Slashdot Mirror
Posting Publicly Available URL Claimed a "Hack"
Urban Strata writes "Popular mobile phone community HowardForums.com is being hit with take-down notices from MobiTV. At issue is the fact that a HowardForums community member uncovered a publicly accessible URL for MobiTV's television stream. This URL is not encrypted or authenticated in any way, and yet MobiTV sent site owner Howard Chui a cease-and-desist letter for hosting a forum with the public URL, claiming that doing so is equivalent to hacking their service."
I wonder how much their lawyer bills each time he has to send out a C&D for posting a link to qtv.mobitv.com/sprintTVlive.mcd.
Lookit me! I'm hacking the pentagon! And the CIA! And the FBI!
Hold on, one moment--someone's knocking.
In Xanadu did Kubla Khan
A stately pleasure dome decree
Seriously, this is probably something to draw attention to a service that few people knew about. Any publicity is good publicity, after all.
The simple truth is that interstellar distances will not fit into the human imagination
- Douglas Adams
Is it stupid to make your stream available unencrypted from a publicly available URLYes
I am Jack's complete lack of surprise.
"There are too many people freeloading nowadays. The internet makes it so much easier to freeload"
Jee, I wonder if you'd apply the same concept to OTA radio and Local TV with regards to magnetic recording media back in the 80s and 90s.
The fact of the matter is that they're claiming it is a hack, when it's their own stupidity and ignorance that allowed this to happen. Calling this a hack is just an attempt upon the person's character. People will begin to think the person that stumbled across this is a hacker, then they'll get that reputation, which in turn tarnishes the reputation of the non-hacker. It's character assassination and MobiTV should be nailed to the fucking wall while someone calls for their waaaaaahmbulance.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
No. There is nothing wrong with visiting a publicly available URL. No exceptions.
As always, that kind of position is missing the fact that google is technically doing the same thing.
It's not that far fetch: imagine you are googling for your favorite show, and find some url with a video stream; and it's form a respectable "nbc.com" or the like website. How do you guess it's supposed to be a paying service?
Want a real life example? The other day I was looking for some bash command help, and the third google result was from http://www.experts-exchange.com./ If you access it directly, it hides the answers and asks you to pay. But from google, you get to the answers directly because of some glitch.
What I'm saying is you can't blame the user (or here, the website) if they never went through a dsiclaimer page that made them realise: "well, if I click this link, I will have done something illegal". Free equivalent services exist.
Don't take my posts literally; it's just code to control my botnet.
The URLs obtained with this "hack" play just fine in Quicktime as well.
____
~ |rip/\/\aster /\/\onkey
Is it against the law to print the address of a person and that person doesn't lock his garage? No
What makes you think this is any different? Immoral != Illegal.
Hey, you should have paid 5 dollars to view this comment. Please cease and desist, because you are stealing my revenue.
"I only speak the truth"
Karma: null(Mostly affected by an unassigned variable)
I wonder if they decided it simply wasn't worth the development effort to put their content behind encryption? Maybe they thought litigation against improper access would be cheaper, or at least simpler. With the RIAA's successes in court over the lsat few years, there is some precedent for that idea.
Yes, I know, secure connections are not rocket science. But it's business; the path perceived most profitable is the path chosen.
You're going to encounter a lot of resistance trying to convince people that freeloading in this fashion is "wrong". After all, everything else on the web that's publicly accessible is considered to be 'free'; if they've made this publicly accessible without even a username/password or SIM verification or whatnot, then they've made it equivalent to any other webpage out there.
Also, they're not -prevented- from receiving revenue. Those people who have subscribed and paid are still (unless they take the time to unsubscribe) subscribed and paying. They may not be receiving as much revenue per unit of usage, sure, but nothing has been done to -prevent- them from making money.
In Xanadu did Kubla Khan
A stately pleasure dome decree
likewise: Illegal != wrong.
The OP merely said that it was wrong, he did not say that it was illegal. Wrong is clearly a statement of whether something violates ones morals (in this context).
Just sayin...
Do they have the right to send a letter asking them to stop? Sure. But this cease and desist letter goes far beyond that, it claims that they are infringing copyrights, trademarks and trade secrets and it claims so under penalty of perjury. Furthermore, they state they have also sent such claims to the ISP, a third-party. I think that is unsupportable and illegal, and I don't believe they have the right to do that. It's libellous and if they take it any further, it's barratry.
Bogtha Bogtha Bogtha
This is a classic example of a site trying to be "secure" through obscurity. The correct response would not be issuing a take down notice, thus publicizing the issue. An intelligent response would be to move the service to a secure site that required credentials.
What exactly is MobiTV trying to claim is their IP? The URL? I didn't think such short addresses were copyrightable. I don't think they realize how the internet works. If I type in a URL in a browser, I'm sending a request for data back. It's up to mobitv what to return. If they don't want us to have access to the data, don't return it. Simple.
Is it wrong to walk into a public building? No
Is it wrong to walk into a gym where you dont have a membership and start exercising just because they dont bother to check ID's at the door? Yes
This is the same thing. It is not wrong to visit a URL. It is wrong to use a pay-service that you are not paying for.
Lets try to get this into your head: You are not entitled to everything you have "access" to. If you continue to live with this mentality, DRM will be shoved at you for every kind of content imaginable.
I concur, just because the door to my house is unlocked, that doesn't mean anyone is legally allowed to enter. IANAL, but this could be a similar precedent.
WRONG! YAdefinitelyNAL!
Entering a house or other property without permission is trespass. Visiting a website is not trespass.
