Slashdot Mirror
RIAA's 'Expert' Witness Testimony Now Online
NewYorkCountryLawyer writes "The online community now has an opportunity to see the fruits of its labor. Back in December, the Slashdot ('What Questions Would You Ask an RIAA Expert?') and Groklaw ('Another Lawyer Would Like to Pick Your Brain, Please') communities were asked for their input on possible questions to pose to the RIAA's 'expert'. Dr. Doug Jacobson of Iowa State University, was scheduled to be deposed in February in UMG v. Lindor, for the first time in any RIAA case. Ms. Lindor's lawyers were flooded with about 1400 responses. The deposition of Dr. Jacobson went forward on February 23, 2007, and the transcript is now available online (pdf) (ascii). Ray Beckerman, one of Ms. Lindor's attorneys, had this comment: 'We are deeply grateful to the community for reviewing our request, for giving us thoughts and ideas, and for reviewing other readers' responses. Now I ask the tech community to review this all-important transcript, and bear witness to the shoddy investigation and junk science upon which the RIAA has based its litigation war against the people. The computer scientists among you will be astounded that the RIAA has been permitted to burden our court system with cases based upon such arrant and careless nonsense.'"
Oh man, even Chappelle is going over to The Dark Side. That is *not* funny, Dave.
[/humour][17] Leary, T., White, C., Wood, P. R., Bhabha, W. D., and Wirth, N. Lambda calculus considered harmful. In Proceedings
I saw something in the transcript that I wanted to point out before anyone else here criticizes Jacobson on it:
Q. By what body are you certified as an engineer?
A. By no professional society.
Q. No professional society? Is there any organization that has certified you as an engineer?
A. No.
Q. Are you part of any peer regulatory body?
A. I don't quite understand what you mean by --
Q. Are you part of any body the members of which are peer-regulated?
A. Can you give me an example of what you are --
Q. A lawyer, an architect, an accountant. I thought an engineer had to be certified by a peer-regulated body.
A. To be called a professional engineer they do.
Q. So are you not a professional engineer?
A. I do not have a PE license.
Based on his Jacobson's research page. It looks like Jacob's, a professor "on the faculty of Electrical and Computer Engineering", is a computer engineer. Given that, the above statement is totally understandable As a computer engineer myself, I can say that it is *EXTREMELY* rare for a computer engineer to be a licensed PE. (Not a single computer engineering professor in my University is). PE's are common in engineering professions where somebody needs to sign off on the final product - civil engineering especially, and mechanical engineering to a lesser extent.
To make laws that man cannot, and will not obey, serves to bring all law into contempt.
--E.C. Stanton
Respect to you Ray.
I've seen you take a lot of flack for your efforts to keep us all abreast of the proceedings, of issues that should concern us all.
And it's nice to see that the community could have been of help.
All the best.
"There is nothing nice about Steve Jobs and nothing evil about Bill Gates." - Chuck Peddle
"Q. Are you part of any peer regulatory body?
A. I don't quite understand what you mean by --"
A professor is part of a "peer-regulated" body. He may not be able to call himself an engineer, but that doesn't mean he's not an expert.
As a Software Engineer who does not have a PE, I'm curious as to what areas of software require a PE?
/. to avoid these off-topic subthreads.
About the only ones I can think of are in control systems, particularly where a failure could cause loss of life or serious injury. The computers that control an automobile engine and brakes come to mind. "Secondary" systems which provide life-saving information, such computers in aircraft-control towers, might also require a PE's blessing, but this seems like a stretch.
Are there any software engineers out there who have to have a PE for their current or past SW Engineering job? What job required the PE?
Memo to Cowboyneal: Add a messaging system to
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
This guy comes to the conclusion that it was the defendant's computer, even though there is no evidence from hard drive forensics, and he says there is no wireless router since the IP was registered to the house.
