produces, can the data be faked, does the data even prove that someone was sharing copyrighten material, etc. If he doesn't know any of that, how can he make any conclusions regarding the data it provides? Read Dr. Sips article and the other comments above regarding the technical limitations of Mediasentry, and the problems with evidence regarding P2P and internet analysis in general. Given these overwhelming issues, I would personally conclude that Mediasentry is providing inaccurate data, and should NOT be used to form any conclusions regarding guilt.
Now here is the important part: the physical examination didn't find ANY evidence of filesharing. If MediaSentry is very unreliable, and the physical examination produced no evidence, the RIAA has no case! They realize this and so they go on a fishing expedition as a last resort. In the last part of the report, the expert, out of nowhere, somehow tries to link the case to the defendants son. Lucky for the defendant, they also do this in the weakest way possible: they say they found one of his files on the computer. Does this prove anything? Of course not, it merely means the son used her computer at some point to write his resume or that he sent her a copy. The expert also mentions that her son was living in the city at the time the filesharing took place, as if this is evidence of guilt. I think you can see the problem with that. The judge should strike point 7 as completely irrelevant and immaterial.
This last point also shows the expert's bias in that he includes a reference to a single immaterial file in his report to try and further the RIAAs case. Why include that file and not others? Her own resume or perhaps a cooking recipe would be just as material. This conduct makes the witness' entire testimony suspect.
Finally, why was this expert looking at the contents of this file in the first place? A document file, clearly labeled as a resume, is hardly a suspect for copywritten material. After opening this file, and seeing that it was a resume, why would the expert continue to read the personal information included in the file? He is clearly violating the defendents privacy by reading her personal files.
Please realize that I've formed my analysis on the information and evidence you provided in your post. I have not read the other material presented in this case.
Good luck,
James Dalton
I suggest starting with the basics. Destroy the foundation and the "house of cards" falls. 1) Is this guy a licensed Private Investigator/Detective? Such a License is not indicated on his CV. In every state I have looked at there is a requirement that a person be a licensed PI before conducting any type of "Investigation", unless the person is a law enforcement officer in the course of his "official duties". In my state there are criminal penalties for doing so. In Iowa it is a "serious misdemeanor" according to IA state code. http://www.dps.state.ia.us/asd/pi_licensing.shtml Being a CFCE does not automatically authorize him to conduct investigations. 2) He indicated that he works with the Iowa State University Police Department.. is he sworn or civilian? What is that agencies policy concerning outside employment involving investigations? Most agencies prohibit this as there is a possibility of a conflict of interest and the danger that 'Official' resources may be used in conducting the investigation. His CV indicates he is a "Computer Forensics Analyst" for ISU Police. 3) Subpoena the University and it's police department for the answers to these questions and for copies of the general orders or operating procedures, depending on the terminology used by the entities. Amoung other things it should define outside employement and any requirements or prohibitions. 4) Contact the Iowa Department of Public Safety and confirm that he is not licensed and, as a good citizen, report the violation. More than likely they will obtain a search warrant for him and do their own Forensic exam on his computers to determine if he is indeed operating a Private Investigative Agency without a license.
You say that e-mail hasn't been received over certain dates and therefore this disc has not been used. So the computer was turned off, or e-mail not accessed. How does that make it a crime?
You find no traces of Kazaa in deleted files, directories, fragments, or in the registry. Does that make this the wrong drive, or is Ms. Lindor correct that Kazaa was never on her computer?
Do you believe that all traces of Kazaa could be removed so completely that you could find no tract of it afterwards? What does this answer mean to you in the context of this examination?
How can you prove any drive was actually in her computer? Does the drive store store data about the computers it has been run in? What is this data? Windows XP activation codes?
Are you just an ass because you thought this would be a slam dunk to undelete files believed deleted by clueless users, and now your finding out that it isn't?
Is your fee contingent on results?
How much time did you spend examining the contents of this drive? What tools did you use? Please provide a copy of all such tools not available on the open market, and versions of the software tools used that are open market items and which you cannot copy and provide otherwise due to copyright.
What would we find if we looked on YOUR hard drive? Would you ever be comfortable with such an inspection?
Actually, the problem in this case is the stupid answers of the son and his 16 year old friend who basically ratted him out. Who let this happen in the first place?
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
In paragraph 5 he claims that the machine that downloaded the songs was not connected via a wireless connection based solely on IP address. That's some magic trick! I have a wireless router in between a pair of firewalls at my house. If someone were to get on it and download IP, they would show up to the entire world as the same IP as my cable modem.
Also in paragraph 5 he sites the computer's Registry as additional proof that the machine was not connected to a wireless router. Which I suppose might have some validity, as a wireless driver would likely have some reference in the registry.
But then in paragraph 6 he states that he believes that the hard drive he reviewed is NOT the same one as the one that downloaded the IP. So if this hard drive is NOT the one that downloaded the IP, what does it matter that there is no proof in the registry?
The guy is a sham, throwing together half baked and highly biased inspections that don't even pass a rudimentary review.
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
Are all the analysts that came in contact with the disk drive in question certified forensic analysts, and if so by whom?_ faq.html
http://www.cert.org/certification/IHcertification
Was the disk drive ever out of your possession?
Who handed you the drive and what paperwork did you sign?
Are all their tools "certified" for forensic analysis?
Was the drive mounted "read only" so that no contamination could occur?
When on what day did they last test their own forensic analysis computers for rootkits?
Did they perform those same rootkit tests on the disk drive in question?
Where is the certification for their forensic computer systems?
Have these machines ever been used for any task other than forensic analysis?
Was the disk drive checksummed both before and after the analysis to prove it was not tampered with?
Not to the RIAA expert but to Ms. Lindor's attorney: Do you bill your time for these Slashdot posts? What do you call that time? "Research"? I'm curious because I'm betting from all your time spent here that you have "creative billing" down to a science.
By the way, since we're all Slashdotters it's probably not necessary to say this, but: it would be helpful to us if some of you who really know what you're talking about would be kind enough to critique comments which appear knowledgeable, but aren't.
Thanks to all for your input.
Ray Beckerman +5 Insightful
profit.
Is this all the devil gave you for your Immortal Soul?
Have you ever used Kazaa to download even one file? If yes, have you confessed this sin to your employers? If no, then how do you have a clue about what it does on a hard drive?
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Seriously, there may be a technicality here you can use. Do they have evidence that the copyrighted material was reproduced to anyone other than agents acting on the behalf of the RIAA? If all they have is network traffic showing transfer of copyrighted material from the defendant to MediaSentry, and the RIAA has given MediaSentry the right to obtain and store material under their copyright, was a crime actually committed?
To take the technology factor out of it, if the RIAA gave person A explicit rights to obtain copies of any material under their copyright, would it be illegal for me to provide person A with a physical copy of that material? Is it illegal to distribute a copyrighted work back to the owner of the copyright (or someone acting with their consent)?
http://www.mhall119.com
It only makes them fine tune their practices!!!!
Of course, that has the effect of them not filing bogus claims either.
He doesn't suggest that the hard drive has been altered or tampered with. Perhaps you can think of some questions that followup on this point. He says that he examined a "disk image". Does he have an audit trail? He makes no mention of the MAC address used to connect Ms. Lindors' computer to the network. Does the MAC address on the HDD match the MAC address on the NIC?
If you don't pay for unlimited rights, you don't have them when you're licensing media.
Extra points to everyone who saw the bus-sized hole in this statement.
ANY media I purchase is subject to the doctrine of first sale. That means, when I buy it it's mine to do with what I want within limits we all know and follow.
The media conglomerates want to pretend the doctrine of first sale doesn't exist by pretending digital media is somehow radically different than an LP/VHS or even the CD.
On its face that is ridiculous and you either are astroturfing for the media conglomerates or woefully misinformed. In case it is the latter, you have given away your personal freedoms for absolutely nothing and opened the door to even more abuse.
Mod parent down.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
I know he claims to be a 'forensic' expert but nothing else in his resume seems to indicate any experience in the subject. Forensic expert for campus police? I'd definitely get a list of cases he worked on, conclusion he came to etc.
I'd also want to know exactly what errors he looks for and what steps he takes to avoid the errors. How many false positives he has detected and why where they detected in the first. I know police officers who claim their laser gun is in falable...
I'd ask specifically about what techniques can be used to spoof things like IP addresses. Can you impersonate your neighbor for instance (fixed IP vs. DHCP, gratuitous ARPs etc.)
I'd ask him the relationship of MAC address vs. IP address and ask him to describe which would be more of an indicator of identification (especially who's computer). I'd also want to know how far back MAC addresses where traced.
I'd ask if he had any information on the accuracy of Verizon's disclosure. The relationship between the time and Verizon's changing of IP address. (when, if ever, did Verizon change its IP address assignment).
I'd ask if there was any information as to the security of the defendant's network and if any tests were done to verify that defendant's machine wasn't compromised.
I'd ask about "Media Center Trace" and what it proports to proove. Is it just a trace route? Does it indicate MAC address.
Remember, MAC address is unique (but can be altered on some devices).
I'd ask if he knew whether or not the defendant's computer was even turned on at the time and how he knows that information.
I'd ask, if the defendant's computer wasn't turned on, would it be possible for someone to spoof the IP address or statically assign the address to themselves. What safegards does Verizon use to protect against spoofed addresses?
I'd ask how many computers can be behind a firewall that have access to the internet. In effect, how many computers could have the same IP address as far as an observer on the internet side can tell. The answer is infinit. You can have subfirewalls etc.
I'd ask what security measures the defendant had to prevent theft of services. Everything from open wireless to physical security (tap on the line).
What spyware, adware, trojens etc were on the defendant's computer?