If this were a precedent, people could start suing you just for surfing the web. Visit my website without paying? That's a default judgement for $2500.
yup, but if they can convince some judge who doesn't understand the issue that it is a hack, it is.
Let's go with something that fits the bill a little better. On a hot summer day you run a long garden hose out from your yard on the sidewalk turn it on and leave it running. Then you run an ad in the paper telling people that if they mail you five bucks they can use your hose to get a drink. But one day you notice a neighbor has been telling friends about your hose and they start coming by and getting a drink without mailing in the money.
You've put your resource out in a public place with no restrictions - and they should be accountable?
It's hard to believe that's how Micronians are made. Why don't we see it right now by having you both kiss one another?
So I guess this means /.ers will now change their sig from 09-f9-11-02-9d-74-e3-5b-d8-41-56-c5-63-56-88-c0 to qtv.mobitv.com/sprintTVlive.mcd....
I judt got a nre Kinesis keybiartf so please excusr ant egregiou typos.
More like: Is it wrong to walk into a library without a library card?
Learn to love Alaska
well they're within their rights in asking you to stop.
I have discovered a truly marvelous proof of killer sig, which this margin is too narrow to contain.
What about a publicly available URL for child porn? What about a URL to make donations to a terrorist organization? What about a URL where, every time you go there, it sets off an automated script that pulls the trigger on a shotgun and shoots an adorable kitten in the face?
Visiting a public URL in itself is never wrong. What you do there may or may not be. We aren't talking about just 'visiting a public URL.' We are talking about taking a service you don't pay for.
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
Is it a hack? No. It's an url.
Does it allow people to watch TV that they didn't pay for? Yes. The TV is offered for free. People who accept the offer can watch it for free.
Does it prevent Verizon and MobiTV from receiving revenue that they should from the streams? No. Verizon and MobiTV could just withdraw the free offer, and implement a different access-controlled method for the same video.
Is it wrong? No. Someone offers free goods. You accept the offer. You have not done anything wrong.
Does MobiTV and Verizon have the right to send a cease and desist letter? Yes. Anyone can write a letter. It means nothing.
Were MobiTV and Verizon stupid to offer this data online for free? Maybe -- It could have been done intentionally. Lots of people put video online, for free.
Were MobiTV and Verizon stupid to continue offering this data online for free, after they decided that they didn't want to? Yes.
In most places, it is illegal to leave a running car unattended, but it is not illegal to borrow something with permission. A sign saying "take one" is an invitation to take one item that doesn't belong to you. They have them at supermaket checkouts. If you are told you can take something, you may take it and it isn't illegal. In the example, the car was running, open, and with a sign indicating that the person should take a free joyride. If the sign can be reasonably assumed to be placed there by the owner (which would be reasonable, since in the example it was placed there by him) then it is perfectly legal to take the car. The only one that broke any laws was the owner, leaving the car running and unattended.
Learn to love Alaska
How am I to know that membership is required if they do not ID? If I walk into a Gym and no one IDs me, I think "hey, cool. public gym. didn't know they still existed". If I stumble across a link to a TV stream, I think "hey, cool. free video. I wish they had stripped the ads." I feel it is unreasonable to expect the end user to determine if he or she should be paying for a service. If the service is pay only, it should have some method of access control. A lack of access control implies free (as in beer).
-
Is it wrong to walk into a gym
FAIL. This is slashdot, you're supposed to make car analogies.
Linux, you magnificent bastard, I read the fucking manual!
...when a Second Life user bought land before it went to auction using a non-linked but publicly accessible URL and he was banned and his assets seized.
http://secondlife.typepad.com/
Some interesting background reading. They settled, but the "hack" question was never answered by the court .
Your house is private property, which is why people are not allowed to enter. It has nothing to do with whether the door is locked or not.
This situation is similar to putting up a big sign in your yard that is visible from public property, and then complaining about people who look at it. If you want it to be private, then don't make it visible from public property. Same thing with a URL. If you want the content to be private, then don't make the link publicly accessible. If you do make it public, you can't complain when people look.
Unix is user friendly, it's just selective about who its friends are.
Oy, metaphor straining!
Is it more like walking into a library w/o a card and browsing the stacks and reading in the library, or like talking a book home?
You can't use your metaphor without answering which, and the answer explaining which is the more correct metaphor is probably more work that arguing the case itself.
That said this "everything that's not nailed down is ok for me to walk off with" mentality probably IS keeping the DRM race ratcheted up.
SO YOU'RE GOING TO DIE: The Comic for Dealing with Death
The URL was not intended to be public and everyone involved knows this. It's like you're saying it's not wrong to burgle someone's house and steal things you don't own because they failed to lock their doors.
A recipe for misdirection:
* 1 link to "private" content
* 1 cup TinyURL(c) brand address shortening
* 2 lbs. unauthorized access
* 1 content owner
* An army of lawyers
Preheat oven to "Litigation". Route link through address shortening. Mix with unauthorized access, and let rise until content owner exclaims "IT IS TEH HAXORZ!1". Apply army of lawyers liberally to TinyURL for providing access to content. Place in preheated oven and bake until lawsuit reaches a golden brown. Cool before serving.
(Note: Recipe not tested.)
We aren't talking about just 'visiting a public URL.' We are talking about taking a service you don't pay for.
You're talking about leaving a cardboard box full of merchandise in a public park with a signs saying "take one, leave a dollar" and a cease and desist to a person who posts a sign saying "hey there's stuff in the park".
In short, we're talking about incredible stupidity.
