Internal Emails of An RIAA Attack Dog Leaked

qubezz writes "The company MediaDefender works with the RIAA and MPAA against piracy, setting up fake torrents and trackers and disrupting p2p traffic. Previously, the TorrentFreak site accused them of setting up a fake internet video download site designed to catch and bust users. MediaDefender denied the entrapment charges. Now 700MB of MediaDefender's internal emails from the last 6 months have been leaked onto BitTorrent trackers. The emails detail their entire plan, including how they intended to distance themselves from the fake company they set up and future strategies. Other pieces of company information were included in the emails such as logins and passwords, wage negotiations, and numerous other aspect of their internal business."

I have looked into the news, and i just felt that

[unity100]

this is something big.

real big.

Distance?

[Poromenos1]

They didn't just distance themselves from the company, they were going to relaunch it under a totally new name/look while still making sure it couldn't be tracked back to them. Doesn't this constitute entrapment?

Re:Distance?

[forkazoo]

They didn't just distance themselves from the company, they were going to relaunch it under a totally new name/look while still making sure it couldn't be tracked back to them. Doesn't this constitute entrapment?

Generally speaking, entrapment only applies to law enforcement and the government. RIAA still isn't there yet, thankfully. OTOH, a good lawyer could probably spin it as morally equivalent in principle for a jury.

Re:Distance?

[Atlantis-Rising]

You can't be entrapped in civil court. Entrapment is a statutory creation of criminal law. (Sorrells v. United States, although later supreme court precedent leads us to believe that rather than the statutory creation theory, they are moving more towards dealing with entrapment in a supervisory sense.)

Re:Distance?

[ctishman]

Regular people (like you or me or, in the court's eyes, the RIAA) can't commit entrapment. It's a police-only crime.

Re:Distance?

[Abalamahalamatandra]

As people have said, entrapment only applies to law enforcement types.

In the civil arena, I believe unclean hands would be more applicable, especially if you can trace Media Defender back to the RIAA via contracts and such.

Re:Distance?

[Wordplay]

I imagine that a clever lawyer could point out that they're attempting to sue over a transaction of which they were an active part. If I give you something outright, it would likely be impossible for me to sue to get compensation later. If I give it to you while wearing a disguise, I'm not sure that principle doesn't apply.

A -really- clever lawyer could point out that since the RIAA has been documented as giving their stuff away, that anyone downloading from anywhere might have a reasonable belief that it was coming from the "authorized" source in disguise. I don't know that it would fly, but seems like there'd be a non-zero chance of diluting RIAA's argument in the entire body of cases.

On a side note, seems like this would give the artists cause to sue the RIAA, for distributing their work in a manner that's likely not covered by their contract (though with artist contracts in RIAA member companies, who knows--maybe they have the right to give it all away for free.)

Re:Distance?

[Em+Adespoton]

entrapment involves the use of a technique that ends up in a crime being committed that under normal conditions would not have happened. would the crime have been committed without mediadefender setting up a trap? in all probabiliy it would. It would just happen elsewhere. it isn't strictly entrapment but it sure is evil.

If they hadn't set up the website, this specific "crime" COULDN'T have happened.

Think about what you said, with respect to, for example, VICE squads:

"Would Joe have been busted for possession of marijuana if the cop didn't sell it to him? In all probability he would have; it would just have happened elsewhere."

This is incorrect. It would NOT have happened; he MIGHT have been busted for possession of OTHER marijuana sold by someone else. On the other hand, he might not.

All of this is moot anyway, as you can't be entrapped in civil court. If they passed federal charges (under the DMCA), then an entrapment suit might possibly be in order if those entrapping were operating "above the law". Otherwise, either THEY were committing a crime by distributing the content, or those downloading weren't committing a crime as they would have been given legal permission to download the data. The worst thing they could be asked to do if those distributing the data didn't have permission to do so would be to remove their copy from their computer by the court. Of course, in most sane countries, possession of copywritten data isn't a crime, infringement, or anything similar; only distribution is. All you can be sued for is breach of contract in civil court (assuming there was some sort of contract).

Re:Distance?

[insertwackynamehere]

"When Civil Blood Makes Civil Hands Unclean" .. is that where the term "Unclean hands" comes from? Civil court.. unclean hands law.. :P Actually I am curious, though.

Re:Distance?

[dgatwood]

I'm glad you pointed that out. If this company, acting as an agent for the plaintiff (a movie company, for example), participated in the distribution of this content via P2P, then that constitutes a tacit approval of P2P distribution of the content by the plaintiff, thus making any further P2P distribution of that content potentially authorized by the copyright holder, and thus not a copyright violation.

Further, even if the person did not actually get it directly from an agent of the copyright holder, the rights holder distributing in such a way that causes it to be automatically redistributed by anyone who receives it (P2P) could constitute deliberate abandonment of the copyright (at least for the purposes of personal, noncommercial use) by the copyright holder.

I'm not saying that argument would necessarily hold up in court, but if I were in charge of a media company, I would not be doing anything nearly this stupid and reckless.

Re:Distance?

[Kjella]

In additional to only applying to agents of law enforcement or those acting as such, entrapment also only applies to making you commit a crime that you wouldn't otherwise make. So unless either the old or the new company did that, it wouldn't be entrapment. And if there was entrapment, it wouldn't have anything to do with their secret change.

Re:Distance?

[Kjella]

though with artist contracts in RIAA member companies, who knows--maybe they have the right to give it all away for free.

Well, if you look at iTunes etc. it mostly says Copyright (2006) Universal, Inc. or somesuch. So I figure they sell the copyright outright in return for royalties, though I suppose it could have some limitations on how they sell it and such.

Re:Distance?

[Alwin+Henseler]

Yes I can see a prosecution of downloaders might be hampered by how they were caught, if they were handed (corrupted) files by copyright holders themselves (RIAA/MediaDefender or allies). But 2 points you may have missed:

1) On a Windows system I've once seen a URL being opened as a direct result of playing some video file. Maybe there still exist similar leaks on many (unpatched) client systems out there, that allow arbitrary code execution. In that case: install some monitoring software, gather system info, identifiable data an so forth, and voila: you might proceed to prosecute that person not for sharing the video you handed him/her, but for all other illegal activity done using that computer. Failing that, an inside look in a file sharer's machine could be very helpful for rights holders.

2) By feeding corrupted downloads to users, you make their experience less satisfying, so that said users may turn away from using things like BitTorrent. Or give BT / file sharing in general a bad reputation (as in: works difficult, downloads often crap). That would also serve your purpose (although I expect the result to be minimal unless you succeed in causing mayor disruption of the file sharing network).

--Don't tell me this sounds good, and you won't me on your team. Up yours! File sharing may be illegal in some cases, but in general I don't feel it's unethical, or that it helps society at large to prevent it. Try and convince me otherwise, with solid arguments.

Re:Distance?

[Sparr0]

Keep reading. He posits that the existence of honeypots lends credibility to the argument that *ANY* download *MIGHT* be coming from a legitimate source. We know the RIAA is distributing songs via P2P, and we know they are disguising themselves, so why can't we assume that the guy sending us music right now is really the RIAA in disguise, making it legal?

Re:Distance?

[ubrgeek]

OK, so not entrapment, but what about violating FTC laws if they lied on their charter of incorporation (is that the term of the paperwork compiled for incorporate a company?)

Re:Distance?

[budgenator]

when two civilians do it isn't it called conspiracy?

Re:Distance?

[budgenator]

if MD went to the potential downloaders and invited them to the site it would be like entrapment or more properly something like soliciting a criminal activity or conspiracy, but if the downloader came to them its a different critter. What I can't figure out is how you get people to the site without soliciting them.

Re:Distance?

[budgenator]

I imagine the file have some sort of coruption that makes them unplayable rather than live content.

Re:Distance?

[MooUK]

The way I understand it, entrapment is the difference between a policewoman disguised as a prostitute offering herself to curbcrawlers, and them approaching her. If the policewoman, in this case, initiated or incited the criminal act then it would be entrapment. If the accused initiated it without incitement, it's not.

I'm no lawyer, etc, so I may well be wrong.

Re:Distance?

[HermMunster]

Their purpose is to collect names for law suits so that they can make money.

Re:Distance?

[Goaway]

Now, I did not read the actual emails yet beyond the summary, but that contains a hint most people are missing. The goal of this isn't to entrap people for downloading material. That idea is dumb, everybody knows it, and these people aren't so dumb they think that would work.

No, what I see hints of is that their client would contain code to disrupt OTHER P2P networks. Their efforts to disrupt traffic are easily thwarted by blocking their IP ranges. What they might be going for is creating a botnet of sorts, so they can attack from entirely random IPs.

And that's the thing they don't want getting out at any cost.

Re:Distance?

[Restil]

This would work, in theory, if they posted the movie on a website and let people download it. However, just because the movie company and sponsored affiliates, such as the MPAA, etc, are allowed to distribute a copy of the movie for free, that does not give any one else distribution rights. The problem with a client such as bittorrent, by definition of the protocol, you're making a copy of the file available to others, and are likely also transmitting it. If you could download the file without redistributing so much as a byte of the data, it would be legal for you to obtain it in this way..... in theory.

-Restil

Re:Distance?

[Herkum01]

I also wonder if a defendant can,in court, require the RIAA to verify the identity of the individual from whom the file was downloaded. In other words, the person who posts file, they must not be someone is legally able to distribute the file in this manner and the RIAA would have to prove that in court.

Chances are, that person would not have the right but the additional burden of having to identify this individual would certainly make it harder on the RIAA.

Re:Distance?

[SpacePunk]

No, it isn't entrapment. It's more like when someone spills water on the floor, then fakes a slip/fall accident in order to sue for damages.

Re:Distance?

[dgatwood]

I think you missed the point. The movie company knows that the very act of downloading it causes you to redistribute to other people. Therefore by distributing it in that fashion, they are agreeing to allow the content to be obtained with the knowledge that doing so will cause you to redistribute the content, and therefore they are effectively agreeing to allow you to redistribute the content.

Re:Distance?

[rts008]

Interesting points, especially #2. #1 seems to have some gaps though IMHO.

Okay, #2: The first two sentences are cool, but after that you are proposing illegal activities. (not that this has EVER happened! see Sony rootkit fiasco, among others)

Installing the software to do all of this can easily happen, but is mostly illegal. The ability to monitor and then bust you for ANY shady activities is also mostly illegal, especially for a 'third party' like the MPAA or RIAA.

As to the "Failing that, an inside look in a file sharer's machine could be very helpful for rights holders." part, it is (or has been) being addressed. I cannot remember whether it was on http://www.arstechnica.com/, or here on /. last night...too beat from work (got home from a 12 hr. shift about an hour ago) to do the link legwork.
From what I understood from RTFA's was this:
When a defendant's (how does that go? hereafter referred to as 'd/d's) PC is to be used as evidence (more or less only the HDD is relevant), then the plaintiff (p/p's) gets to make two identical images of the defendant's HDD under both d's and court appointed third party Computer Forensics Expert. One image is held 'in escrow' by the court as a backup/verification device, the other 'clone' is sent to the d's lawyer to get with d to tag any personal/private data that was not relevent to the media filetype case.
The edited image goes back to the prosecutor to be entered as evidence (after review by the judge and the 3rd party 'expert' to discourage foul play), then they go at it tooth and nail.

It seems a good way to handle it- the plaintiff gets to image the HDD, but under both an *hehheh* objective 3rd party Expert in forensics, but also the defendants representative's 'looking over the shoulder' during the cloning/imaging. (yes, I'm sure my suspicions are over played here- feel free to apply that filter!)

The cool part is if either side calls 'foul!', the judge can pull out his cloned image of the d's HDD and check the facts...seems to me this could work really well if implemented right.

I had trouble with parsing #1, but you were very concise and easy to understand where you were coming from with #2.

BTW, I also need convincing, but "I'm rough, tough, and hard to bluff!" ( I have no clue where this quote came from, but I've heard it for decades)

Re:Distance?

[webmaestro]

Well, unclean hands usually deals with remedies in equity (injunction, specific performance, etc.) with respect to non-performance of a contract. First, these are not suits for breach of contract, and second, money damages are not equitable remedies. Therefore, unclean hands does not apply. While I'm sure there are contracts between Media Defender and the RIAA, the potential defendants are not parties to a contract.

Re:Distance?

[Phanatic1a]

but if I were in charge of a media company, I would not be doing anything nearly this stupid and reckless.

That works both ways, though: if you wouldn't be doing anything nearly this stupid and reckless, you wouldn't be in charge of a media company.

Re:Distance?

[dgatwood]

Dang it! Now you made me go and spew water out my nose!

:-D

Re:Distance?

[Frosty+Piss]

I'm sorry, how is the parent a "troll"?

Torrent or it didn't happen

http://thepiratebay.org/search/mediadefender

http://torrents.thepiratebay.org/3806944/MediaDefender.Mail.200612.200709-MDD.3806944.TPB.torrent

enjoy !

Re:Torrent or it didn't happen

[erroneus]

Nothing like the slashdot effect to boost the speed of a torrent!

Re:Torrent or it didn't happen

[Goldberg's+Pants]

Some interesting stuff in these emails.

in front of Bobby, Brad, Joe and Joe's infamous candy
bucket, there are a couple dozen CDs and DVDs totally up for grabs.
There's some pop, rock, rap, r&b, and more. It's totally free, so
help yourselves.

Gee, I'm sure THOSE didn't come from their corporate paymasters at the RIAA...

Re:Torrent or it didn't happen

[Jugalator]

This really goes without saying, as it is expected from people like them. Still it is unexcusable, what I found... They top-post on e-mails.

Re:Torrent or it didn't happen

[Goldberg's+Pants]

Hate replying to my own message, but I just renamed the file saved-messages and copied it to my PINE mail folder and am reading it in PINE. (NOTE: Change the name if you already have a folder named saved-messages obviously.) Since somebody reading this will probably wonder what to do with the file.

Re:Torrent or it didn't happen

[Atzanteol]

"mutt -f " works just fine too....

Re:I have looked into the news, and i just felt th

[Daimanta]

All we need now, is a CIA cover-up.

Will we be able to legally tie this to RIAA ?

[unity100]

If so, then riaa is in knee deep s*it

Re:Will we be able to legally tie this to RIAA ?

If so, then riaa is in knee deep s*it

Keep dreaming. The RIAA has bought so much of your political system that they can basically do whatever they want. Even if it can be tied directly to the RIAA, which is doubtful, a select few people will take the fall and business will continue as usual.

Hahahaha, no.

It is big. But I doubt there will be any sensible outcome. What will likely happen is that this will be talked about for a couple of days, soon enough some other story will come along, and people will forget all about it.

Re:Hahahaha, no.

[spikestabber]

Their SSN's, home addresses, birthdates, wages and all are included in a spreadsheet attachment. They're screwed.

Re:Hahahaha, no.