Also, he kept no records of the forensic analysis, and he is always trying to pin the idea that an IP address is a computer, even though it's obvious he's avoiding or twisting questions, even to someone who isn't so technically inclined.
For me to say why he was doing it would be speculation. My guess as to the reason: inexperience.
Ray Beckerman +5 Insightful
Not to mention that he maintains he can trace the IP address back to a specific ISP account and computer (emphasis mine). Unless he's a Peeping Tom with a web-cam in the defendant's house, the RIAA should be demanding their money back from him.
Oh, and then there's the place where he maintains that at the time the computer was imaged many months afterwards, that there was no wireless router in use at that time Media Sentry "discovered" this "infringer". Is there a log that keeps records of every IP address you've ever connected with?
And I have to laugh at how he refers to "registered" computers. I thought he was talking about gun registration, or some such thing. I've never heard of my own computer being "registered" to anything. Is this another invented RIAA term, like "Media Distribution System"? Has anyone else ever referred to KaZaA, or any other P2P program, as an MDS? Ray, you can't be letting the RIAA frame the terms of the debate to ignorant Judges.
And don't miss the parts where he says he didn't actually document any of his findings because there was nothing to find, however, you should go through your own copy of the disc to verify my Registry findings that no wireless router was in place. He's supposed to be the expert, and he wants the defense to replicate his findings in the Registry??? Are there any registry experts here? Probably a few, but not many. But he assures us it's there.
Biggest thing is that he says that no KaZaA was present, nor any infringing music files. The only way the RIAA can respond is you sent us the wrong hard drive. No question that the person in question might have actually been innocent. RIAA -- You Bastards!
Glad to know that we helped, Ray! Keep fighting the good fight!
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
programming desperately needs the kind of accountability and professionalism that 'real' engineering has.
So would a PE software engineer lose his license if he made software with numerous bugs? Can software engineers really be held to the same level of accountability as structural engineers? I thought it was near on impossible to write error free software these days. What criteria would you use for standards?
We are all just people.
The RIAA lobbyists have been a busy lot. On Friday, they got the Copyright Review Board to grant them a fee based system that will essentially shut down the majority of small Internet Radio stations. Way to go boys. Bring on that corporate commercial media. http://www.radioparadise.com/ http://www.save-internet-radio.com/2007/03/02/save -internet-radio/
From pages 65 and 66:
... unless you want to eliminate the best "but it wasn't me, honest" excuse the world has to offer.
10 A. This tells me that there was -- yes.
11 There was no router.
12 Q. How does it tell you that there was
13 no router?
14 A. Through the two --
15 If you look at the second chunk down,
16 you will see the source address at the top and you
17 will see the KaZaA IP address midway through that,
18 and they match and they are both public IP
19 addresses.
20 Q. You said they match?
21 A. Uh-huh. The 141.155.57.198.
22 Q. That's the source?
23 A. And then down below you see the KaZaA
24 IP?
25 Q. Yes.
2 A. It's those two IP addresses.
3 Q. What does the first number indicate?
4 A. The first number of the IP address?
5 Q. Yes.
6 No. The second line of that chunk
7 that says "source." What does that indicate?
8 A. That is the source address. That is
9 where the packet came from.
10 Q. Now we go down to the next line you
11 referred to, it says "KaZaA IP." What does that
12 refer to?
13 A. That is the IP address that the KaZaA
14 software is running on, the IP address of the
15 computer that the KaZaA software is running on.
Some routers share their IP public addresses with a DMZ computer.
If the defendant's wireless router did that and a attacker across the street took over her router and made his laptop into a DMZ it would lead to this scenario. Kids, always secure your routers
I knew Doug Jacobson when I was an engineering student at ISU. He seemed like a decent and knowledgeable guy, very interested in computer security.
I'm very sorry to see he's come to this.
