Slashdot Mirror
Is RIAA's Linares Affidavit Technically Valid?
NewYorkCountryLawyer writes "In support of its ex parte, 'John Doe,' discovery applications against college students, the RIAA has been using a declaration by its 'Anti-Piracy' Vice President Carlos Linares (PDF) to show the judge that it has a good copyright infringement case against the 'John Does.' A Boston University student has challenged the validity of Mr. Linares's declaration, and the RIAA is fighting back. Would appreciate the Slashdot community's take on the validity of Mr. Linares's 'science.'"
It's not a sworn statement, so it doesn't count as an affidavit. If Linares was really behind this document, it would be a sworn statement.
I was reading an article at The Register that almost had me start believing that there just might possibly be the start of a potential change of heart within the music industry.
http://www.theregister.co.uk/2007/06/27/kristian sand/
It's not April 1st, and I'm not on meds (at present - if this is true, well who knows...).
Has anyone seen anything else of note regarding this historic coming together? (take that as you will)
The Mothership
So? I can only interpret your comment meaning Linares is 'against' us so if we were to examine the affidavit it would be helping him. If that is indeed what you meant then it is nonsense.
at least I didn't think I was on meds... RIAA handholding
The Mothership
I do not feel particularly qualified to validate Mr. Linares's claims. However, over the years I have 'forgotten' that the RIAA is just a trade organization, comprised of many different companies. It was interesting to read through the list of plantiffs and put a face on who the RIAA really is. Here they are if you did not RTFA:
- Arista Records, LLC
- Warner Bros. Records, Inc.
- Atlantic Recording Corporation
- Virgin Records America, Inc.
- UMG Recordings, Inc.
- BMG Music
- Capitol Records, Inc.
- Sony BMG Music Entertainment
- Motown Record Company, L.P.
- Maverick Recording Company
- Elektra Entertainment Group, Inc.
- Laface Records, LLC.
- Interscope Records
This may not be a good thing, as my hatred will now be dilutedRonald said nothing. He flung himself from the room, flung himself upon his horse, and rode madly off in all directions.
See page 3, paragraph #6 of Linere's Declaration
How exactly does Bittorrent "Capitolize" on anything? Its free software. No Ads, No fees, ect. Is the RIAA objection to pirates DONATING to open scource projects?
That doesn't sound very pirate like.
If that is what is happening, the RIAA should do the obvious thing: Compete for that market share. Give their own music away, ask for donations. Then sue their Customers. No... Wait.
This question would be best answered by the early version of tagging beta being turned back on: yes, no, itsatrap
Dekker Dreyer
The term "individual" isn't valid, but legally it may be close enough. IANAL. An IP address where files are available is identified, not an individual. That IP address may represent a single traditional computer system, a series of computers behind a router, or even an open wireless access point. The fact that you can trace activity to an IP address does not mean you can trace activity to an actual real person. You can figure out who pays for access to the internet using that IP address, but that doesn't necessarily mean that much. However, legally, it may, if the duty to ensure that an IP address is not used for illegal activities rests with the person who pays the subscription fee instead of the person who uses the address. This may be reasonable...those who pay for access are probably the least cost avoiders (actually, the ISPs may be the least cost avoiders, but we don't want them shutting down every service they can detect).
I think the RIAA is really bad. Do I get my mod points now?
Just curious, if the RIAA is an Non-Profit organization, where is all the money that (is-to-be or has-been) collected from these cases gone? Some how corporate greed now seems to have hit NPOs. The RIAA is just one thing, a crook. What sort of dividends are the artists / composers receiving from these endless amount of court hearings? Is it just me or does it seem like something is out of line or wrong here?
This sounds vaguely familiar...
I think I understand each word in that sentence individually, but as a sentence they make no sense.
Please, for the good of Humanity, vote Obama.
The biggest mistake is that they're trying to imply that an IP address is tied to a specific person at a specific point in time.
It is not.
It may be tied to a specific computer. Or a specific router / firewall. Or even a specific UNSECURED wireless access point.
But it is NOT tied to a specific person.
Their second biggest mistake is claiming (without any evidence) that each file being "pirated" represents a lost sale. So the courts need to work REALLY REALLY FAST to stop the money being lost.
Their third biggest mistake is that the machine with the IP address, that is associated with the "piracy" is 100% under the conscious, knowing control of the person who is being charged. As opposed to your neighbor using your unprotected wireless access point to download files without your knowledge.
Anyone have any others?
The person is NewYorkCountryLawyer. Therefore, I think he expects people who think the RIAA's tactics are horrible to give him technical arguements he may use.
Now, given the prevaling sttitude on slashdot about the compensation accorded all intellectual property, I don't think I'm alone in saying my technical expertise is for sale only. Please paypal $$ to my account for me to comment on this story.
Your ad here. Ask me how!
WTF 'John Doe,' 'John Does.' 'science.'
Put the punctuations *outside* of the quotations, this is a programmer website for Turing's sake.
PDFs ruined the web. They eat up 800% of my system resources, and my machine can even run Vista without a problem!
Your ad here. Ask me how!
In point 12, an IP network is compared to the phone network, and it is stated that only one computer can use each [implied: visible] IP at a time. Given the prevalence of NAT, this is not only technically untrue but also quite reliably false.
In point 12, it is stated that an ISP or college can identify the user of an IP address. This is untrue as the "user" could be no more than a MAC address, which can change. And even if true, the context seems to imply that this remains true in hindsight, which is false unless logs are kept.
Point 15 states that human review is involved in the case of EACH infringer, which is blatantly untrue given the history of automated (and wrong) cease and desist letters.
Yes. How about me? My karma took a nose dive over the weekend.
After all, I am strangely colored.
I don't see EMI on the list. Are they there under a different name? Or do they deserve our business because they *don't* belong to the pigopolists?
"Eve of Destruction", it's not just for old hippies anymore...
Reading through this, I stalled for a second on section 12, specifically the bit about how an IP is a uniquely identifying number. What about NATed connections, gateways, proxy servers, open routers, compromised or otherwise hijacked machines? I'm a professional sysadmin but my router at home is using WEP, and I sure as hell don't monitor what's happening with it. I wouldn't expect any more from an average user.
It's somewhat comforting to know that someone actually LISTENS to the files that they download though, rather than the good old fashioned "you were listing a file with the word 'madonna' in it, your ass is ours."
Section 24 is interesting too, about how the expedited discovery is key because ISPs might purge logs before they get a chance to respond. Why is that an issue? I'm no lawyer, but I would assume that destroying documents that are the subject of a discovery motion would be... uh... frowned upon by judges.
The fact that you can trace activity to an IP address does not mean you can trace activity to an actual real person.
That is the blaring hole in the arguement in the PDF on Paragraph 12 where they compare IP addresses to telephone numbers. They claim that phones sharing one line are like a party line. Only one can make a call from one number at a time. They missed entirely using ports on a router so multiple users behind a router can make a call all at once from the same phone number. The number does not identify the individual any more than call from the political campaign center identifies the individual making the call. You may try to call them back and sue the individual for harrassment, but identifying the individual by the phone number is a problem.
His declaration under penalty of purgery under the laws of the United States that the foregoing are true and correct should have had peer review so they would indeed be true and correct. They are not and is easly proven so. The following is easly proven. Not all IP address have a direct connected single user computer just like not all phone numbers are to a single person renting an apartment. Enter routers and trunked/ISDN lines and his example falls apart. He should be careful what he signs as true and correct. It could cost him.
The truth shall set you free!
IANAL or a law student, just a future CS phd (hopefully RSN).
1) First Linares acknowledges that a route can have an IP address, then he says "Two computers cannot effectivly function if they are connected to the Internet with the same IP address".
This is not true. i.e. routers and NAT. Multiple Computers can have the same effective IP address to the internet. While they can track it down to the NAT device, they cant go further.
2) They assume the network provider maintains a log of IP addresses. This is not a given. A Good guess perhaps, but not a fact.
3) While its good practice that they download files and humanly verify the contents, the list of files can't be verified to be all infringing content. Unless they actually downloaded said file themselves, its an assumption that the file is named/labeled correctly. He says this later when he says that it only "suggests" that there were many copyright files. (Not being a lawyer, don't know the implication).
4) They claim an ISP can identify the computer being used. This is inaccurate. They can identify the customer, but most customers are behind routers (aka NAT) so they have no ability to identify which computer.
5) They claim expedited discovery is "critical" to stopping piracy. I can't believe they believe that expiding discovery will have any dent on piracy.
6) They claim that infringment of non public works greatly harms it when released, I believe there's evidence to the contrary (i.e. widely distributed albums have debuted at number 1 or other times higher then anyone expected).
7) unsure why expidited discovery impacts if they can serve defendants. If it happens quickly or over a long period of time, what difference does it make?
8) They now claim ISPs destroy logs, but if discovery is going on, are they allowed to?
I'm basically trying to make the point that coming here and asking about the technical merits of a technique RIAA uses to identify its victims is almost as bad as going into a fundamentalist Christian forum and asking them what they think of evolution.
Need a Python, C++, Unix, Linux develop
Seeing as we're not paying you, could you please not comment?
Would appreciate the Slashdot community's take on the validity of Mr. Linares's 'science.'
What the hell is that? That's not even a sentence. It's not even a complete idea! What in the hell?
I don't respond to AC's.
>So? I can only interpret your comment meaning Linares is 'against' us
Well, there was an article last week claiming that RIAA is guilty of RICO (aka Mafia) fraud. As far as I could tell, the article made a good case for secrecy, collusion, and extortion.