[gravos]

I guess what I am wondering is whether we find their vigilante attitude towards stopping downloads more or less distasteful than the RIAA's more typical sue-and-destroy strategy.

Re:Hahahaha, no.

[Tuoqui]

Haha... Oh boy are they screwed... Maybe people can give this story the 'pwned' tag that it so rightly deserves.

Re:Hahahaha, no.

[A+nonymous+Coward]

Yeah, which is a more distasteful way of dying, sword or bullet?

Re:Hahahaha, no.

[Goldberg's+Pants]

Read the story yesterday. Downloaded the emails. Not had a look yet, but the more I hear about them, the more I laugh.

Do not try and entrap the torrent community, for they are subtle and quick to anger.

Re:Hahahaha, no.

[bladesjester]

Yeah, which is a more distasteful way of dying, sword or bullet?

Being crushed to death under a really fat guy :P

Re:Hahahaha, no.

[SeaFox]

Got that right. That tapping sound is a hundred Black Hats beginning revenge identity theft.

Re:Hahahaha, no.

[robbiethefett]

I'm betting right now there's a lot of employees of MediaDefender on the phone with their banks right now trying to find out why they bought several boats, cars, etc. in Russia, China, and god knows where else..

Re:Hahahaha, no.

[WaltBusterkeys]

I am wondering is whether we find their vigilante attitude towards stopping downloads more or less distasteful than

Their "vigilante" tactics have inspired a vigilante response, for better or for worse. It's the old "well, they started it" defense.

It's almost a little disgusting to see intelligent Slashdot readers encouraging identity theft and other federal crimes because they don't like the work that MD does. Obviously the vast majority of readers aren't doing so, but there have been full names of low-level programmers already posted in this thread and I'm sure far worse on other sites.

Do the ends (stopping MD's work) really justify the means? If this were the internal emails of an abortion provider we would all be disgusted if a pro-life group sent the names, addresses, and social security numbers of clinic secretaries and janitors around. But when it's the low-level functionaries of a hated technology group it's apparently OK and to be commended.

Just because a large number of people disagree with their work it shouldn't be OK to break federal law to discourage them. Yes, they may have broken federal law first, but the answer is not to raise the ante.

Re:Hahahaha, no.

[Original+Replica]

a hundred Black Hats beginning revenge identity theft.

If MediaDefender denied TorrentFreak's original accusation while in court proceedings shouldn't at least one of their reps be charged with perjury? There isn't much need for identity theft when someone's going to jail. Although I suppose getting them "accidentally" sent to a maximum security facility might become the new goal...

Re:Hahahaha, no.

[dreddnott]

Being crushed to death under a really fat guy :P

Does there have to be a CowboyNeal option in every poll?

Re:Hahahaha, no.

[rts008]

"dreddnott (555950)"

Well that shoots down the "You must be new here" option for my reply, but yes, there MUST be a CowboyNeal option in every poll...after all, this is /.!

BTW, LOL! for the quick wit. :-)

Re:Hahahaha, no.

[WaltBusterkeys]

The emails in TFA are from the top end of this scum-sucking organization

The emails were from the top-line people, I agree.

However, down near the bottom of this thread there is a dump of a salary list from Excel that appears to include line-level programmers. The torrent allegedly contains their SSN, phone, and address as well. I haven't seen the torrent, but I'm trusting people at the bottom of this thread who have. The bottom-level programmers have nothing to do with the politics of the organization. It's one thing to think that they should have chosen a better company to work for, but they aren't the figureheads of the company by any stretch. It's even possible that they're here on H1-B visas and are thus effectively indentured servants, unable to leave without losing their visa even if they dislike the company politics.

It's a little gross to go after them.

If the torrent doesn't contain the info above then please inform me in a civil manner and I'll happily consider myself educated. I still think there's a problem with Internet vigilante justice, but it comes in a different form when it's the figureheads rather than the low-level employees.

Easy on the personal attacks -- let's make Slashdot a better place one civil exchange at a time. I respect your right to disagree on whatever terms you want to, but let's disagree in a way that fosters discussion.

Re:Hahahaha, no.

[noisehole]

this is even more funny. mediadefender signed exe's anyone?

19.04.2007 22:59 FW: certificate

This is the certificate, please be careful with this file. The file you
need is the mediadefender2006.spc, the other is the private key that you
might need to encode a file.

Or maybe

[goldcd]

they just got sick of trapping people for the RIAA and the RIAA getting to shake them down for cash.
Let torrent stuff you have copyright on (for example emails that've been stolen from you) and sue for cash yourself...

They seemed to appreciate utorrent

[Aim+Here]

If you read the emails, apparently utorrent is their favourite torrent client, since it allows them to 'interdict' torrents, whatever that means. Whatever they're up to, that surely warrants a campaign to boycott the client in favour of free software torrent clients where these sorts of deficiencies can at least be fixed by anyone who cares.

Oh, and the rumors of them being behind the spyware-encrusted ziptorrent were false; that one seems to have been MediaSentry's doing.

Re:They seemed to appreciate utorrent

[cnettel]

Well, what would stop them from keeping an older version if that's somehow beneficial to them (or make minor changes to a client to disturb the protocol)?

Re:They seemed to appreciate utorrent

[Aim+Here]

That's not the problem. The idea is that it's easier for MediaDefender to disrupt bittorrent when the other users are using utorrent.

I don't know exactly what interdiction involves (it's a military term so I can make a guess) , but it seems to be an exploit in utorrent that they use to disrupt downloading of utorrent users. The less people use utorrent, the harder it is for MediaDefender to practice this 'interdiction'. MediaDefender seems to be quite worried every time a new version comes out, and they do try to get their customers to use utorrent when checking torrent sites to see that their files are being spoofed properly.

Some of this stuff could conceivably be used by MD's customers to sue MediaDefender for deliberately misleading them as to the effectiveness of their spoofing, like this one, when Amy Winehouse' record company wants to come and see how well they're doing:

From: Ben Ebert
To: Randy Saaf; Tabish Hasan; Ben Grodsky; Jay Mairs
Cc: qateam
Sent: Wed Jun 27 09:23:42 2007
Subject: Re: umgi

Neil is asking for this now, let's give him amy winehouse on the sites I listed below. We need to make
+sure they are usiny utorrent since our decoys are not as strong as they could be. If you can influence
+the methodology have them download the top 15 with a short time frame like 2 hours.

Oh, and their emails do show them avidly reading slasdot and Digg and the like whenever a scandal affects them. So hello and welcome, to all you grifters taking the piss out of corporate record executives in ineffective-but-lucrative-peer-to-peer-spoofing land!

Re:They seemed to appreciate utorrent

[Rufus211]

First google result for bittorrent interdiction is a resume from a former MediaSentry (a competitor of MediaDefender) director. The juicy bit (in case it goes away):

Director of Interdiction Development
MediaSentry Div of SafeNet
(Public Company; 501-1000 employees; SFNT; Computer & Network Security industry)
September 2004 -- November 2005 (1 year 3 months)
Lead team of software developers and systems engineers developing interdiction solutions for P2P networks.
Designed and deployed new Linux based 300+ host distributed infrastructure for p2p decoy distribution with automated command, control and monitoring. Designed and deployed network of filtered eDonkey servers. Managed roll out of new BitTorrent interdiction infrastructure. Implemented multiple p2p file trading clients on hosts utilizing VMware.

It seems like it's basically a distributed network of clients that feed garbage data, trying to slow down everyone's downloading. Sadly for them it seems that uTorrent defeated their work:

After more in-depth analysis...we've determined that the new version DOES affect our interdiction in a negative way. They've added a new "bt.ban_ratio" field that takes into consideration how many good pieces a client has uploaded.
[....]
We still see a lot of hash_check fails...but now the only peers getting banned are ours. This also affects MediaSentry's interdicted torrents. They are no longer effective on the newest version either.

Re:They seemed to appreciate utorrent

[Aim+Here]

Not the whole story. They must have made it work again, because this one is dated September 7th, later than the email you quote:

Subject: RE: utorrent
From: Daniel Lee
To: Randy Saaf , qa ,
                torrents
Cc: Ty Heath , Jay Mairs

Yep, we checked yesterday and interdiction still works on the latest
version.

Re:They seemed to appreciate utorrent

[cnettel]

Ah, yep, realized that a bit after posting....

this is in the wild now

[unity100]

nothing can cover it up

Re:this is in the wild now

[Daimanta]

That's that they WANT you to believe!

Re:this is in the wild now

[jackharrer]

Hopefully it will get to news.bbc.co.uk, as it's regarded as one of still pretty credible news outlets.
Does anybody know how to submit it to them?
Or maybe some tabloids? The Sun, Daily Mail... sounds like a task for Sunday!

Re:this is in the wild now

[iluvcapra]

one of still pretty credible news outlets.

Does anybody know how to submit it to them?

You can't submit to them, that's why they're credible :P.

Re:this is in the wild now

[Ash+Vince]

I am guessing that the various employees of media defender are either all in work doing alot of overtime this weekend, or are seriously not looking forward to monday morning. I can see one hell of a security audit in the companies future.

I had never really taken them seriously until I read this story and then read some of the other details about them on wikipedia. I heard about them when the first launched their services and thought they wouldn't last a month so I was quite surprised to find out they are still going and have been bought for 42 million USD or whatever.

Why the hell would anyone pay that much money just to engage in the online equivalent of pissing against a force 10 gale?

Re:this is in the wild now

[IgnoramusMaximus]

Why the hell would anyone pay that much money just to engage in the online equivalent of pissing against a force 10 gale?

You assumed that the narcisstic, vain, executive types, having landed in their positions straight from their MBA mutual-adoration "schools", actually have an ounce of a clue. That is a very dangerous assumption. These people are the new artistocracy. Their time is spent in adoring each other's golf swing on exclusive golf courses and a byzantine dance of trying to ingrate themselves with the "right" coctail party crowd, which then, if successful, leads to their occupation of new, ever more obscenely overpaid, musical seats on various boards of directors, finally ending in a massive "golden parachute" payout.

Well being of the companies, competence and the financial gains of shareholders have absolutely nothing whatsoever to do with any of this.

Returning to the case in point: the overpaid clowns, not having a dimmest idea as to what they are doing (as the leaked emails plainly and painfully show), did what their kind usally does: played and postured at being "rent-a-cops" for their objects of adoration, the much better paid, and even more clueless, executives of various media conglomerates.

It is a little wonder that other buffoons would pay millions (usually comprised of some blue-collar worker's pention fund money) for this glorified circle jerk of "serious businessmen crime fighters".

One of the dimwits, seeing himself so much more competent that mere "techies", then proceeded to bypass all of the security measures of their email system by forwarding all of his mail to Gmail, and then used the very same account, with the very same password of "blahbob" to "investigate" one of the p2p sites.

In short, everything that is happening here is merely a sympthom of the state of total corruption to which the modern corporate world has descended, other indicators being known under the names of Enron, WorldCom, Haliburton etc.

Re:this is in the wild now

[19thNervousBreakdown]

And you, sir, are a walking, talking, slashdot-posting parody of yourself, who apparently learned everything he knows about the mindset and behavior of corporate officers from Jeep commercials.

Me, I learned it by interacting with them personally and professionally way more than I ever wanted to on a day-to-day basis over the majority of my career, and my experience is that the grandparent is dead-on. The whole system is some screwed-up incompetence engine fueled by narcissism bathed in the infinite oxidizer of a personality almost entirely driven by a super-ego that hasn't matured a day since puberty stopped.

P.S.
They all play golf.

Re:this is in the wild now

[IgnoramusMaximus]

I'm not sure if you're intentionally parodying those who blame all of the world's woes on this supposed elite that nobody can name or place, but you're doing a great job of it. If you're not then your worldview is incredibly warped and I prescribe one dose of leaving the basement and seeing the real world.

Real world? Basement? These goofuses are actually my long-time customers and I deal with them daily. That is how my worldview got "warped" as a result of what I know first-hand. And that is how you do not know, apparently. Not only can I place them and name them, I can even name their boats. And that is why I post here under a handle. If they knew that I know many of them for what they are, they would no doubt try to retaliate and that would be rather inconvenient. I can fix the overpaid stuckup buffoons' mistakes for top dollar when they believe all their screwups are the wisest moves ever and only need "little touchups", but it is impossible to do so when they know that I know what those turds of their making really are. It bruises their fragile egos and makes them very uncomfortable. I like to call this: "Customer Relations". The way the world works, kid. Smile and shovel. Your reward is laughing all the way to the bank.

And if you are one of those MBAs - keep in mind that this grinning consultant on whom you offload all your real work and who says "That would be no problem!" or "I can work within the framework of your plan!" and the like, might be someone like me and hold the same opinion of you as I do. You can tell by how skillfully he actually does what he needed to do to make it work, as opposed to what you told him to do, even though he agreed and nodded his head all the way. That and the fact that his bills keep going up the more your fuckups pile up, even though you did your darnest to hide them. But he never stops smiling and being nice to you, does he? It is so fortunate that you cannot read his mind. You would spend the rest of your days under your bed shivering.

PS - Nobody even plays golf anymore. Try adventure sports. That's where you'll find today's executives.

Muahahahahahaha! Hahahahaah! Ehrm.

"Adventure sports" would require these farts to actually exert themselves. Although some few do that, there are very good reasons why golf (followed by far distant second: squash) is king, which you do not seem to grasp: 1) one can do this in an exclusive, exorbitantly-priced, invitation memebership only, bar-equipped course right in or very near the city, which also provides an opportunity to flaunt one's wealth to all the peons 2) most execs are lazy farts who talk a storm about "sports" but usually restrict themselves to swinging clubs and copiously drinking and 3) one can discuss business deals in comfort while golfing, which is rather hard when, say, hand-gliding and what not. "Adventure sports" are what most of them would, without batting an ayelid, label a posh trip to, say, Africa or some other poor but picturescue place, where they ride around in well guarded and very luxurious RVs, once every decade or so.

I get cold sweat when I think on my days of youth, when I actually believed the same sanitized, propagandistic crap you seem to believe. But I don't blame you for your naivette. Unless you were born into this rarefied socialite club or are grudgingly admitted to it via marriage or some astronomically unlikely random coincidence (which you will prompty ascribe to your own infallable iron wit of which the mere peons are bereft of, as is the prevailing custom in those circles), you will learn eventually.

Re:this is in the wild now

I get cold sweat when I think on my days of youth, when I actually believed the same sanitized, propagandistic crap you seem to believe. But I don't blame you for your naivette. Unless you were born into this rarefied socialite club or are grudgingly admitted to it via marriage or some astronomically unlikely random coincidence (which you will prompty ascribe to your own infallable iron wit of which the mere peons are bereft of, as is the prevailing custom in those circles), you will learn eventually.

This comment is like the GBU-28 bunker buster of reality. Man I wish you weren't right, but you are.