Kythe
I'm currently studying for the spring Fundamentals of Engineering exam (FE). After taking this exam and working in the field of engineering for 5 years, you can take the Professional Engineering (PE) exam. Its not the easiest test in the world, and its a big pain in the arse. That said, I think a computer science student would have a particularly hard time with it. The morning session (general) is composed of several subjects including chemistry, strengths of materials, physics, thermodynamics, fluid mechanics, a small ethics session, etc. Basically all engineering knowledge known up to 1935, updated to the modern day. Everyone has to take the general session, and I think Comp sci students would struggle with it.
The afternoon session is a choice between mechanical, electrical, civil, (chemical?) engineering. I think maybe comp sci students could take the electrical and do fairly well on this half. The PE exams are very similar (identical?) to the FE exams, but it has been 5 years since you have been in a classroom so they are considered harder just for this reason.
As for the term "Computer Engineer"; in the 1800s a group of very smart men began doing different things with Natural Philosophy. They were so different that they thought they needed a new title for what they did to separate themselves from the natural philosophers. Eventually they went with the title "scientists". Perhaps a new title is needed for "computer engineers" because it doesn't seem to fit very well.
Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
He's submitted sworn reports... around 200 of them. But no defendant's lawyer has ever brought him to a deposition before this.
Ray Beckerman +5 Insightful
After reading that all I can see if the guy evading the question, flat out denying truths, agreeing with them in limited fashions, constantly playing dumb. His investigation methods are borderline incompetent, after reading that huge PDF I could only say he should not be allowed to be a whitness in any case I mean I'm a third year computer engineering student most of my course emphasis has been on networking and hardware rather than this sort of thing but I can see huge holes in his logic.
1.Doesn't verify his sources Beckermans point about "are mediasomethigns and verizons clock synchronised" is a good one espeacially when you consider his point about the nature of IP address's, at the very least he should have requested the lease time of that IP (so when did the subscriber start using the IP and for how long) to verify that the information had a chance of being correct.
2.No set method, the lack of reports and the fact he never made print outs suggests he doesn't have a set method of investigating, which personnally would make me question his investigation techniques this results in a whole list of problems:
2a.means no evidence supporting the defendent was kept, in effect his not impartial and also hurts the defense 2b.suggests he makes it up as he goes along, a "what seems a good idea at the time", as you can clearly see he's missed out on some issues which are important, like confirming the MAC address of the machine and its method of connecting to the internet.
3.Deliberate attempts to twist what hes saying or not sticking to the question an example would be towards the end where he starts talking about IPV4 and finishs with IPV6. I don't know how either works exactly but he should have talked about both seperatly, the use of both at once means he could be dilibertly hiding stuff, when was IPV6 rolled out anyways? Anouther example would be his linking IP address's directly to a PC, no matter how many times Beckerman tried to get him to admit that when accessed through a router the IP address given to the outside world is the routers not the individual PC's. 4.Lack of actual investigation, now I'm not sure what he was exactly hired to do but by the looks of it RIAA hired him to prove and be a whitness to say that a person used Kaza to download and share music. Hes not done that, hes investigated the drive he was sent found no traces of Kaza on it, or any MP3's (I think he indirectly said this) rather than investigate possible explanations for this, for example did the person own two pc's, did they connect to the internet through a router, could this router have been compromised (perhaps unsecured), perhaps then look for security vulnerabilities to see if it was a zombie machine, or for other security problems. Then if he couldn't prove any of that attempt to verify that mediashares information was correct, check it and check verizons and then attempt to co-oberate that information somehow, for example attempt to obtain the MAC address from the hard drive and from mediashares packet information in otherwords to link them up. Otherwise all he can actually claim is that "The pc in question when inspected did not have the Kazaa program on it at any time, nor does it appeared to have or have had the media files that mediasomething accuse the computer of having" His conclusions from his investigation lack any form of imparitality and it appears that he was unwilling to give any real unbiased opinion.
personnaly after reading that disposition I would seriously call into credibility as a expert or even as a whitness. I'm sure better people than I could take apart his disposition its 3am here I'm tired but those are the things that come to my mind at least
From p. 88:
Q. But you don't know whose computer it actually was, do you?
A. No.
Q. But your report said it was defendant's computer, so I think you will agree that that's an imprecision in your report.