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
Did anyone ready the PDF of the letter they sent to Howard . . . in Canada . . . citing the DMCA (a US law?) I don't know where HoFo's servers are, or if Canada has a DMCA-like law yet, but that seems pretty silly and maybe Howard should prep a backup server not in the US just in case. Then write the idiots at MobiTV a funny reply like the guys at the pirate bay do.
Silly MobiTV -- you can't copyright an URL!
everything in moderation
Browsing the stacks, in this case.
You're not preventing anyone else from browsing or checking out the books, and at worst you're taking up a little bit of space in the hall. The resources that you've accessed are still there for all the other patrons.
In Xanadu did Kubla Khan
A stately pleasure dome decree
No, It is not the same thing and there is nothing wrong with entering said gym and exercising without paying for it if the employees ALLOW you to do so. That is the equivalent here. They are allowing this access not the site owner exposing their non-existent security. They are allowing anyone that attempts to access this url open and free access with no restrictions. There is no DRM, there is no logon requirement, nothing. This is the same as putting the wares for your store in the middle of the street and then complaining when people take them without paying.
They can ask him to take down the url all they like, but If I was the site owner I would tell them to go fsck themselves and go secure their site. IF this was a hack of their security that was being exploited, that would be another matter but it is not. Advertising that their IT staff are idiots is not wrong and as long as they do nothing to prevent access to this URL by unpaid customers they are tacitly allowing such access.
"I feel it is unreasonable to expect the end user to determine if he or she should be paying for a service."
It takes an unhealthy dose of willful ignorance to fail to make that determination on your own.
And yet you're puzzled by why digital content producers try so hard to prevent their works from being 'mistakenly' acquired by people who (according to you) can't determine if they are entitled to said works for free.
"Ask not what your country can do for you." --John F. Kennedy
Is it wrong? Yes
WRONG. Based on your scenario we need to get permission from the site owner to visit any web site.
Any web site which is publicly available is de-facto a public web site. This is precedent since the inception of the www. Even if you had a button that said "Do not click unless you are a paid member of this site" you would have no legal leg to stand on if anyone else clicked it.
Everyone is making real property analogies to this. A web site is not a house, it is not a building, it is not a car. If it were, it would be taxed as such and we would all need written permission to visit each site.
channel name="MSNBC" href="rtsp://live.mobitv.com:554/1-CDMA.sdp" type="video/3gpp"
channel name="FOX News" href="rtsp://live.mobitv.com:554/8-CDMA.sdp" type="video/3gpp"
channel name="Discovery" href="rtsp://live.mobitv.com:554/3-CDMA.sdp" type="video/3gpp"
channel name="TLC" href="rtsp://live.mobitv.com:554/4-CDMA.sdp" type="video/3gpp"
channel name="Animal Planet" href="rtsp://live.mobitv.com:554/63-CDMA.sdp" type="video/3gpp"
channel name="NBC Comedy" href="rtsp://live.mobitv.com:554/1500-CDMA.sdp" type="video/3gpp"
channel name="ESPN Mobile TV" href="rtsp://live.mobitv.com:554/4103-CDMA.sdp" type="video/3gpp"
channel name="NBC Sports Mobile" href="rtsp://live.mobitv.com:554/1513-CDMA.sdp" type="video/3gpp"
channel name="Lipstick Jungle" href="rtsp://live.mobitv.com:554/1508-CDMA.sdp" type="video/3gpp"
channel name="Maxx Look" href="rtsp://live.mobitv.com:554/48-CDMA.sdp" type="video/3gpp"
channel name="Toon World TV" href="rtsp://live.mobitv.com:554/28-CDMA.sdp" type="video/3gpp"
channel name="Access Hollywood" href="rtsp://live.mobitv.com:554/1515-CDMA.sdp" type="video/3gpp"
channel name="Love Laffs" href="rtsp://live.mobitv.com:554/4104-CDMA.sdp" type="video/3gpp"
channel name="Bloomberg" href="rtsp://live.mobitv.com:554/52-CDMA.sdp" type="video/3gpp"
channel name="Tim Gunns Guide to Style" href="rtsp://live.mobitv.com:554/1519-CDMA.sdp" type="video/3gpp"
channel name="The Mic Hip Hop" href="rtsp://live.mobitv.com:554/910-CDMA.sdp" type="video/3gpp"
channel name="V40 Hot Hits" href="rtsp://live.mobitv.com:554/911-CDMA.sdp" type="video/3gpp"
channel name="Totally 80s 90s" href="rtsp://live.mobitv.com:554/96-CDMA.sdp" type="video/3gpp"
channel name="Double Z Country" href="rtsp://live.mobitv.com:554/72-CDMA.sdp" type="video/3gpp"
channel name="RandB Jamz" href="rtsp://live.mobitv.com:554/425-CDMA.sdp" type="video/3gpp"
channel name="Ritmo Caliente" href="rtsp://live.mobitv.com:554/97-CDMA.sdp" type="video/3gpp"
channel name="Chaos Extreme" href="rtsp://live.mobitv.com:554/913-CDMA.sdp" type="video/3gpp"
channel name="Shift Alternative" href="rtsp://live.mobitv.com:554/912-CDMA.sdp" type="video/3gpp"
channel name="USA Mobile" href="rtsp://live.mobitv.com:554/1503-CDMA.sdp" type="video/3gpp"
channel name="Bravo To Go" href="rtsp://live.mobitv.com:554/1502-CDMA.sdp" type="video/3gpp"
channel name="SCI FI Pulse Mobile" href="rtsp://live.mobitv.com:554/1501-CDMA.sdp" type="video/3gpp"
channel name="Oxygen" href="rtsp://live.mobitv.com:554/58-CDMA.sdp" type="video/3gpp"
channel name="Discovery Mobile" href="rtsp://live.mobitv.com:554/53-CDMA.sdp" type="video/3gpp"