You should see defense contracting, with its own little circle jerk of mutual admiration with the goal of making lots of bucks while doing as little as possible. And it works! A bunch of ex-flag officers running the show with some so-called "engineers" in the mix performing "software maintenance" (in other words, working on shit that doesn't work, never will, and even if it did it performed a task that was appropriate in the chill of the cold war 70s).

Re:this is in the wild now

most execs are lazy farts who talk a storm about "sports" but usually restrict themselves to swinging clubs and copiously drinking

Right on, you hit that on the mark, but I wouldn't limit that to just execs. I am surround by neighbors who try to relive their glory days of high school JV football every day by shouting at the TV screen on the weekend while downing Coors Light in their sweater vests. Ironically as much "sports" as they talk, the only sport they do play is golf.

Re:this is in the wild now

[The+Angry+Mick]

Try adventure sports.

Is that what they're calling hookers now?

Re:this is in the wild now

[sg_oneill]

[quote]And if you are one of those MBAs - keep in mind that this grinning consultant on whom you offload all your real work and who says "That would be no problem!" or "I can work within the framework of your plan!" and the like, might be someone like me and hold the same opinion of you as I do. You can tell by how skillfully he actually does what he needed to do to make it work, as opposed to what you told him to do, even though he agreed and nodded his head all the way. That and the fact that his bills keep going up the more your fuckups pile up, even though you did your darnest to hide them. But he never stops smiling and being nice to you, does he? It is so fortunate that you cannot read his mind. You would spend the rest of your days under your bed shivering.[/quote]

Bravo!

Re:this is in the wild now

[Ilgaz]

nothing can cover it up That is the exact reason why entire media industry hates P2P. It is impossible to control.

CNET refuses to handle this story? Fine, I got the original mails in hand, I make my own story and post it some blog site.

Re:this is in the wild now

[unity100]

/. handled it. thats much more important

Re:this is in the wild now

[IgnoramusMaximus]

Err, who was saying anything about "millionaires"? Most VPs and CEOs live very, very successfully on other people's money, thank you very much. In fact this is the whole point! They spend like mad on their luxuries and their "savings" are eventually realized from excess loot, usually towards the end of their "careers" when they retire on their golden parachutes.

So us law abiding can't read these, right?

[MunchMunch]

What's the legality? Obviously, I doubt highly these emails can be used at a trial for any wrongdoing or unlawful behavior (say, for Miivi), but will I get into trouble just for downloading them?

Re:So us law abiding can't read these, right?

[ChrisMounce]

You can only get in trouble if they catch you. I don't know how difficult encrypting your BitTorrent traffic would make it to track you down, but it can't hurt.

Re:So us law abiding can't read these, right?

[WarwickRyan]

The copies from here can't.

However, during a discovery process, I'd assume that the lawyer could request a copy of correspondances from MediaDefender. They'd have a hard time destroying these emails (there is a probability of this happening), as they've been published for the whole world to see.

Oh please DMCA this...

[BlueParrot]

Ok, normally I don't like the DMCA, but PLEASE , come on Media Defender, do DMCA this. Pretty please, with sugar on the top... you know you want to... I mean you have to beat your own incompetence somehow...

Re:Oh please DMCA this...

[Esion+Modnar]

This is so good. It's like reporting your stash of marijuana stolen to the police. To DMCA it is to validate its contents. All they can do is claim ignorance and say it's all a hoax.

Re:Oh please DMCA this...

[JordanL]

Not to mention the good that sending a DMCA request to The Pirate bay would do.

Re:Oh please DMCA this...

[MooUK]

Someone keep an eye on TPB's legal threats page - hopefully we'll have plenty of entertainment!

Re:Oh please DMCA this...

[iluvcapra]

To DMCA it is to validate its contents

Not necessarily. They could claim they were working on a huge fictional epistolary novel about a putative company named "MediaDefender," and all the drama the characters have over email.

Re:Oh please DMCA this...

[poetmatt]

its actually on their blog page already

I wonder who did it

[unity100]

If it is a long hair working as a code grunt/sysadmin in their it lot, may god make his/her hair glitter with sunshine and rustle in gentle, warm winds.

Re:I wonder who did it

[daeg]

I read somewhere that the mailbox password was something like "blahbob". Really, though, if your organization is so delicate, why are your IMAP/POP3 servers publicly available?

Re:I wonder who did it

[CharonX]

According to the .nfo one of their employees had the presence of mind to forward all e-mail to their Gmail account. I guess all that e-mail protection stuff got in the way or something.
And the password of said account was *drumroll* blahbob.

Re:I wonder who did it

[Mex]

" A special thanks to Jay Maris, for circumventing there entire email-security by forwarding all your emails to your gmail account, and using the really highly secure password: blahbob"

Re:I wonder who did it

[Rebelgecko]

According to the torrent, blahbob was actually the password to someon'e G-mail account that contained forwarded copies of the emails. Sheesh, talk about security... forwarding information about your "secret" projects to an email account on another company's servers is a pretty dumb thing to do.

Re:I wonder who did it

[c]

Nice. Real subtle. While you're at it, why not ask god to slap an "I did it!" tattoo on their forehead, too.

c.

Re:I wonder who did it

[Ash+Vince]

In related news Jay Maris is now very probably out of work and totally unemployable.

I actually feel sorry for him as this will probably be a devastating incident he may never recover from. Then again, I suppose he has helped inflict similar stress on other people who may have been sued by the RIAA as a result of MiiVii site. However at least those people had some sort of way out even if it was begging the RIAA for forgiveness.

He is now right royally fucked. What a pity :)

On a more serious note to any other Media Defender employees reading this I would suggest you consider that this could have been you. Nobody is perfect, so we all make mistakes and this one could have been yours. So when you see Jay outside the offices next month with his begging cup be generous.

Re:I wonder who did it

[Chmcginn]

In related news Jay Maris is now very probably out of work and totally unemployable.

I'll agree with the first, but not so much the second. Sure, Mr. Maris might have a damn hard time getting an IT related job in the near future, but IT isn't the only field in the world.

Re:I wonder who did it

[richie2000]

From looking at the actual e-mail headers, his name is probably misspelled at TPB. It should be Jay Mairs, a very lonely person right now.

In the immortal words of Nelson: Ha-ha!

Re:I wonder who did it

[Chemisor]

> If it is a long hair working as a code grunt/sysadmin in their it lot

Now, that could be dangerous...

> Emails of An RIAA Attack Dog Leaked

Evidently, unlike in the old times, these days it is easy for the whole internet to know you are a dog.

Oh man it hurts.

[kwabbles]

I can't stop laughing. Oh hoh... my stomach. LOL

Inflation

[athdemo]

I thought these two were some of the best.

>From: Watson, Jeff (WBR)
>To: Octavio Herrera; leaks
>Cc: Bird, Jennifer
>Sent: Sun May 13 10:49:59 2007
>Subject: Re: # LP illegal album downloads

>MediaDefender folks - please let us know roughly how many Linkin Park albums have been downloaded since the leak. Album is called Minutes To Midnight. Thanks.

>From: "Octavio Herrera" >
>To: "torrents"
>Cc: "Gilberto Vargas" >, "Ben Grodsky" >, "Rick Moreno" >
>Subject: Fw: # LP illegal album downloads
>Date: Sun, 13 May 2007 15:24:59 -0700

>Torrent team, can you give us a sense of how many dowloads of tis album there has been off bt. We are not protecting on bt so the bigger the better.

I really hope Warner reads this gold.

Re:Inflation

[Jugalator]

I nominate this one:

Dylan,

I wouldn't normally e-mail you directly about MiiVi stuff, because a lot of what I say about this is total crap (so keep that in mind) and Jay filters the crap from the important stuff for you. Is there a way to add this hash/title to the porn filter explicitly?

hash=30755326A4E4B28E678BFF8CB2AF5FC4A4FBF710&i=3 (the title is Celebrity deathmatch: Korn vs slipknot and the exact URL is http://129.47.9.160/zonie/media.php?hash=30755326A4E4B28E678BFF8CB2AF5FC4A4FBF710&i=3)

I just flagged it as Other Terms of Use violation. It's a warthog (or maybe it's a big bushy dog, I can't tell) having sex with a woman and NOT a Korn vs. Slipknot mash-up video.

If this is a big deal, don't worry about it for now. But eventually this would probably need a tool of some kind for a Super User account to remove files from our indexing system all together. Seriously, since I know they also read Slashdot, and definitely this story: Find a new career where you can be constructive rather than destructive, and where it's not just a completely futile battle, for fuck's sake. Wouldn't you feel better about that, than helping out media companies with a flawed business model? Quotes like the one I did above is just sad. When you get to stumble upon animal porn while you work to solve an inheretly flawed business model in the "digital millenium", you know you're just plain losers. Wow.

Re:Inflation

[Jugalator]

NO WAIT. Oh my lord, this one is even better. There was a follow up, and this time I'll just include the headers. Disgusting! :-X

-----Original Message-----
From: "Ben Grodsky"
To: "Jay Mairs" ; "Dylan Douglas"
Sent: 5/11/07 10:39 AM
Subject: RE: naughty miivi hash for filter

it's the first bestiality vid i've gotten that didn't have any porn or bestiality key words.

i'm not offended by bestiality in the least and actually have seen a few of the horse and dog fucking videos already :p

cool. no worries though. it just freaks me out when key words couldn't do anything at all.

Re:Inflation

[CopaceticOpus]

Wow. So it's not the bestiality that's offensive, it's the file sharing?

It's best to use the latest Windows Media Player for such videos. That way you can be assured you have a legitimate license to view what that giraffe is doing to that woman.

Sick!

Re:Inflation

[mink]

The last thing we need to see is Chupathingy porn.

Whilst undoubtedly some astronomical value was

[goldcd]

provided, my soul begs that the answer came back as:
"Zero. Should suggest to WB that they pay people to take it."

Re:Whilst undoubtedly some astronomical value was

[The+Living+Fractal]

Come on, the album was pretty good IMO. No, not your typical Linkin Park. They changed, matured, etc. How many bands are going to have to change after years and albums before people stop saying 'but they changed!'... ??? It's the standard, not the exception, people.

Re:Whilst undoubtedly some astronomical value was

[xenocide2]

Maybe after labels and bands themselves stop trying to create distinctive band sounds, I'll care about whatever changes you're attempting to defend.

Re:Whilst undoubtedly some astronomical value was

[The+Living+Fractal]

So you're basically saying you want everyone to sound the same? Might as well just buy a metronome then. It will play the kind of music you want, I'm sure.

Torrent Download

[the+angrybaby]

http://thepiratebay.org/tor/3806944/MediaDefender.Mail.200612.200709-MDD/ GO! GO! GO!

Re:Torrent Download

[Jugalator]

Oh my god, this will be awesome. My spider sense hasn't tingled like this since the Windows 2000 source code was partially leaked!

Re:Torrent Download

[Wizy]

More fun, just leaked:
http://thepiratebay.org/tor/3808220/Gnutella.Tracking.Database.Leak.INDEPENDENT

oooor,

[unity100]

maybe it wasnt blahbob and some long hair changed it and put it in the wild ?

Media Defender Defender

[rafael_es_son]

I wonder why is it taking all those botnets so long to DDOS the shit out these and other charlatans.

Re:Media Defender Defender

[rafael_es_son]

...and their parent company http://www.artistdirect.com/.

Unclean Hands

[bmo]

It was only a matter of time. Heh. Not a honeypot, eh? Rrrrriiight.

I just had to dig up an old post of mine that needed reposting...

Msg: 35175 of 43019 7/9/2007 4:27:06 AM Recs: 32 Sentiment: Not Disclosed
By: Boyle M. Owl Send PM Profile Ignore Add To Favorites
Legal Crows Come Home To Roost. Media Defender Says "We Didn't Mean It"

Media Defender backtracks on 'entrapment site'

It was all a terrible mistake

By Nick Farrell: Monday 09 July 2007, 07:14

THE MOVIE industry's private dick division has denied that it set up a P2P site designed to catch people pirating.

Media Defender admitted that it set up a site, called MiiVi, which looked exactly like a P2P site but claimed it was never meant to go live and was not designed to entrap pirates.

According to Ars Technica, Media Defender claimed the story has been blown far out of proportion and was started by sites like The Pirate Bay and TorrentFreak. MediaDefender's Randy Saaf told Ars Technica the story was "completely made up".

Well, not completely made up. He said Media Defender was working on an internal project that involved video and didn't realise that people would be trying to go to it and being a security company it didn't password-protect the site.

Saaf said that it was not an entrapment site, and Media Defender was not working with the MPAA on it. He claimed that the MPAA didn't even know about it.

However Ars asked theme why MediaDefender immediately removed all contact information from the whois registry for the domain if the site was so innocent. Saaf said that it was afraid of a hacker attack or people sending it spam.

It is not clear what Saaf was planning to do with all the details of would-be P2P users who might have logged into the site while it was accidently online or if anything was collected.

-------

Not an entrapment site? Walks like a duck...

Yeah, uh, Media Defender (nee Sentry) is in a heap of trouble because it gives the MPAA two things:

An unclean left hand and an unclean right hand. Media Defender's software installed a secret scanner that uploaded data on any "copyrighted files" to MPAA goons that may have resided on the computers of the dupes who went there.

You can't be breaking into people's computers and violating things like RIGL 11-52-3 by installing nefarious software. Many states have similar laws, and some states have laws specifically against spyware. "Evidence" gathered with unclean hands (this is an actual legal term and concept) angers judges to no end. Any "evidence" by the MPAA shown to be gathered by Media Defender now is under a very dark cloud.

That's why Media Defender is in deep shit. They committed felonies _and_ screwed their client. Thus all the "we didn't know people would actually _go_ to our honeypot"

Whoops.

--
BMO

-------

Fast forward to today...

http://thepiratebay.org/tor/3806944/MediaDefender.Mail.200612.200709-MDD/

And now it's proven that they really _did_ set it up as a honeypot. This weekend has turned out pretty good so far.

Hats off to the leaker. Now the _feds_ might have something to go after MediaDefender and the MPAA with. Oh, what delicious irony, with cream and sugar.

--
BMO

Re:Unclean Hands

[Goaway]

My guess is: No, not entrapment. Botnet.

http://slashdot.org/comments.pl?sid=299011&cid=20620947

Re:Unclean Hands

[kaizokuace]

yes! cream and sugar indeed, and in my cup of tea! I always say if you want to beat a man with a gun you shoot his gun so you can beat the crap out of him after he is defenseless! I am also crazy but that is of no matter.

Welcome

[junglee_iitk]

to the real world.

pawned by piracy, or should I call, theft of emails?

Torrent Comments

[Dubpal]

Comments from the torrent for the leaked emails make for an interesting read also:

MediaDefender-Defenders proudly presents 9 months worth of internal MediaDefender emails

By releasing these emails we hope to secure the privacy and personal integrity of all peer-to-peer users. The emails contains information about the various tactics and technical solutions for tracking p2p users, and disrupt p2p services.