So, any analysis of RIAA's documents potentially gives RICO defendants a heads-up on technical matters. Whom you choose to defend is up to you.
It is possible to spoof email, MAC, and IP addresses, but I don't know the likelihood of being able to spoof the IP while participating in file sharing with bit torrent or limewire.
It is also very possible to spoof caller id.
Are these good arguments?
I think there are enough holes in their statements to bring it into question, but this stuff is very technical and may be difficult to explain in court, although the MPAA is trying to do the same, albeit poorly.
Creationists are a lot like zombies. Slow, but powerful and numerous. And they all want to eat our brains.
Free advice from a non-lawyer. Not only that, but I only have time to scan the document quickly, however here are some points that I think might be relevant:
1. The word "piracy" is repeatedly used. I don't believe this is a standard legal term (outside of naval encounters). The word is not defined in the document. I think the intent is to equate the term "piracy" with "copyright infringement", but to spin it imply other things. One could probably attack this term successfully.
2. Point 8 is a logical fallacy. Whether or not record companies authorize P2P distribution of music is completely unrelated to the conclusion that P2P networks are used primarily for copyright infringement. One would first have to show that the vast majority of content falls under the record companies' copyrights.
3. "Distribution" has a specific legal definition in copyright law (or it does in my country, anyway). P2P copying may or may not fall under that definition. This is extremely important. They are trying to imply that P2P copying is a more serious offense than copying in other ways.
4. Points 9 an 10 bother me slightly, but I can't put my finger on why. They are implying that the P2P users are anonymous and thus can escape lawsuits from copyright holders. This is probably an important point in their case. I suspect they are trying to show that P2P users are intentionally hiding because they are doing something they know is wrong. This is why it is OK to remove that anonymity. It is important to stress that whatever the motives of the defendant, it is the plaintif's job to show that an infringement occurred *and* that the defendant was involved before an injunction is granted. The anonymity of the defendant is immaterial to that point.
5. Point 11 states that Media Sentry can identify files being offered. It can not. It can only identify the *names* of the files being offered. The name of a file does not constitute anything more than circumstantial evidence that the file contains what they think it contains.
6. As has been stated numerous times before Point 12 is just false. An IP address identifies a machine, not a user. Any number of users may access that machine. Other machines may route through that machine and masquerade as it. The owner of the machine may not even be aware that someone else is using it for this purpose.
7. Point 13 doesn't make any sense at all. They indicate no mechanism for Media Sentry to identify copyrighted works. Or even if one assumes that all the works available through the P2P network are copyrighted, there is no mechanism for determining who the owner of that copyright is. The document seems to imply that all users of the P2P network can do this and since Media Sentry uses the same mechanisms, it can do it too. But users can not generally do this. They would have to provide some explanation for the mechanism they are using.
8. Point 16 states that the IP address can identify where the infringement occurred. This is incorrect. It merely shows one step of the way. In order to identify where the infringement occurred, they would also have to show that the packets were not then transferred to a third party. This information is not actually stored anywhere on the computer, so it might be impossible in practice to say for sure where the infringement occurred.
9. Point 17: How is Verizon's concession in any way relevant to a judges decision? Does Verizon get to make precedent?
10. In point 18, they use the terms "distribute" and "make available". Again, these have very specific legal meanings. They have not described how the alleged actions of the defendants are equivalent to these legal terms. Even if they have documented copying, this is different than the above terms (at least in my country).
11. Again point 18, they have stated that the Defendant made illegal copies available. They have no way of determining this. They merely suspect that the Defendant's computer was used to *relay* copies (or pa
We are all intelligent people here, the subject does have relevance to our little tech-news discussion community and not everyone in this community follows the group think. The submitter probably though that having a little faith in those people is better than letting the Slashdot bandwagons run wild and so decided to ask the question anyway.
So in other words, they're only evil in Britain. In the good ole' USA they're AOK!
In the statement, Mr. Linares claims that it is possible for an ISP (or college) to determine the identity of an individual connected to the internet based on a given IP address. This is false, as it is only possible for an ISP to release information detailing who a specific IP address is supposedly registered to at a specific date/time. It is not possible to ascertain whether the individual the IP is registered to was, in fact, the person actually using the IP address at the time (provided by the RIAA) at which the "illegal file sharing" occurred. The impossibility of verifiably linking an individual to an IP address is due to the following concerns: 1. An IP address can easily be set up to represent an entire network of computers all situated behind a network router device. Any of a virtually unlimited number of computers, and users, could have been connected to a network with only a single public IP. An analogy is that of an apartment complex with a single address. Incoming mail is sent to the apartment's mail room and is then distributed internally by the local mail staff. Knowing the apartment complex's address does not mean you know who lives in the apartments therein. It is thus impossible to determine the specific individual who was sharing the files within that network. 2. It is possible for another user to steal or "borrow" another user's IP address. By correctly configuring one's computer, it is possible to utilize almost any IP address provided by an a college ISP that is not already in use. It is quite possible for the defendants to have been offline at the time, while another user utilizes their IP address to browse the internet. Thus, almost any person in the college at that time could be responsible for the shared files. Furthermore, using someone else's IP address to access the internet is a very simple process that can be accomplished by anyone with a small bit of technical knowledge. The key point is that, while an ISP or college provider is capable of stating who a given IP address is registered to at a specific time, it is impossible to determine who is ACTUALLY using the IP address at any given time.
Here's my point-by-point rebuttal, with the numbers referring to paragraphs of the original:
9) "Can't be underestimated"? It can certainly be OVERestimated.
11) MediaSentry, or SafeNet as they call themselves now, uses customized clients. Even if they use the same features of the client or protocol, they've clearly been tampered with in at least the case of BitTorrent where they appear to use modified versions of Azerus and LibTorrent, both open source. I know that others have looked into this and said that, for BitTorrent, you see ratio hackers (people who have "uploaded" far more data than is even possible) often sitting at 0%. They also spam the hell out of your connection, even if it's disconnected or you block them if your IP was ever once seen by them. They like to send batches of 10 connections in a single second, which is highly unnatural. This may well be part of a Denial of Service attack. They will NOT desist, even if blocked at the firewall and even if the connection is down for a long time. In DHCP situations, it is hard to believe they never end up attacking innocent people, although the connections won't do much harm unless there's a BitTorrent client to process them. They send the batches of connections every 30 minutes to 1 hour randomly according to my logs. I wish I knew more, but I don't have any idea how to capture and analyze whatever data they're sending me, I just block it. In any event, absolutely no normal BT clients do that, so it's pretty clearly nefarious and almost certainly intended as a DoS attack. The irony is, I think I know what started their attack and I'm not even a member of the BT swarm they want nor did I download what they're trying to protect.
12) IPs are NOT unique. Look up NAT (Network Address Translation). Yeah, it can lead them back to an ISP who probably has records, but just how good are those? It's not like they establish any kind of chain of evidence. And the part about "two computers cannot effectively function"? That is COMPLETELY wrong! Hell, at work we have hundreds of computers on private subnets by plant, each one has a unique private IP in the private subnet, but if you look at us from the outside, all connections to the internet are through a single routable IP (not many are allowed internet access, mind you). That single IP is the ONLY thing they'd see from the outside unless the protocol embedded my non-routable IP (192.168.x.x) for some reason. Not that it'd do the least bit of good, because you can't route anything to it. Our gateway knows that IP, but there's no reason for anyone outside the WAN to care about it. Similarly, pretty much all WAPs (Wireless Access Points) do a similar thing. You get a private non-routable IP and the device itself has a routable IP from your ISP. Then many people can connect to the WAP and everyone appears to share the same non-routable IP. Yes, two computers on the *same* network cannot share an IP, but just how many 192.168.1.1s do you think are out there? The private ranges are VERY widely used, ESPECIALLY for anyone with a WAP. Around here, the cable company sells Linsys wireless routers to pretty much everyone who gets cable access and I can see almost 20 networks likely using the exact same setup.
Also, they claim that the organization the IP is assigned to can trace it back to a single user. This is almost invariably false. They can give you the *subscriber* who pays them for the account. They almost never have evidence of which *person* was in control of that PC, let alone which *PC* was actually connected to them when it goes through NAT or any kind of gateway like the WAPs I discussed before. That's not at all a trivial distinction, they're trying to pull the wool over people's eyes with that one.
13) Yeah, they can get IPs, I understand that. But especially on networks like Kazaa, I've heard many reports of "noise" killing DSL lines. That is, when the DHCP lease renews, they get the IP of someone who used to be sharing files, and they get lots of
Forgive my midnight posting:
In the statement, Mr. Linares claims that it is possible for an ISP (or college) to determine the identity of an individual connected to the internet based on a given IP address. This is false, as it is only possible for an ISP to release information detailing who a specific IP address is supposedly registered to at a specific date/time. It is not possible to ascertain whether the individual the IP is registered to was, in fact, the person actually using the IP address at the time (provided by the RIAA) at which the "illegal file sharing" occurred.
The impossibility of verifiably linking an individual to an IP address is due to the following concerns:
1. An IP address can easily be set up to represent an entire network of computers all situated behind a network router device. Any of a virtually unlimited number of computers, and users, could have been connected to a network with only a single public IP. An analogy is that of an apartment complex with a single address. Incoming mail is sent to the apartment's mail room and is then distributed internally by the local mail staff. Knowing the apartment complex's address does not mean you know who lives in the apartments therein. It is thus impossible to determine the specific individual who was sharing the files within that network.