If the defendant's computer was really the one used, why is it necessary to sub poena the son's?
Bottom line, if he really is an expert his testimony should highlight that IP address is not an identification of anything. All it shows is that there is someone, somewhere responding to a particular address.
TODO: create/find/steal funny sig.
...oooooooooossssssssssssssssshhhhhhhhhhh!
I bet you're a PhD student, right?
Because I've already given you the specific questions about the hard drive, however, here's one about Media Sentry screen shots. How do they prove that the clock on their computer is correct as to date and time? A non-faked, non-proxied, IP address only points to a specific destination at a given time. Dynamic IP addresses will point to different users at different times. They have to be ABSOLUTELY CERTAIN that not only is their time set properly to indicate when they gathered their data by whatever secret methods they used, but also that the ISP logs have exactly the correct times. This is not always as easy as it sounds.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
How long did it take you to develop a taste for the blood of the innocent?
-Charlie
So ... he worked at Iowa State University, he got his BS, his MS, and his PhD from Iowa State University, and he's teaching at Iowa State University. Is there any evidence that this guy knows anything except what happens to be taught at Iowa State University? Has he even ever LEFT Iowa at any time?
Don't piss off The Angry Economist
what is the meaning of life of course
I am furious that the "expert" went through and read every document he could find. He read the guy's resume, which had nothing to do with inspecting the hard drive for signs of shared music. He also mentions the lack of email. From this I would assume that if emails were stored on the computer, that he would have read each one looking for anything that could be used in court. The hard drive was subpoenaed to find evidence of Kazaa and of music files. Any other investigation is an invasion of privacy and I think the Lindors should sue the expert. What if he had naked pictures of his wife or emails to his lover?
Here are some off the wall questions but they might have a use.....
If I went out and bought a lot of music CD's and then made an archival copy of these CD's onto my Hard Drive. Then over time my originals got scratched, destroyed etc... How would it be proven or disproven that I actually owned those CD's in question especially if I no longer had the receipts ? Maybe a few cases to a few of them... What if some sort of spyware or virus or something got onto my PC and shared out those files ?
Considering CD's have a certain life expectancy, having to do with humidity, temperature etc.. a cd could have what is referred to as "CD ROT" in no time. So if I am to buy a CD from the record company am I buying a "timed" copy of the music (i.e. the record company knows the CD is not permanent storage media) I would think it could be argued that the RIAA and the record companies owe all the music CD owners a refund for an inferior product. There is nothing on a CD indicating that CD ROT can occur, the expected life of the media etc. The record company argues with everyone that you are buying the right to listen to the song not the actual song. OK so when I lose my music CD I paid for and can prove it why do they not send a replacement CD to the consumer considering you already paid for the right to listen to the song indicating you did not pay for the media!
In addition to this a lot of bands post their music up on myspace.com so you can listen to the whole song or on youtube.com... If you are paying for the right to listen to the music then how can they offer for free to people have internet on youtube and myspace and charge people who do not have internet because they have to buy their rights on cd media ? If I can keep listening to the bands song on myspace or youtube for free why would or should I pay for the rights to listen to it ? Aren't they losing money from this ?
If the music files are not 100% original CD quality 320k. Then it could be argued that it is not copyright infrigment because it is not a direct identical copy. It does not have the same quality of sound or production in addition if someone else added an ending or introduction now it is no longer the same in context either. DJ's at clubs used burned CD's of music downloaded from the net all the time. There have been several that sell their own mixes of a song.
If the file is mis-spelled maybe even that could constitute as not original. An example NIKE brand shoes have a certain style and color to them... an Chineese knock off company produces a similar product same design except maybe the color or exactly the same except the nike swoosh symbol is a different color then the registered trademark. In other words it is similar enough that someone could confuse it with the original but it is not "EXACTLY" the same this has been ruled in the past in favor of the knock off companies their was a lawsuit between HP and XEROX because XEROX packaged their toners for HP laser printers similar enough to HP's with the coloring and so forth that HP started losing money. A Judge ruled in favor of Xerox because it stated Xerox on it and basically said it was up to the consumer to decide which was HP and which was not.
I'd point-out that this guy (Doug Jacobson) only has five peer-reviewed publications-- and is latest was in 1990 (16 years ago!). Peer-reviewed publications are a measure of how good his ideas are-- as they stood the test of his peers. Beyond just counting the papers-- one can look at how often they were cited. If a paper has never been cited in another work-- it probably wasn't high impact. Another measure for research productivity/impact is the Hirsch number.
* Can you prove the defendant never purchased, was never given (as a gift) or never received (through abandonment) rights to the material. What if someone disposes of a CD ... can I recover it (from the trash) and assume the rights, as the new owner, of the abandoned material ? Was there a license on the CD that prohibits the transfer ?
In the Florida case the manufacturer refused to provide the software for any kind external audit citing trade secrets. The judge determined that this made it impossible to prove the case against him, or allow him to defend himself - case dismissed.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
What is your name and address?
Do you have signed permission to invade my network?
Are you aware of the current laws against computer crime?
I am the unwilling control for my Origin.
How do you intend to stop us? ;-) Muhahaha!
Bringing liberty to the masses. - http://freetalklive.com/
That case created a very interesting precedent, metaphorically then, the internet is a highway and mediasentry is a radar gun. No disclorure, no case. Also, audit's are in fully accounted for within the letter of the law no matter state(Federal).
Go Florida!
The IP address of record is associated to the MAC address of the cable/dsl router/modem/gateway. This does not imply anything about which device on the client side (private)of the network actually was conected at the time of the alleged transfer. If there was a wireless router it could be anyone. Or may a friend connected a laptop for a little while... Finally, maybe the IP address was highjacked on the public side of the network. Anyway... good luck.
Digitronically yours, Saltheart Foamfollower
...and puppies?
Why do you think RIAA-sponsored associations and business interests are suing (potential) customers?
Other businesses have "offenders" that break either patent or copyright over various things. Many of those businesses consider it to be a "cost" of business to keep their customers happy. After all, in most businesses, it is "the customer is always right", when when they are not. Why is music/movie industries different?
On top of a pile of money, with many beautiful ladies.
Are you an asshole all the time, or just while you're at work?
The good professor seems fairly certain that the computer in question was absolutely sharing files via Kazaa, and that the hard drive in question has no remnants of Kazaa files on it. So he doesn't believe this was the hard drive that Kazaa-shared files.
...
This leads me to question the utter lack of data in the pdf file on the specific evidence on what led the prof to believe that your client's computer was sharing files via Kazaa. How can they be so sure of this? How can they be sure that the ISP simply didn't get the client associated with that IP address wrong? Wouldn't a lack of data on the hard drive indicate they were given the wrong client by the ISP?
Is it possible that someone inside the ISP could have hacked client accounts in order to cover their own activities? Ie. employee X surfs the net at home, uploads/downloads all kinds of crap using all kinds of crap programs, then edits the customer database so that all activity associated with employee X's IP is associated with another client's IP. The IP logs would hard to fake - too frakking big - but I'd want to take a look at how the ISP associates the IP addy with one of their individual clients, and if any part of the association can be faked/hacked. If it all comes down to one client database, then the database can be hacked, but if the ISP is run properly, they should have backups of that database. A re-creation of the database should give you an idea if your client's entry on the database(s) is the same as what exists on the current database. Any changes and
If the hard drive was removed and the OS/files were reinstalled, wouldn't XP do one of those authentication things with Microsoft? Does Microsoft keep logs of this sort of thing? What kind of XP updates were downloaded to the computer - if very recent updates were downloaded, then it's the same hard drive as always, but a reinstallation from an old cd would mean that older updates would need to be downloaded and installed.
What the frak does a hard drive replacement have to do with the network card/MAC/IP address? Each network card has their own unique MAC address, or something like that. If the network card wasn't changed, then at the very least the MAC address wasn't changed and somewhere there should be records of the MAC used. My network info is sketchy as it's been awhile since dwelling on things like this, but changing out the hard drive shouldn't change the MAC address.
Wikipedia states http://en.wikipedia.org/wiki/MAC_address that the MAC address can be virtually and physically spoofed. Virtual spoofing seems to be easy, but a hardware spoof requires desoldering equipment. Does your expert see any evidence that the MAC on your client's computer has been spoofed, virtually or physically?
We generate screen shots all the time to "propose" software to clients, never did they really exist.
I'd ask why the songs in question are being distributed by MTV and it's bretheren, radio stations (a list of over 1000 should be easy to compile if these are common tracks), and elsewhere on the net (the BBC's radio archive and the band's myspace pages should provide good examples) with out similar prosecutions.
If the reply is that these are not CD quality, then lead into explainaing to the judge that the shared files are lossy, and only contain a small fraction of the CD information, and therefore don't deserve the full penalty, and then lead into the 2nd option:
If the reply is that these are licenced, follow up by asking the price per play per listener for these licences (referencing any past payola convictions the prosecution may have), and why your client is being charged more (by a factor that should be suitably ludicrous for the judge to perk up a bit).
The reason for this line of approach is to that I think a judgement of guilty with a fine equivalent to the fee a net radio station would bay for the same distribution would be an even bigger win than a not guilty verdict if it forms a legal precedent... if the prosecution see that you are heading towards that destination then I suspect your next question should be "do you want to give my client $lots and drop the case?"
A pizza of radius z and thickness a has a volume of pi z z a
However, they have not made any claims about file sharing from the son's IP address...
It is possible for the son to have brought his computer over to the mothers house, but file sharing takes time, and unless he was living at the mother's house at the time, he would be out the use of the computer during the period of file sharing. And she would have no access to her own computer during that time.