A special thanks to Jay Maris, for circumventing there entire email-security by forwarding all your emails to your gmail account, and using the really highly secure password: blahbob

So here it is, we hope this is enough to create a viable defense to the tactics used by these companies, also there should be enough fuel to keep the p2p bloggers busy for quite some time.

So, uh...

[RealGrouchy]

does this mean I can keep the files I downloaded?

- RG>

*Wanted* "Noise" Spoofing Files

[none295]

Hello, my name is %20 and I collect interdicting spoofing noise files created by entities like Overpeer and MediaDefender. They are important 'art' objects which are in dire need of preservation. I had thought the methods and products died out when Overpeer went kaputz, but there are several e-mails in this collection which revive my search and preservation of these outstanding works of questionable merit. So if you happen to get a files from these folks which seems a little off, read this blog: http://noneinc.com/RIAAEM/RIAABlog.html and we'll host them for everyone to enjoy.

TIA!
%20

Re:*Wanted* "Noise" Spoofing Files

[none295]

That I cannot, for I am unappreciative of all forms of music. However MediaDefender explains their process as follows: (Please send these files to the blog, thanks) Quote: Subject: Uber 2 Hi Randy, after some internal discussion, here's our preliminary list. 1) Intermittent glitching ("mech, intermit") done in a way that's more random sounding vs periodic. 2) Bit-resample, such that there is audible artifacting (sounds like a bad mp3 encode). 3) shifting channels (sounds like a speaker cut out). Again, the goal should be to sound somewhat random. 4) Laugh-track, at a respectable volume level. 5) Saw-tooth volume, so long as the volume goes to (or close to) zero, so that the track can't be fixed by an inverse saw increase. 6) Beep, at a high volume In the future, you might do experiments with static noise overlays (sounds like faulty recording equipment), voice over (public domain audio), and overlapping songs. You probably don't want to apply any effect for the first 30-60 seconds, so the user thinks they got a good track. We should take some care to ensure that when there is intermittent effects they happen in the same places so that it's not possible to take the good portions of one version and splice them with the good portions of another version to get a complete (and perfect) third version.

nice

[wwmedia]

its a very nice business model they have, one arm of the company spreads/facilitates illegal downloads the other arm collects protection money from media companies

them media companies are the bigger fools for doing business with this crowd, mediadefender's whole business model depend on piracy always being there

Re:nice

[Bearhouse]

Yup, just like the 'intelligence' agencies. Can't be too good at your job, otherwise you'll be out of a job.

If they are any good, why is this thing all over the web, including torrents?

You are taking it the wrong way

[unity100]

If your company does not do evil, you dont have nothing to fear from anyone from slashdot crowd.

whomever leaked those emails was probably someone with a clean conscience. if you do not want to hire people with clean conscience and does whatever is right, i wonder what kind of work your company is doing.

Re:You are taking it the wrong way

[perkr]

And of course you, in your divine wisdom, can always decide exactly the company procedures and business practices that are considered "evil" right? You are never wrong and always right of course. Why have any arguments or attempting to change an organization from within, when you can just screw them over and leak all their internal documents as a torrent. Really classy. Though in this case it appears some random employee forwarded all emails to their gmail account and used a weak password.

Re:You are taking it the wrong way

[AHumbleOpinion]

If your company does not do evil, you dont have nothing to fear from anyone from slashdot crowd.

That is laughable given what many in the slashdot crowd consider evil. Developing closed source software for example.

Re:You are taking it the wrong way

[Desert+Raven]

I don't think it's really a slashdot thing, it's a computer geek thing.

Sysadmins and programmers work in a world where there is no ambiguity or dishonesty. If my code is written well, it will do exactly what it was designed to do, every time. It will not lie to me, it will not decide to do something else. Many geeks themselves are like this, part of the reason why the upper office folks dislike us is because we have a tendency to say exactly what we mean, and to tell them how things are, not how they would like them to be. Conversely, we dislike them because they tend to wrap every statement in meaningless drivel, never committing, and never saying exactly what they mean.

If your company is doing dishonest things, legal or not, and you have geeks working for you, you are at risk.

Re:You are taking it the wrong way

[IgnoramusMaximus]

That is laughable given what many in the slashdot crowd consider evil. Developing closed source software for example.

"Evil" is an exaggeration. This dislike of closed-source comes from the fact that many here instinctively realize that information, such as computer programs, some forms of art, thoughts in people heads, large integer numbers etc, do not fall under the simplistic, inane attempts to mis-apply an economic model of a "market" to things which do not have the required attributes to become "private property" and thus are not subject to "trade".

This does not mean that we believe that artists and software developers have to go hungry, but it does mean that the method by which various misguided businessmen (usually the middle-men peddling the art/science and not creating it themselves) expect to make their living is fatally flawed (primarilly because it was constructed by businessmen for businessmen, with no regards to anything else) and, in order to be "successful", demands positively immoral and dangerous to society activities, such as attempts at truly totalitarian measures in efforts to control the flow of information in society.

As more and more people realize this, it is my hope that some time in the future this idiotic "copyright" regime will be replaced with something that actually reflects the nature of the information and the needs of the society.

My personal favourite for art, for example, is a modernized "patronage" system, with direct transfer of donations by patrons of art to artists themselves. Sicence is, as it should, funded by academia and as soon as the for-profit scientific journals are dispised of (efforts in this direction are under way) it will be free from this nonsense. Performance arts have no problem whatsoever since the performers are expecting payment for their labour at the gate. Etc and so on.

It is quite possible however that a better model exists. If so I am sure someone will come up with it. Whatever it is, the notions of "copyrights" and "patents" as they stand are ... well ... patent absurdities! And what we see is simple human reaction to that undeniable fact, particularly among the younger generation whose indoctrination in these mattters is not yet effective.

Re:You are taking it the wrong way

[ScrewMaster]

If my code is written well, it will do exactly what it was designed to do, every time. It will not lie to me, it will not decide to do something else.

What kind of a computer do you work on?

Re:You are taking it the wrong way

[FunWithKnives]

Quite succinctly put. Specifically with regard to music, I find major fault with those who seem so up in arms about artists losing money due to p2p or torrent sites. Being a musician, I understand quite well that true artists do not create their music for money. Those who do are not musicians, they are simply business people hijacking an art form for personal profit. If we did away with copyright, and instituted a system such as the one you have mentioned, music would not disappear. Rather, as an art form it would become confined to those who love it for what it is.

Creating music is not a chore. It is something done out of necessity, more often than not. I liken it to an addiction, complete with withdrawal symptoms if neglected. In short, if a system like yours was implemented, music would not cease to exist. On the contrary, the trash would be weeded out and we would all be better off for it.

Re:You are taking it the wrong way

[IgnoramusMaximus]

As an artist, I knew you would understand.

It kills me everytime when I hear some suit-clad MBA blather about "music industry" and its "products". Art "industry" isn't. The notions of "industry" or "commerce" are the very anathema of art. Art, as I am sure you know very well, is an intrisic desire of an artist to share his vision of the world, his insights and his feelings with others. Artists receive pleasure from satisfying their desire to express themselves and are, if they are indeed artists, pleased if many, many people enjoy their art for what it is.

Kitsch manufacturers and peddlers on the other hand, see their "art" as means to an end: to get rich quick. To them, making of their "art" is akin to manufacturing some throw-away plastic doo-dad on an assembly line. They do not produce art, they produce a "product". And they are of course in full agreement with the various pointy-haired MBAs and "intellectual property" lawyers: the sucker, otherwise known as the "consumer", must be made to pay, or else their scheme would not work.

You are of course completely right that the creation of art would go on in the absence of these conmen, as it went on throughout the recorded history of humankind, and even before it - as the drawings on cave walls testify, looong before the self-appointed would-be "captains of industry" appeared on the scene.

And of course I concur that if the vulgar profit motive were to be removed, the only people left to create art would be ... artists. Artists who, I am sure, given the modern dynamics of instant communication and easy money transfers, would receive enough donations to make a very comfortable living, enabling them to focus on their creative urges, but who would not become mega-millionare "wonders", whose wealth seems in reverse proportion to their talent and in direct proportion to marketing and media manipulation by their "handlers".

Re:You are taking it the wrong way

[GPL+Apostate]

If your company is doing dishonest things, legal or not, and you have geeks working for you, you are at risk.

That's a fairly old-school attitude. However, software has been pretty commodified recently, to the point where an elite of 'geeks' isn't as important as once was the case. I've known 'cop an attitude' geeks and backroom technical people since back when I worked at a shop that still used PDP-8's for part of the system.

There comes a point, and we're close to it, when said 'craftsman' type technical people aren't needed. Certainly not for routine things like IT. Said folks need to keep that in mind before copping a superior attitude.

Re:You are taking it the wrong way

[toddestan]

What kind of a computer do you work on?

Obviously something that dates back from the DOS days.

Re:You are taking it the wrong way

[IgnoramusMaximus]

It's not that they haven't yet been indoctrinated, it's that they haven't yet created anything worthy of being stolen.

Your assertion will ring more true as soon as you explain how one does "steal" information. After providing your coherent, logically consistent and proveable answer, just seeing me humbled will be a mere icing on the cake, of course, after your having received your Nobel prize and world-wide fame for the successful subversion of the empirically demonstrable, natural laws of the Universe.

I tremble in anticipation of your devastating and awe-inspiring demonstration! A demonstration which will provide the definitive way to end all arguments on the matter, surely?

Re:You are taking it the wrong way

[ScrewMaster]

What we're talking about here are whistleblowers. What makes IT people unique in the history whistleblowerdom is that they often have, as part of their ordinary routines, access to vast quantities of corporate data. It's difficult to keep anything from them because the very people that would have the knowledge to do so are ... more IT people.

Re:You are taking it the wrong way

[unity100]

(to the best of my knowledge)

note that the knowledge of a sysadmin on whether the company is doing any evil or not would far surpass any other person's knowledge due to his/her access to the it infrastructure. there might be people on slashdot even, that are in this position in your company and knows your company is doing evil. thats of course if they are doing it.

Re:You are taking it the wrong way

[IgnoramusMaximus]

No demonstration then?

How unexpectedly disappointing...

Re:You are taking it the wrong way

[IgnoramusMaximus]

It's too bad for Ignoramus, though, that in the real world "steal," "stolen" and "theft" are used by everyone that matter. But of course according to slashdotters they are all wrong.

Some time ago, "everyone that mattered" kept calling themselves "nobility" and all others "peons" and conidered the said "peons" as disposable items which belonged to whichever Lord happened to ... well ... lord over them. And so it was written in the laws made by "everyone that mattered".

Some, not so distant, time ago, "everyone that mattered" kept referring to dark-skinned individuals from Africa as "property" and so it was written in the laws made by "everyone that mattered".

Similarly, some shorter time ago, "everyone that mattered" in the country of Germany used to refer to a certain non-germanic social group as "sub-human" and so it was written in the laws made by "everyone that mattered".

Even shorter time ago in the USSR ...

But then again, I am getting an impression that your kind will never get it. In your view whatever those in power say, is automatically, by definition, correct, sacrosanct and divinely makes all the sense in the world. I say that you should grow a brain and attempt the trick of letting loose some independent thought in it, and then come back to talk about "Pavlovian reflexes". For a bonus excercise lookup the terms "Authoritarianism" and its red-headed bastard child, "Fascism".

Re:You are taking it the wrong way

[unity100]

if you are in such a position then, when you see that something there is wrong, by your clear conscience, you should act on it.

Are you sure?

[Xenographic]

I wonder if Ray Beckerman (NYCL) would be able to use this? He's been trying to get discovery about what MediaDefender is up to from the RIAA for ages, last I heard, and hasn't gotten jack. Considering they're now open to all, I wonder if they could be used in court?

After all, you may remember how MediaDefender paid someone to hack into TorrentSpy's email. I'd call this turn-about...

Re:Are you sure?

[Kelz]

One would imagine it would be extremely hard to get any of this into evidence. But might it be used to lower MDs credibility with a judge, so that the judge would force a discovery?

Re:Are you sure?

[SL+Baur]

I wonder if Ray Beckerman (NYCL) would be able to use this? I doubt it, but I'm not a lawyer and he is, so I'd expect him to Do The Right Thing.

Actually, I'm in awe of him. I read the deposition he conducted earlier in the year against an RIAA "expert" witness yesterday (yeah, yeah mod me down for violating /. etiquette in not only reading TFA but also the attached links). Reading the transcript was even more fun than reading about SCO's chapter 11 filing. Brilliant man.

Re:Are you sure?

[Paradise+Pete]

Considering they're now open to all, I wonder if they could be used in court?

Being obtainable and being "open to all" are two different things. My guess would be that in their present state about the only thing they'd be useful for is keeping MD from denying they exist.

Re:Are you sure?

[rts008]

Yeah, I too have violated /. protocol in Ray B.'s case., and have also been entertained and mesmerized by his courtroom fu...enough to add him to my (short) friends list.

Here's hoping he can get some good mileage from this monumental boner, if anyone can, it will be him-I have faith.

I hope this proves to be a very heavy straw for the camel's back in the end...talk about karmic justice!

The Simpson's Nelson Obligatory Quote (tm) seems best here: "Ha!Ha!"

Re:Are you sure?

[inca34]

Link to transcript please?

Re:Are you sure?

[NewYorkCountryLawyer]

In the RIAA v. Consumer cases I am aware of MediaSentry involvement, but not Media Defender involvement.

Does anyone out there know of Media Defender involvement with the RIAA?

Interdiction

[Xenographic]

Interdiction means that they're screwing up your download or otherwise hosing the torrent.

I don't have a copy of the emails, but were they very specific about when it allows them to interdict the torrent? It'd be interesting to know, because uTorrent is closed-source and it's now merged with BitTorrent, Inc.

Re:Interdiction

[jandrese]

Don't Bittorrent clients do a checksum against every block downloaded? How can the swarming work? I know I have seen my client report that a chunk has a bogus checksum and re-download it. It's pretty rare but it does happen. It doesn't even have to be malicious, some people have dodgy computers that will silently corrupt data or frankly the TCP checksum isn't all that strong and it's not impossible for corrupt data to get through it.

Re:Interdiction

[toddestan]

The only way I see it working is you waste the pirates' bandwidth, as they need to then redownload that chunk of data, meaning they won't get the file as fast. If you could get enough of peer that you control on the swarming spewing out bad data, I could see it getting annoying as you might need to download 300MB for a 100MB file or something like that. Though I know Azureus has a feature that'll automatically block peers that send enough bad packets, so it looks like people have already thought of this. I would guess that swarming is pretty much ineffective.