channel name="A and E Mobile" href="rtsp://live.mobitv.com:554/17-CDMA.sdp" type="video/3gpp"
channel name="The History Channel Mobile" href="rtsp://live.mobitv.com:554/19-CDMA.sdp" type="video/3gpp"
channel name="NBC News Mobile" href="rtsp://live.mobitv.com:554/2-CDMA.sdp" type="video/3gpp"
channel name="Fashion TV" href="rtsp://live.mobitv.com:554/22-CDMA.sdp" type="video/3gpp"
channel name="Comedy Time" href="rtsp://live.mobitv.com:554/21-CDMA.sdp" type="video/3gpp"
channel name="MAXX SPORTS" href="rtsp://live.mobitv.com/50-CDMA.sdp" type="video/3gpp"
channel name="IGN" href="rtsp://live.mobitv.com:554/59-CDMA.sdp" type="video/3gpp"
channel name="Bombones" href="rtsp://live.mobitv.com:554/74-CDMA.sdp" type="video/3gpp"
channel name="CNET" href="rtsp://live.mobitv.com:554/23-CDMA.sdp" type="video/3gpp"
channel name="CSPAN" href="rtsp://live.mobitv.com:554/30-CDMA.sdp" type="video/3gpp"
channel name="CSPAN2" href="rtsp://live.mobitv.com:554/31-CDMA.sdp" type="video/3gpp"
channel name="Soulja Boy Tell Em TV" href="rtsp://live.mobitv.com:554/4100-CDMA.sdp" type="video/3gpp"
channel name="Ataku" href="rtsp://live.mobitv.com:554/83-CDMA.sdp" type="video/3gpp"
channel name="D40 Digital Camera" href="rtsp://live.mobitv.com:554/1346-CDMA.sdp" type="video/3gpp"
channel name="Bank of America" href="rtsp://live.mobitv.com:554/4101-CDMA.sdp" type="video/3gpp"
Wrong analogy. It's more like printing the address of an office where a company is giving away free samples. By creating a web service that is available at the given address to anyone who asks, that is exactly what MobiTV has done.
It's ridiculous for them to then complain that someone dared advertise what the company itself was doing. If they don't want people to take the product for free, stop giving it away.
Uh, don't think it's that clear cut.
If I'm surfing the dregs of the internet looking for coveted pics of Natalie Portman petrified and covered in hot grits, and some javascript redirects me to a child porn page am I:
1. A criminal?
2. A criminal if I don't close the browser within 5 seconds?
3. Innocent?
"I only speak the truth"
Karma: null(Mostly affected by an unassigned variable)
These meatspace metaphors just don't work when it comes to technology. It is wrong to walk into a library and take anything that's not nailed down. This is also preventing other library users from using those same resources. In this case, accessing the stream is not preventing paying customers from using the service. Therefore, the metaphor does not work.
I got nothin'
Is it wrong to walk into a car?
Pssst! Listen up! I've just discovered that an address where you can access intellectual property for free! The address is 700 Boylston St., Boston MA 02116. You know what? Between 9 a.m. and 5 p.m. every day they leave the door unlocked! That's right! You can walk right in!
And you know what you'll find? Millions and millions of books, including current bestsellers like Stephen King's Duma Key. Yep, you can just take it right off the shelf, sit down, and read it right there. Instead of paying $17 to $28 dollars, you can read it for free!
In fact, with a Massachusetts driver's license and a little sweet-talk it's not at all hard to do social engineering on the guy at the security desk and talk him into giving you an access card that will let you take that book right through security, right out of the building! For three weeks or more.
Is it a hack? Not really.
Does it allow people to read books that they didn't pay for? Yes
Does it prevent Scribners from receiving revenue that it would otherwise have received? Yes.
Is it wrong? No.
"How to Do Nothing," kids activities, back in print!
Yes, but public buildings and private gyms have clear demarcations as to what is public and what is not. If the gym has a dozen rooms and the first one I happen upon has no lock, no ID check, and no sign stating the requirement that you be a member, I cannot know to stay out; it could be demo equipment put there to entice me to become a member.
Similarly, if a URL doesn't have an authentication lock and doesn't say you must be a paying member to access, how can I distinguish pay content from a free giveaway?
What do you mean they cut the power? How can they cut the power, man? They're animals!
The best part of the cease-and-desist exchange was this:
"Originally Posted by mobitv
The url "qtv.mobitv.com/sprintTVlive.mcd" is not publicly available, nor is it posted anywhere on our website for viewers to access. The only way to access the links is through this url, and the only way to obtain this url is through hacking/debugging."
mobitv posted their "secret" URL in a message on the forum. So much for the trade secret claim.
Intron: the portion of DNA which expresses nothing useful.
If you don't want people looking at your naked ass all day, put your pants on in the morning.
You must be new here.
"I only speak the truth"
Karma: null(Mostly affected by an unassigned variable)
Here is about the best metaphor I can come up with.
You go to visit your local zoo because they have a rare tasmanian devil on display. Entrance fee is $5. You notice on arriving that the back of the cage for this animal is clearly open to the street at the rear of the zoo. Instead of paying your admission you walk around back and look at the rare animal without paying, from the street. The zoo then has you arrested for theft.
That's about as good as I can do.
Yeah, that's why some of us are not big fans of the child porn laws.
~ C.