A few unhelpful observations.
This is my first real-life encounter with a deposition, and I've gotta say it's quite fascinating. I like how the opposing lawyer relentlessly objects to nearly every single question. And how Mr. Beckerman's first goal seems to be to show that the "expert" has a financial interest in what he's been claiming, coupled with that expert's bizarre claims that he doesn't have the foggiest idea about the commercial reality surrounding his work. For example:
I'm not sure how you can have "no idea" whether the RIAA is pleased, furious, or otherwise about the fact that your company is creating anti-P2P products, while being simultaneously "sure" that your company is referring to the RIAA in its press releases to help sell its products.
This is funny, too:
I should buy some cement.
IANAL, but I understand that there are standards for admissibility of scientific evidence, and the questions quoted below (and several that follow) cover them. The most recent ruling is called "Daubert."
Whatever this witness has to say based on his methods is useless because the methods have not been generally accepted and/or there are no peer reviews or tests of the methods' accuracy/reliability and no known level of accuracy/reliability.
Q. Has your method of determining from
the MediaSentry materials whether a particular
computer has been used for uploading or downloading
copyrighted works been tested by any testing body?
A. Not that I have submitted.
Q. Do you know anyone else that is using
your method, other than you?
A. Not that I'm aware of.
Q. Has your method of determining
through the MediaSentry materials whether a
particular computer has been used for uploading or
downloading copyrighted works been subjected to any
form of peer review?
A. Not that I'm aware of.
Q. Has your method of determining from
the MediaSentry materials whether a computer has
been used for uploading or downloading copyrighted
works been published?
A. No.
Q. Is there a known rate of error for
your method?
A. No.
Q. Is there a potential rate of error?
MR. GABRIEL: Object to the form.
A. I guess there is always a potential
of an error.
Q. Do you know of a rate of error?
A. To my process, no.
Q. Are there any standards and controls
over what you have done?
A. No.
Q. Have your methods been generally
accepted in the scientific community?
A. The process has not been vetted
through the scientific community.
Both 9x and NT-based variants keep information about DHCP address assignments in the registry, so that they can attempt to request their previous IP address after a startup. Specifically, in NT-based systems, you can look under "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servi ces\Tcpip\Parameters\Interfaces" to see a list of interfaces that Windows has available, and under each one of those, there exists a REG_SZ value, aptly named "DhcpIPAddress", which includes, in plain ASCII text in dotted-quad notation the last DHCP address handed to the box by the DHCP server at the IP specified by the "DhcpServer" REG_SZ value. Older entries could potentially exist under the "ControlSet001" and "ControlSet002" keys, both of which are backups.
While this method is by no means bulletproof, it could potentially disclose the last IP address the computer obtained from a particular DHCP server and that would not only be useful, but perhaps even relevant information.
At first I thought that was a lawyer-lawyer jibe and he was about to ask if the other lawyer wanted to chase it. But it was almost that good anyway:
MR. GABRIEL: Why don't you wait until the ambulance passes.MR. BECKERMAN: I don't think we --
MR. GABRIEL: It may take a while.
MR. BECKERMAN: This is New York, Richard. This isn't Denver. We could be here all day.
MR. GABRIEL: Just try to keep your voice up.