2. It is possible for another user to steal or "borrow" another user's IP address. By correctly configuring one's computer, it is possible to utilize almost any IP address provided by an a college ISP that is not already in use. It is quite possible for the defendants to have been offline at the time, while another user utilizes their IP address to browse the internet. Thus, almost any person in the college at that time could be responsible for the shared files. Furthermore, using someone else's IP address to access the internet is a very simple process that can be accomplished by anyone with a small bit of technical knowledge.
The key point is that, while an ISP or college provider is capable of stating who a given IP address is registered to at a specific time, it is impossible to determine who is ACTUALLY using the IP address at any given time.
It wasn't Linares. It's Ray Beckerman, aka NewYorkCountryLawyer.
Sheesh, if you won't RTFA, at least click the submitter's name before you go all conspiracy.
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
I would mod up that comment ... but what's the point in modding an AC =P
Instead I'll just say: good job.
Money is the root of all evil?
I agree with most slashdotties that RIAA is evil. However, I wanted to offer a thought problem to see if we are not over reacting:
If a John/Jane Doe were accused of some other, more serious and more REAL crime, such as downloading & distributing kiddie porn or sending ransom notes, what burdens would we put on the prosecution for tying the IP to the PC, PC to the owner, Owner to user?
Would we accept the WLAN and WEP breach defenses?
I am not asking a question of Point of Law. I am asking what our collective opinion would be for acceptability of defenses from a technical and emotional POV. Would we be satisfied that justice had been served if those defenses were used to avoid prosecution in such cases? I realize that criminal cases have greater burden of proof, etc., but that is not my point.
BTW this may become germane to RIAA: if they are convicted of RICO, we may be seeing them quite successfully claiming in court that "the extortion letters may have come from my IP# but I don't know how they got out. I never saw them before."
Before flaming, NB I agree that this is not Kiddie porn and the RIAA is made up of egg-sucking curs.
yes. is missing a subject. At least didn't hang a preposition if.
Everyone in the security industry knows you simply do not rely on host address based security because IP and MAC addressing by themselves are not trustworthy. Either can be trivially intercepted, spoofed or changed at will in many settings. The security and repudation is why the IETF has worked so hard on IPSec.
There are by many estimates on the order of *millions* of computers infected with remote control software which enables your average joes computers to be used to launch attacks or cloak the origin of activities without the owners knowledge.
For this reason noone in the security industry would rely on IP information *alone* to make a determination of the true origin of attacks. Even medicore crackers know better than to expose their true address to their victims.
IP addresses may be shared by wireless networks and other individuals on wired networks in the same location by guests...etc any of whom may be an unwitting participant in a bot net.
An access account can be hacked and used by a third party or the account information simply shared with one too many "friends". This happens with some frequency and is precisely why ISPs tend to enforce concurrent access limits to prevent such abuses of their network.
Some UDP based protocols used in p2p networks can have their source addresses trivially spoofed from anywhere on the network in much the same way you can send an email over the Internet with any "from" address you want. Other TCP based protocols are somewhat protected from this due to the difficulty in guessing sequence numbers required to establish phantom connections.
Although rare its possible for others to launch attacks on network infustructure using route table poisioning techniques.
IP information is often a good input or stepping stone in an investigation however by itself it would be irresponsible to use IP as a sole source in identifying the person behind the machine.
when is every one gonna get it strait? copyright infringement is when i make a product that has less than 10% change than another product. OR i steal your product, erase your name off of it and put my name on it... if they're gonna call music file sharing something..it would be intellectual property theft by distribution..(kinda like what bootlegging a concert and selling copies of the tape you made, was a long time ago...). So please tell whoever you need to, to the correct the line of thinking (FUD) the riaa has put in everyones head...thank you for your attention to this matter... mrscotty99
mister scott
The possibilities that a room mate could have even used the person's "ip address" are boundless and includes using their computer. It is not unimaginable that someone would rather their room mate get credit for their activities then for them to get credit for them. Normal problems with ip addreses have already been covered quite a bit, but perhaps problems related to others having direct physical access to the "suspect's" computer, personal router, wall outlet, usb ports, etc, etc should be listed in a seperate thread. ( think of Groklaw's "list 'x' here" thread starters )
Note that, throughout his statements up to this point, Linares has repeatedly reasserted that MediaSentry doesn't use any techniques not enabled by the software and medium and not available to any other user of the system. It's obvious he wants to preserve for MediaSentry and, by extension the RIAA, that no "illegal" or unethical techniques were employed to gather data.
Right here, with this sentence, he contradicts himself. I think it's rather obvious that this sentence describes an activity that other P2P users cannot do, even if they chose to try. The very ambiguity of it, and his failure to clarify it, is noteworthy.
Dig deeper right there; "X" marks the spot, as Blackbeard might say.
Couldn't read the PDF, so sorry if this was already covered:
Even if you could tie an IP address to a person, the existence of data on a computer's hard drive does not prove that the computer owner's actions created the data there. A P2P filesharing application could be installed without an owner's knowledge, and instructed to share files automatically, also without the owner's knowledge. It could also automatically remove itself, but leave shared data behind, after running long enough to gain law enforcement attention. Imagine a "zombie" computer whose instructions are to go download Spice Girls, rather than attack some target. There would need to be some other corroborating evidence, like maybe a recording of the owner, bragging to someone about how they downloaded Spice Girls.
What is so special about Delaware, that so many of the music corporations are incorporated there? What is it about Delaware (and California) that makes it so damned friendly to these monsters? Clearly there's some aspect of tax, tort, or corporate law or the CODB there that makes them all want to flock there. What's the deal?
hey, how much do you think mod points will go for?
It seems that all the "sound recordings" they refer to are "MP3"s (section 19), so i guess if you are getting ogg and flac you are not breaking copyright according to Mr. Carlos Linares, Vice-President of Anti-Piracy Legal Affairs' "Delcaration". :)
But... wait a minute, if the RIAA represented companies did not sell mp3 files to these people then these "Johns Doe" "created" the said mp3 files in question on their computers, which means either:
"Johns Doe" own the files they created, or they are due production costs for creating said files.
Why oh why do buggy-whip makers never just die... you always have to beat them into submission.
A computer once beat me at chess, but it was no match for me at kick boxing. Emo Philips
is that is prevents the obvious. Data _is_ going to be interchaged. It is going to marked-up it is going to be indexed, it is going to be re-represented and that is the way that it is going to be. To stand up and say 'no' is not only counter-intuititive but it is counter the 'let's make something that is advancing, interesting and understood' modivation of good hollywood. Going against that is a make-work project for lawyers and offers little progression to the art of expression. If you're going to sit back and wait for the answer to emerge, you can't piss on it when it does.
'This person' just happens to be one of those lawyers who's constantly trying to put the RIAA in its place and takes the time to keep us informed. He also takes the time to explain the relevant processes of law to us nerds.
Don't you think it's a hilariously good idea to come to us when he doesn't understand 100% how P2P networks work? Aren't we exactly the ones who know best why RIAA's claims are stupid? So let's think this through: A lawyer who happens to understand law (gee, what a coincidence...) asks techies whether the technical interpretation of the 'bad guy' holds true or not.
I don't see your problem. Would you rather he pull a Matlock on the judge and try to get the jury to shed a tear for the poor victim? That guy is doing a hell of a job.
12.
IP adresses of computers on the internet is not unique. A home user typically have one IP address, and typically have a network and a wireless network with multiple computers, including, unknowingly, possibly a neighbors PC as well as a laptop in a car parked in the street outside. All behind the NAT router.
All these computers typically share 1 IP address behind the NAT router.
IP addresses are changed on the fly, and it may be hard to document who had which at what time while maintaining evidence standards. (example: how is time zone set?, is daylight saving time settings etc documented?, how is Mediasentry's clock synchronized relative to the ISP and to real time?)
12,13,14. IP addresses can be spoofed, and protocols such as the 'Onion router' will make it appear as someone else's IP address. This is just a click away in many P2P interfaces.
15. There is no way to determine that these songs are "Illegal copies" or the users legal property.
15. There is no record that the songs available for download was actually downloaded.
Also, an IP network is exactly the opposite of a phone network: there are two kinds of networks: Switched networks, and circuit networks. The phone network is of the latter type, and the internet is of the other. The only (somewhat) unique device number in a TCP/IP network is the Ethernet MAC address, and that is not even part of the routed package.
don't cut it off www.mgmbill.org
Sheesh Man. Just put the word I at the front of it and it all makes sense. Surely you could have figured that out.
If you sell a Van Gogh for 50 million, does that mean that all Vn Gogh paintings are worth 50 million? No, so why is every song worth £12 per CD?
If someone isn't willing to pay for your entertainment, is it a loss if people get it for free? It's unjusr enrichment (if you enjoy the free entertainment) but it is no loss to the seller because it was beyond the cost barrier. So no loss. Any loss is incurred because the seller decided not to play in that market. E.g. it may be sold somewhat at £10, sell more at £8 and sell like hot cakes at £5. But they don't want to play at those levels, they want £15. The seller has caused the loss by pricing themselves out of the market.
P2P is effectively a nebulous collective noun, like "society". Just as you cannot put your finger on "society"
you cannot put your finger on a P2P network as an entity.
7(3) is recursive. The Internet is a P2P system. therefore they are defining
P2P networks to transfer over P2P systems, which is circular nonsense.
8. False. An unfounded assertion. Most of the traffic on P2P networks is free software. Examples:
Debian (many gigabytes), Ubuntu (many gigabytes), The Open CD, DVD data images, CD ISO images....
One Ubuntu DVD download generates as much traffic as 2000 RIAA songs. Most of the P2P traffic is legitimate
trafic.