Re:Interdiction

[Antony.Muss]

.torrent files have a string of "20-byte SHA1 hash values, one per piece" (http://wiki.theory.org/BitTorrentSpecification). It must be a misinterpretation or something, because it sounds like other p2p systems and not BitTorrent. Having read through most of MediaDefender in the News, reporters tend to give unclear or incomplete explanations.

Re:Interdiction

[danomac]

I know I have seen my client report that a chunk has a bogus checksum and re-download it. It's pretty rare but it does happen. It doesn't even have to be malicious, some people have dodgy computers that will silently corrupt data or frankly the TCP checksum isn't all that strong and it's not impossible for corrupt data to get through it.

Not only that, most clients blacklist a peer who is sending bad data. Once a threshold is met connections are ignored from that peer.

Re:Interdiction

[grimJester]

Interdiction. While the first two techniques try to prevent searchers from locating files, interdiction prevents distributors from serving them. The tool is generally used when media is leaked or newly released; the goal is to slow its spread in those crucial first days. MediaDefender servers attempt to create constant connections to the files in question, saturating the provider's upstream bandwidth and preventing anyone else from grabbing the data.

Isn't this a Denial of Service attack, hence illegal?

Re:Interdiction

[kasperd]

But I guess you could theoretically use hash collisions by designing random data for a piece that has the same checksum?

A collision attack is not sufficient for that, because it is just going to give you two pieces of data with identical checksum. What you need is a second preimage attack, which will allow you to produce another piece of data matching the same checksum as the one you have already got. A second preimage is significantly more difficult to generate than a collision. For brute force attacks, you need O(2^n) for a second preimage and only O(sqrt(2^n)) for a collision. Could be faster if you find a weakness in the hash. A collision in md5 was demonstrated a few years ago, I don't think a second preimage will be feasible anytime soon.

I'm not sure how easy this is for SHA1 though.

More difficult than for md5. For sha1 there haven't even been demonstrated a collision yet. I think there was found a weakness, which would do it faster than brute force, but still not fast enough for anybody to bother demonstrating it.

Re:Interdiction

[Kattspya]

A few weeks ago I was downloading a torrent off a tracker and it stayed at 99% for a suspiciously long time. So I opened up the logs and noticed that the same chunk (the last one) hade failed the hash check several times in a row. It was also evident that all uploading IP's came from the same block. I was stuck for half an hour or so and there must've been an pretty large ammount of spoofs because I was always connected to the bogus IP block.

In the end I "solved" it by getting peer guardian which blocked the relevant IP's and the download continued normally.

Re:Interdiction

[grishnav]

Sounds more like this:

http://www.azureuswiki.com/index.php/Torrents_stop_at_99_percent

Re:Interdiction

[Kattspya]

Yes, but the GP wanted to know how inderdiction could possibly work when all the chunks are hash checked.

How does interdiction work if the 99% thingy isn't interdiction?

Re:Interdiction

[Kattspya]

I should've read your link before posting...

Do you think I'm a complete 'tard? If the same IP's keep sending chunks that fail, all of those IP's are from the same range and peer guardian fixed it, do you really think it's my NAT box that is the problem?

This was also only the case on one torrent and it was a public tracker that MD seemed to concentrate on.

Whoever did it may be screwed, literally

[AHumbleOpinion]

If it is a long hair working as a code grunt/sysadmin in their it lot, may god make his/her hair glitter with sunshine and rustle in gentle, warm winds.

Well it will for one hour a day when he is taken from his cell to the prison yard for exercise. Intentionally disclosing social security numbers and other personally identifiable information probably violates several statues regarding information security and privacy.

And lets not forget the civil lawsuits that will result against this person. Those RIAA execs are going to be getting this guys computers (I hope they enjoy his JPG, MPG, and MP3 collections) and everything else he owns.

Re:Yes, but isn't that all in .rar format?

[the+angrybaby]

Haven't you heard of http://www.7-zip.org/? Or am I just misunderstanding what your saying?

Student lawsuits...

[BlueParrot]

From: Randy Saaf
        Sent: Wed 11-Apr-07 21:24
        To: Jay Mairs; Ben Grodsky; Ty Heath; Ivan Kwok; Ben Ebert
        Subject: Fw: .edu filtering

        Team

        Universal is curiouse if we have any historical data over the last 3 months that show whether .edu IP addresses on p2p have gone down.

        They want to see if their lawsuits are getting students to stop using p2p (take a moment to laugh to yourself).

        Let me know if anyone has any ideas.

        R

        --- Original Message ---
        From: Benjamin, David
        To: Randy Saaf
        Sent: Wed Apr 11 18:11:50 2007
        Subject: .edu filtering

        How are you doing with this?
        Thanks
        db

selling their sole for $$

[Stu101]

Its a pity we can't see what these paracites earn. I bet they earn more than us sysadmins :( Why hide what this scum thinks its worth.

Re:selling their sole for $$

[WaltBusterkeys]

How much for the whole shoe?

No no, fresh farm-raised Atlantic sole for only $8 / lb.

There's something fishy about this whole thread.

OH RLY?

[BlueParrot]

Its a pity we can't see what these paracites earn. I bet they earn more than us sysadmins :( Why hide what this scum thinks its worth.

dev-salaries-18june2007.xls

Sergio A. Alvarez 2,916.67 $70,000.00
Linus Aranha 2,708.33 $65,000.00
Dylan C Douglas 2,916.67 $70,000.00
Benjamin Ebert 3,541.67 $85,000.00
Norman T Heath 4,791.67 $115,000.08
Sujay S. Jaju 2,708.33 $65,000.00
Andrew H. Kim 2,291.67 $55,000.00
Ivan Y Kwok 4,166.67 $100,000.00
Jed Z. Levin 2,291.67 $55,000.00
Gerald E. Rode 2,291.67 $55,000.00
Sheetalkumar Shah 2,708.33 $65,000.00
Nainesh N. Solanki 2,708.33 $65,000.00
Daeyoung Song 2,375.00 $57,000.00
Jeffrey W. Wang 2,375.00 $57,000.00

You were saying? :p

Re:OH RLY?

[IgnoramusMaximus]

I think he was looking for the execs' pay. The devs are likely at the bottom of the scale, like everywhere else in corporate world, perheaps except the secretaries and general office help (but even that is frequently not the case these days).

Re:OH RLY?

[Victor+Antolini]

That's monthly? If so, I hate my third world country :(

Re:OH RLY?

[IgnoramusMaximus]

LOL.

No, the dollar figures are yearly. I assume the first number is the monthly pay after tax deductions etc.

Re:OH RLY?

[mooingyak]

It looks like that first number is a pre-deduction paycheck, issued twice monthly. I came to that number by doing the math once (57000 / 2375 == 24), and by noticing that all the cents are either .00, .33, or .67

Re:OH RLY?

[budgenator]

"Hey why am i only making $55K and that dipshit Solanki is getting 65?" OOPs I forsee trouble in paradise.

Re:OH RLY?

[Raenex]

It comes out right if you use 24 (12*2) instead of 26:

2,916.67 * 24 = 70,000.08

Re:OH RLY?

[metlin]

A quick Googling reveals that a lot of these people seem to be from USC. That's interesting. Although, I wonder why.

Re:OH RLY?

[dkf]

Those are yearly figures at the end of each row? Seems (after factoring the fact htat they're private sector) they can't afford me...

Re:OH RLY?

[W2k]

Googling some of those names brings up homepages, photos and profiles of the scumbag programmers who work for MediaDefender. Someone with a score to settle could do some real damage, I reckon. Good thing I'm such a nice guy.

Re:OH RLY?

[Prune]

DAMN YOU SOLANKIIIII

Re:OH RLY?

[brxndxn]

Just following orders? That worked perfect for the Nazis.

I had a friend that left a lucrative commercial real estate career because he felt the tactics his company used were morally wrong. He makes 1/3 as much as an airline pilot now.

I chose to be an industrial programmer partly because everything I know about my business is honest. We bill for hours we work; we do not bill for hours we do not use. It's honest and fair..

You cannot always blame only the people giving the orders..

Re:OH RLY?

[base3]

Wow, that's not very good money for their souls. They must have been caught in the buyers' market.

Re:OH RLY?

[kefler]

Nice to see Godwin's Law is holding up.

Re:OH RLY?

[PMBjornerud]

Without any devs, the company wouldn't exist. Everyone carries their share of the blame, also the grunts.

Pointing to the boss and saying "It's all his fault! I just did what he told me..." is not an excuse. Your job, your responsibility. Everyone is free to choose what they do for a living.

What i find most surprising is how low their salary is. That means it's easy to find people that will do this job for a small premium. No need to tempt people with a really high salary to make them forsake their morals.

Intentional?

[nurb432]

Perhaps this was actually intentional, and the are using this team as a sacrificial lamb, so to speak.

If you read thru the emails and get a idea of the potential scale of the operation, it might scare you away from p2p if you dont have any balls.. Perhaps thats the idea, to weed out the 'little people'?

Re:Intentional?

Unlikely, as the information they've allowed to leak is not only pretty sensitive (ftp account credentials, employee contact information, countless other stuff), but in doing so they've violated their contract with UMG; unless the contract draft attached was just an elaborate fabrication. "5. Confidentiality. Each of MediaDefender and Customer agree to keep confidential any information concerning the other party's business affairs, customers, vendors, finances, properties, methods of operation, computer programs, and documentation, and other such information, whether written, oral, or otherwise related to Customer or MediaDefender. It is further agreed that all the facts of entry into this Agreement and the rendering of Services to Customer are in themselves confidential and cannot be disclosed to any person or entity without express written consent of the non-disclosing party. All such information concerning MediaDefender and Customer is hereinafter collectively referred to as "Confidential Information." Notwithstanding the foregoing, each party may disclose Confidential Information on a "need-to-know" basis under an obligation of confidentiality to its legal counsel, accountants, banks and other financing sources and their advisors, so long as such entities have executed a written confidentiality agreement to protect the confidential nature of the Confidential Information that is no less restrictive than this Section. MediaDefender acknowledges and agrees that it will not discuss the Confidential Information with any of Customer's employees or representatives other than those designated by Customer on Exhibit D attached hereto which Customer may modify in writing from time to time. Nothing in this Agreement shall prevent the receiving party from disclosing Confidential Information to the extent the receiving party is legally compelled to do so by any court of competent jurisdiction, or governmental or judicial agency pursuant to proceedings over which such agency has jurisdiction, or otherwise as my be required by law; provided, however, that prior to any such disclosure, the receiving party shall (a) assert the confidential nature of the Confidential Information to the agency; (b) immediately notify the disclosing party in writing of the agency's order or request to disclose; and (c) cooperate fully with the disclosing party, at the disclosing party's expense, in protecting against any such disclosure and/or obtaining a protective order narrowing the scope of the compelled disclosure and protecting its confidentiality. 6. Non-Disclosure. Each of MediaDefender and Customer agree that, except as expressly directed or authorized in writing by the other party, it will not at any time during or after the Term of this Agreement disclose any Confidential Information to any person whatsoever and that upon the termination of this Agreement it will turn over to Customer or MediaDefender (where applicable) all documents, papers, and other matter in its possession or control that relate to the other party. MediaDefender and Customer further agree to bind its employees and subcontractors to the terms and conditions of this Agreement. MediaDefender and Customer acknowledge and agree that neither party will disclose any Confidential Information to the press or issue any press statement whatsoever concerning or related to this Agreement.'" UMG: Well, what do you have to say for yourselves? MediaDefender: lol Whoops?

Re:Intentional?

[Jugalator]

Well, they say they've cracked for example The Pirate Bay image verification, but later comments on that it'll probably not be worth it still as the processing power is too great. They also claim that Torrent is a good client because they can use "interdiction" attacks on it to feed P2P networks with invalid data to slow them down, but later that too is debunked as it's discovered Torrent now has decent protection from that attack.

So it doesn't come off as that positive for them...

Actually, my impression was that they're in a futile battle against torrent sites by simply trying to flood them with invalid data whenever possible. Automated torrent uploads to public trackers, infiltration of eMule networks, and so on. They have no perfect bullet against it all, and are constantly struggling with a lack of accuracy in their automated hash tests for pirated material, this sometimes yielding harsh comments and whiplashes from the media companies they have as clients (EMI, Universal, ...).

I really don't think this was staged... It seems way too embarrasing for that, and it should also be easy enough to verify since I don't think they'd leak their Social Security Numbers and address details. Simply check if any of those seem accurate...

Re:Intentional?

[Jugalator]

Sorry, Slash apparently dislikes mu-signs. So "Torrent" above should be "uTorrent".

Interdiction

[E+IS+mC(Square)]

From ARSTechnica article in the "News" section of Mediadefender.com - http://www.mediadefender.com/news/20070318_ARSTechnica.pdf)

Four main methods

Decoying. This, in a nutshell, is the serving of fake files that are generally empty or contain a trailer. The goal is to make legitimate content a needle in a haystack, so MediaDefender works hard to ensure that its copies of files show up in the top ten spots when certain keywords are searched for. Everything about the file is tailored to look like the work of pirates, from the file size (movies are often compressed enough to fit on a CD) to the naming conventions to the pirate scene tag. With massive bandwidth and plenty of servers, the company has little trouble in getting these decoy files to appear at the top of search results, but decoying has a down side: the bandwidth. Because MediaDefender actually serves these large but bogus files, it incurs a significant bandwidth bill by using this technique.

Spoofing. Spoofing sends searchers down dead ends. MediaDefender coders have written their own software that interacts with the various P2P protocols and sends bogus returns to search requests, usually directing people to nonexistent locations. Because most people only look at the top five search results, MediaDefender tries to frustrate their first attempts to download a file in hopes that they will just give up.

Interdiction. While the first two techniques try to prevent searchers from locating files, interdiction prevents distributors from serving them. The tool is generally used when media is leaked or newly released; the goal is to slow its spread in those crucial first days. MediaDefender servers attempt to create constant connections to the files in question, saturating the provider's upstream bandwidth and preventing anyone else from grabbing the data.

Swarming. Though he acknowledges the BitTorrent networks can be hard to disrupt, Lee points out that MediaDefender can use "swarming" to make life more difficult for users trying to download copyrighted content. BitTorrent works by using a hash file to reassemble a file from many pieces, each of which may have been downloaded from a different user. MediaDefender simply serves up its chunks of these files, but instead of providing the proper data, its chunks contain static or nothing at all. When the file is eventually reassembled by the user, it may contain clicks, silent spaces, or odd skips. This can make the viewing/listening experience less pleasurable, but it's most effective with software downloads since even small errors can prevent programs from running.

not an internal leak!

[the+Plums+in+us]

A lot of comments here seem to be talking about what might happen to whatever MediaDefender employee leaked the email and soforth. This info suggests that it's not actually a renegade employee at all, just a stupid one who's gmail account got cracked.

Re:Yes, but isn't that all in .rar format?

[the+Plums+in+us]

RAR, the format, is not free-as-in-speech, even though there are free-as-in-beer programs to extract the info.