I would look at the timestamps of the mothers computer. If her computer shows activity (email, etc) during the period of the alleged file sharing, I can't see any reason to suspect the son's computer.
-- Bill
ever used a wireless access point that you plugged a network cable into? wireless access, no drivers.
Enjoy Every Sandwich
Close, but not really. The amount of actual damage is :
loss per song TIMES ( the number of times it was uploaded PLUS one time for the initial download)
iTunes makes this easy to calculate. Yahoo and other subscription models make it more difficult, but there should be a per-song accounting somewhere, otherwise the record companies won't know if subscription models are good business for them.
In any case, I would ask the expert how to determine which songs were uploaded and how many times, to establish actual damages. If the expert knows, and the app has that info, there's actual damages and anything beyond that is punitive. Very important for jury trials to see the record companies as greedy bastards instead of people trying to right a wrong through legal means. If the expert does not know, it's obviously a number pulled out their butts.
(BTW yes I know a download does not mean a lost sale, but that's not something you can really argue since there aren't facts around it, only common sense. Calculating it that way, however, is something the record companies can't argue against)
...some very important questions which I will soon detail, but ladies and gentlemen of this supposed jury, I'd first like you consider one other detail.
*points to large photo on billboard*
Ladies and gentlemen, this is Chewbacca. Chewbacca is a Wookiee from the planet Kashyyyk. But Chewbacca lives on the planet Endor. Now think about it; that does not make sense!
Guaranteed victory.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
"Have you stopped raping 8 year-old children?"
... and then they built the supercollider.
Q: How do you know that this was not done by someone using this computer or internet connection via an insecure 802.11 Wi-Fi access point?
don't cut it off www.mgmbill.org
>>Because NAT is usually done on the 192.168.1.x network (default settings on every router I've had) and that's not a routable network.
Read the title of the post you replied to.
notify the RIAA that the defendant has copyrighted
1. all data on the computer that are not copyrighted by others.
2. copyrighted the file structure, file names and everything else
Notify them that any copying of this data violates the rights of the defendant
File a complaint against the RIAA if they have copied materials copyrighted by the defendant.
don't cut it off www.mgmbill.org
Thus, the idea that the disk is from a different computer that had the same IP address is unlikely, at least with my ISP.
The real "Libtards" are the Libertarians!
why isn't your industry bound by market forces?
They're using their grammar skills there.
I haven't heard this discussed at all in the many discussions on copyright infringement here.
.wav file from the cd) then AFAICS it is a derivative work of the original work, and not a direct infringement per se. This may have implications regarding penalties.
If the file shared is an ogg/mp3 (or any other format than a plain ripped
Jon
I love his partial grasp on the concept of the Internet
he constantly refers to Peer-to-Peer Networks as a method of users sending files to each other
yea and Traffic Lights take people from point a to b
strange since Peer-to-Peer communication does the dirty work
Kazaa, Grokster , imesh, Available to Windows Mac and Linux
Strange not one of those are available on linux
and Mac?
I have a 'present' to send them.
---- Booth was a patriot ----
I know nothing about the US legal system, but I have to ask... Is this hard drive even submittable as evidence?
As far as I am aware, during a discovery phase of a lawsuit, specific items / information may be subpoenaed. I don't know the specifics of the request that gave the prosecution this hard disk, but they seem to have gone well beyond the realm of looking for data about file sharing.
Surely the fact that the expert witness accessed and read a resume would mean that they have exceeded the bounds of the subpoena ?
Maybe you didn't read it carefully enough, but I think "within limits we all know and follow" pretty much covers it.
Doing those other things are unfair anyway.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
Google the clown. None of his web pages seem to have been updated since 2003. Even back then his scientific production, in his supposed area of research, was completely dead. This guy is completely out of touch with science and would never be able to land another research faculty position based on his publication record. Most likely he was not smart enough to stay in the game.
These are good ideas from the parent:
Critically examine the ISP's software/logging.
You can punch holes here big time because no one really knows how well most of the software works.
The information provided to the RIAA should have come with a disclaimer. Double check if there's a logging standard/best practices that the ISP follows. Chances are there isn't anything. That makes it pretty worthless.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
After reading through a number of comments, I'm seeing the term "reasonable doubt" a lot but, if I understand the situation correctly, this is a civil case and "reasonable doubt" doesn't apply. The phrase "preponderance of the evidence" is the relevant concept. Am I right?
Similarly, with a criminal case, you need probable cause to go seize evidence like the son's computer. Does "probable cause" apply here?
Not that you're going to get what you want....
The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
Maybe I saw it on the sidebar at freshmeat or something. I think it was the sco-diebold truthiness generator v. 0.95 beta! Good stuff! Posix compliant!
I would ask "Do you acknowledge acknowledge your sins and seek repentance in the name of our Lord Jesus Christ?" and then I would follow the response with "Your sins are forgiven my child, in nomine patris et filii et spiritus sancti amen."
Believe with me, my saplings.
At least for cable modems, it's possible to "clone" a modem and create an identical modem that is usually used to gain service. However, anything that this person now does with the cloned modem will fall back on the person who actually has the MAC address of the modem associated with their account.
Simply, how can you prove the modem was not cloned and they actually did share these files?
"I'll just chip in a bit for RedHat: I actually have that installed on my university machine." - Linus, '95
Can't we just shoot them?
The higher the technology, the sharper that two-edged sword.
What planet are you from?
followed by "Care for another?"
30 pieces of silver go these days?
1.) Lock the other side into a particular story. This prevents them from changing their position later if the evidence does not support their arguments.
2.) Discover information that you don't actually have. Unlike during trial, you sometimes DO want to ask questions you don't know the answers to.
3.) Impeach the credibility of the person you are questioning.
Given these goals, but lacking the client privileged information about what really happened (did the son use the computer? was there a failed or successful attempt to remove the Kazaa software? etc.) I can't give specific questions, but there are several areas I would want to explore a great deal:
a.) I'd ask a bunch of questions about the MediaSentry program. I'd ask what testing the expert has done to ensure that the information provided by the program is accurate. Unlike others, I don't think you will get very far saying that the output of that program is "faked". I think you will have a much better time saying that it's wrong, buggy, untested, and unverified.
b.) I'd ask a bunch of quality control questions about the IP address logs. What is the error rate of the logs? What race conditions were considered when designing the logging of the IP address to user id mapping? Please explain what a race condition is? etc. If you, as a layer, don't know what a race condition is, you need to find out.
c.) I'd ask a bunch of questions about the methodology on the analysis of the defendants hard drive? What if there are multiple computers in a house? What if there are multiple drives in the machine? Was windows update turned on? Where patches applied over a period of time? (all at once would imply a re-install, over time would indicate no such re-install).
These areas focus on #1 and #2 goals.
I have no idea what software was allegedly being used, but if it allowed for uploads and downloads then there is a relationship between total network uploads and downloads -- this will yield a good "rule of thumb" as to how much could have been distributed. whilst not admitting that our client actually distributed any copyright materials outside any applicable license, the file sharing software is so designed that on average, each person will only share as much as they receive from the file sharing network. If the complainant cannot determine exactly how many copies were allegedly shared, then we must assume an average number. Where there is a population of people using file sharing programs, the amount of uploads is always equal to the amount of downloads, since material goes from one person to another (it is not broadcast). The software is also written so that it does not request the same part of a file (be it a public domain document, a photograph, or a track of music) once it has received it. While there are those who may send slightly more than they receive, or receive slightly more than they send, these people balance each other out. Thus, without evidence to the contrary, the safest and most equitable estimate of the amount of data distributed is the amount of data received. And whilst we (may) admit that there were music files on the computer, we (might) claim that they were the result of ripping CDs. This is fair use (??) and means that only a small proportion of any music files found on the computer could potentially have been downloaded. Thus, although we don't admit to any distribution, we would calculate the the amount of copies that *could* have been distributed as very small (i.e. how many tracks on the computer that were not personally ripped * 1 -- (not * thousands)). The RIAA assume that each file present on a file sharing network results in xxxx copies being distributed. This may have been a fair calculation when files were being distributed from web sites where the sharing was "one-way", the sharer was *only* distributing. However modern peer to peer file sharing networks rely on two-way sharing where receiving a file is contingent on sending something back (be it what you're receiving or something else). In such a network, if a party is to distribute more than they take, it requires a balance of people that take more than they distribute. Because of the way the network operates, it is difficult to take without giving, and thus those that give more than they take are balanced by those who receive slightly more than they distribute. Thus, if no evidence to the contrary is offered, it is most likely that any sharer has distributed only as much as they received. Further to that, if a sharer has an internet connection which allows data to be received faster than it is sent (and this is typical of all methods of connection to the internet by home users, be that by modem, ADSL, Cable, or Satellite) then, given no evidence to the contrary, it is more likely that the sharer has shared less than they received. It is also a fact that file sharing programs do not make obvious to their users that content is being shared. Quite often such programs will start automatically when the computer is turned on, and run "in the background" where a novice user might not notice them. If a user in their naivete, downloaded and installed one of these programs, they might continue to be running it unawares even after determining that it might permit copyright infringment. Of course, I might have to back up some of those statements too. I'd first ask the RIAA person if they would (if they could) prosecute every person sharing their copyright content (to protect their artists), or if they were doing it for "show".