Chernobyl 'not a wildlife haven' - BBC News
As I interpret it, the summary is that the guy inspecting the hard drive appeared to have no formal qualifications, his methods were not peer reviewed, he was unaware of the exact methods and procedures of the software he had been using to identify the user or examine the hard drive, he could not testify that although media appeared to be shared it had actually been downloaded by any person (other than the software looking for copyright material), although he examined the disk he didn't actually document any of his findings, that he was not aware if the time of IP address allocation and the IP address to account lookup that Verizon did was actually correlated/synchronized, that he was unaware of Verizons' procedure for looking up such data and if it was free of human and/or mechanical errors, that he didn't know what the IP allocation time was or how many times this dynamic IP address had been allocated that day, that he himself teaches classes involving spoofing, that there were 3 user accounts on the hard drive that he examined, and that, assuming the information from Verizon was accurate, he had no way to actually show which particular person had been using the computer. Further, he conceded that it was possible to compromise and control a computer remotely over the Internet, and that he had not investigated if this had actually occurred. A document was also referred to in which it was shown that P2P applications often scan users hard drives and share media on installation, and many P2P users are not aware of which files on their computer are shared, even when their whole drive may be shared, including personal documents. It was also stated that P2P applications can run in the background, e.g. in the system tray, perhaps without the users knowledge.
There was some tenuous discussion of how MAC addresses are used (to which I am not certain I completely agree, but I'm not an expert), and again on how the correlation of two address fields in a Kazaa packet shows that the computer was connected directly to the Internet and not through a router. Again, there was nothing to show that the computer connected to the Internet at the time actually belonged to the Verizon account holder, because no MAC address was recorded and in fact he didn't have access to anything except the hard drive (although personally I would expect Windows records this in the registry, which he did examine and didn't document). In any case, he did say that MAC addresses could be spoofed.
Most interesting for me was that as the examiner, he had been asked purely to find out if Kazaa and MP3 files were present, and he seemed to followed that direction, failing to look for any materials (e.g. malware, remote control apps, etc.) that could possibly have assisted the defense.
HTH
Ughhh. I'm up to 40 and reading. This is like a Mongolian version of Law and Order.
You have tried to support your argument with faulty reasoning! Go directly to jail; do not pass Go, do not collect $200!
The lawyer was making those objections because that's how these things work, for better or worse. In these situations, lawyers attend depositions assigned specifically to object to anything remotely objectionable in order to preserve their objections in the future (because otherwise they are lost). If something really damaging happened in one of the answers to an objected question, those lawyers could then bring up the fact that they objected at the time and wouldn't be hosed by failure to preserve the issue. In many cases it's just wasting time, but in the event something goes ill in your deposition, you'll thank your lawyers for so protecting you.
This entire case hinges on screenshots, mystery analysis software "encase", a questionable expert, and an IP address obtained from an ISP. The evidence in this case doesn't even make it to the standard of "hearsay" not to mention the fact that the plaintiff lawyer appears to be highly inexperienced with Turets syndrome and keeps blurting "Objection to form."
I suspect that if one were to dig deeper into the so-called evidence, one would learn that information obtained from Verizon is prone to error, and that the procedures for generating the screenshots from KaZaa are based on assumptions which are prone to error and probably performed by monkeys. I want to read the deposition from the "dude/monkey" who took the screenshots, please post that one next.
If I were the lawyer for the defendant, I would already be filing my motion for dismissal "with prejudice" with the award of reasonable lawyer fees for having brought a case without any evidence.
Are there any standards for evidence? Is a printout obtained via supoena really a standard for evidence? If so, I can prove anything you like and as a bonus, I even have a professional certification.
There seems to be a common misconception, that I noted in the testimony, that you have to use one of the reserved IP address ranges on the LAN side of a NATed router. In fact, you can use any address at all (I do). The only downside to this practice is if you eventually have to move the NATed host(s) to the WAN side, they need to be re-addressed - and of course, that only applies to hosts with statically assigned IPs.
In other words, by looking at the IP address contained in the payload, there's no way to tell that it was behind a NAT router or not simply because the IP address was not in a reserved range.
Secondarily, since the computer interface IP address is in the packet payload, that is data that is being sent by an application. The application (whatever it was that was communicating with the P2P network) may:
- lie. It could be a hacked version of a P2P standard application,
- allow user configuration of the IP address in the payload (if I remember correctly, some seem to),
- be broken. I assume all versions of all applications that communicate on the indicated P2P network were not vetted for their proper functioning.