7-zip: an open source windows file archiver that supports unpacking (but not packing) RAR files, as well as other formats. (Note that the RAR unpacking part is not free software but under a proprietary "unRAR license").

http://en.wikipedia.org/wiki/Rar

Re:The worlds smallest violin plays

[perkr]

I was responding to the parent. Cases are not always as clear-cut as in this example. Also, in this case I'm not sure exposing all their internal email is proportional to the company's business practices. In fact, it is probably criminal.

Also

[the+Plums+in+us]

Also, if more people had heard of 7-zip, maybe free and the totally superior .7z format would get used more often.

Re:Also

[GPL+Apostate]

I hadn't heard of the 'totally superior .7z format' before this thread, but I suspect it's like all the other 'totally superior formats' of the past that break the common defacto standard that .zip and gzip have become. As such, it's kinda like fretting about a program using 24K instead of 18K on a machine with 768M of ram. People get ridiculed for that a lot, ya know.

Been here too long to have much time for hotdog compression formats that 'are totally superior' thankyouverymuch.

Re:Also

[the+Plums+in+us]

I meant "totally superior" versus rar. Agreed that common place formats with wider support have a huge advantage much of the time, and that minor (and sometimes even major) optimizations are not worth the time and/or effort.

But if you're going to deviate from a de facto standard, doesn't it make sense to use a choice that gives the best results? Perhaps rar has been around long enough to be considered a common format, but I don't think it has any serious advantages to make it rworth using over gz or zip, apart from stronger encryption. Plus, as pointed out by the OP, it's non-free.

Re:Also

[RegularFry]

7Zip has become a de facto replacement for WinZip around my neck of the woods already. Apart from anything else, GMail filters .zip files, but lets .7zs through. Even ignoring the fact that on average (strictly in my experience) .7z files are half the size of .zip files, that fact alone is enough to swing the deal.

caught in an outry lie

[scooviduvoctagon]

From http://arstechnica.com/news.ars/post/20070706-mediadefender-denies-entrapment-accusations-with-fake-torrent-site.html

Published July 06, 2007:

"MediaDefender's Randy Saaf told Ars Technica that while the company does own the domain to MiiVi, the story itself was completely made up. "MediaDefender was working on an internal project that involved video and didn't realize that people would be trying to go to it and so we didn't password-protect the site," Saaf said."

"We may never know MediaDefender's true motive behind MiiVi, but Saaf insists that it was nothing more than an internal site for research and development purposes only."

A couple weeks later:

"
Subject: MiiVi (currently on www.viide.com)
From: grodsky@mediadefender.com
Date: 23/07/2007 18:05
To: michael.potts@artistdirect.com

Michael,

When you get a chance, we would love you to start taking a look at www.viide.com. That is the current home of our MiiVi site.

[...]

Once you log on the site, surf over to www.viide.com/download.php to get our application. The website currently acts a GUI for the application. When we go live with the site for the general public , there will also be a java applet that also minimal/one-off type use of MiiVi (but this feature is inaccessible with the current locked-down version of the site).
"

Interesting concept - a purely internal site, intended only for research and development... that was purposed to go LIVE TO THE GENERAL PUBLIC, complete with a DOWNLOADABLE CLIENT APPLICATION, after having been PURPOSEFULLY RE-LOCATED under a different domain with the SOLE INTENT TO OBFUSCATE MediaDefender's DIRECT CONNECTION.

What's interesting about that (to me) is...

[Animaether]

okay, so Mr. Maris wasn't the sharpest tool in the shed in forwarding the stuff to a gmail account.

However... assume the the group/person releasing this did at least have a gmail e-mail address for this guy, he still wouldn't have the password.
Now, it's not a very strong password - it can certainly be cracked easily by a dictionary or even a brute force attack.

But if either of those methods are what were used - then what's up with Google apparently not stopping this in one way or another? E.g. maximum of N login attempts in a given time, notifying the rightful account holder of the attempts, etc.?

Re:What's interesting about that (to me) is...

It isn't Google's fault either. Maris signed up to a bittorrent forum using his gmail address and password, then accessed his account from an IP that was already marked by PeerGuardian.

Re:What's interesting about that (to me) is...

[IgnoramusMaximus]

The info on the intertubes is that Mr. Maris, otherwise known as The Putz of the Century, after having forwarded all his corporate mail to his Gmail account, signed up for one of the p2p forums he was "investigating" using that very Gmail address and the same password as his gmail account had.

And he did so from an IP address already known to belong to Media Defenders.

You figure out the rest.

Re:What's interesting about that (to me) is...

[Animaether]

I'm still curious as to what gmail does when one does try to brute force, but.. ..if the above is true (thanks for the replies, both of you), then Mr. Maris wasn't just not the sharpest tool in the shed.. he was the raggy cloth used to clean up engine grease with.

Re:What's interesting about that (to me) is...

[Jugalator]

what's up with Google apparently not stopping this in one way or another That's because Google doesn't do evil, even in this case. ;-)

Re:What's interesting about that (to me) is...

[mpe]

The info on the intertubes is that Mr. Maris, otherwise known as The Putz of the Century, after having forwarded all his corporate mail to his Gmail account, signed up for one of the p2p forums he was "investigating" using that very Gmail address and the same password as his gmail account had.
And he did so from an IP address already known to belong to Media Defenders.

Either he's an idiot or a "double agent", let's see if the p2p forum offers him a job to decide :)

Re:What's interesting about that (to me) is...

[IgnoramusMaximus]

Either he's an idiot or a "double agent", let's see if the p2p forum offers him a job to decide :)

Having seen the contents of his email, already prolifically available all over the internet, I must point out that the evidence is, so far, overwhelmingly in favour of the former. And by "overwhelming" I mean in the same vain as evidence for the idea that the Sun raises in the East or that the water tends to be wet.

This is NOT good news

[Torodung]

As much as I might dislike the methods this company was allegedly going to employ against a bunch of people who are breaking the law, I don't think that a smaller, hard-core subset of that group of lawbreakers further breaking the law, by cracking their way into the corporation's emails and violating their privacy, is something to cheer about.

I don't believe anyone on /. should be jumping for joy at the hacking of a gmail account. I know a lot of people with gmail accounts. So do you.

Let's all be consistent in affirming that black hat behavior, for criminal ends, is wrong, no matter who the target is.

--
Toro

Re:This is NOT good news

[sssssss27]

Somewhere along the way, or maybe it has been this way the whole time, people started using laws as ethics. Most people seem to think that if something is illegal then it must be wrong and if it's not illegal then it's probably fine.

I don't think anyone here is jumping for joy that a gmail account got hacked. Instead I see a bunch of people jumping for joy because a company that is seeming violating the law might actually have to suffer for its actions.

I think what happened here is for the greater good. Sometimes breaking the law draws attention to a problem few realized existed.

Re:This is NOT good news

[Slashcrap]

As much as I might dislike the methods this company was allegedly going to employ against a bunch of people who are breaking the law, I don't think that a smaller, hard-core subset of that group of lawbreakers further breaking the law, by cracking their way into the corporation's emails and violating their privacy, is something to cheer about.

Shows how wrong you can be, doesn't it?

Re:This is NOT good news

[bongk]

And How!
Now I don't like the tactics of the RIAA/MPAA any more than the next geek, but as I was reading this I was amazed at the attitude of slashdot commenters supporting the criminal who violated a number of serious laws to break into a computer system, steal this private corporate data, and post in publically. I think I learned in kindergarden that two wrongs don't make a right. I also suspect that a number of entities will pitch together and spend a great deal more than the average time and energy to track down the people who accomplished this.

Re:This is NOT good news

[wes33]

I wonder if you really think that breaking into a gmail account illegally is always wrong ... use your imagination, what if doing so would save 1 million people from a terrorist a-bomb. Would you do it? Would it be wrong? You don't have a *principle* here (I bet). You just are arguing about the size of the benefit.

Re:This is NOT good news

[Racemaniac]

well, we probably all got mixed feelings, but the cracking of a gmail account vs the proof of the copyright organisations doing seriously illegal things against us, and doing their best to cover it up...

it's a clear win... noone likes the fact that that box could be hacked, but the blow this could be against copyright organisations, and showing how moral they are simply outweighs it by far....

Re:This is NOT good news

[GPL+Apostate]

Well, in this instance there was no terrorist a-bomb to prevent, so you're just trying to cloud the issue.

I think it could be said that there are very few, limited instances where it would not be wrong. This is a controversial issue where there is no clear-cut black/white divide, so it's clearly wrong.

Re:This is NOT good news

[CharlesAKAChuck]

I agree with you, hacking their computers, breaking passwords, identity theft etc is quite uncalled for and illegal. However I have no problem taking all the email addresses I can find in all those emails and signing them up for a whole bunch of free porn newsletters!

Re:This is NOT good news

[0111+1110]

I think I learned in kindergarden that two wrongs don't make a right.

But you were wrong.

Re:This is NOT good news

[Torodung]

I wonder if you read carefully?

black hat behavior, for criminal ends, is wrong, (emph. added)

I had already specified that it wasn't always wrong, but in this case, it certainly is.

Simply being a security tester, and cracking an account to show a problem, so long as the information was never made public, is a legitimate use of cracking, sans your nuclear bomb.

But this action violates espionage, privacy, and all manner of security concerns, for the sole end of embarrassing a firm unpopular with the crackers. If there is a suit to be brought, this action complicates the rules of evidence, because anything gained by it is clearly inadmissible.

Had this been done with a warrant, through legitimate channels, for legitimate reasons, all of which would be available in your ridiculous scenario, then I would have no problem with it.

So, I've got more than a few principles to throw around, and see no purported benefit to cracking people's gmail accounts for sabotage or defamation purposes.

--
Toro

Re:This is NOT good news

[WNight]

For the sole end of embarrassment? No.

To drive a lying corporation out of business when we can't do it any other way. They were part of the RIAAs unwarranted lawsuits against people chosen to be sued because they were unable to pay and thus likely to settle out of court.

As for evidence, I guess most lawyers will subpoena their own copy of these emails before court rather than printing them out from the torrent. The torrent however will be useful if they try to release partial records.

Actually, your attitude disgusts me. That clear evidence of this sort of corruption and might be sat on by you, if you came into possession of it, simply because we weren't intended to see it. Well, duh. We're the victims genius! Of course they want to lie to us while they lie and entrap.

Re:This is NOT good news

[WNight]

When the company is engaged in many active criminal enterprises (misrepresentation for gain) I think it's perfectly reasonable to notify the authorities. The data they gather and their slack methods and disregard for truth are all putting innocent people in court at great cost. Anything less than blowing the whistle on their crimes would be indefensible.

Besides, this company gave permission for people to log into their systems/etc. It was when they started supporting spyware and rootkits.

Re:This is NOT good news

[WNight]

This company long ago gave up its right to call on the law for protection when it used illegal means to tamper with data transmissions, push rootkits, lie about their actions and affiliations, and provide unsupportable and knowingly weak "evidence" in trials.

It's like self defense. If you attack me, you give up your rights not to be attacked. Not just legally, but morally. You can't expect people in *any* system to sit and take illegal behavior and not fight back.

This was leaked to destroy this company's credibility - to protect those they were attacking. It's not like someone picked an innocent company and started blackmailing the CEO, or threatening to disclose trade secrets.

Re:This is NOT good news

[insertwackynamehere]

Someone mod parent up. Whoever modded it flamebait, get this: alternate opinions do not equal flamebait! Especially when they are well articulated and defended. Next time, try responding instead of blatantly misusing your mod points.

Re:This is NOT good news

[hermia]

My biggest problem with it is that those who broke in didn't strip things like ssn's and other information about the worker bees before they posted it to the net. I'm not unhappy that MediaDefender's business practices have been revealed for what they are though I will say I disagree strongly with the method used to do it. Those posting this stuff have enabled the potential identity theft and harassment of those who have jobs with a company that has shady business practices. Everyone needs to eat, and not all of those employees likely agree with the practices. That's a low blow, and is in some ways no better than the company they're campaigning against.

This may be to Mr. Beckerman...

[Animaether]

as what the Windows source code (portions) leak was/is to the F/OSS crowd.

He may very well steer very, very, very clear of all of it, and this entire slashdot story+comments, more so than a devout Harry Potter fan locks themselves up in a vault the week before a book launch. Certainly until the origin is clear, contents have been verified, and -other- lawyers have pored over it to see whether any of it can be used in court cases and what repercussions such use may have.

Although I do hope to see Mr. Beckerman respond in one way or another, I don't expect it. Mr. Beckerman can't easily comment on any events like this lest it affects his current and/or pending cases negatively.

Retaliation

[oki900]

Whenever someone who goes after hackers/pirates/phreaks forgets or bends the law there is always someone or some group who will take it upon themselves to become the vigilante. Some of you out there will recall a long while back when the first instances of Gail Thackeray first appeared. Gail tended to perceive the law differently. She was plagued with harassment to no end from phreaks and credit defrauders. Late nite phreak telephone confs would often threeway her into the conf to be ridiculed. No matter how unlisted her home number was, it was always available.

Most hacks/phreaks/pirates out there know they are in the wrong and when shit comes down that is it, but when someone like Gail or MediaDefender steps over the line there is hell to pay. Whether it is right or wrong you can bet the personal information in those emails is going to be put to no good and the people involved with MediaDefender will be living a life of hell for a while.

I do not personally condone these actions, but it's a simple example of what comes around goes around.

Re:Retaliation

[GPL+Apostate]

As long as everybody is willing to accept how the media may/will play this harassment and imposed life-in-hell, I guess it's okay. I have a strong suspicion that a concerted program to harass and attack the MediaDefender folks would not draw more people to the side of the Torrent community. Out in the mainstream world, the MD folks can easily be depicted as the victims if and when the harassment starts. Remember, that kind of media campaign is these folks' bread and butter.

How to open the .mbox file from the torrents?

[samwh]

I see a .mbox file... how do I open it?

Re:How to open the .mbox file from the torrents?

[dreddnott]

Easy, just drag it into an open Notepad window.

Re:How to open the .mbox file from the torrents?

[dreddnott]

dreddnott casts JOKE at Anonymous Coward
WHOOSH! The attack misses!

Re:How to open the .mbox file from the torrents?

[dodobh]

mutt -f file.mbox
or just drop it into a uwimap server.

It'll never be admissible in court.

[glindsey]

If the emails were obtained by hacking somebody's GMail account -- as seems to be the case given the comments on the torrent file -- then they were obtained illegally. The RIAA's lawyers would immediately cry "illegal search."

IANAL, so I'd like to hear from somebody with real law experience either confirming or denying this, but that's my gut feeling.

Re:It'll never be admissible in court.

[bongk]

IANAL as well, but its my understanding that only Law Enforcement can perform and illegal search. If someone steals information and gives it to Law Enforcement its still admissible.