A. Even if the downloaded file was a copy of a copyrighted work how can you prove there was intent to pirate? How can you research if it is copyrighted without downloading it and searching for the similar copyright protected work? What if the person who downloaded thought they were legitimate clips, previews, free works, drm "time limited" or "number of plays" limited files, reduced quality free samples, etc. The presence of an Artist Name or song title can mean intent because what if the downloaded work is misnamed or misrepresented in another way. Free works, sample works, misrepresented content, and drm works are so common you'd have to download to file determine "what it is" and from there reseach the copyright which would be so costly prohibitive that no human being could comply with the standard for all documents downloaded. There is plenty of copyright violations on webpages. Shouldn't the RIAA be sued for reading pirated web content without paying royalties to the honest people who create web content? Thats what they are saying about P2P file sharing... you know... another great file sharing technology is the "Web Browser". It is used to violate more copyrights than any other technology in the history of man... even by RIAA and MPAA lawyers and court judges. The issue at play here is intent.
B. Even if you can prove the downloader "knowingly" downloaded a copyrighted work that could not have been percieved as a preview, free version, or drm "limited permission" file you still have to prove they intended to share it. P2P software providers have secret "features" that perform complex tasks without end-user knowledge or approval. The configuration of P2P is largely undocumented, highly confusing, often purposefully cryptic or misleading. The intentions of the p2p software vendors are not in the end-users interests and are often misleading especially when they used veiled legitemacy to convince end-user to purchase their product. "iTunes say... give us money to download music" if BearShare made the same statement is it the end-user fault that one company was legit and the other was a scam. BearShare would have been the criminal hypothetically and both the copyright holder and the end-user are "victims".
C. I bought all the beatles albums on vinyl. I bought them all again on cassette. I bought them all again on CD. I'll shoot myself before I'll buy them again. At what point do you have the right to listen to the music you paid for the way you want too. Fair use doesn't, but should allow the right to listen to music you own in any media version less than or up to the media quality of the version you own. I listen to streaming radio stations these days... they provide free access to entire genres of music I like. I don't have to read legalese to listen to radio. I don't have to worry if the sation is legitimate. That's the station's responsibility. I don't have to worry about the media being misrepresented. When you listen to streaming media the bytes are downloaded. They are not the actual bytes at the radio station... they are copies of the bytes communicated to you. If its posted people will inquire. It is human nature to be inquisitive. Suing the inquisitive for clicking on an internet file is like suing the witness for seeing the crime. Suing the inquisitive for not knowing how to prevent or disable file sharing or for not being able to understand the instructions to do so is letting the criminals shift the blame onto their victims. Its akin to permitting the crimal off the hook because the victim was dumb enough to be a victim.
D. My computer. my liability? My cable modem? My DSL line? My remote server? My user account? My ultra-peer super node in the P2P network or my leaf-peer normal node? My default P2P settings? My unkown background server tasks installed in secrecy by a software installer? My email viruses? Are they my hackers if they gain access to my machine? Are the RIAA trying to catch criminals or mearly scare and
"If they have ever run tests to see if the file matching can be fooled into false-positive matches (especially if they have not actually listened to the downloaded files), and what the accuracy rate is."
Good question, proving correctness, even for trivial software is an expensive task and the RIAA are penny pinchers.
If they do have test results then question what quality standards (eg: IEEE, CMM) were used to conduct the testing. Ask for past and present "bug lists" or anything else that displays the shakey nature of our chosen proffesion. Having a bug list can introduce doubt about the software, not having a bug list can introduce doubt about the QA.
I assume they have logs from the ISP, otherwise how the hell can they be sure it was her computer.
PS: I have noticed NYCL's informative posts on other slashdot stories, I hope he finds what he is looking for.
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
Although the obvious (and most fun) question would be "Why can't you testify to the [same general material] in the Netherlands and Canada?"
I guess that among the numerous great queries previously posted, I would be interested to know:
Which programs were used to obtain the files which have been allegedly shared (or made available for distribution) by the defendant (screenshots will help here - post them if you don't recognize them or if you believe they may be altered - we will help), and whether the manner of usage by the plaintiffs was in compliance with the license agreement of said software and state (and federal) law. I haven't read the response to the interrogatories provided by the RIAA for a month or more, but from what I do recall, it seemed that they avoided specific responses about what software was being used. If I recall correctly, they simply stated that they used the "same software as a typical user" and accessed files "as the typical user would."
I believe, from the links provided in the initial post, that this suit was filed in a state court in the state of new york. Although I am not licensed as an attorney in that state, based on my experience in other states, I would be surprised if NY had not outlawed something along the lines of "unauthorized access of a computer system." Typically, this would include falisifying your identity for the purpose of obtaining access to particular files (or access of the system in general). Of course, this would only be important if NY has a statute that would prohibit the introduction of evidence in a civil trial of evidence that was obtained in a fashion that is illegal (or, more broadly, in contravention of public policy). It has been my experience that most software (e.g. Kazaa lite++) both prohibits usage of the software for the intentional violation of the copyright law, and probibits the use of the software for the purpose of ascertaining the identity of other users. Read that license with a fine-tooth comb.
As a last resort, based on the responses to the above question, I would consider an in pari delitico argument. The RIAA violated copyright law (probably - or at least a license agreement) to obtain the evidence for trial, and they ought not benefit from such a tactic.
A few thoughts. First, a lack of user-created files and e-mails doesn't mean the computer wasn't used or is new. The owner could routinely clear his internet cache, and just use the computer for internet browsing. All e-mail could be through hotmail or gmail. This could easily account for a computer with no user-created files or e-mails. What was the install date of the system (i.e. Creation date of the windows directory)?
Second, he states in section 1 that he obtained a "disk drive image" from the plaintiff. What type of drive image? Unless it is a bit-for-bit copy of the physical disk, his "forensic inspection" abilities could be quite limited. Many drive images are simply copies of the production file system. It is much more difficult (perhaps impossible) to find deleted files and folders with these types of images. I would like to know how, aside from an empty Recycle Bin, he concluded that the P2P program and shared folder were not simply deleted and overwritten.
What has this guy actually shown? Basically that the information given to him from MediaSentry and data on the drive image do not match. This could happen for any number of reasons: MediaSentry could be wrong; the drive could have been formatted (for legitimate purposes, as stated above); the data that MediaSentry presented was deleted and his forensic analysis could not show this because he only has a data copy of the drive.
One plausible scenario: If a friend was visiting and wanted to use his owncomputer on the internet (to VPN into work). Since there was no router, he needs to plug into the ISP and take the IP address. IP's rarely change, so the friend's computer would be given the same IP as the defendant's. The friend's computer was the one with the P2P software on it, the one that MediaSentry caught. The friend left, the defendant plugged his back in to the internet, got the same IP address again. This was the drive properly given up as evidence.
"Of course life is bizarre. The more bizarre it gets, the more interesting it is. The only way to approach it is to make
what software is used to convert a screenshot to an audio fornmat.
Start by establishing who the defendant is, and where evidence is coming from. If it is Mrs. Lindor, with evidence from her son, use the following analogy to set precedence:
A man is driving his mother's mini-van. He robs a store. The store can prove it was THAT minivan, but a credible witness testifies that it was the son who robbed the store. Who does the store sue? In this case, they're suing the mother. This is questionable at best.
Here's the trick: If the RIAA says that "yes, we ARE suing the mother!" Then you get to say something fun! "Then you should also be suing their ISP, who owns the servers on which the data was transfered." Alternatively, you could just hide that fact, turn around, and SUE THE ISP YOURSELF. The case would never survive, but it WOULD establish precedence that would be quoted for eons.
Here's the technical basis of my assertion:
An IP can be traced only so far. At each "hop" between servers, the packets from your computer find themselves on a completely new network. In IP standard 5, the network structure is invisible to the packet. That means that the IP the ISP gave, Mrs. Lindor's home address, could have an arbitrary number of computers attached to it, and the ISP could never know. Someone in the street with a laptop and wireless connection could have used the connection for file-stealing purposes. (This is a common tactic, we geeks even have a word for it. War-driving.) The point is that because the RIAA can't know which computer they caught stealing, they're just going for the one thing about the case that they do know: Mrs. Lindor.
This is very insubstantial any way you cut it, but lets play with it anyway, because that's the game they've called.
If they win this case they will set a legal precedent for culpability in the case of inherent anonymity. This is a pretty wide ruling, and the judge should be made aware of its impact. If Mrs. Lindor is culpable for everything that happens on her IP address, then she is also culpable for:
1. Someone committing a crime using her vehicle.
2. Someone bringing another person to her property and killing them.
3. An employee committing crimes on-shift in a business she runs.
4. Someone being robbed or otherwise victimized in that business by an unrelated third party.
See how they chew on that one. Looks to me like from that angle, they loose no matter WHAT the jury decides.
Here's where it gets fun (again). I'm sure you already see where I'm going with this. If Mrs. Lindor is accountable for the things that her son does on her IP, the ISP is responsible for the things that she does on its IP. That's how networks work. Everyone is on someone else's network. Mrs. Lindor is connected to a Point of Presence, not a backbone. The POP is connected to a central server that is connected to a backbone. Just follow that fiendish dire chain of culpability until you get to the top.
I think user identification is hands down the largest flaw in the RIAA's case based on the "expert" testimony. Here's the evidence I saw (according to the PDF):
1) In the computer's registry, there's a public IP that was assigned to the user's account.
2) The IP used to share music was assigned to the user's account.
This means:
1) At some point, perhaps most recently, the computer was connected directly to the modem. Many users (especially my family) do this out of frustration with their router. Moreover, as other commenters have suggested, there could have still been a router while the computer maintained the public IP.
2) It's probable that the music was shared from someone connected somehow to the defendant's modem, but even that's not definite. IP's can be spoofed, or the RIAA may be wrong - check their methodology. i.e. if they check the IP by sending a message to the Kazaa user saying "l0l y0 dud3, wh4t's y0u4 1p?", the IP's not necessarily reliable.