How is it wrong to just visit a completely public URL? If they're losing money it's their fault; you can't just say that verizon losing money is wrong. How is that wrong? We're gaining value. Nothing has been destroyed here. This situation is purely verizon's affiliate being lazy and insecure, and you're just stupid for thinking it's wrong to take advantage of that.
Also, this reminds me of this story where reuters was accused of hacking for posting a publically-available but secret URL. Everyone thought it was a complete joke and reuters lined up its battalion of lawyers and pumped the plaintiff full of hot lead. How is this any different?
Now, if you click a link to a site that was showing video and stuck around to see what they had, pleading ignorance may be a little more realistic. But, once you learn that you're only able to watch that video due to a huge oversight by the site owner, I'd say the gym analogy is apt.
He's getting rather old, but he's a good mouse.
If you left your front door unlocked, would that entitle me to go inside, watch your TV, and raid the fridge? I think we'd all agree that in that case, a lack of access control does not imply free (as in the beer I found in your fridge).
The key question is "Did the user know he was not entitled to use this service?" Also, "Would an average person with no prior knowledge of the service assume that it is 'open to the public'?"
...some javascript redirects me to a child porn page am I: 1. A criminal.IANAL but, under current law as I understand it, you're now guilty of possession of child pornography. If you choose to self-report or are caught through other means, the best you can do is hope that you're not prosecuted because it was an accident. The same goes (I believe) for possession of stolen goods ("But I paid $$ for it in a pawn shop and had no idea it was stolen!") or possession of narcotics ("He said they were just OTC pills to help keep me from dozing off!")
Awkward laws... Any idea of a fix?
He's getting rather old, but he's a good mouse.
It takes an unhealthy dose of paranoia to click randomly on a link in a forum and think you're not supposed to be there, when there are no authentication checks along the way.
More like: is it wrong to walk into a building open to the public but secretly requires membership and gives you no warning that they assume you are trespassing.
They're also just asking for the Streisand Effect to bite them in the ass, especially with their lack of security. It would have been better to simply fix the security issues and watch the freeloaders drop off like flies. Instead they chose the route that will actually cost them the most since everyone is now well aware of it so the bandwidth will go up, they will still have to put up security AND they get bad publicity. Sounds like sticking up for their "rights" worked out well.
0x09F911029D74E35BD84156C5635688C0
Huh? The intent to view child porn is what's illegal. Visiting a site you didn't know contained it is not. And you probably aren't going to be able to find that stuff by accident, or it would disappear really quick. Google has probably crawled a site with child porn on it at some point, are they liable? For that matter, this is illegal text right..
/. says right down there that "Illegal" comments will be moderated. Say it gets modded way down. Does that mean you break the law just by visiting the story URL where you MIGHT see it... or is the URL only illegal if you set your threshold to read everything?
->here-
Now,
The law is all about intent. If I replace an image on my site people are hotlinking to with child porn, I'm the one getting in trouble for it, not the people who suddenly see it on their sites. (And yes, things like this have been done. I don't know about with child porn, but certainly with hate speech.)
In any case, the content at MobiTV is legal and publicly accessible.
"But you'd have to be really disconnected from society if you honestly thought that you just found a free gym."
So that gym I go to every Saturday to take martial arts has been charging all these years? Seriously, I go to a free gym every Saturday to train; the name is the Black and Williams Neighborhood Center just in case you think I'm bullshitting. These aren't unheard of in most civilized countries so one has to wonder who is really disconnected from society as per your statement above.
0x09F911029D74E35BD84156C5635688C0
Hear is one you drive up to open tollbooth and there is no one to take your toll and the lane had it's green light on?
A better analogy is: Is it okay to work out on gym equipment that someone has set up in your house, but not given you permission to use? The answer is yes, because it's my fucking house.
Oh, great.
Now you've opened up the line for yet another debate on the true meaning of "steal".
A lot of people don't accept that the legally-assigned right to profit from (propagation of) information (1) is a distinct thing from the information itself, and (2) can be and is destroyed / taken from the right-holder when unauthorized propagation of the information occurs.
I don't agree, and for that reason I don't have a big problem with the shorthand of calling it theft in casual contexts even though the analogy is imperfect.
Or rather, I wouldn't have a problem about it, except the reality today is it pushes the debate away from the issues as people wrangle about the semantics.
I'd suggest that your analogy could be extended thus:
A private, authenticated access system would be like having a dog show in a private venue. An open, public URL is like taking your dogs for a walk in Balboa Park. Everyone has the right to go there, and no one can stop you from looking at the other people and stuff there, too.
It's not that simple.
The information, or Verizon's copy thereof, or their legal suscribers' access thereto -- those things are not destroyed.
The legally assigned rights related to profit for distribution are damaged.
Yes, Verizon can and should take steps to protect that value; but that doesn't make ir "right" or "ok" to take part in destroying it just because it's easy to do so.
The law probably should state that making information publically visible by posting it on the web without protection constitutes an implicit license to all who visit that URL. This would clear up a lot of problems.
If it were so, companies like Verizon would get serious about protecting their web-based content (or, failing to do so, have no recourse). Unless/until it is so, their failure to lock the doors doesn't make it ok to walk in and take what isn't yours.
123 matches on Google as of 1:28 EST.
It's going to be fun watching this proliferate.
Having downloaded the file, which amusingly is still available, and persued its contents, I have the following question: Who the hell watches Lipstick Jungle on a cell phone? Who the hell watches Lipstick Jungle? What IS Lipstick Jungle? Whose mind is so vacant that they have to get a TV fix on their mobile phone?
As for the website itself, their complaint is rather like a bank putting all of their customers' account balances on a webserver, and then complaining when someone looks at someone else's account. Yes, the action is dickish at best, but the fact that it can be carried out is dickisher.