Otherwise, if I thought that the police were about to crack down on my best friend's counterfeiting operation, I could just steal all the stuff related to the operation and drop it off at the police station, basically nullifying all of it as an illegal search.

The defense's best tactic would be to claim that there's no way to know if the messages have been tampered with (unless the originals can be subpeona'd off MediaDefender's systems). Though I'm sure MediaDefender is in a tailspin right now trying to figure out if they should be purging all the email from their systems quickly, or if there's already a substantial likelihood of legal action - which would forcing them at this point to retain all the related email they have today.

Re:It'll never be admissible in court.

[Robotech_Master]

Are you sure?

I am not a lawyer, but I thought that evidence was inadmissible if obtained illegally by law-enforcement officers. If it was obtained illegally by private citizens and posted all over the place, I would expect that, though the private citizens might get in big trouble for doing it, it would still be okay to go ahead and use since it wasn't the police who illegally got it. Though I could be wrong.

(And I don't see what's to stop them from, after reading these emails, just going ahead and subpoenaing an official version of them from MediaDefender and using those in court.)

Re:It'll never be admissible in court.

[kaizokuace]

Though I'm sure MediaDefender is in a tailspin right now trying to figure out if they should be purging all the email from their systems quickly, or if there's already a substantial likelihood of legal action - which would forcing them at this point to retain all the related email they have today.

Wasnt this all forwarded all to that gmail account? isnt it now impossible to delete?

Re:It'll never be admissible in court.

[abb3w]

Wasnt this all forwarded all to that gmail account? isnt it now impossible to delete?

And then mirrored as a torrent, and then the torrent slashdotted... giving rise to an entirely new value of "impossible to delete", comparable to the Linux Kernel.

Re:It'll never be admissible in court.

[jrwr00]

Got this email today

"I am the CEO of MediaDefender. We have begun our civil and criminal investigations into the stolen emails from our company. We are meeting with the FBI on monday. Your IP address has been logged. I hope it was worth the thrill. "

For hosting the HTML Version of the Emails :(

Re:It'll never be admissible in court.

[kentrel]

I hope you go to jail. You deserve it. For a long time. Hahahaha>

When, it's in fact, your MediaDefender buddies who go to jail, they'll be the butt pirates. Oh how we'll laugh.

Re:It'll never be admissible in court.

[base3]

He's bluffing. Their idiot employee caused the emails to become public, you merely republished information that is widely available and thus no longer trade secrets. If he had any intention of actually trying to prosecute, I wager he'd have kept his stupid mouth shut.

Only if

[unity100]

they catch it. you thing long hair people are stupid ? noooo my friend. you are much in err.

Re:Only if

[GPL+Apostate]

From reading other comments in this thread, it sounds like someone was autoforwarding email threads to his/her gmail account. It shouldn't be too hard for them to figure out who was forwarding 700MB of traffic to a gmail account.

i doubt

[unity100]

that there can be any debate as to the wrongness of what riaa stands for and their tactics.

the worst thing that could have happened to them

[CharonX]

Well, I'd love to read their e-mails following this disaster.
Because, short of an employee going to the press with the documents and contracts, this is the worst thing that could have happened to them. Those e-mails not only document that they have been lying about the Mivii incident, but also they document most of the currently running and planned operations. I suspect we will soon have a list of compromised bittorrent trackers, e-mule and other P2P servers, as well as the associated IPs and IP ranges. We have a list of all websites that have been registered for potential future use, and from there the data spreads even further. We have the nicknames commonly used by them, we have detailed statistics over each and every of their activities. We have connections between them and the media companies.
This could really put a big dent into both the "credibility" of the RIAA and MPAA as well as turn public opinion. Though I admit, I feel a bit of sympathy for the poor sobs involved - most likely they gonna be unemployed by the end of the month.

at times, court of law are human beings

[unity100]

imagine you are in 1788. imagine you are in france. imagine an aristocrat abuses and exploits you. imagine land of the law says it is god given right of the aristocrat to be higher than you, and have power on you. now go to the court of law.

there are times that laws are not humane or reasonable. there are even things that are not reasonable and illogical even in the best of laws too.

copy"right", patents, resulting exploitation and highway robbery along with repression side by side are such things in our day.

it doesnt require going to law school to be able to see whats wrong in those.

No Way Intentional.

[Erris]

Perhaps this was actually intentional, and the are using this team as a sacrificial lamb, so to speak.

From both the MAFIAA and the lamb's perspective, this is a dissaster. How do you think those lawsuits are going now that people have proved (again) that MAFIAA is giving their content away on P2P? The lamb's view could not be worse. These wizards of the net can't keep their email to themselves, who's going to give them business now?

Big media needs to face up to the reality of ubiquitous networks and file sharing because all technical and legal efforts have failed. Encryption has failed, the lawsuits are not working and this joke company obviously did not work. All they are left with is pissed off customers and a bad reputation as control freaks. Despite terrible threats, the "pirates" sail on.

Re:No Way Intentional.

[nurb432]

If the documents were leaked illegally, they wont be admissable in court anyway, so i doubt they have much of an effect.

But i do agree the entire control thing is a disaster.

Re:No Way Intentional.

[crayz]

My understanding is once something is in the public record, it doesn't matter how it got there. I think they're screwed

Re:No Way Intentional.

[nurb432]

Only if it gets there via legal routes. If its not legally in the public record, its really not.

Re:No Way Intentional.

[poetmatt]

aye, its likely that it won't, but it creates new avenues, subpoena potential, etc. all this info needs to do is sneak into 1 successful non-quash subpoena and it's gg for mediadefender (assuming its not already)

another fun leak...

[Wizy]

http://thepiratebay.org/tor/3808220/Gnutella.Tracking.Database.Leak.INDEPENDENT

Have fun.

wow, sony pays them good!

[poetmatt]

Subject: RE: eMule -poor efficacy results From: "Octavio Herrera" Date: Fri, 27 Apr 2007 13:51:33 -0700 To: "qa" Delivered-To: mdjaym@gmail.com Received: by 10.114.136.2 with SMTP id j2cs476172wad; Fri, 27 Apr 2007 13:51:26 -0700 (PDT) Received: by 10.70.30.5 with SMTP id d5mr6727589wxd.1177707085841; Fri, 27 Apr 2007 13:51:25 -0700 (PDT) Return-Path: Received: from mdexch01.mediadefender.com (MDEXCH01.MEDIADEFENDER.COM [65.120.42.14]) by mx.google.com with ESMTP id 74si5018335wra.2007.04.27.13.51.24; Fri, 27 Apr 2007 13:51:25 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of octavio@mediadefender.com designates 65.120.42.14 as permitted sender) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Message-ID: Thread-Topic: eMule -poor efficacy results Thread-Index: AceJCPupCKuOB+QZSs+sYQ/TE86p4AAAH4IlAAAvnWAAAGjXmwAAE9vQAABm2BA= Status: RO X-Status: RC Are our servers still the largest by users? -----Original Message----- From: Daniel Lee Sent: Friday, April 27, 2007 1:40 PM To: Octavio Herrera; qa Subject: RE: eMule -poor efficacy results It's small relative to other eMule servers. The # of users listed is around 19,000. -----Original Message----- From: Octavio Herrera Sent: Friday, April 27, 2007 1:37 PM To: qa Subject: Fw: eMule -poor efficacy results Is this a small server? ----- Original Message ----- From: Dong.Jang@sonybmg.com To: Octavio Herrera Cc: Jasper Paloyo; Ben Grodsky Sent: Fri Apr 27 13:29:32 2007 Subject: RE: eMule -poor efficacy results Apparently the server that you're not- "Gigasources emule server" 19K users. It's just free flowing without interruption. ________________________________ From: Octavio Herrera [mailto:octavio@mediadefender.com] Sent: Friday, April 27, 2007 4:20 PM To: Jang, Dong SONY BMG; Jasper Paloyo; Ben Grodsky Subject: Re: eMule -poor efficacy results What server where you connected to? ----- Original Message ----- From: Dong.Jang@sonybmg.com To: Jasper Paloyo; Ben Grodsky Cc: Octavio Herrera Sent: Fri Apr 27 13:16:47 2007 Subject: eMule -poor efficacy results Guys, Why can I go on to eMule and easily down our tracks? I just checked our top two selling tracks Avril Lavigne Girlfriend and Daughtry Home and it's almost as if they are not even being protected. I haven't ran into a single file that doesn't download and have been able to download the 1st 30 copies. Please advise. Thanks, Dong ________________________ Dong Il Jang SonyBMG Music Entertainment Global Digital Business Group 550 Madison Ave., 30th Fl. New York, NY 10022 Ph. 212.833.4976 Fx. 212.833.4608 www.sonybmg.com

Re:Student filesharing...

[Technician]

Universal is curiouse if we have any historical data over the last 3 months that show whether .edu IP addresses on p2p have gone down.


I wonder if they have any idea how much has moved from slow P-P and moved to much faster bulk transfers via sneakernet and darknet?

Wow, you have Zen? May I borrow it for 20 minutes. I'll throw on some music..

A Linux Box, Gnomad2 libnjb and libmtp are your friends. A big portable USB drive is even better. Most of this flies under the radar.

My duaghter was away at boarding school last year. She has no credit card. She had very limited trips to town. She does have a 30 Gig Zen. Somehow without buying any music, she managed to get it full of music, pictures, and 10 full length movies. The campus does not have P-P on their locked down network. Student access online was heavily filtered and monitored. Nobody was able to leave a P-P client running on the shared PC. Most important, she did not have any way to purchase that quantity of media at retail prices.

Some students with laptops and no network connection on the other hand became repositories of media for the dorm.
Anytime anybody went home on break and came back with a loaded iPod was when the library grew with new material. All the sneakernet is under the radar. The RIAA knows it happens, and they know it can't be monitored and controlled because it isn't directly seen.

Maybe in the future as she moves into adulthood and works into a way to have an income, she may become a customer, but she like many see the overinflated prices for the trivial amounts of content dribbled out for the hard earned money and she will have to make her own purchasing decisions.

When she reaches that age, I hope the RIAA has had a change of heart and does something to their public relations campaigh. As they now look like the shoot first 600 lb gorilla, they are doing little to convince anybody to do business with their member partners.

Re:Time to get to work boys -- Why?

[SynapseLapse]

These people aren't suing anyone. They're not the most professional of orginizations, but they're not evil either.

So far, all they really do is make is more annoying for people to share priated movies/music/games.

Hardly worth "link them to child porn and prostitution"

People like you disgust me.

Re:How to open .mbox -- Step by Step

[Adeptus_Luminati]

Step by Step with screenshots
http://kb.wisc.edu/helpdesk/page.php?id=6436#500

Adeptus

I could pay to see the mails following this

[Jugalator]

I think I could actually pay to see what they're mailing each other, following this leak. It's frustrating, like getting to a cliffhanger in a movie, but not see what happened afterwards to the villain.

Re:I could pay to see the mails following this

[multipartmixed]

Don't worry, you can download the Cliffhanger movie from the The Pirate Bay.

Open .mbox in 4 quick steps in Windows

[Adeptus_Luminati]

1. Step 1: Download free Eudora: http://www.eudora.com/
2. Step 2: Unrar the .mbox file from your torrent download
3. Step 3: Rename the .mbox to .mbx, this should cause windows to detect it as a Eudora file
4. Step 4: Simply double click on the .mbx file and Eudora will load it with all the juicy emails! :)

Adeptus

It doesn't have to be admissible in court.

[argent]

There's lots of evidence that isn't admissible but is still useful in an investigation. If X tells you that Y will be committing a crime at point A at time T, that's hearsay, not evidence. If X found out while burgling Y's office, that's even less useful. But you'd still have someone at point A and time T if you believe the odds are good that they'll be there.

How applicable that is for this case, well, how hard is it to look at DNS records and IP addresses?

Top Secret Email!

[Rebelgecko]

----- Original Message -----
From: Erik Neumann
To: Octavio Herrera
Sent: Thu Mar 29 13:31:43 2007
Subject: eMule servers

Erik Neumann
Operations
Audible Magic Corp.
408-399-6405 x140
Fax: 408-399-6406
Web: www.audiblemagic.com

THIS MESSAGE CONTAINS CONFIDENTIAL INFORMATION AND TRADE SECRETS OF AUDIBLE
MAGIC, UNAUTHORIZED USE OR DISCLOSURE IS PROHIBITED . . .

Whoops!

Gold Jerry, Gold!

[MtlDty]

I like this one. It seems the record companies try to get marketing data from illegal p2p downloads. ---------- Subject: Nicole Scherzinger Date: Fri, 24 Aug 2007 15:14:31 -0700 Nicole from pussy cat dolls has a single called "whatever u like". It's not selling well on itunes or playing that great on radio. A song called "Baby Love" just leaked (I don't know how long ago). Interscope wants to know if Baby Love is picking up steam on p2p. They need to make a decision by early next week on whether they should switch to this song as the single. Please get me a score comparison on Monday for these two tracks. Also, please put beyonces, fergie, gwen, and nelly furtado singles as comparisons.

Re:Gold Jerry, Gold!

[xx01dk]

Wait, wait, wait... What? Good eye for finding this one. At first glance it would seem that this is the opposite of what record companies would want to do--promote a single based on how popular of a download it is--because the more the hype it, the more people will simply steal it. However, after thinking about it for a minute, aren't we (the technoliteratti) still a relative minority compared to the Walmart/Target/Bestbuy consumers of the world (read: USA)? Are the record companies using "us" as a sort of popularity guage in order to determine what to sell to "them"? I need to ponder on this some more in leu of the fact that the RIAA members are so staunchly anti-P2P. Are they "oppressing" us on one hand while using us as a resource on the other hand? I suddenly feel so... dirty.

Verrrrrrrrrry interesting.

Re:Gold Jerry, Gold!

[CharlesAKAChuck]

Definitely some marketing data being gathered. A 'marketing intel system' even. Quote: Could u have these artists entered into our marketing intel system? Thanks. R ----- Original Message ----- From: Doug Kamin To: Randy Saaf Sent: Sat Mar 31 18:47:13 2007 Subject: FW: some bands to potentially track hey randy, nice seeing you at fatburger can you confirm that you've received this? thx doug -----Original Message----- From: Doug Kamin Sent: Fri 3/30/2007 12:52 PM Subject: some bands to potentially track some interesting angles to look at it/take here: Colbie Caillat - most popular UNSIGNED artist on myspace would be interesting to see some data on her http://www.artistdirect.com/nad/store/artist/album/0,,4011508,00.html Blonde Redhead album comes out in a few weeks. this is an indie band... no presence outside of online geeks like me. interesting to see what kind of traction they might be getting there is a band coming out on Atlantic later this year... OPERATOR http://www.artistdirect.com/nad/music/artist/card/0,,4083568,00.html would be interesting to see if they have some following somewhere... cuz they are now on a major label and all this album is NOT out in the u.s. and wont be for a couple months: http://www.artistdirect.com/nad/store/artist/album/0,,4057372,00.html Maximo Park they have a BIG following in the UK though. would be interesting to track how they are doing in the u.s. ...they do have a following here...but again just from online presence. and so on.