Moreover, I didn't see anything discussing MAC addresses in there. Though they're eminently spoofable, they at least give you some idea of what network interface card you're talking to. If the RIAA does whip out the computer's MAC as evidence, you can simply point out how nearly every consumer wireless router offers MAC cloning.
In short, I think the best option would be to show in court how a normal customer might configure a computer connected to a router to have the public IP and have the router clone the computer's MAC. This would take a PC, a cheapo wireless router, and about 1-2 minutes. Then ask the expert how he'd know it was that computer, and not someone parked outside in a van that did filesharing. If he can't prove the PC had the public IP at the time the RIAA claims it was filesharing, even better - only MAC spoofing (or not even that if a MAC isn't produced as evidence) would need to be turned on, and that's a simple checkbox in router configuration. It might be worth researching if, at the time, that was required to get Verizon working with a router - ISP's have been known to tie accounts to MAC's. Even if not, some installation guides recommend simply checking the box to avoid the issue altogether. I simply fail to see how his testimony is incompatible whatsoever with there being a wireless router on the defendant's network either at the time of file sharing or at present. His vigorous handwaving about checking the registry suggests to me that, no, there's nothing there.
The one wrench in things would be if there's no evidence the computer was ever assigned a private IP. At this point you'd have to fall back on the possiblility of having a router while maintaining the public IP, which is more tenuous. You could also question how long the IP cache has been maintained, or use the following (I think better) argument: the "expert" wants to have his cake and eat it too, and winds up contradicting himself. On the one hand he says there's no value to this drive - it just *can't* be the one he's looking for. But then he turns around and bases his wild no-wireless-router claim on a registry entry! So which is it...is the drive in or out?
I'm not saying prosecution would do that, but very substantial doubt is easily established by asking the parent's questions.
So?
These are civil cases. It doesn't matter whether there is doubt. The standard is a balance of the probabilities. That is, whatever the jury thinks most likely happened is treated as true. If there is a 51% chance that the defendant really did pirate the music, then it doesn't matter that there is a 49% chance that the plaintiff tampered with the evidence; 51 is greater than 49, and so the plaintiff wins.
All of the posts talking about open WAPs, or multiple people using a computer, or how easy it is to fake screenshots or alter drive contents, etc. are rather pointless. Sure, those might indicate that there is some reasonable doubt as to whether the defendant did it, but it's not enough to say that the defendant probably didn't do it. Unless you can reach that level of what probably or most likely happened, rather than mere what could have happened, you're still going to lose.
-- This and all my posts are in the public domain. I am a lawyer. I am not your lawyer, and this is not legal advice.
I think i would ask:
Why should anyone buy anything from a company that records music, instead of paying the people that actually make the music?(any idiot with a tape recorder can record music)
The riaa does not own the music, they only own the recording that they made of the music, and the copies that they make of the original recording.
If someone re-records something that the riaa recorded, the copy is a new "recording" by definition, and all rights to this new "recording" should belong to whoever recorded it.
And also i would ask:
Is there a line of people waiting to kick you in the nutz, or can i go ahead?
I have not bought a recording since the riaa and the asshats of metalica started the nasty business of suing customers and fans, And I never will again.
And I'm not even going to go on about the fact that they haven't recorded much of anything even remotely worth paying for in years.
If i want a recording of something i will record it mydamnedself one way or another, thats the way it is, and that is the way it will continue to be.
Anyone who buys a music recording is paying the lawyers that are suing people, and should be kicked in the nutz just as hard as everyone else in the riaa.
The riaa is no longer the root of the problem, the problem now rests squarely on the consumers who continue to pay these idiots for recordings.
STOP PAYING THESE PEOPLE AND THEY WILL STARVE!
I don't see any glaring faults in the Curriculum Vita. Doug may have some biases relative to P2P file sharing (invalid biases in my view: the first mark of a successful new medium of communication is the assertion that it is being used for pornography), but those biases hardly seem relevant to this case. His background in networking and security is at least as good as some 10,000 other people who might be called as expert witnesses, and he's willing to testify on behalf of the RIAA, which very few of those 10,000 people would be willing to do, mostly based on the well justified belief that the RIAA is using these suits to defend oligarchical control of music and video rather than defend intellectual property rights. He certainly has a background in security, networking, and computer forensics that would make him a credible witness from a technical perspective. The only fault I might point at is that it demonstrates no specific knowledge or evaluation of MediaSentry. His background and patent activity in the area of detecting and blocking P2P streams should, however, make him reasonably qualified to evaluate MediaSentry. By the way, it is probably worth asking him to evaluate MediaSentry. His evaluation may not glowing.
Dr. Jacobson's declaration is another matter entirely. It uses nine pieces of evidence, none of which are available to us here, to comment on three points in the connectivity chain that purportedly ties a computer to the Kazaa file sharing system, allegedly for the purposes of both downloading and sharing music files. Those three points are (a) the computer itself, as represented by its disk drive image, (b) the computers connection to Verizon Internet Services and, by implication, to the Internet, and (c) the detection and documentation of Internet activity associated with a specific set of IP addresses by MediaSentry. That is a major collapsing of the points of connectivity between a computer and a remote server. If I were investigating (and this is an area where I have patents) the connection points from a computer to a remote server, I'd identify quite a few more, starting with the intermediate modem, cable modem, or DSL modem and the downstream DHCP server maintained by Verizon, but this is all we have. I will return to this issue below, but there is value in addressing each of the three points in the chain that Dr. Jacobson does identify, and I'll return to this as we discuss the second issue, the computer's connection to Verizon.
First, the hard drive. The witness indicates that the hard drive examined cannot be the same drive that the MediaSentry data indicates was used to share files on the Internet. The questions that need to be addressed here are: 1) Is there any evidence that the drive is anything other than the original equipment disk drive sold with the machine? The manufacturer is actually likely to have a record of what drive (based on serial number) was sold with the machine (based on serial number). If it is the original drive, the likelihood of tampering is very low. 2) Is there any evidence that the machine was opened by anyone before the machine was impounded and the disk removed? Many manufacturers invalidate elements of warranties when a machine is opened. They are likely to be able to say. 3) Is there any evidence that the disk was reformatted and overwritten with a new copy of the operating system? Almost any disk drive recovery company could answer this question very quickly. 4) Is there any evidence that another drive (a USB or Firewire drive, for instance) was attached to the system? There should be evidence of such in the machines plug and play drivers
Davis http://davis.foulger.net
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
I actually prefer the Groklaw process. It is more personal and hence more rational. I don't think I've seen any complaints there about a story being rejected and then accepted two days later when it was submitted by a different person.
We don't see the world as it is, we see it as we are.
-- Anais Nin
In addition, I would try to attack the methodology in terms of the code used to obtain the IP address. How would you prove that the IP address in question is not a product of a bug in the software? And more importantly, how can I verify your claims? This brings up interesting (to me) open source/access to closed source binaries issues.
Well, "they" are not a "third party." If I own a copyright in a work, and I connect to your computer to download it, neither I nor you have infringed my copyright. I cannot infringe my own copyright by downloading and if I ask you to distribute my own work to me (by connecting to your computer and asking you to upload it it), it seems clear to me I've at least implicitly granted you permission to do so.
The reason why the RIAA wants "making available" to constitute in and of itself infringement is because it's otherwise nearly impossible for them to prove any actual infringement occured, even when it did. Which is fine, IMO, because an unenforceable law is usually a sign that the law is broken.
The standard is a balance of the probabilities. That is, whatever the jury thinks most likely happened
This point has been made a lot in these comments and in theory it's absolutely right, but (as ever) theory and practice are different environments. Given a sympathetic jury (not an unlikely occurence) and the mis-matched resources of the plaintiff and defendant, substantial doubt might well be enough to tip the scales in many jurors minds.
It's been almost ten years since Napster. How come the record industry has yet to offer their own digital downloads? If they dragged their feet like this with conventional media. we'd probably still all be playing 78's instead of CD's!
Is it really worth it, for the priviledge of a few for the use of exacting payment for content, to legislatively mandate ignorance of this technology?
Today, viruses are rampaging our networks. Supposedly "top secure" ways of selling somebody something without giving it to them, are cracked and made public within days of release. Our top business systems are violated within days of release. Aren't we chasing after wind? Ignorance only makes us vulnerable to others with wisdom. People who are not compelled to live under our law reign free, unfettered by our laws. Only the law abiding citizenry will adopt ignorance.
While our wisest minds in Washington ponder law to restrict knowledge of our computational infrastructure, other equally brilliant minds in countries eager to collapse us by rendering our technologies useless can use our ignorance to their advantage.
A typical instance of this in history is how Alexander the Great rendered a far more powerful adversary helpless by causing his adversaries infrastructure ( his elephants ) to malfunction ( by blinding and stampeding them ). His adversary now had his hands full with his problem elephants while Alexander took control.
When we do not understand our own technology, our business leaders are going to be completely powerless to control anything if their communications infrastructure has just about the same effectiveness as giving a child a toy steering wheel in a car.
I hate to see so much of our technologies being so centered aroung hanging itself up if something isn't just right. All this secret-keeping. Its enough to give any computer engineer the CIA Heebie-Jeebies ( as related in that movie release "The Good Shepherd", when nobody could trust nobody. I know we love to talk "trust", but frankly, EULA's instill about as much trust in me about as much as a pre-nuptial agreement instills a sense of love. If you want TRUST, then be RESPONSIBLE for it, not deny it in a EULA.
I would hate to have future civilizations digging up the remains of our civilzation, only to discover our civilization was done in by ignorance of how their own technology worked ( as in the theme of many Star Trek episodes ) and deduce we we became ignorant of our own support technology for a song. Literally.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
would work here. How are you compensated for your testimony? How many times have you testified on behalf of the RIAA? How many times have you been asked to analyze users' systems? How often do you find that no sharing occurred? How much total compensation have you recieved from the RIAA? This line of questioning is almost automatic with expert witnesses, I'm sure they will be asked.