Exactly how is it taking advantage when a corporation places in the public domain a resource without any security whatsoever. This is no different then charging admission to an art show then leaving the windows open to the street and then complaining that a newspaper publishes the fact that all the art can be seen from the street through the window. Is it then immoral to stand outside and look at the art?
A url is no different than placing something in the middle of the public square for all to see. This was akin to placing their wares in a back alley, because not many people go there but that is still out in public. If you want to restrict access to something on the internet SECURE IT! Anything that is not restricted is in the public domain by definition. You could probably access this site completely by accident as a result of a search and you would know it is supposed to be pay only how? They have only themselves to blame that this url is not secured.
It's silly how so many comments are strange analogies to this, but I gave a weird true story of how I almost got into a lot of trouble for going to the wrong gym.
I signed-up for a morning exercise program with the park district was was held inthe high school. It was a weights and stationary cycles type of thing. The first day that I got there I went in the 'other' door into the gym and saw an exercise room with a lot of people my age working-out in there so I went in and got into it. Later the burly high school wrestling coach came in an put me in a hold and started yelling at me. Luckily when I could breathe I started talking about my wrestling coaches that I had in nearby schools and he let go of me. Then I explained my situation and he led me to another room where the program was on the other side of the main gym. It turned-out that this room was used by the coaches and teacher in the morning before work.
He was always really nice to me after that, and we talked a bunch of times after that about wrestling from 'back then'.
I had a little trouble getting Apache BasicAuth to work on a new page last night. (Hey, it was late, I was tired....) Did I say to myself "Eh, nobody will hit this overnight, so I'll just come back and fix it in the morning"?
No. I stayed up and fixed it. There'd be no one to blame but myself if I hadn't.
"Ain't no right way to do a wrong thing."
And therein lies the fault of your reasoning. THERE IS NO DOOR!
The Net is open. Period. If an engineer makes the decision (or in this case a business decision) to not put up a gate with a guard then MobiTV can expect anyone to enter.
Let's step back from the "home invasion" mentality. This is a business. Most businesses allow people to enter without ID. Take a SAMS Club or COSTCO, for instance, though. The doors are open but you need a membership to buy merchandise. You can look around for free, though. And guess what? They kick *everyone* out after business hours. So, you could spend all day in the store if you wanted to; but, you'd be asked to leave at closing.
You wouldn't be allowed to buy something until you were a member; so, you could watch TV all day in the store and no one would care. Eventually, someone would probably ask you to leave and you'd have to go. Bottom line is just get a membership before you try to buy that 50" LCD.
COSTCO and SAMS Club could tell people, "No ID? Get a membership before you come back." and they'd be justified to enforce that rule to perform their business this way if it was their choice.
With MobiTV - same thing. MobiTV needs to validate their users before serving media. They control the access and they are responsible for minimizing access to paying members only to protect their share-holders.
Also, this is not a "hack". This is a copy paste job at best. Sure, the guy might know how to use Ethereal and an application (or hardware(doubtful)) to capture the data packets from a phone - that only puts him in the power-user category. Hacking security requires a lot more understanding of how MobiTV safeguards their data and maybe a method to bypass their security.
But, none of that is being performed here - this guy simply stumbled across a URL that serves Streaming Video.
So, once again, someone's making a mountain out of a mole-hill. Plug your leak and move on.
For most state laws that I've looked at, if you encounter material that is child pornography, it is not criminal if you immediately report it and surrender it to law enforcement. This happens fairly frequently, and you only get embroiled in legal troubles if it's not clear that you happened upon the CP innocently.
It's also not a crime to be in possession of CP if you did not willfully acquire it and did not discover its presence. You may, however, have some significant legal wrangling ahead of you before that defense is accepted. (For example, one individual was found with an external hard drive containing CP on top of his computer. He claimed that he had purchased it from a neighbor and never used it. Forensic evidence corroborated this story, and so he was in the clear. His neighbor, not so much.)
Exactly how am I trespassing, standing on a public street looking into the exhibit that they failed to block?
Sorry, public urls are..well...public. If they do not want people accessing them they restrict them by placing login requirements. Similarly the zoo makes sure the exhibit is not viewable from the street and forces patrons to go through the entrance and pay the admission to view the exhibit.
... say someone took a bad analogy and stretched it even further, charging an arbitrary fee to read it ... would you be opposed to gay marriage?
BD Phone Home!
Shameless plug. Like you weren't expecting it.
You are the CEO of a multinational corporation. You manage the company into the ground. You are fired, but the golden handshake provision of your contract entitles you to 150M$. Money you didn't, in the strictest sense of the word, earn. Are you stealing?
Look, if I leave a sofa on the curb in San Francisco, and don't look like I am moving, it will disafsckingppear in less than an hour. The internet is no different; you make a stream avail without any protection, I tap into the stream, you don't want me to, you block it. You don't block, you are ok with it. Like leaving the sofa out, implied consent to access unprotected content/stuff.
Your argument essentially distills into having a house with glass walls in the middle of a crowded city and then complaining when people look in. Don't want observers, don't use glass walls.
andy
The web is a public network -- everything is assumed to be open to the public unless it's protected, at the very least, by a login. The fact that a someone intends for a page to be private doesn't make it so unless he does something about it. MobiTV is at fault for hiring an incompetent web designer. Period.