9. Unfounded assertion. The music business is growing. RIAA members traditional discs
are being hammered by market forces, sales of online music and artits (eg Prince)
cuttig out the middle man (RIAA members) and going direct to the public.
12. False. IP Address is not associarted with a particular computer, person or computer account.
False Network Address Translation (NAT) means IP addresses are not unique. Note the weasel words
"at the same time" inserted then ignored.
The telphone analogy is false, as phone numbers do not change between calls.
14. Contradictory. P2P means peer-to-peer. You cannot really see who is offering a particular
download as you are probably only talking to their peers, not the offerer themself. Hint: That's
why it is called PEER to PEER. All metadata except IP address can be faked. eg. filename is
not related to contents fo a file. IP Address is meaningless because of 14 and 12.
15. Painstaking review is meaningless if the evidence just isn't contained in the raw data gathered.
12. and 14. show that the inputs to teh "painstaking" analysis cannot be relied upon as evidence, so the results
of the analysis can't be either.
What happens if the RIAA has downloaded a file, which turns out to be music pirated from a non RIAA member?
The RIAA are now pirates!
16. IP address does not identify a person or computer. It identifies a connection to the internet, which may
or may not correspond to a person or computer. IP address says nothing about who is controlling the connection to the internet (not necessarily the sucscriber: see worms, viruses, trojans)
18. RIAA admits filenames are user defined. Link between filename and contents is tenuous.
19. Are all P2P networks "Real time"? Perhaps Media sentry is only observing things after the event,
when the onservation has had time to propagate though the network, and have no way of knowing when things really happened?
Point 6 claims that a number of systems "attempted to capitalize on the growing illegal market that Napster fostered", and lists several, including BitTorrent. To my knowledge this is false about BitTorrent; I believe they distributed their software for free and have only attempted to capitalize on their software in lawful ways. Someone might want to contact them about this and ask if they might like to file some kind of statement with courts objecting to this attack on their reputation.
Point 11 claims that determining what "infringing" files are available is as simple as searching a network to see what files are available. However, this is false: if I am offering a file called "madonna_holiday.mp3" that could be Madonna's song, it could be a recording of me commenting on Madonna's song, or it could be an audio ad encouraging listeners to visit a shrine, and there's no way to know without actually copying it to examine its contents... which could constitute copyright infringement on the part of MediaSentry if it is the song and they don't have permission from the copyright holder of the song to make a copy.
Point 12, to clarify, falsely claims that an IP address uniquely identifies an individual computer while in fact it could be merely a sort of proxy address for any number of computers. To use their analogy, it's like the main phone number of a large company: there's only one number, but once you call it, the receptionist could direct your call to any number of internal phone numbers, which you won't necessarily ever know.
To further clarify, Point 12 also falsely claims "The network provider maintains a log of IP address allocations." Many don't. Indeed, if the addresses are being allocated by DHCP, the provider has no particular incentive to maintain this information. If I'm an ISP, corporation, or college, what do I care who was using a particular number 6 weeks ago on thursday at 4:23am?
Point 13 claims "MediaSentry finds individuals using P2P networks to share music files over the Internet." That's not what the earlier points say: the earlier points say that it finds listed files with names that imply that they might contain copyrighted works. It further claims "Just as any other user on the same P2P networks as these individuals would be able to do, MediaSentry is able to detect the infringement of copyrighted works and identify the users' IP addresses because the P2P software being used by those individuals has file-sharing features enabled." I have several issues with that. First, "infringement" constitutes actual copying, doesn't it? So, in order to "detect infringement", you'd have to be able to observe the act of a copy process being performed. If MediaSentry is the one doing the acual copying, then I'd ask a lawyer if that's entrapment. If MediaSentry is not the one doing the actual copying, I'd demand to know what evidence they have to show that an actual copying process occurred, as it would presumably have happened between the theoretically identified party and some third party as yet unnamed, and I doubt most P2P software facilitates third parties to observe transfer interactions between others. In other words, I'm saying that the fact that a file is copyable doesn't mean that it was in fact copied, and if being copied is what actually constitutes violation of the law, the file being copyable then presumably doesn't. A book is copyable, but owning a book doesn't mean I copied it.
Further, the party that MediaSentry claims is offering the files may or may not be aware the files are being shared: it may be that the law might view the infringer as the person who requested and received the file, as it could be claimed that they did the copying, and that the person whose computer was "sharing" files may be no more guilty than someone who left a book laying around and unknowingly permitted someone to photocopy its pages while they weren't in the room.
Point 14 clarifies that MediaSentry does actually download files. It doesn't clarify if they have a lawful right to d
this is incorrect as we will see; a there are many reasons why a user will not map to a particular IP address including the fact that most modern computers allow more than one user at a time (e.g. Windows and Macintosh "fast user switching" which was copied from FreeBSD via Linux)
some peer to peer systems, such as tor, sponsored by the US gouvernment and designed to allow freedom of speech in oppressive countries deliberately ensure that the IP address of the system connecting is different from the IP address of the system actually providing content. That is also true of freenet.
a router, almost by definition, does not directly connect to a P2P network.
This is an attempt to worm around the existence of NAT by claiming that it is the NAT device which is making the connnection to the network. Probably the intent is to say that the owner of the NAT device is responsible, however, it is not practical or possible to track connections on a NAT device simply because the level of logging generated is massive since it can be as many as several log writings per second per user when the user is e.g. downloading an HTTP page containing links to many images.
Apart from NAT, there is another way in which a device can share an IP address with another system. Special software such as ettercap exists which is designed to allow a system to use the IP address of another system and even modify outgoing connections from the address of the other system. There is no practical way for any normal organisation to guarantee that this is not going on and even a government level organisation would require considerable resources to do so.
This analogy is very good. In the phone system we have things like "call centres" where many people have the same number (NAT) and we are also able to use someone elses number by connecting our phone to their line outside their house. In the phone system I could even create a phone which rings with your number with very little difficulty. That is exactly like IP.
Not only is this wrong since ISDN phones support multiple lines (two is standard) but this is a point where the telephone to IP analogy breaks down since there are special numbers (TCP and UDP port numbers) which allow multiple connections to be connected to the same IP address. A typical example of this is that you can download two files at the same time. These port numbers can be used by tools such as ettercap to initiate connections which use another computers IP address but will (almost) never interfere with the normal operation of that other computer. Each computer or network device is connect to a network that is administered by an organisa
It's always amusing to see engineers try to apply their logic to the law.
Good enough is not a standard for QA as binary doesn't like failure cases.
In civil law (less criminal) the standards are a preponderance of the evidence. Its why OJ walked on murder but lost on wrongful death.
Does an IP address identify a unique person? No. Does the DHCPd.leases file at the University lead you to the right machine on campus by MAC address? Yes. Does ownership of that machine often resolve down to one person? Generally excepting someone running a WAP, but even there there may be logs of MAC addresses connected. Good luck claiming that its your roomate's machine when your term papers are on it and it matches the MAC address hand out. You can choose a copyright civil case or a plagiarism violation.
The burden of proof to get discovery to figure out who a copyright owner is suing is pretty darn low. If you don't want to be a Doe in this case then you should only mooch off of P2P networks. It is a stretch for the RIAA to claim that you neccessarily copied the file illegally - you could have ripped it from your own collection. However, its not a stretch at all to accuse you and recover damages from you for publishing those files publicly - whether you understood it or not. Copyright infringement does not take scienter.
Rebeca Lenares, nice pussy.
this is incorrect as we will see; a there are many reasons why a user will not map to a particular IP address including the fact that most modern computers allow more than one user at a time (e.g. Windows and Macintosh "fast user switching" which was copied from FreeBSD via Linux)
some peer to peer systems, such as tor, sponsored by the US gouvernment and designed to allow freedom of speech in oppressive countries deliberately ensure that the IP address of the system connecting is different from the IP address of the system actually providing content. That is also true of freenet.
a router, almost by definition, does not directly connect to a P2P network.
This is an attempt to worm around the existence of NAT by claiming that it is the NAT device which is making the connnection to the network. Probably the intent is to say that the owner of the NAT device is responsible, however, it is not practical or possible to track connections on a NAT device simply because the level of logging generated is massive since it can be as many as several log writings per second per user when the user is e.g. downloading an HTTP page containing links to many images.
Apart from NAT, there is another way in which a device can share an IP address with another system. Special software such as ettercap exists which is designed to allow a system to use the IP address of another system and even modify outgoing connections from the address of the other system. There is no practical way for any normal organisation to guarantee that this is not going on and even a government level organisation would require considerable resources to do so.
This analogy is very good. In the phone system we have things like "call centres" where many people have the same number (NAT) and we are also able to use someone elses number by connecting our phone to their line outside their house. In the phone system I could even create a phone which rings with your number with very little difficulty. That is exactly like IP.
Not only is this wrong since ISDN phones support multiple lines (two is standard) but this is a point where the telephone to IP analogy breaks down since there are special numbers (TCP and UDP port numbers) which allow multiple connections to be connected to the same IP address. A typical example of this is that you can download two files at the same time.
These port numbers can be used by tools such as ettercap to initiate connections which use another computers IP address but will (almost) never interfere with the normal operation of that other computer.
NAT gets worse than that. Since Network Address translation stacks. I have a router using DHCP and NAT which I turn off thus having a continually shifting IP address. Yet this proxy router is behind another router using DHCP and NAT which has it's own address. So each shift moves things down. Then we have to add in the ease of hacking unsecured wireless...