If you had an open Wireless Access Point, over the course of a couple of months, how many people on average would use it? How many connection attempts would be made? How many hours per attempt?
If you were in a big city, I bet you would record a large number of hits. I have friends that were disappointed when the "free" internet stopped working. You don't even have to be in an apartment building.
Try having some bogus screenshots manufactured (by a 10 year old?), and present them to the court to demonstrate how easy it is to manufacture screenshots as "evidence".
All of your questions are treating this case like a criminal case. This is a civil case. There only has to be a preponderance of evidence (if I spelled it correctly) meaning that it only has to be a good possibility or likelihood of it occuring; ie
1. Can the screenshots be faked?
A. Yes, is it probable?- No
Bad question unless you have a reason to believe otherwise.
2. Can a file checksum/hash be faked?
A. Yes, probable?- No
This is why. If I have a hundred files that look like music
on my hard drive, what are the chances that most of them are false
positives? Also, why would I have a hundred file names for songs
if they aren't music?
A jury only needs to be 51% sure that it happened. It is quite easy
to get a judgement if some evidence is on your side.
Suggestion:
Yeah, but so what, really?
It seems to me just as likely as not that, for any random defendant, his machine was a) hacked, b) used by someone else in some other manner, etc., or that c) the plaintiffs incompetently sued the wrong person, or d) deliberately faked evidence so as to sue someone, etc.
I mean, obviously, it depends on the specific circumstances facing each particular defendant, but these things aren't so cut and dry 51% in the plaintiff's favour.
One guy in this thread did an empirical survey of WAPs in his area, and most of them were wide open. Most of my friends who live in apartment buildings in reasonably large cities are using their neighbour's internet or have their neighbours using theirs. Most of them don't realize this may or may not be "wrong." Mostly it's a "hey! free internet!" epiphany.
Plus, there's the fact that just because there's a listing of files doesn't mean there were any actual cases of infringement. It should be trivial to show hundreds of different setups where things like firewalls, NAT, etc., actually prevents the sharing of files even though a listing of files or a hit on a search can be obtained.
You could also just put up a single machine with some files in it matching names of some RIAA music and watch how nobody connects to you most of the time, blah blah blah.
Throw in the fact that the defendant is a 95 year old who is going senile and has no idea how to even turn on the magic scary box and boom: people just don't believe she did it, on that basis alone.
So, yes, it's a lower standard than in criminal trials, but there are hundreds of equally likely scenarios for each and every defendant except the most unlucky as to be so clearly guilty that I don't know why you're always so confident we cannot prevail.
Juries are made up of us. It's irrelevant that courts and lawyers find the defendants to be unsympathetic. Judges and lawyers are not the finders of fact.
How much did you make when you sold your soul to the devil?
Why would a Wookiee, an eight-foot tall Wookiee, want to live on Endor, with a bunch of two-foot tall Ewoks? That does not make sense!
"supposed analysis"? Are you Johnny Cochrain? Are you going to use the Chewbacca defense?
I am the maverick of Slashdot
Ok, lemme get this straight.. 1) RIAA accuse this person of having illegal files on her computer. 2) research by RIAA lackeys shows that this persons computer does not have any signs of illegal files. ...why is this case not thrown out?
IANAL, but can you sue 'Unknown person', find a likely culprit as "person X" and then if that person didn't do it, can you say to the judge "person X knows Person Y, which might be the culprit, can we change to person Y in this suit?"
I'd think the first defense in this case is "With the evidence you have gone over, can you prove that Lindors' computer contains anything which infringes the copyright of UMG?"
I wouldn't really try to open up anything else than this at first, it's a case of mistaken identity, the hard data on the HD tells the real story, there is no incriminating evidence on that disk, and if there's nothing on the disk, then it's a case of mistaken identity and should be thrown out.
If the RIAA says it might be the sons' pc, isn't that the same as saying that she isn't guilty? Do you have to defend the son as well as the mother in a case purely against the mother? Does the RIAA get to harass anyone and everyone with an internet connection or a computer with the flimsiest of proof?
There are so many ways to defend this kind of case that the mind boggles, but I'd do it slowly but surely, only really using one angle at a time, most logical tactics first.. most judges probably think the internet is a series of tubes anyway so K.I.S.S. is the way to go.
Ray Beckerman seems to be the attorney requesting our advice, and while I think it admirable that
I suspect that if any one of us asked the good attorney for advice, we would have to reach deep into our pocketbook to pay for it. I have no idea, of course, about what financial arrangements he has made to take on this difficult case, but presumably he is being paid. Fighting for a good cause or bad, he remains what he is--a lawyer. A hired gun.
So my question is--has this good fellow made a contribution to Slashdot to thank us for our help?
...omphaloskepsis often...
When some one stops working for the RIAA do they get their soul back?
why didn't you sue the kids of the warner music (i think) exec who downloaded music? His testimony against them is in the public domain.
If you are only selectively targetting individuals for enforcement but allowing others then doesn't that constitute bias or even endorsement?
"How do you sleep at night, you little prick?"
If Tom Mizzone and his company didn't get permission from Kazaa to modify its software I would say that the MediaSentry company violated Kazaa's copyrights and is using illegal software to provide some of the bases for its case. I am referring to the "Prof. Sips and Dr. Pouwelse of Delft University's Parallel and Distributed Systems research group PDF" page three. It says that they systematically searched the Kazaa network for certain keywords, by means of modified Kazaa software. I would definitely check and see if they had Kazaas permission to do this.
I am a paralegal and a Wedding DJ and this sticks out like a sore thumb. Tons of illegal 10,000 songs to "gas up your i-pods" and 40,000 song hard drives on Craigslsit and ebay. and They are Mostly all black people.( rap hip hop DMC beat braks reggaeton dirrrty south, all uncut versions underground slammin diggin da cratez)
And 13 year old Kids being caught are being paraded on tv with their clueless parents YET has anybody see a 13 year old black kid on tv being sued with their parent crying they dont have any money?/? Or a has a Black college or Black High school had 20-30 50 students sued, Like white colleges and high schools have?
If they sued 10,000 black kids Jesse Jackson and Al Sharpton would front and center on this issue every day!
The RIAA has to do this to white people , because if we downloaded and stole the music like the black people, the whole rap and hip hop business would collaspe overnight.
sometimes the files i download are spyware that leads me to pornsites. sometimes it's madonna screaming vulgarities. you never know what you're going to get from an anonymous source. and what if i choose to hide my pr0n as mp3's so my mommy doesn't find it?
Remember kids, if you're not paying for the service, YOU ARE THE PRODUCT THAT IS BEING SOLD.
1. Do you stand by the contents of your report?
2. Do you know what DHCP is?
3. Could you explain how a IP address is assigned on the public internet?
4. Did you see definitive evidence that the IP address recorded by Mediasentry was the same IP address used by the defendant's computer?
5. In your report, you state that you do not believe that the hard drive you analyzed was involved in copyright infringement. Correct?
6. In your expert opinion, is it possible that the defendant's computer was not involved in copyright infringement?
Overrated, Troll, and Flamebait mod points are not to be used towards posts you disagree with. That IS censorship.
I'm aware of DUI convictions in Florida being thrown out because the Judge there said that the state didn't have the right to contract people's constitutional rights away and there was some funny business with the brethalizer software changes that they couldn't adequately explain.
Of course, that was a criminal case and those get tried with a much higher standard of evidence than I suspect we'll get in a civil case like this. Still, it's of vital importance to know every line of code, every bug, and every change in every single custom program they use, as well as the exact versions of any proprietary programs (including any upgrades/patches/automatic updates they've made to those since then).
I would ask this expert to put a firm figure on precisely how many extra CDs the RIAA would have sold if this individual person had never used peer to peer software. I imagine his first response would be some sort of weasel answer about how every file shared can end up going to thousands of people; but the issue here is of the damage that this specific defendant is alleged to have caused, and even allowing the existence of these thousands of imaginary copyright breaches, the distributed nature of the technology ensures that her personal involvement in this would be limited to a small number of uploads. As an "expert" he will have no option but to acknowledge this. So I'd press for a solid figure, based only on the firm evidence that they have of copyrighted data transmitted by this particular defendant - I mean, they're in court, so they must have firm evidence, right? - of precisely how many CD sales she is personally alleged to have cost the RIAA.
I would then point out that the damages sought by the RIAA are far, far in excess of their own expert's calculation of alleged loss. I would suggest that had the RIAA sought a value proportionate to their alleged loss, plus a reasonable fee to compensate them for the expense of identifying the responsible party, the defendant might well have settled immediately; but that the RIAA's decision to seek such a flagrantly excessive sum has forced her to defend herself against a claim that is patently unjustified and should ipso facto be denied by the court.
Probably a stupid question, but...
Assuming the person in question did not rip each file from CD and then upload it, what crime are they actually committing? The files on their PC were simply downloaded from an outside source - is it the duty of the person uploading to maintain a copyright notice with each file or is it the duty of the downloader to verify the status of each file they download?
If it is the duty of the downloader to verify the copyright of every item they download, where does this stop? Do I have to perform due dilligence when I log onto /.? If not, then surely the RIAA need to pursue the individual who originally uploaded each file and prove the extent to which it was spread.
"Do you require a large, laminated Venn diagram to tell your ass from your elbow, or do you keep this information in a PDA or cell phone?"
Would you like a blindfold and a cigarette?