Re:I have looked into the news, and i just felt th

[Goaway]

Big, maybe. Here's an idea I'm just going to throw out here: Miivi wasn't a honeypot. It was an attempt to create a botnet.

http://slashdot.org/comments.pl?sid=299011&cid=20620947

Technological Judo

[lullabud]

Man, that's like technological Judo. Taking an offensive force and using its effects to your advantage. Fuckin sweet. We've harnessed the power of the /. effect.

Re:I have looked into the news, and i just felt th

[phedre]

It is big, but this is still up for now, whatever it is./ http://treehorn.mine.nu:8000/

the interweb strikes back

[TadMSTR]

Piss off the collective consciousness that is the internet enough times and it will strike back. I've been waiting for this to happen.

I can't help but wonder...

[Eric+Damron]

if the RIAA knew that MediaDefender was making their copyrighted material available to the public if that may in fact be releasing it into the public domain?

Any lawyers out there care to comment?

You get the email from discovery

[Myria]

You're right that you couldn't directly use these emails in court, but that's more because it's hearsay than because it's stolen. However, during discovery, you could subpoena these particular emails to get legally sanctioned copies then use those in court. MediaDefender would have a hard time proving that they don't exist or that the requested emails are irrelevant.

warning: I'm not a lawyer.

Re:the worst thing that could have happened to the

[cunina]

Corollary to this: the quality of protection provided by PeerGuardian is about to get a lot better.

HTML Format :)

[jrwr00]

Ive Converted the emails into HTML (With attachments)

http://jrwr.hopto.org/

Re:HTML Format :)

[raju1kabir]

You, sir, are a noble public servant.

Re:HTML Format :)

[jrwr00]

For now guys, I've taken it down (for now) ill see what i can do

FYI to convert the MBOX to HTML, i found a perl script that did it (MHonArc-2.6.16)

Re:HTML Format :)

[jrwr00]

#$!@ Them, im hosting it!

Re:HTML Format :)

[xtracto]

You man should put some heavy google ad banners in that page, I do not mind clicking some of them while browsing such pages ;)

Re:HTML Format :)

[jrwr00]

Na, Google prolly wouldn't touch the site with a ten foot poll, moved servers :) alot faster now

Re:HTML Format :)

[terom]

I have the HTML version accessible on a 100Mbit server as well, but I'm somewhat hesitant to link to it due to the legal risk (although I've always wanted to know what a slashdotting feels like). The content probably isn't under any risk of copyright issues, but the material therein is doubtlessly covered by all kinds of NDAs, confidentiality agreements and so forth.

But some highlights that I've picked up:
msg03169.html - Email conversation between MediaDefender and the New York State Office of the Attorney General on providing the latter party with a database of keyword-matching media served up from p2p hosts in the New York State
msg01444.html - Login details for the "temporary miivi replacement" madliq.com at networksolutions.com
msg02281.html - Wikipedia censorship
msg03039.html - Response to MiiVi.com stuff, shutdown -h on the server, redirect to random IP, etc
msg01439.html - "Want to keep the confidence of the troops. Truth is I don't give a crap about most of this shit"
msg01017.html - Handling emails from MiiVi users - "I don't want MediaDefender anywhere in your email replies to people contacting Miivi ... Make sure MediaDefender can not be seen in any of the hidden email data crap that smart people can look in"
msg00561.html - Encryption source code, store key in first four bytes and then some bitshifting/anding/magic constants to mangle the key and xor each byte of data
msg03962.html - Stefan, their cryptology expert, writing his own "https socket" so as to hide the protocol data, but then realizing that "SSL won't be useful for hiding the protocol because the decrypted data would be visible through the browser".
msg00734.html - SEO for miivi.com, "We need to get as much search traffic as we can"

should have kept quiet about the source

[r00t]

A continuing leak would be valuable.

Hopefully the passwords were put to use.

So, hypothetically...

[r00t]

What could a person do with this? Ideas? Another poster said bank routing info too.

Vague guesses:

Sell their home?

Buy shares to prop up a crappy stock (like SCOX) for pump-and-dump?

File a messed-up tax return? (maybe trigger an audit or eliminate a refund)

Purchase child porn from an FBI agent?

Start a dumb lawsuit in their name? (them as plaintif)

Get them a divorce?

Come on now, let's have some ideas... not that any of us would ever abuse such respectable people...

Re:So, hypothetically...

[scoot80]

Set up an internet account in their name and start downloading music and movies?.. From.. FreakTorrent?

you surely can

[someone1234]

I see two ways:
1. send them anonymously, i'm sure someone curious enough will read through it, and there is a chance they will find it interesting
2. pay them enough for the appearance in the news

Re:you surely can

[Earle+Martin]

s/run/ruin/;

Exclusive! New leak.

[Legion303]

This is from last night after news of the leak hit everywhere. Enjoy!

-------[snip]------
From: ceo@mediadefender.com
To: all@mediadefender.com
Subject: Oh fuck

Oh fuck me. Jesus fucking God. We are so fucked. What the fuck are we going to do?

Fuck.
-------[snip]-----

Re:The worlds smallest violin plays

[WNight]

Disclosing someone's lies is always proportional to telling them. If you don't want to have your lies spilled to the world, please try to conduct your affairs so that fraud and misrepresentation are not required. Thanks.

Link to deposition

[SL+Baur]

An article was just posted yesterday; here's the main link:
http://yro.slashdot.org/article.pl?sid=07/09/14/1723253

A direct link to the deposition is here:
http://info.riaalawsuits.us/umg_lindor_070223JacobsonDepositionTranscript.txt

Warning: It's long, but inherently pornographic in nature as the "expert" witness isn't wearing any clothes by the end of it. Enjoy!

I found this appropriate

[buman]

http://www.youtube.com/watch?v=6gmP4nk0EOE

Re:Student filesharing...

[Archades54]

This is the RIAA. We have a court order for you to give up her full name, address, etc.

On a more serious note...that was the cool thing about lan's back in the day, apart from the leechers lagging the current game played.

You're absolutely right

You're right about this, of course.

Where I work, we have developed a very big and very successful web site over the past 10 years. We're an old school company, but we've managed to move 50% of the business to the web, no thanks to marketing (clueless) or anything like. In short, we are one of the biggest successes the company has had in it's 30 year history.

Well, they reorganized, and they hired an MBA type to run the web division, who knows nothing about the web. Nada. But instead of asking for advice for people older and more successful, he simply talks out of his ass. Worse, when there is a genuine concern over the technology, he asks questions in front of the clients, but he doesn't actually ask them to get the correct answer, rather he asks them to show the customers how smart he is.

And so when I will answer his questions, he simply cuts me off. Now, fortunately, I do not work directly for him, but my colleagues do and they are terribly frustrated by arrogance, ineptitude, and most are transferring away.

The really funny part is he came from a company with a well publicized failure to move a significant portion of the business to the web, and now when he comes to a company that is successful, he needs to leave his mark. And it won't be a good one.

So this does not one any good, because what he'll do is stay for a year, and move on, and somehow take credit for a website that was successful when he was still boozing it up at a University. The company's success is irrelevant to him, because the damage he causes certainly won't be on his resume, and we'll be f*cked.

Don't go blahbob on me, boy !

[unity100]

Security crowd had just got a phletora of new terms. like,

- Hey, if you blahbob this one, you are so out

- Man, your code is sooo blahbob

- Last night someone from sales pulled so bad a blahbob that i had to spend half of the night to fix it

- After his fifth blahbob, they decided he would be less harmful in customer service

Re:Don't go blahbob on me, boy !

[Entropius]

I like it! This could be the next santorum!

Re:at times, excuses come from human beings

[unity100]

How about you be a black man during the Jim Crow era. Plenty of vigilanteism then. It didn't work back then, and it's not going to work now.

something havent worked in an occasion, or even most occasions does not mean that its not wanted, or its not right.

french revolution is a big heap of vigilanteism, as per your argument. if that hadnt happened, we were still subject to kings, and were below some aristocratic class.

Re:the worst thing that could have happened to the

[harmonica]

This could really put a big dent into both the "credibility" of the RIAA and MPAA as well as turn public opinion.

Only if major news outlets pick this up and spend a lot of time explaining the details. I doubt that's going to happen.

The MiiVi thread is a good read

[horza]

Even just this one thread has plenty of goodies. Being busted by Digg, pointing their MiiVi domain to a random IP to try throwing people off the scent, orders from on high to subvert Wikipedia, and Ben Grodsky's relief that someone other than him is taking all the hate. If you go to the Google Alert - Miivi thread they imply that they post positive comments on Slashdot as fake users.

Later on Ben Grodsky talks about editing Wikipedia, emailing the admins, then making further changes later when no-one is looking, after which he then goes on to say they should lie and misdirect job applicants, denying they are working with MPAA or honeypot traps, just in case they are posing as applicants for more information.

Then to show they haven't learned their lesson, they relaunch miivi.com as www.viide.com. Thanks jrwr00 for the HTML versions of the emails. Thoroughly entertaining read.

Phillip.

Re:Student filesharing...

[LordSnooty]

Have to agree, the future will be share parties where you bring a bottle and a media player, or laptop, or USB hard drive... everyone shares and there's nothing the likes of Media Defender and other companies with their dubious business model can do anything about it. Back to the old days of swapping cassettes.

Don't try

[Chineseyes]

In related news Jay Maris is now very probably out of work and totally unemployable.


Don't feel bad for him there are wonderful career opportunities at:

McDonalds
UPS
Burger King
Geek Squad


Personally I'm rooting for him getting a position at Geek Squad. The humiliation of having to ride around in that car and wear those clothes is a good start to some sort of punishment.

Re:Student filesharing...

[Technician]

Sneakernet is nowhere near the threat the internet and P2P is. Letting you actual friends borrow your music is a far cry from those gits who want to share music with the 5 million people on the internet.

Are you serious?

I'll race you. The first one with a 60 gig collections wins. I'll compare notes at 6:00 tonight. You just use P-P on any .edu LAN. I'll just check with friends and not use the LAN.

Entrapment? University of Law and Order?

[stonecypher]

Entrapment only applies to the police. There's no such thing as corporate entrapment. Stop learning your legal terminology from Sam Waterson. He's a TV actor.

It gets really tiresome to see stories with enormous flaws like this on Slashdot. You guys make more than enough money to hire an editor. Maybe it's time. All they'd have to do was once-over the stuff that made it to the front page. You could pay some college kid $25k/y, and you'd make it back on not paying for bandwidth for people like me who've been begging you to come up to the journalistic standard of a small-town arts newspaper for ten years now.

Re:Student filesharing...

[Technician]

This is the RIAA. We have a court order for you to give up her full name, address, etc.

Just like the rest of your cases, you have failed to state a claim. Please list at least one song which you own the copyright to and the date and time of the alleged infringement.

I don't respond to phishing.

now with actual phonecalls

[supplex]

MediaDefender-Defenders Date: 2007-09-16 MediaDefender-Defenders proudly presents some more internal MediaDefender stuff... more will follow when time is ready. MediaDefender thinks they've shut out their internals from us. Thats what they think. The past 9 months we also monitored MDs phone systems. This is just one phone call, 25 minutes long, with the New York State General Attorney. Spread it like the wind! Someone willing to transcribe this so the search engines will find it as well? MediaDefender-Defenders

IPs are more fun...

[Xenographic]

The IP lists are FAR more fun, though. I don't know about you, but I have NO intention of doing anything worse than copyright infringement. As a bonus, they list their method for spotting Macrovision trackers: they apparently all use dyndns. All the Macrovision trackers pointed to the same IP, but I figured it's better to list the whole class C. They may change it tomorrow, though.

Here are the IPs I found from some of the better lists I've seen posted (thanks to the Internet, I never even had to download the stupid torrent):

38.99.252.0 - 38.99.255.255 MediaDefender
63.208.196.0 - 63.208.196.255 Macrovision
64.86.230.0 - 64.86.230.255 MediaDefender
64.93.88.0 - 64.93.91.255 MediaDefender
65.120.42.0 - 65.120.42.255 MediaDefender
66.110.61.0 - 66.110.61.255 MediaDefender
66.198.35.0 - 66.198.35.255 MediaDefender
129.47.9.0 - 129.47.9.255 MediaDefender
205.177.78.0 - 205.177.78.255 MediaDefender
207.45.196.0 - 207.45.196.255 MediaDefender
209.133.104.0 - 209.133.104.255 MediaDefender
209.151.247.0 - 209.151.247.255 MediaDefender

Vista 64 driver signing?

[Myria]

Can the certificate be used to sign drivers for Vista 64? =)

Your site requires a password, by the way.

Re:Flawed Argument

[sjames]

Well, because their legal argument is that you are not just potentially downloading the copyrighted material, but that you are then making it available to others for download (copying it), without written permission, you would still be screwed in court if you admitted to downloading (and therefore uploading) the file. Hence the outrageous amount they ask for per infraction/song: $.99*x-people who may have downloaded.

The crux of the argument is that since they are giving it to you over a P2P protocol, they do so knowing your intent, so they are tacitly approving of the later uploads.

What I wonder is just how sure do they have to feel that 100% of their customers will rip and upload a CD before selling CDs becomes tacit approval.

Legendary leak

[MeridianOnTheLake]

Legendary! This boosts my faith in the need for a strong hacker community -- one of the last remaining brakes on the relentless march towards a world of corporate fascism.

Re:I have looked into the news, and i just felt th

[Ilgaz]

this is something big.

real big. It is much more bigger if you get the mails yourself and check them. People are focusing on "funny" or "obvious" stuff, it is much more than that.

It is comparable to Watergate of Media in 2007. The entire large media industry.

There is a company asking for p2p data to choose next single of their artist. There are companies mentioned for "meetings", there are some DVD protection companies who are involved in this business... Anything you can imagine.

In fact people hating piracy and never pirated anything should check to choose what companies they should trust their privacy to, e.g. while buying online media.

Re:this is (cr)hacked data

[Ilgaz]

If you download this, can you be trusted to be ethical with other data that's not yours ?

The bloom is on the fruit. I wonder if there are companies who are involved in posting stuff to Slashdot as AC or Digg.com with fake username just to change scope of discussion to something else.

Read the mails and see how they give a heck to your privacy.

Re:Student filesharing...

[rtb61]

Apparently shared USB hard drives are now the most popular medium. They are shared amongst friends, who all add content, from other friends who get content from other friends etc. and they only remove 'er' shared content upon mutual agreement (once everyone has got it to their own personal data storage), size of drives generally around 300 gig, so now, it is sort of sneaker mesh networking, it's cheaper and quicker than P2P or torrenting it off the internet ;)}.