They download files suspected of violating their clients rights, but they have no idea whether the file really is what it claims to be, nor whether the copyright owner actually has licensed the work to be shared by P2P networks but only to be used for personal enjoyment, not for law enforcement purposes and similar. Remember, the copyright owner can make such limitations, which actually are tame compared to some of the limitations RIAA routinely puts on their 'property'.
In my opinion just one file illegally downloaded by RIAA invalidates their entire legal process. In civilian law there are no loopholes that allow for breaking some laws in order to enforce others - and that's a very good thing.
"For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --
#6 claims that "similar online media distribution systems emerged and attempted to capitalize on the growing illegal market Napster fostered," followed by examples. This statement is provably incorrect in two ways. The first is that most, probably all, of these networks are not designed for media sharing, they are designed for file sharing. I only personally have knowledge of Bittorrent, eDonkey and DirectConnect but in all those cases the software is designed to share any and all files a user wishes, with no special exclusivity for media. Some, like the eDonkey variant eMule can restrict searches to various types of files (such as just video or music) but it does so only via the extension of the file. Others, like Bittorrent, have no such capability at all since search isn't an included part of the protocol. Bittorrent is just a distributed HTTP mechanism, searching is added through other means.
The second is that they are designed and/or primarily utilized for illegal purposes. Bittorrent, being highly popular, is the best example. It was designed simply to allow peer-to-peer downloading of files from websites to take the load off of a single server. It is currently extremely widely used for legitimate purposes. One of the largest would be the patch mechanism for Blizzard Entertainment's (a subsidiary of Vivendi Games) MMORPG World of Warcraft. The official patch mechanism form Blizzard uses Bittorrent so as to lessen the load on Blizzard's own servers. Another high profile use would be Linux distribution, nearly every Linux distro's preferred method of distribution is Bittorrent.
#9 claims that the RIAA members lose massive amounts of revenue to P2P copying. However there is no proof of this offered, and indeed I am aware of no proof out there. The only empirically valid, peer reviewed study I am aware of at this point is a 2005 study conducted by UNC Chapel Hill and Harvard (found here) which found: "Using detailed records of transfers of digital music files, we find that file sharing has no statistically significant effect on purchases of the average album in our sample. In specifications that identify the effect of file sharing on sales relatively precisely, we reject the hypothesis that file sharing is responsible for the majority of lost sales." To the extent the RIAA has offered any figures at all it is based off of the assumption that every copy made is money lost, at full retail value. This is of course false because it fails to take in to account several factors:
1) The music producers do not receive the full retail price for each album.
2) Some people who made a copy of the music, never would have purchased it had it not been available for free. They simply were unwilling or unable to spend the money, and as such nothing has been lost.
3) Some people may have bought some of the music they had downloaded, had they been unable to get it for free, but not all of it. For example a university student with a disposable income of less than $100 per month would clearly not purchase 100 albums costing in excess of $10 each, even if they downloaded that many. Thus while some sales may have been lost, not all of them have.
4) Some people may have bought more as a result of their downloading. They download songs as a sort of "virtual window shopping" and when they find ones they like, they purchase the CD. Thus sales are actually gained.
The RIAA's model for calculation could be mathematically stated as L = D * R where L is the amount of loss in dollars, D is the number of downloads presumed to have taken place and R is the average retail price. This is clearly overly simplistic and thus incorrect. A real formula would look more like L = D * P1 * W - D * P2 * W where L is the amount of loss in dollars, D is the number of downloads presumed to have taken place, P1 is the percentage of the time people did NOT bu
IP addresses don't identify a person, only a junction point in the network (router).
To use their telephone analogy: If you dial a "1-800" there isn't a single telephone and single person answering it, there's a whole network of telephones and many operators to answer them. The Internet works exactly the same way, if anything this "routing" of connections is even more common than in the telephone network.
IP addresses are actually in short supply (there's only a few hundred million of them...) so most people don't even have the option of having single IP address = single computer.
Then there's WiFi.... most home broadband connections are supplied with a wireless router and these routers are unsecured by default. Anybody within a half mile radius can connect and use the internet connection. These people will have the same IP address as the legitimate owner of the router. This practice of using other people's connections is very common in highly populated areas (I personally know two people who do it...)
Even if password access is enabled, the standard "WEP" encryption can be broken in a matter of minutes using freely downloadable software (type "wep cracker" into google and you'll get you a whole list of them).
So...premise 12 is wrong. Without it the rest of the document is moot.
No sig today...
The police based a case on point 12 against me, while I could prove quite reliably that the logs weren't in any way correct, or verifiable. (They dropped the case when I had a chat with their experts).
One could always explain it in court using the defensive strategy that never fails:
"Ladies and gentlemen, this is Chewbacca. Chewbacca is a Wookiee from the planet Kashyyyk. But Chewbacca lives on the planet Endor. Now think about it; that does not make sense! Why would a Wookiee, an eight-foot tall Wookiee, want to live on Endor, with a bunch of two-foot tall Ewoks? That does not make sense! But more important, you have to ask yourself: What does this have to do with this case? Nothing. Ladies and gentlemen, it has nothing to do with this case! It does not make sense! None of this makes sense! And so you have to remember, when you're in that jury room deliberatin' and conjugatin' the Emancipation Proclamation, does it make sense? No! Ladies and gentlemen of this supposed jury, it does not make sense! If Chewbacca lives on Endor, you must acquit! The defense rests."
"It is the business of the future to be dangerous" -Alfred North Whitehead
Thanks, TheMCP.
Ray Beckerman +5 Insightful
Thank you, Kokuyo.
Ray Beckerman +5 Insightful
Even if you allow (which i don't) that the ip address corresponds to 1 machine and 1 user it means nothing. How do you know that the machine isn't acting as a proxy for someone else who is downloading? Point 12 ignores the fact that there is software between the ip address and the keyboard/display. It wouldn't be that hard ( especially in a college environment) to use someone elses machine without their knowledge or consent, as a proxy for downloading. It might be worth thinking about the "other end of the spectrum" which is electronic signatures. There are places today where people and organizations agree that electronic signatures are valid. The only way electronic signatures are valid is when you have a closed loop between the thing being signed, the software signing it, and the user at the keyboard/display.
a) An IP address can crrespond to more than one computer. NAT (Network Adress Translation) is very common and used by comercial as well as private users across the globe. It is also common in universities.
b) A single computer can have more than one IP address.
c) Which computer(s) an IP adress corresponds to can ( and commonly does ) change with time. On any network that uses DHCP (Dynamic Host Configuration Protocol) clients are assigned a new IP address whenever they reset their connection. This may or may not be the same IP address as they had the last time they connected.
d)Many wireless networks are poorly secured and it is thus easy ( easy as in I could teach my mother how to do it ) to use someone else's connection.
Basically, unless the ISP logs every DHCP request they can't tell which subscriber used what IP adress at any point in the past, and even if they can tell what subscriber used a particular IP adress, it is still very possible ( and common ) that the same conection was shared by a large number of computers. Furthermore, if there is a wireless connection at any point along the network it may be impossible to even tell how many computers used the particular IP at any given time.
No, its not the same.
Here's why: Slashdot tends to focus on technical and scientific discussions about various things. Many times, the things in these articles can be quantified and understood as to how they work and operate. That is very different from any discussion on evolution because there is more objectivity available to understand it. In simplest terms: there are right answers when it comes to science and technology, and especially computers. And by "right", I mean -- they can be verified or not.
Slashdot is an excellent forum to learn about these things. There are lots of smart people here so overall, this is an excellent place to study something like this. A highly educated readership with a very firm understanding of how the internet system works is exactly who should be discussing "holes" in this case. Once you get outside the trite "RIAA suxors" comments, I can think of few places that have a higher signal to noise ratio on this subject than Slashdot.
Funny enough, I remember wondering about the IP address = person since the very first court case I read about. Not surprisingly, I am not the only one who saw that issue --- Slashdot folks were all over it. That is just one example of thousands I can think of where the discussions on Slashdot identified serious issues with whatever story was being reported. In almost all of the cases, the information was important but not necessarily understood by the general public or mainstream media so the discussion on Slashdot was invaluable to understanding what was really going on.
Then, perhaps instead of calling for an impartial "Does this technique have merit?" a more honest "I would like to know all the ways this technique doesn't work, and in order to build a good defense it would also be helpful if you would all play devil's advocate and tell me all the ways in which it does.". That would've left me scratching my head a little less.
Of course, well written summaries has never really been Slashdot's strong suite.
Need a Python, C++, Unix, Linux develop
He can't possibly have enough money to be right, so there for he must be wrong
Whats more he is guilty of not being right and for changing the people who have the most money... i mean who are right
Suggested punishment a life time of RIAA's greatest "hits", with no shuffle
His declaration under penalty of purgery under the laws of the United States...
If you are that unfamiliar with the laws of the United States that you don't even know how to spell perjury, then why should anybody take your claims about USA law seriously? Would you trust a brain surgeon who thought your "brane" was inside your "scull"? Or would you think "Hang on, this guy can't have ever read a biology textbook in his life"?
In my opinion as a network and network security professional, the affidavit takes some liberties with the truth of IP networking. Most blatantly it ignores the technologies of NAT and PAT, and assumes that the IP address presented to the Internet belongs to a single computer, and that this computer is owned and operated by the person who the IP address was assigned to. To me, this is the crux of the whole argument: You simply can NOT determine the identity of a USER by the IP address shown to the Internet. You can only identify the owner/subscriber of the connection to the Internet. You MUST do further evidence gathering to complete the discovery process and identify a person.