But what I've always wanted to ask is 'what truly independent research shows p2p hurts sales?' It seems intuitive that it would, but lots of things that 'make sense', turn out to be wrong And further, 'what truly independent research shows that if a legal, convienient, drm-free paid service existed, p2p would hurt sales?' I am not convinced that file sharing has affected the profitablity of any of the content providers. It may have but it may also have had no effect or it may have enhanced sales. If I was a judge/member of a jury, I'd want some hard data before I started throwing people in jail and bankrupting families.
I have thought about this some, and if I own a CD with DRM on it, I cannot legally break that DRM to make a backup copy of the disk. Yet, I am entitled to a fair-use copy of that disk for archival purposes, no? If I am entitled to a fair-use copy, am I not entitled to download that fair-use copy from someone else who has already made a copy for archival purposes? By doing so, I in fact am not breaking the encryption/DRM on that disk, but rather just downloading a copy of the songs on that disk as my fair-use copy.
From everything I've been able to garner from the DMCA, along with what the RIAA and MPAA have indicated, my only option with regards to making a fair-use copy of a CD or DVD that I own, is to download it from someone else who has broken the rules of the DMCA. This means that I did not actually break the DRM of the disk, but someone else did, and I am just downloading what is rightfully mine. So, it seems that the DMCA, RIAA and MPAA are actually encouraging downloading of music CDs and movies through their attempts at discouraging my fair-use rights.
Grant M.
If it works, call this the "Sam Jennings defense" :)
-->
TIER 1
There is a right to fair use for a single-purchase otc owner of a CD / Tape / Record / Video / Movie. That right does not restrict you from reformatting the content. For example, if you have a CD, you have a right to reformat that into a collection of MP3's. As a corollary, you might* ALSO have a right to download the same mp3's. After all, since you HAVE a right to own them, and the fact that the download is coming from a third party should make no difference.
Therefore, (see the word MIGHT* above),
(1) Downloading such materials is not ALWAYS illegal, since the downloader MIGHT have had a right to fair use.
(2) Allowing such materials to be freely downloaded MIGHT NOT be a piracy ring, since the downloader MIGHT have had a right to fair use.
And THEREFORE, (again, see the word MIGHT* above),
That an upload OR a download of copyrighted material occurred does NOT constitute probable cause, since there ARE reasonable (i.e. legally defensible) circumstances that could have accounted for the very same behavior. In that regard, the prosecution might not have had probable cause (with regard to any warrants that they might have issued, regardless of what they found). For example, if you are walking home from kinko's with a photocopy of a copyrighted poster the police would not have probable cause to assume that you were in a poster pirating ring. Furthermore, if they caught you bringing a copy of that poster to a friend's house, they STILL have no proof that your FRIEND doesn't ALSO have a home-use right to the very same material. If you can sufficiently emphasize that doubt [of probable cause, as in 4th amendment probable cause] you can defend the case in appeals, right?
TIER 2
There IS such a thing as an orphan-right to copyrighted material. What I mean by that is that if you bought a CD and it was stolen from your car, or your vynil record melted in the sun, etc., you still have a RIGHT to use the software/song/movie, etc, even though you lost the physical COPY of the copyrighted material.
Since most people probably DO have orphan rights to many copyrighted works, (for instance, my own house was once burglarized and I lost about 100 legally purchased music cd's), the prosecuter would have to prove beyond a reasonable doubt that the plaintiff had no orphan rights to the copyrighted material. That would be difficult, to say the least, since music has been recorded and sold for a long time, and proving that a person NEVER had a right to own a particular music CD, for instance, would involve lengthy and costly (and still in most cases impossible) research.
What I'm saying is this: That the plaintiff cannot produce a physical store-bought copy of the downloaded copyrighted works is NOT enough to convict, since they MIGHT have an orphan right, and the burden of proof [beyond reasonable doubt] is on the prosecution, not on the defense.
If you ask me, that provides a defense for ANYbody accused of ANY file sharing, file downloading, any time, anywhere.
TIER 3
OK? Finally, there's the question of legal damages. The RIAA has been asking for ALOT of money for something that really hasn't cost them a penny. If you lose the case there's still the very firm territory of emphasizing (repeatedly) the fact that the RIAA's losses are theoritical paper losses, rather than demonstrable "point-to-the-broken-window" losses. They have no proof that anybody would have bought the music that was downloaded. For instance, even virgin records has headphones to presample music, and most people who sample their music do NOT buy it. In the exact same sense, the RIAA cannot establish that the downloaders were doing anything other than pre-sampling the music. The price of pre-sampling a song at Virgin records is FREE.
If they're asking full market CD price for a bootleg copy of a song that their industry constituents didn't even burn to CD (i.e. they invested nothi
"Forgive us our trespasses, as we forgive those who trespass against us." -Jesus Christ The Lord's Prayer
Why does the recording industry choose to alienate customers and potential customers by clinging to and archaic, outmoded, business model instead of trying to take advantage of opportunity and develop a new and better system that could benefit them and the customer AND the artists? Are they lazy?, greedy?, both? Or are they just plain mean?
"Waitress I need two more boat-drinks..."
What software does the plaintif's agent use, and how is it validated? Is the source code available for expert examination, to look for possible bugs, either unintended or not? Can it be subjected to rigorous proof of functionality, in the computer science sense? Who wrote it, and can they be deposed, or whatever?
(Can you get the case thrown out if they refuse to allow examination of the source code, like the issue with breath analyzers in Florida some time back?)
if they have to give away their testing criteria, then people will just come up wih a way to invalidate it. also, the whole point of these raids is to ruin your life. if they have to tell you how long they will have your computer, promise not to destroy it or your other data, and even loan you a replacement, then they can't really ruin your life now, can they? why not just ask them to stop suing people while you're at it? look, all they are trying to do is terrorize people. is that so wrong?
sarcasm:
-noun
1. harsh or bitter derision or irony.
Argh! Finally I have some mod points and a comment I feel deserves modding-up, and it's a comment responding to something I posted so I can't mod it... grrr!! Kudos! That's a zinger on at least three different fronts!!
This space intentionally left (almost) blank.
I read that speeding cases in Florida (I think) were being thrown out because the defedants requested to see the source code for the radar device that computes the speed, and the manufacturer wouldn't show it. This could be used here as well. You need to see the source code for the: operating system (Windows?), browser (IE?), screen capture, IP determining software, server, word processor, server log creator, etc, etc.
Related, I think Knuth showed how you could create an undetactable "virus" which can produce any effect in software that you want by altering a compiler (or OS), then deleting the original version. There would be no way to tell that newly created software (or documents) had been tampered with the invisible virus. So, software is inheriently untrustworthy.
Doing something good? Well...
Lawyers asking techies about law is as pathetic as techies asking lawyers about tech.
Consider any geek here asking a lawyer; "Why would I need a relational database?" or "What's the structure of xvid indices?"...
On the first question they'd probably come up with a lot of sales bs (sales people, lawyers etc, they're all the same. scum).
On the second question they'd be stunned. Then laugh and tell you that you're an ugly geek, and then they'd show how much money they have and you'd walk away sad knowing that technical knowledge doesn't pay off, while scumbag knowledge like "sales" or "fucking peoples lives up (aka law)" does.
This entire article makes nothing good. Best would be if a lot of people got life-time in prison or multi-million dollar fees, so that people start to realize that what they need is political f*cking revolution, not some EFF donation or hints to lawyers.
Next time, this very same lawyer is on RIAA's side with much more base facts. That's what lawyers do, finding the one who pays the most money, and RIAA got plenty.
And another thing, as long as all idiots in this world still actually BUY CD's, what the hell will change? Nothing. Stop buying polluting plastic pieces of junk that is being distributed over the world in large ships using lots of oil... The entire process is absurd when pretty much anyone (in almost all parts of the world actually) have an internet connection.
Have you found any files being shared that AREN'T infringing copyrights you claim to administer? Perhaps some independent artists who don't belong to the RIAA have also been found. I'm curious how they are being treated.
Information assurance? Well, there's something right there. First, go over his published work. Now compare the standards he writes of for this assurance to what the RIAA has actually done.
:]
I'll give you 99.9% odds that the two won't match very well. Given the number of misidentifications the RIAA has already made...
Please note that the more you can manage to require of them in this case, the higher the costs will be for them to persecute people in the future--nothing makes programmers less productive than a whole bunch of crazy legal requirements
And like I said before, get him to authenticate inauthentic screenshots. If you can get a digital copy of the file, or just a good programmer/artist to make a mock-up of their application, you shouldn't have much trouble making convincing fakes. Especially if you run them off as photocopies to hide any slight imperfections like the font being misaligned by a few pixels, etc. Just pay attention to quality--you CAN do it perfectly if you try hard enough, but if you don't, you'll use the wrong font, shift it off by a few pixels, etc.
By subpoening the "wrong" hard drive, which turned out to have no evidence of wrongdoing, hasn't the prosecution demonstrated right there that their methods of identifying culprits are unreliable?
It's possible that if allowed to examine the son's hard drive, they will find evidence of infringement that is totally unrelated to the "evidence" they are attempting to use to allow an examination. Rather like a cop pulling over someone for speeding, then opening up the trunk to search for drugs, or unregistered weapons, or some such. In other words, fishing expedition. If a cop on a speeding stop pries into the trunk without probable cause, and finds something, I believe that evidence is not admissible in court. What's worse is that if the RIAA does the equivalent of planting evidence, finding them out will be much harder than catching this hypothetical cop, because as everyone has been pointing out, logs and such like computer evidence have no security whatsoever, nor even much reliability. So even if they haven't been tampered with in any number of undetectable ways, they might not be accurate. With the cop planting evidence, there's a much better chance it'll be found out.