Les Miserables Volume 1 now up with my reading of
Did these people learn nothing from the Wikileaks debacle? Or the AACS encryption key mess? Sending cease-and-desist letters and DMCA takedown requests over this sort of information only results in it being distributed more widely and seen by far more people.
bacause they are used to convince law makers and the general public to pass draconian laws, and lock people up for unreasonable amounts of time.
It isn't steal, it's copyright infringement. There are two different terms for very good reasons. Copyright issues are very 'hot' right now so diluting and / or confusing the issue doesn't help.
The Kruger Dunning explains most post on
Getting something you should not, and for free, is stealing? Wow, I hope you kept the receipt for that law education. You need a refund.
All the analogies in the world will not change the fact that you are aware that you are getting something that you shouldn't be. Nuff said. End of story. Goodbye.
To make it clearer, if somebody were to put a TV in their shop window with new movies playing and say that only people who paid for it may watch and all others must leave a public sidewalk, it would be ridiculous.
They are essentially asking for that, since the internet is accessible to the public (albeit not for free like the sidewalk) and they are not taking sufficient responsibility for the restriction of viewing.
Ah, the parade of false analogies is here.
"You are the CEO of a multinational corporation. You manage the company into the ground. You are fired, but the golden handshake provision of your contract entitles you to 150M$. Money you didn't, in the strictest sense of the word, earn. Are you stealing?"
The CEO indeed did not steal, but the reason isn't that the company from whom he takes the money left it unprotected; it's that they gave explicit consent that in those circumstances, he would be allowed to take that money.
By contrast, putting content on a URL you don't publish is not accepted (by society in general -- outside of technical circles -- nor by the law) as giving explicit concent for everyone to access that content. It probably should be, but it isn't.
A better analogy would be, a company has poor security policies and the account numbers for their corporate holdings fall into every employee's inbox. If employees make withdrawels, are they stealing? Yes they are.
"Look, if I leave a sofa on the curb in San Francisco, and don't look like I am moving, it will disafsckingppear in less than an hour. The internet is no different; you make a stream avail without any protection, I tap into the stream, you don't want me to, you block it. You don't block, you are ok with it. Like leaving the sofa out, implied consent to access unprotected content/stuff."
Neither restating how you'd like the social norms to be, nor citing other situations where the social norms are how you think the should be, has any connection to the discussion at hand.
Leave your car unlocked in parts of St. Louis, someobody will take your car stereo. The argument has the same logical structure as yours, yet it doesn't lead to the conclusion that taking car stereos from unlocked cars is ok. Abstraction and analogy is fine, but when you abstract away differences that matter, it's just sophistry.
"By contrast, putting content on a URL you don't publish..."
If the URL resolves, it has been published by the host. It's a trivial matter to make that URL not work except from an internal referrer.
Why yes, I AM a rocket scientist!
BZZZT, wrong. Only the owner of the sofa can file charges of theft on on the 'thief'. I cannot file charges on you for stealing my friends car, for example.
Public URLs do, in fact, imply consent because they are published (by the domain registry people) when they are created, whether you want them to be or not. Just because you put information on there you don't want public doesn't mean I'm stealing it if I view that information.
I'll grant that this is a gray area and I don't happen to think it's "morally right" to view the service, but that's not the same thing as stealing. I've had cable internet, specifically just internet, and also received television service. I informed the provider that I received tv though I wasn't paying for it and nothing was ever done to remedy the situation. After one notification, I no longer felt any need to justify my use of the television service I didn't order, but wasn't paying for either. Was I stealing?
Obviously the company in the article doesn't want people using the service, but to say those who are using it are stealing is not legally accurate, even if the moral ground is less clear.
That said, the site manager that listed the URL is under no obligation I know of (it is a public URL after all that is listed on multiple locations) to remove the link but he'd probably be wise to do so, if for no other reason than to limit time he'll have to spend in court, "guilty" or not.
"Growing old is inevitable; growing up is optional."
When I open a URL, there is a transaction between my computer and the host. Very roughly, it's like this:
Me: Hey, I have this URL. Can I get any content from it?
Them: Sure, here's a video for you!
So, the gym analogy would be more like this:
Me: Hey, I saw this gym here. Can I work out?
Them: Sure, come on in!
If they don't want me to come in, they just have to say no. If MobiTv couldn't be bothered to say no or check IDs at the door, they have effectively allowed me in.
Anyay, whether you 'should' or 'shouldn't' have something isn't so easy to define. Just because someone is making money off of something, that doesn't mean that obtaining that something for free is wrong. Pepsi and Coke make money by putting water into bottles and selling it, yet I can get water almost anywhere for free.
My blog
So, it appears to be the same as your Free TV at home (if you have a good antenna) - you know, the Ad supported kind. You watch some digital stream that has Ads, how is it unreasonable to assume that it is not ad supported and free to the public?
In the end, it all boils down to, you make something public on the internet, users assume if there is not a login, it is free. If you don't want something free on the internet, make sure you protect your URLs. How is that so hard to understand and legislate - it isn't stealing because the content provider still has their content. The only thing consumed is bandwidth and server resources, which are always provided for free on publicly accessible URLs.
If you do not want people to leech anything from your servers, you need to ensure that your PUBLIC FACING ON THE INTERNET servers protect their content.
Sleep: A completely inadequate substitution for Caffeine.
I run my access point completely unsecured. I don't find it rude at all when people use it.
How do you know if your neighbor minds? Hell, I could be your neighbor.
If I put an old computer on the curb, it's free for the taking. It would be quite stupid to assume otherwise. And the law says your trash is public property once it's set out on the curb.
I see your argument running out of propellant.