Can You Say Linux? I Knew That You Could.
I've seen Kazaa mess up our DSL connection quite a few times. Now, did we use Kazaa? Nope. (we prefered WinMX and irc, but thats beside the point :-D).
When a user gets on Kazaa, the Kazaa network perpetuates that External IP address through their network. Your external_IP is linked to your kazaa_username. Now, when people search and get your kazaa_username, they hit that IP address. All is fine and good... until you are knocked off of DSL or your dhcp timer is up.
Then, you reconnect using a new external_IP. Now, you have many users on Kazaa that know your username goes to either your old IP or your new IP.
The network trashing occurs to the person who inhabits your OLD external_IP. You see a LOT of bandwidth from users and Kazaa network towards your new IP address. We had a 768/384 Kb connection, and 200 Kb was ate up with garbage from Kazaa from the previous IP inhabitor. This number of garbage connections approaches 0Kb, but never meets it.
Perhaps they detected a residual connection like that.
I stopped stealing music when I found out you could just copy it!
Software patents delenda est.
A scientist, an engineer and a programmer are on a road trip. Their car goes out of control on a steep hill and they barely make it to the bottom alive.
The scientist tries to calculate the distance to the nearest repair shop, the engineer suggests checking the wiring and brake pads, and the programmer suggests driving to the top and seeing if it happens again.
My point? Programmers and engineers are different. The best way to solve their problems is different. I trust this CTO more because he doesn't have engineering certification. In the same way a person with a music degree is less specialized as a programmer.
-- http://thegirlorthecar.com funny dating game for guys
Comment removed based on user account deletion
Perhaps you should go back to stealing. It'll cost you less (jail) time and money if you get caught shoplifting a physical CD than if you are accused of making an unauthorized copy of it.
Schrödinger's cat is not amused—maybe.
Well, I can feel for the defending lawyer, but the NAT discussion didn't quite succeed IMHO. The expert claims that the fact that the Kazaa packet had the public IP address means that the computer wasn't behind NAT. But the lawyer counters with a paper describing how Kazaa (since version 2.0) uses a technique to determine it's public IP address in order to get around certain NAT problems.
This should have been the killer point. I completely trashes the expert's claim of expertness on the protocol. However, the wording was just too confusing for most people to really understand. I'm not a lawyer so I'm not quite sure what could have been done better, but if possible I certainly wouldn't leave it like this.
In fact, I'd be surprised if Kazaa would operate at all behind NAT if it couldn't determine it's public IP address (although I admit that I don't know why the IP address is there if not to tell other nodes how to route replies). A good question would have been "Have you ever seen anything other than a public IP address
in a Kazaa packet?"
If there is another opportunity it would be a good idea to nail this point home. Really, if the expert can't understand how a p2p program defeats NAT by discovering it's public IP address, then he isn't much of an expert. And if you show that having the public IP in the Kazaa packet does *not* mean it was installed on the computer containing the NIC assigned the address, then really they have no information at all...
For example, the four computers connected to my Comcast cable IP go through a router who's MAC address claims it is an Apple iMac I haven't had for a number of years, and in fact is probably part of a landfill somewhere...
The reason the router still thinks it's an obsolete iMac is that having the router continue that charade is easier than getting Comcast to regognize a new MAC address, which is needed because my MAC is how they determine I'm not a Comcast customer, but an Earthlink customer via Comcast 'last mile' (so I get connected to an Earthlink IP not Comcast).
--Tomas
Embarassingly far down in the document, there's a funny "hear-o"
A. A search on KaZaA can "prop you will gate" from one supernode to another.
I'm guessing he said "propogate"..