Here are my thoughts paragraph by paragraph. I hope they're helpful. If not, I hope they're at least not dry. FULL DISCLOSURE: I've never actually used any P2P network software, but then again when I was in college "gopher" was a cool utility.
6. "At any given moment, millions of people illegally use online media distribution systems to upload or download copyrighted material." By who's count? Where did this number come from? How many millions of people are on the Internet? Is he saying that such a huge percentage of the users of the Internet are "at any given time" ALL illegally sharing files?
8. "Thus, the vast majority of the content that is copied and distributed on P2P networks is unauthorized by the copyright owner" This statement is far too broad. Again, what evidence does he have? Is he further stating that the vast majority of the files on P2P networks are music files? Again, by what evidence?
12. "Users of P2P networks...can be identified by using Internet Protocol ("IP") addresses because the unique IP address of the computer offering the files for distribution can be captured..." This is factually incorrect. While the IP address being presented to the Internet can be determined, this IP address may represent any number of distinct computers due to technologies such as Network Address Translation (NAT) and Port Address Translation (PAT). If the "unique IP address" of the actual computer can still be identified by the P2P client (which I can not speak to having never actually used P2P software) that addresses is not necessarily permanent either. The technology of Dynamic Host Control Protocol (DHCP) allows for the temporary assignment of IP addresses to computers. This means that the IP address of the computer in question may have changed between the time of the alleged distribution of copyrighted materials and the time of the investigation of that. Further still, and IP address is assigned to a computer, not to a person. This argument does not, in any way, indicate any correlation between IP address and person. It is more akin to identifying a driver based on a photograph of the license plate of the car. Yes, you may know who owns the car, but you don't know who was driving. For that matter, you don't know if somebody lifted the license plate and put it on a different car.
12. "Two computes cannot effectively function if they are connected to the Internet with the same IP address at the same time." This does not account for methods of hijacking an IP address, nor does it account for the NAT or PAT technologies discussed earlier.
12. "This is analogous to the telephone system where each location has a unique number." In so far as you can identify the "owner" of the telephone number, but you still haven't identified who placed the call.
16. "Once provided with the IP address, plus the date and time of the infringing activity...can identify the computer from which the infringement occurred (and the name and address of the subscriber that controls that computer)." There is an assumption here that there is no NAT or PAT occurring on the network. More correctly, what can be identified is the subscriber to whom the IP has been assigned. That IP may represent a single computer or a network of computers. That network may include publicly accessible connections, and unless the RIAA has done the due-diligence to determine that the subscriber who had the IP address at that time has a secure and locked-down network, they still have not even identified an actual computer yet.
----- Connection reset by beer
There are those of us who believe that piracy is an appropriate way of obtaining software, music, and other files, depending on the situation.
For myself, it's not so much that I believe stealing is acceptable, because I don't. It's a form of disrespect, showing my complete disgust for companies who dare to charge money for their crappy products, or for companies who hold monopolies on certain markets.
I paid for vista upgrade, and did a full install with it. It'll be a cold day in hell that I'll pay extra to get the same thing. I paid for some of my music CDs, the one's that are worth it (they actually need my money), and the ones I could actually find at stores. If they're only mediocre, or they're completely not existent in record stores, I download it. If the software is crappy, but I need it because of a monopoly, I pirate it. If there is any reason why I believe the company is inherently evil, I pirate their products. If they charge 400 dollars for a simple photo editing suit, I pirate it.
Stop shitty business practices, and the piracy will slow, I guarantee it. It won't stop, because there are greedy people out there, but I'm sure it will slow down.
I'm lucky that I don't download any music that is actually under the RIAAs thumb. I tend to stick to electronic artists and punk artists who literally want you to copy and share their music. That's a true musician anyway, IMO. Ironically, I give these people money for their products if possible.
I'm not one to be muscled out of my money, not by a mugger, and not by a corporation. I'd rather go down fighting and stabbing back.
- A Pirate. ARRRRRRRRRRR!
Internet: Serious Business
Let me take you back to the olden days when ISP's didn't care what you did with your internet, back when I was hacking (as in the white hat/programming scene) something back in the day with my 14k4 Telindus hardware-based modem (you could key in the phone number on the modem, that type of old).
I noticed that it is perfectly possible for different boxes to have the same public IP for a long time without noticeable problems. You could get to servers and gopher around and although it would seem that you'd have problems with mismatched packets, the routers on the backbone seemed to get around (they remember your original route for a while) unless of course you tried going to the same server. Now if you had a private network (or a tunnel on another IP/connection) and the skillset to code you could use that to route around those problems too and I found out that it was relatively easy to have a sort of redundant client/server system spread out on the net and each router would route the data for that IP to it's cheapest destination and I had a few systems all over the world which were accessible on the same IP.
A few years later in a more professional setting we used the same type of workaround in a datacenter (also public IP) to load balance a cluster. Give all servers the same public IP and just let the routers/switches route around any type of malfunction whether it was on the net or local. It would generate a lot of broadcasting and duplicate packets (it's thus quite expensive) and required it's own VLAN to not bring down the rest of the datacenter but it's cheap and it works and if you have the right daemons to handle your request, you could be quite efficient.
I would definitely use it for anonymizing myself somewhat or if I'd have a botnet. Of course these days routers and firewalls have this thing that it won't route out data that isn't from it's own network range, but there are enough less-than-perfect ISP's that don't check for that.
Custom electronics and digital signage for your business: www.evcircuits.com
If there are several WiFi access points available, Windows will pick one almost at random unless you tell it otherwise (which not everybody knows how to do...)
This leads to people install WiFi in their house via "home installation kits" but they're really using their neighbor's WiFi without knowing it.
This isn't a contrived example, it really happens. I've personally seen people using P2P software on their neighbor's WiFi connection even though they have their own access point. They're not doing this maliciously, they're doing it out of pure ignorance because they don't know what router they're connected to (and don't really care).
Even if you look at the list of available networks, chances are that all you see is a bunch of things labeled "Motorola", "Linksys", "Comtrend", etc. - nothing which really indicates which is your router.
If both you and your neighbour have Motorola modems then which do you pick? You have 50:50 chance of using your own connection as there's no way to tell them apart without reconfiguring your own modem to something other than "Motorola" (change the "SSID").
Changing the SSID isn't trivial for the average user so many won't bother - they're connected, they're happy.
Just to emphasise: I'm not talking about extreme cases here, this is quite common in my experience.
No sig today...
Depending on the network architechture and technology, it is usually possible to use an IP assigned to another machine. With some it is a simple as guessing based on the IP address a device is assigned to guess the address of another device connected to the same point, such as a LAN. If that device is not connected then it is trivial to use that devices IP address instead of the one assigned. As for the notion that a MAC address identifies a device that is completely false. It is effectively true, that every device is assigned unique MAC address by the manufacturer. It is also a feature of every device that I know of that the MAC address can be reprogrammed as frequently as desired. So the notion that either or both, an IP or MAC address are reliable identifiers of a device, much less a person is false.
Let's not forget in this analogy that someone in their suburban home in Los Angeles can make the phone number on your caller id look like it was from the Four Seasons in New York.
I work at a mid-sized cable company on the business side of the Internet division. As you will see, its better I remain anonymous
The discussion so-far has revolved around technical and legal analysis. There is a far more important point that has to be considered. Each ISP has its own set of policies and procedures for running the network. These vary based on the different types of network hardware installed, software versions, legacy constraints, contractual and regulatory peculiarities, maintenance budgets, business strategy and the competence of the employees. No two ISPs run things exactly the same way.
For example, my company is planning to charge customers for some types of usage. Implementing has been a nightmare. We found in one area with 350k subscribers that 18,000 had given themselves static IPs. 18,000! It wasn't supposed to be possible, so we never looked for it. In another case, because accurate assigning of use had never been an issue, we had no measures to prevent MAC spoofing. It turned out there was a LOT of MAC spoofing going on. We turned on some previously unused DOCSIS features that eliminated 99% of the spoofing. But the point is we simply hadn't bothered because it was not a problem for us or the customers. Until a recent update of a particular platform, the accuracy of the IP to MAC match was so shaky we couldn't send anyone a bill.
My company is actually well run. It does 5,000 things right and 50 things wrong. Its a big complicated business. You fix the problems that most impact the customers. We do it well and can still turn up stupid things like I described. Every ISP or big network has problems. Without specific knowledge of how a particular ISP runs its business, there is no way to know how accurate a particular bit of remotely captured information may be. The only experts are the people who work at the ISP.
What really freaks me out is what will happen if the RIAA gets it's way? The implications for music, file sharing, and privacy are very, very bad - but that's not even the half of it..
It's what would follow this precedent being set in regard to other industries and government intrusion into the home that makes it even scarier...What other industries and government agencies would like to be able to control what you do and use these sorts of tactics and intimidation to do so?
Look at how corrupt our system in the US is. I am not saying that every court or gov. official is corrupt - but it is apparent that when there is a particular precedence that the 'powers that be' would like to have set, they usually find a way to do it. If they lose or get stopped on one front, they proceed on another.
This is why I think even people who think this doesn't affect them because they never downloaded anything, or people who claim to agree with the RIAA (which, for the record, treats artists like shit - they are friends of the big business record labels, NOT the artists) should be concerned - because if they get their way with any of this stuff it is only the beginning.
I was under the impression that the point of modding a post is to show that you appreciated the content of the post and to make it more visible to others who may not read every post in the discussion (or TFA), thus contributing to the community. Does it really matter if you can increase someone's karma?