TV delivered to your phone costs money if you use service X. You can watch TV for free with a TV. This isn't stealing anymore than taping a show on ABC is stealing. MobilTV wants to add a charge to free TV to cover the convenience of having it delivered to your phone. They do so in such a way that everyone can use the service without much trouble.
Incredibly stupid business decisions should not be protected with a C&D to remove an entire forum thread. Free societies have already established that telling someone how to do something illegal is NOT the same as doing it. I can teach you how to circumvent security and not break any laws. If you use that knowledge to rob a bank, the crime is robbery and you will go to jail. I'm not going to be culpable for merely providing you with information on how security systems work. If people post about taking something that is a paid for service, then that is evidence of a crime, but the forum thread is protected speech.
Stealing is ingrained into our species. We steal when we can get away with it and always have. People steal on an individual level and on a group level. You are deluded if you think that theft will ever vanish from our species-it has provided an advantage to us for far too long. (Nations invade and conquer, thus stealing the land and resources of their neighbor; American settlers in the late 1800's "squatted" on public land and converted it into private holdings in violation of the law; Corporations regularly violate the law for economic or political gain as Enron and AT&T are both examples as is Microsoft.) These behaviors are neither unique to our times nor represent some sort of "moral decay" in human society. Nor do I suspect will such behaviors have any impact upon how our species will respond to any looming crises: We will do what we always do: fight, kill, steal, and generally survive. Those that are unwilling to do what ever it takes to survive a massive crisis will die. Same shit different century.
Creative Spelling Copyright (2002). May use without Persimmons
They made it publicly available. It's the same as watching an HBO broadcast in a store window. If you do something silly in a public location, the public cannot be blamed for viewing it.
Or, even better; there used to be a hill you could sit on in this town that let you watch over the fence into a drive-in movie screen. Is that theft? No; it's just spillover, a consequence of where the theater was located. They are broadcasting into the public space. They could have raised the fence another twenty feet to fix the problem, but they didn't care enough to.
This site could have restricted the accessibility of the URL, but didn't care enough to.
Plus, as a practical matter, they are now the latest idiot of the week on the internet. There is no way this will work out in their favor.
In a country where someone can spill hot coffee on themselves and win a lawsuit because the coffee was hot , please define an unhealthy dose of willful ignorance.
Mean what you say...say what you mean.
So You Hacked Our Site!?
I think someone should trademark the term "Hacking," as people take it to mean both "trespassing online" and "breaching our illusion of security."
"We are Microsoft. You shall be assimilated. Competition is futile."
A website isn't a private home. Your analogy is a complete failure. It's more like saying that my big-screen TV on my front porch can't be watched by anyone. Nobody set up a proxy into a private network nor did they give away a password. TFA doesn't talk about poor encryption or an obvious password. I didn't even notice anywhere it said that the site streaming the video had a proprietary content advisory. If something is made publicly accessible and not advertised, it's still publicly available.
The internet home analogy is broke. Just like darn near all analogies around here...anyway. The internet is a public place. Every URL on the internet is a public URL. Every single one. It's the nature of the network. It is up to the owner of the URL to ensure that, if required, those who visit it are not able to access more than the URL owner desires. This debate is stupid.
I am a viral sig. Please copy me and help me spread. Thank you.
I reformatted the links to work in Firefox, am I a l33t hacker now too? Fox News MSNBC Discovery TLC Animal Planet NBC Comedy HD - NBC Comedy ESPN Mobile NBC Sports Mobile Lipstick Jungle HD - Lipstick Jungle Maxx Look HD - Maxx Look Toon World TV HD - Toon World TV Access Hollywood HD - Access Hollywood Love Laffs HD - Love Laffs Bloomberg Tim Gunns Guide to Style HD - Tim Gunns Guide to Style The Mic Hip Hop HD - The Mic Hip Hop V40 Hot Hits HD - V40 Hot Hits Totally 80s 90s HD - Totally 80s 90s Double Z Country HD - Double Z Country RandB Jamz HD - RandB Jamz Chaos Extreme HD - Chaos Extreme Shift Alternative HD - Shift Alternative USA Mobile HD - USA Mobile Bravo Mobile HD - Bravo Mobile SciFi Mobile HD - SciFi Mobile Oxygen HD - Oxygen Discovery Mobile HD - Discovery Mobile A&E Mobile HD - A&E Mobile The History Channel Mobile HD - The History Channel Mobile NBC News Mobile HD - NBC News Mobile Fashion TV Comedy Time HD - Comedy Time Maxx Sports HD - Maxx Sports IGN
Sure. And the webserver is your property. And your property sent me a copy of your webpage.
You really don't get the point of a public URL. It's like a phone number. There's no law against calling a phone number, even if the answering machine is playing copyright songs.
There is a huge difference between this and logging into account. You have to have a url and some form of authentication to log in to an account and access the data. MobiTV has a url with readily available content but no authentication is required, thus there is no account to hack.
When you go to a url, one of two things happens:
1. The content is served regardless of who you are.
or
2. The server asks for some form of authentication and if the proper response is received, the server responds with the content.
It is hacking if you find a way to circumvent #2 but it is not hacking if #1 happens. When you go to the MobiTV urls, #2 is expected to happen but #1 is happening instead with no additional action on your part. There is nothing illegal about your actions when that happens, only stupidity on the part of MobiTV.
Both of these analogies involve physical theft. If I take your radio, or if I withdraw money from your account, you no longer have that item/money. While bandwidth is not free, using the WWW the way it was intended by downloading the content available at a publicly-accessible URL is not in the same ballpark. Morally, if those people knew the URL was intended to be private, they are guilty of freeloading, but it's certainly not equatable to theft.
Stop, Thief!