Philosophy at many schools no longer involves an intensive study of latin. You read plato in english translation, and do the best you can to avoid looking to deeply into what 'a priori' really means when you reach Kant. As for the law, law students don't have to learn to analyze latin, they memorize a half dozen turns of phrase that they use alot. "inter alia", "infra", "supra", "stare decisis", etc.
Intelectualism is dead.
-GiH
Yeah, first I was a programer, then I was a philosopher. Now I'm in law school.
Quidquid latine dictum sit, altum sonatur.
Not trying to be a troll here, but why is knowledge of latin often seen as a requirement for intellectualism?
If J.K.R wrote Windows: Puteulanus fenestra mortalis!
The hatred for the RIAA here is well-established. Out of genuine curiosity, what do Slashdotters think artists and others who work in the music industry should do to protect themselves from piracy?
First off let us be clear...it is not the artists who are hurt by filesharing....it is the music publishers. The 99% of artists who have not been signed to a profitable music industry contract stand to lose nothing by the free sharing of their music.
Time is what keeps everything from happening all at once.
This is flat-out wrong. Yes, you CAN find the OUI that might well give you enough information to find out who made the hardware. The problem is that you can change the whole damn MAC address. Conveniently, Wikipedia even has instructions on how to change your MAC on many OSes, although there's an illustrated guide on changing your MAC, elsewhere.
This guy may know a bit of programming, but this kind of stuff makes it pretty clear to me that he has no idea how people can and do manipulate information. It's pretty clear to me that he's done little more than investigate only those things which might support their case and has completely ignored anything which might cast doubt upon it.
I see a couple of potentially significant details that got left out here, or that, after reading the deposition, I missed in other people's comments. (Disclaimer: I have no certifications, nor am I a lawyer, so there is no more validity to my comments than those of the RIAA's expert)
1. There seemed to be an assumption that the only type of wireless access point in use must be a router or NAT device. There is no basis for that assumption. A wireless access point need not act as a router or as a NAT device. It could merely change wireline Ethernet to 802.11 physical layers. In that way, an "unauthorized" wireless connection could get the DHCP address provided directly by the ISP, and connect with that IP.
2. I'm not sure how far down the distinction I would go with the cable modem vs. DSL argument. In some cases, connection via DSL requires PPP tunneling software install/configuration on the actual computer. That argument could actually more closely tie the defendant's computer to the records captured. That can be circumvented by configuring the PPP tunnel on a router/firewall/NAT device, allowing the computer to be left unmolested. However, on general principles, Verizon also offers a cellular modem option for connecting to the Internet. That's at least 3 "broadband" methods of connecting.
3. I really appreciated the thrust of the the questions that looked to establish if there was any evidence that directly tied the actions of the defendant as an individual person, to the actual act of file sharing from that IP address. Can those questions be repeated for "yes or no" answers in court? Could the RIAA shift their argument to suggest that the defendant, as "owner" of that Internet connection is responsible for the use of that connection? I believe that holds for companies and corporations does it also for individuals?
4. My goodness, the "clarification" questions from the expert's lawyer (RIAA/Plaintiff's lawyer?) were entertaining. There are industry recognized certifications for computer security and forensics personnel. GIAC comes to mind. Perhaps they have some documented standards of forensics that might be appropriate for refuting this "expert's" claims that his methods were reasonable and would be accepted by other professionals in the industry. Just from talking to the IT Security department within my own company I get the impression they'd document their investigation of a single virus on one computer more carefully than this guy did with a legal case.
All of that said, I'd like to pass on a big THANK YOU to NewYorkCountyLawyer and the other lawyers involved for the defendant for actually fighting this one. I have this dream that the defendant winning a lawsuit like this will open the floodgates and pave the way for not only ending this tactic, but to provide the fodder for a slew of suits against the RIAA that eventually bankrupts the cartel and serves notice to the MPAA, etc. that this kind of crap just won't fly, and DRM will suddenly go away, and the heavens will open, and...OK, but a guy can dream, can't he?
----- Connection reset by beer