No one has yet addressed the question of how RIAA can tell whether files on my computer are licensed or unlicensed by listening. Lineres' said *** The RIAA also listens to the downloaded music files from these users in order to confirm that they are, indeed, illegal copies of sound recordings whose copyrights are owned RIAA members.*** (para. 15) and ***The RIAA downloaded and listened to a representative sample of the music files being offered for download by each Defendant and was able to confirm that the files each Defendant was offering for distribution were illegal copies of sound recordings whose copyrights are owned by RIAA members. *** (para. 18) Is there anyone with technical credentials who can say that Lineres was lying since it is impossible to distinguish between licensed sound files and unlicensed ("illegal") copies by listening?
So, who will be giving the enema if he is full of shit?
ID: the nose did not occur naturally, how would we wear glasses otherwise? (apologies to Voltaire)
Can my IP address logically be compared to the license plates on my car? Just because my car (or a car bearing my license plates or a facsimile of them) might be alleged by a third party to have been used in the commission of a crime doesn't mean that I'm guilty.
The motor vehicle agency has a record that I own a particular vehicle that plate number is assigned to. If a third party claims a crime was committed using a vehicle identified with plates bearing the same number as mine, how much of my information can the motor vehicle agency divulge to a third party who would like to sue me? Could they get access to my vehicle's GPS system history that shows every place I've ever been in that car?
My car can be stolen (hotwired, keys stolen, etc.), my license plates can be removed from the car and put on a different car (even one of the same make-model and year), or fake plates can be created that bear the same license number as my plates and used in the commission of a crime. My car's license plate number is not ME.
I agree with the point that you make. However, if you discount the replies which contain incorrect spelling or non-existent words there will not be much left to read. E.g. from this topic alone: convience, gonna, and of course purgery. On the other hand, that might not be such a bad idea....
Have a look at soylentnews.org for a different view
This is flat-out wrong.
In a civil case there is a simple "finding" of fact for the plaintiff or defendant.
Circumstantial evidence is evidence. Most of the time, it is the only evidence a jury will ever see.
In practice, circumstantial evidence often has an advantage over direct evidence in that it is more difficult to suppress or fabricate.
Much of the evidence against Timothy McVeigh was circumstantial, for example. Speaking about McVeigh's trial, University of Michigan law professor Robert Precht said, "Circumstantial evidence can be, and often is much more powerful than direct evidence." Circumstantial evidence
You saying you're right, and a thousand smarter people shouting that you're wrong!
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
The RIAA itself violates copyrights in its search for alleged violators. They claim they have investigators who snooop through potential violators systems and actually LISTEN to music / media files found on that system. THEY THEMSELVES are guilty of copyright violation for EVERY INSTANCE of viewing or listening to a song or media file they do NOT have copy rights (ownership or stewardship) over. If they listen to ONE family sing-along, or watch ONE family vacation outing, the RIAA and its investigators are IMMEDIATELY guilty of what they are alledging of others. One wonders if it would be possible to tell the RIAA to go SUE itself...??
However, if you discount the replies which contain incorrect spelling or non-existent words there will not be much left to read.
Sure. But I don't read things for the sake of reading. I like to read useful information. Informed opinions are useful information. Opinions based on guesswork from laymen are not. So a big mix of the two is just a waste of time; you need to sort the wheat from the chaff, the signal from the noise. Saying that "there isn't much left" is basically saying that the comments are mostly noise with little actual useful information. That's the real problem, not that there isn't much left to read after you are done throwing away the noise.
E.g. from this topic alone: convience, gonna, and of course purgery.
No, I'm not complaining about bad spelling. Look, if you've got the slightest familiarity with the law, you will have read the word "perjury" thousands of times. Being unable to spell it is a sign that a) you don't have the slightest familiarity with the law, or b) you're an idiot. And just because somebody always brings it up, no dyslexia doesn't matter. If you are dyslexic, there was something invented decades ago called a spelling checker, and if you are dyslexic and you don't use one, you fall into the second category.
at the normal 60 - 80 hour work week that most associates are supposed to put in, that's about $50 - $67 per hour that each associate makes -- after at least 7 years of college, with its requisite college loans of probably $300,000 that they have to pay out. Anyone want to trade places?
A couple of things that have made the issue more complex: the RIAA has been known to inflate their membership roster and require Indie labels to sue inorder to be removed (the indies were afraid RIAA association would hurt their sales). Inflating the RIAA roster helps them claim they represent "90% of the music sold in the United States" (which most of congress seem to believe). Secondly, the RIAA has known it's been unpopular for years and that people were avoiding buying their members labels. So larger labels began to dividing off and renaming smaller labels to seem independent.
There's rarely a good reason why a trade organization feels so compeled to keep their membership secret. Do you think RIAA knows that downloading hasn't caused their loss in sales?
Late arrival, sorry. I agree with all of the comments about the existence of NAT demonstrating point 12 is not true but none closed the circle for me.
It is a fact that IP addresses do not have to be unique across the entire Internet in order for IP routing to function. Translating routers permit this to be the case and, therefore, the declaration is factually incorrect in its attempt to characterize IP routing in point 12. But I think that you need to say more in order to truly debunk point 12. NAT is a border technology but at some point IP addresses do have to be unique for much of what people use the Internet for and that is why I think you need to say more than just that NAT means IP addresses don't have to be and frequently aren't unique.
Consider a case where my node address is 192.168.1.1 (a RFC 1918 private IP address commonly used on a translated network). Assume I use a NAT router. Assume you also use a NAT router but we are not using the same NAT router. Let your IP address also be 192.168.1.1 then. This configuration will function to your and my satisfaction. But, in this scenario I cannot send IP packets to your computer, there is no IP route to it from my host. Yet, despite this undeniable fact, we can share files with each other using most P2P technologies. Therefore, uniqueness of IP addresses appears irrelevant to the functionality of P2P technologies making much of point 12, as written, irrelevant - in addition to just being wrong. Nevertheless, in order for MediaSentry to even have a list of IP addresses for the RIAA to ask the identity of then they must be observing P2P clients that ultimately have had packets reach the public, routable Internet. Therefore, you still need to say more about point 12 since it is end-user identity that is at issue.
Point 12 is attempting to assert that an IP address is a suitable proxy for end-user identity. Plainly my true identity in the IP arena is 192.168.1.1, as is yours. So, 192.168.1.1 is ambiguous as an identity. There has to be a disambiguation that happens somewhere since we are successfully sharing files even though we have the same ultimate identity. Therefore, even though the existence of NAT demonstrates that much of point 12 simply isn't true and irrelevant, that isn't really the point. Can the IP addresses that you do see on the outside (i.e. the one MediaSentry must see) uniquely identify someone. The IP addresses observed by MediaSentry are undeniably unique IP addresses.
Ironically, point 12 appears to address this by shooting itself in the foot with phone analogy: "in a particular home there may be three or four different telephones, but only one call can be placed at a time to or from that home". Absolutely true, but there may also be three or four people living in that home and knowledge that a call was placed from that number to another number, or vice-versa indicates nothing about which individual placed that call. Further, someone may be visiting and ask to use my phone. I may receive a call for a neighbour and go get them to take the call at my home. There may even be a burglar that makes a call while present in my home. IOW, the number itself is a point where multiplexing takes place and the target of the multiplexing is transparent/invisible to the network. NAT does the same thing for IP networks but can do an additional thing the phone can't. A NAT router can (metaphorically) take multiple calls at the same time (potentially more than sixty thousand) and each one has the same multiplexing potential as the phone example.
The point where multiplexing takes place, the phone number, does not identify a user (it identifies a subscriber). The phone company cannot sell service to a specific user, only to a specific subscriber (for the family, visitors and burglar reasons above). The IP address as seen by MediaSentry does not identify a user, it identifies a subscriber (for the same reasons as for the phone). Therefore, point 12 actually uses the phone analogy to conclusively demonstrate th
Disclaimer: I couldn't find a 'hard' link to a citation, but only recall this from when Napster first appeared on the scene.
It was reported then ( could be urban legend, but maybe someone out there has an actual factual report), and I recently checked this (yesterday) with some people I know that do file sharing that a considerable number of the files associated with a particular song name (file name) are either corrupt, or actually some other song ( a 'wannabe') who had appropriated the name simply for the purpose of getting their own music downloaded and exposed to listeners under this guise. The past tactic by companies was to flood the P2P system with bogus files, probably in the hope that frustration would simply cause people to give up on attempting to download or use services and mover to another title. My contacts also told me that it wasn't unusual for song meta data to be spoofed in similar ways, and sometimes it would take several attempts to find a 'good' copy. The most direct approach would probably subpoena the labels about whether or not they themselves were engaging in this obscuring tactic. People uploading there own covers of personal songs ( like the billion or so Happy Birthday vids on youTube) might have the same title : -)
Sorry, I meant the "deposition" of MediaSentry's president, not his "affidavit".
Ray Beckerman +5 Insightful
Even if the ISP doing the first level NAT hold logs, what about the second level or the APs?
Sure it might be easy to prosecute a private home owner, but you're going to struggle when trying to prosecute someone with an "open" network or one with a trnaisent userbase (eg. coffee shop, motel etc).
Engineering is the art of compromise.
I'm pleased to see a lot of very insightful answers, there's some good that the slashdot community is doing here by giving NYCL directions on where to attack the flawed methodology the RIAA is using to conduct terrorist activities on the general public.
Now I know terrorism is one step from Godwinism, but seriously, isn't that what the RIAA is really doing? Making enough noisy explosions and frightening people into submission for their own goals? "Boom! There's one infidel pirate bankrupt, one more pirate life destroyed. You could be next, unbeliever! Boom!"