I'm wondering if some sort of jury nullification might be possible. By demonstrating to the jury and judge that every one in the courtroom is an infringer, perhaps they will be persuaded to... I don't know exactly. As to how this could be demonstrated to the jury, try this one out. Have any of them or their family members ever ripped a CD they own to mp3 files? If yes, did any of those people pay royalties to Fraunhofer, the owner, or rather, the thief, of the mp3 format? No? Then they're thieves. If instead they'd ripped the music to Ogg Vorbis, they'd be legally fine. And I bet none of them had any idea that they weren't the fine upstanding citizens they thought they were. Since some of these laws are way too easy to violate, and violations do no easily measured harm (the theoretic harm the RIAA gets so worked up about is just that-- theoretic), while the laws themselves do plenty of harm, those laws ought to be nullified. I don't expect the jury to go for it, but if they'll at least consider the idea and not dismiss it out of hand, the possibilities may scare the RIAA.
Finally, how does this Dr. Jacobson sleep at night? A university professor, living off taxpayer money, biting the hand that feeds him. I wonder if some action could be started towards getting him dismissed from his university position? Probably has tenure tho. But maybe if he commits perjury, as seems he might, that would do it?
Intellectual Property is a monopolistic, selfish, and defective concept. It is "tyranny over the mind of man"
MAC addresses aren't guaranteed to be unique. MAC addresses are only guaranteed to be unique on a given PHY. So a 802.2 and an 802.11 interface could have the same MAC. (... and this doesn't break anything since those two interfaces can't see each otehr.)
Read this document: http://www.ilrweb.com/viewILRPDF.asp?filename=umg
The end-user is fairly well insulated from any liability and they certainly would not be found to be willfully violating (the same cannot be said of someone that pirates copyrighted material). The designer of encoder/decode software, however, is certainly responsible and these fees cover the customer's right to use the product.
iTunes, Musicmatch, WinAmp, WMPlayer, Real Audio, and many many others have paid licensing fees and thus most mp3 users have absolutely nothing to worry about in this regard
Great, so you won't mind if I steal your social security number then, will you? Hey, and while I'm at it, why don't I create Fallinux--I'll fork the latest Linux kernel and make my own binary release and redistribute it with my own additions? After all the harm of these actions are all just "theoretical".
How are pirates feeding professors, pray tell? I am a tax payer and I don't object.
So what you're saying is any "hacking" crime, online pedophilia, etc should never be prosecuted because the logs "might not be accurate"? Besides, this is a civil case and it is all about the preponderance of the evidence. It's fairly unlikely that this professor would plant evidence and it is very likely that someone on that family did pirate some stuff on Kazaa... This also ignores the fact that the plantiffs can and did subpoena other family members involved for additional evidence (and that many of them were evasive about it).
Can you subpoena MediaSentry directly then? I suppose you know the legal process far better than I do, but we both can see them squirming here and I don't doubt that we both have a bad gut feeling. I have this feeling that some of your answers may lie in subpoenas against third parties (e.g. the ISP, etc.), too.
:/
Maybe I've been watching too many detective shows of late, but a strange idea occurs to me with their contract and wanting it to be privileged... What if MediaSentry is paid a percentage of how much the RIAA makes from litigation?
In theory, that might raise some ethical issues if something like that got out. Sure, that's only speculation, but if it were something like that, I can't imagine it playing well in front of a jury even supposing it to be 100% ethical and legal in the eyes of the Court.
They're just playing so many dirty tricks here by my reckoning... I can't help but wonder if there aren't a few ways you can do to make prosecution more difficult for them in the future. I guess you're doing some of that now; I remember at least one time they were chided by a judge for defrauding the state of proper filing fees by bringing a ton of subpoenas at the same ISP all in one bundle, etc. I liked that argument--I think that the type of judge who might not care that the defendant feels terrorized by lawsuits might still listen if it were the state being defrauded.
Conversely, I'd be fearful of the reverse--not being able to get a good expert witness to counter them and having them bamboozle some tech-clueless judge into thinking that their infringement detection programs are infallible such that their conclusions can just be rubber stamped in the future.
Of course, I'm sure they're savvy to such things, so I have to worry... Please be your most careful in legal research and process; I fear you're up against some real bastards who won't give you any quarter. I've seen too many such things in the unrelated cases brought by BS&F on behalf of SCO
As for the software, yes, it's total BS. There's no way any sensible person can trust unaudited software. If you have the time, software talent, and a clear screenshot that exposes enough of its functionality, it probably wouldn't be difficult to make a sham version of the program (and not just the screenshots) that pretends to do anything you want. It would be awesome if you could demonstrate something like that in front of the court (and even better, GPL a copy of the sham program).
Even if they're not using it to lie, though, I can certainly imagine plenty of reasons you'd be better off not knowing why they won't want to make anything about it public. If I'm right, please do your utmost to get every possible scrap of information into the public record. It will help to undermine their reign of terror.
Does the defense have its own forensic analyst?
1) What is the secure hash of the image that was taken from the
defendent's hard drive? If Dr. Jacobson doesn't have a hash that can
be verified by performing another read-only hash of the original evidence
drive, then it cannot be known that the image he examined was from the
correct machine. The image that Dr. Jacobson describes may have been
his inadvertent analysis of the hard drive of his own computer that
he was using at the time.
2) In his motion to compel, Dr. Jacobson says "... defendant's computer
had a public Internet Protocol ("IP") address and was not connected to
the internet via a wireless router. I base this on the data mentioned
above, as well as on the registry entries recovered from the computer
and the fact that there was no internal IP address here. Based on how
IP addresses are assigned, it is not difficult to determine whether
a computer was connected to the internet via a wireless router. This
computer was not."
a) In April, Dr. Jacobson said that the IP was 141.155.57.198 on 8/7/2004
at 6:12:45 AM EDT. What was the public IP address that he found on
the image that he examined?
b) Dr. Jacobson claims that based on how IP addresses are assigned,
that it is not difficult to determine whether a computer was
connected to the internet via a wireless router. I bet it won't be
141.155.57.198.
If the computer (normally connected directly and with a public IP
address) were powered off at 6:12:45 AM for example, and the wireless
router with a public IP address of 141.155.57.198 were passing traffic
to another computer, how could he possibly determine that this was or
was not happening by examination of the machine that may not have even
been powered on at the time?
In other words, take a DSL modem, a PC, and a wireless router.
Plug the PC into the modem and get a public IP address.
Now, shut down the PC, plug the wireless modem back in, turn it on,
get another public IP address, and go to bed. Note that it is ludicrous
to make any assumptions about how wireless modems are or are not being
used based on looking at the IP that the PC had been assigned.
Use of neighbor's wireless routers using addresses similar to their own
(jrlindsor@kazaa for example) is not at all unrealistic. In fact, if
someone is going to piggy back on someone else's unsecured router, it's
the most likely thing they'll choose. If I wanted to run a Kazaa node
and my neighbor had an unsecured router, I'd use something that sounded
more like their name as a login than mine.
Page 4.
Paragraph 5:
You mention information about IP address. What IP address(es) are you referring to and how were they attained? Could you please explain how a wireless router or other NAT ( Network Address Translation ) router work? Could you please explain how they hide the address assigned to an individual system and allow multiple systems to all appear to be using the same external route able IP address. Could you please explain how the NAT device takes IP address and port used by the computer and re-writes the IP address so that it matches the IP addresses assigned by the Internet Server Provider and how it takes data destine for the ISP assigned IP address and after consulting it's internal translation table re-writes the IP address and port and passes the data to the computer using the private IP address? Could you please explain how you made a determination that NAT was or was not being used?
Paragraph 6:
You stated in paragraph 5 that you do not believe a wireless router was used based on IP address and you state in this paragraph that you do not believe that this hard drive was used to share data as accused. You however make no determination or even mention of IP address, is this because there was no evidence of IP address on the harddrive? If there was no information about IP address assigned to the defendant's computer on the hard drive does that mean that all the evidence concerning IP address was based on data external to the defendant's location and if that is the case how would/did you make a determination that there was not a NAT device (as explained above) between the defendant's system and the monitoring. And if you can not rule out the possibility of a NAT device then how can/could you rule out the possibility that the NAT device allowed wireless access and the computer traffic that actually was observed was NATed by a wireless router and hence used the IP address assigned to the defendant by theft of service?
You further speculate that the computer showed little use during the time in question, could this also indicate that it would have been less likely that the defendant would have noticed that their internet connection was being stolen by someone else via a wireless connection?
paragraph 7:
As a computer security professional, do you teach about the importance of maintaining back ups of data? Would you not recommend that something as important as a resume be kept in multiple locations so that it does not get 'lost'? Additionally you indicate that the resume showed activity during the time in question, would that indicate that it was being maintained? And hence that the computer itself was in fact being used during the time in question, just not for the speculated purpose?
General:
You mentioned the data MediaSentry provided including screen shots. Could you tell please explain how your verified how you determined that the screen shots had not been altered? If I were to provide you with 5 copies of the screed shots after altering the copies using a graphics editing program, would you be able to determine which was the original and which were altered? If so, how? If you are relying on the source that provided you the data, could you please provide his or her contact information so that we can question them about the screen shots? (re-peat till you get to the person who actually made the screen shots)
Could you please tell us how MediaSentry works? Since it obviously interacts on the Internet could you please tell us what IP address it used during the time that it gathered this supposed data? Was it a passive observer and if so, how did it observe traffic from the defendant's machine? Could you please explain about network address (IP addresses) and the difference between directly connected hosts, local networks, and routed networks? Are the IP address used by M
How often did you get bashed up at school?
What is your major malfunction numnuts :p