The problem is that they're using the legal system as their means of terror. Thank goodness there are people like NYCL fighting for the general good. There are also laws that are meant to protect people from this kind of attack. But why aren't the "regular" heroes, like the police, helping stop the attacks, the spying, the harm to the people?
I am government man, come from the government. The government has sent me. -- G.I.R.
OK, I am a mere anonymous coward although I did have an ID here six years back...:) I think we also need to think a bit about port address translation.
In the common situation where a number of machines on a private network sit behind a NAT router, there has to be some way for the NAT router to corerctly route incoming packets. That can be done by static NAT, where each internal IP number is staticaly mapped to an external number. That must by now be very rare, since it requires a public IP for every private IP that will need to access the Internet.
Or we could use dynamic NAT, where we issue a public IP from a pool each time it is needed. Also rare for reasons of IP address economy.
So the usual thing, and what I do at home, is that each transaction uses the same IP number, but the source port address used is changed for each session. So say there are two machines behind the NAT router, and both of them happen to access the same machine in the Internet. The packets for one will be translated to use one port address, while the packet for the other will use another source port address. The server at the far end replies to the appropriate port address for each transaction. So when they arrive at my NAT router it can tell which of my machines to forward the packet to by the port address used.
So in theory we could use the port address to identify the actual machine used for a given transaction. In practice this is not practical, since the NAT router can issue a new port number for any new transaction, and a given machine can have multiple transaction occurring at the same time. Further, there is no record of the translation outside the NAT router, and that keeps no logs. At least, my one does not. So there are only two machines on my internal network at home, but both have five user accounts, and I don't log usage either. So it would be realy hard to be sure who was responsible for any given transaction.
Not that I bother with downloading music anyway, I have plenty of good stuff already.
As many have pointed out, section 12 is clearly wrong and this guy should have known it. More to the point, it is so easy to state it correctly. The IP address can't be traced to an individual, but it can be traced to the person responsible for the Internet connection and that's all the RIAA actually needs. If a University won't (or can't) hand over the students names, the RIAA could sue the University instead (in fact, they do). It's certainly an open question how much one is responsible if one gets hacked, but I wouldn't want to be the guy who's unsecured wireless router got used by a terrorist for something...
Another untruth in there is probably in section 15. I have certainly seen claims of from people who got RIAA letters based on the file name, not the actual content.
An engineer who ran for Congress. http://herbrobinson.us
Ray Beckerman +5 Insightful
Was this written by Carlos Linares or Carlos Linares Jr.? It is typed for Carlos Linares, but signed by Carlos Linares Jr. Mr. Carlos Linares states he has personal knowledge of the facts in his statement. He has pretty extensive personal knowledge, it should be tested to the fullest. It is not clear how he could have personal knowledge of the following: Paragraph 6, last sentence "At any given moment millions of people illegally........." What personal knowledge does he have to support the claim of "millions"? Did he count them all? In paragraph 12 he asserts users of P2P networks can be identified by their IP address. What is his personal knowledge of this? Has he personally identified them? What personal knowledge does he have of this? Does he have personal knowledge of the methods used by MediaSentry in identifying these particular IP addresses? How did he acquire this personal knowledge? He does not establish the methods actually used and relies on generalizations. The analogy of a telephone number to describe the system is accurate on the surface, but still if carried to its end, does not identify a person that owns or controls the phone, and ignores things such as pay phones. How about phone numbers that only go to automated voice answering machines or a switchboard and extensions? In paragraph 15 is his review the "human review" he refers to? If not, then what is the personal knowledge that the reviewers have that he does not have that he would have every one believe that he does have? He says he provides oversight of the review process, which puts his claim of personal knowledge into question, I say! He states the RIAA listens to the down loaded media files, but does not say they listened to the files listed in Exhibit A. Did they? In paragraph 18 he says RIAA down loaded and listened to the music? Was this specifically authorized or was this one more illegal download?
Every time I hear about the RIAA tracking some poor sod down, I think back to a personal experience of mine...
I use a Linksys BEFSR41 "Cable/DSL Router". Basically a glorified NAT (Network Address Translation) box. It lets all my computers share a single CABLE (or DSL) network IP address, provides a basic hardware firewall, etc. etc....
Back in June 2004 there was an issue with a firmware bug, which could have compromised the firewall aspects. So I downloaded new firmware from linksys.com, and installed it.
And my network connection went nuts. Oh it would work fine after I turned the box on. For a while... Then it would mysteriously die. Only to return to functional a few hours later.
Real pain in the ass to track down. (I had just switched from DSL to CABLE. And the CABLE systems had a lot of grief.)
It turned out that this new Linksys patch broke the BEFSR41's DHCP renewal mechanism. (Not to my local computers, but to the CABLE ISP provider!)
So after a few hours, my DHCP lease would expire. My IP address would go to somebody else. But eventually, the systems would get corrupted, and I'd start being able to use my "expired" IP address again.
(And receive all sorts of interesting packets originally destined for the actual DHCP lease holder. Encrypt your traffic people! (Initially I thought I was being DoS'ed.))
Eventually Linksys released updated firmware that fixed this bug. But for a long time, I (and many others) had a new "wget" in crontab to force manual DHCP renewal.
And you know what? The cable company never once gave a damn. As long as they were making money, accurately mapping people to IP addresses really didn't matter.
So I have to wonder: Does the RIAA figure that everyone is breaking the law? So accurately identifying the guilty party doesn't really matter as, odds are, whomever they finger, will have broken something (legally speaking)...
_...Writing anonymously for the obvious reasons...
Interesting view.
Doubting the existence of evolution is like doubting the existence of China: It just shows that you're uninformed.
Informative on spoofing.
Doubting the existence of evolution is like doubting the existence of China: It just shows that you're uninformed.
>> Item 8 states that the majority of the traffic on P2P is pirated material ....
While no one is going to argue the amount of pirated content available on P2P networks, given (a) that many Linux releases use BT as a distribution medium (Fedora, Ubuntu, CentOS, OpenSUSE, etc.) with images up to a DVD-ROM's worth of data (4.5 Gb), (b) the amount of video-based material (movies and television) that is out there, whose files are no doubt larger than audio MP3 rips, is it fair to assume that the music industry's concerns are a relatively small portion of the overall P2P traffic? Going to a popular tracker site such as http://mininova.org/, the largest BT swarms are typically found for the prior night's TV shows.
Item 9 (sales decline directly related to pirated content) has been contested for some time; the industry has reduced its number of releases, the majority sellers are now the big-box stores who carry little in the way of back-catalog material in favor of chart-topping new releases, and the rise of sales in DVDs (sell-through DVD prices comparable to new-release CDs appearing as a better value).
Then there's the fact that by its very nature P2P isn't the sort of thing where you can say "I want data form only that user". If you download a file, it will come from a number of sources (that's the whole point). Thus you can't very well say the file came from a given user, it didn't. Parts of it may have, but the overall composite you got came from many people.
Surely You <b>can</b> download file from only one user, provided he will be online enough long for Your downloading to complete.
At the very last resort - use Your firewall to only allow P2P connection to that user's IP.
Chances are low, that any other user behind the same IP will share exactly the same file.
Even if there are a number of users behind the same IP sharing file that You're downloading - Your evidence is not a bit worse - anyhow you've only talked about IP, not anything more accurate.
Also any modern P2P client (Shareaza for example) will have its internal firewalls, allowing You to ban out any file sources You'd 'point-and-click'. It is a must since, if You ever tried P2P, you know that for any search you will get a lot on instant matches with filenames exactly matching your search, all of those with perfect download speed and ready to download right off and with nothing but a viri inside it! Only a munite-two-five-more after that you will get real results with files that names are worse matches for search (though still likely, but less than viri), whose download speed is very limited and download queue overfull for next two days. Of course you would need to ban those virus seeders to use P2P effectively. But you also can use it to ban all the file sources except for the single P2P node, hence you would end in a file for 99% if not 100% downloaded from one node.
And last thing is that any reasonable P2P client (let's forget those ineffective ancient Napster and Kazaa) fully respects unreliable nature of file sources. When You can download broken file from HTTP or FTP, it can never happen to P2P. HTTP and FTP (and ancient P2P too) relies on network being 100% reliable and 100% secure. Any techniccal trouble or evil cracker in there - and you get a broken file. On the contrary, files in P2P are protected by eccesive checksums: TigerTree hash in BitTorrent and G2, SHA1 hash Gnutella and G2, MD4 hash in e-Donkey. Those checksums enforce you that while downloading from number of unreliable peers, you sstill downloading the very same file!
In fact, if RIAA downloads the small chunk of MP3 from John Dow (exactly - from one of the programs running on his networ device, usually computer) and all the rest of chunks for that file from other nodes, it has quite good proof that:
a) John Dow really does have that very file on his HDD
b) John Dow really does share it and uploads it to any requester.
I think it is never worse than downloading each byte from John Dow and... proove exactly the same.
Of course John Dow could hack the P2P program, especially open-source ones like Shareaza, ML-Donkey or a-Mule, to keep only file hashes values and one single chink of a file and laugh looking other peers tryingto download the rest of the file... but then he definetely wants to be taken to court ad would definetely enjoy this.
Similarly, spelling "two" instead of "to" is not a typo. A typo is when your hand slips, so you write teh or pwn or something like that. Your finger cannot accidentally slide from the t to the w while you're reaching for the o. Typo =/= not knowing how to fracking spell.
It seems to me that you are invariably agreeing with the RIAA. I've noticed the pattern from your previous comments on previous posts.
Ray Beckerman +5 Insightful