MediaDefender's BitTorrent-Based DOS Takes Down Revision3

Sandman1971 writes "Over the long Memorial Day weekend, Revision3 was the target of a malicious Denial Of Service Attack which brought R3 to its knees. After investigating the matter, it was discovered that the source of the attacks came from MediaDefender, the famed company hired by the MPAA and RIAA to try and stop the spread of illegal file sharing. The kicker? Revision3 was taken down for running a bittorent tracker to distribute its own legal content."

Criminal investigation?

[mrbah]

Looks to me like MediaDefender is in clear violation of at least two subsections of 18 USC 1030. Where is the federal criminal investigation?

Re:Criminal investigation?

[Penguinisto]

Hella nice! (TFA is 404'd here too).

So... how long until we see MediaDefender's board get perp-walked? (too much to hope for seeing the RIAA board getting arrested, but hey...)

*sigh*... I know, I know. MediaDefender will likely claim that some poor (scapegoated) bastard employee of theirs did it without authorization, yadda yadda... then said poor bastard will get to watch in horror as his entire life goes down the toilet.

Then again, if it does go down like that, it would stand as a prime example of how one should always give priority to personal ethics before accepting a job offer...

/P

Re:Criminal investigation?

[provigilman]

Even worse though, Media Defender allegedly committed a crime in response to a perfectly legal activity. The only thing on that torrent tracker, prior to Media Defender injecting all sorts of nastiness into it, was just their own videos and podcasts. Basically, it's no different than an RSS feed you'd get from some place like /., they just used BitTorrent to do it.

Re:Criminal investigation?

[ePhil_One]

Your argument contains one common fallacy. Corporate executives aren't even remotely normal. The executives aren't being sued, the company is. This sort of "Take-down" company is treading on thin ice legally, one such misfire as this and they can lose the company.

Trick is, they are well aware and have likely structured the company to allow a simple simple collapse w/ minimal loss, after which MediaProtector will be reborn from the ashes, a completely different company w/ the exact same staff and an identical client list.

Best bet is to go after the company that hired them; prove they paid this company to break the law for them. The RIAA/MPAA will have a harder time collapsing and reforming...

Re:Criminal investigation?

[NotBornYesterday]

Best bet is to go after the company that hired them; prove they paid this company to break the law for them. The RIAA/MPAA will have a harder time collapsing and reforming... Didn't Tanya Anderson sue them under RICO laws? What you describe is the kind of shell-game asset preservation that RICO was designed in part to thwart. IANAL, and can't say whether those particular laws would apply in this case, but I'd love to see the poetic justice of the mafIAA brought down by laws designed to take down the original mafia.

Re:Criminal investigation?

[mishehu]

Actually, the corporate shield doesn't provide complete immunity. This being a criminal offense being committed by the company, I highly doubt that the heads of the company could simply say "oh gee, so and so wanted us to do it, and we have this agreement with them that absolves us of all wrongdoing." IANAL but my lawyer has advised me of such in the past when I was asked by previous employers to sabotage clients' networks to generate more income for the company - I would have no legal shield saying "my boss said to do it so I did like a robot." He also reiterated that the same goes for the officers and board of a corporation along with its employees.

The more likely scenario is that they had some patsy of theirs perform this attack, and they'll feed him straight to the feds to save their asses.

Re:smells like...

[scubamage]

Not to mention any discovery in this matter can and WILL be used by states who are currently investigating mediadefender for performing investigations without proper licensing.

Re:Shouldn't have publicized it on their blog

[NotBornYesterday]

That 'huge financial hit' would be years off at best. R3 is trying to hurt them now while they can. They know that with deep enough pockets, the RIAA & friends can keep justice at bay almost forever. Contrary to their public boo-hooing over the cost of "piracy", the RIAA and MPAA are full of money.

What they need is public opinion. In order for them to be successful in curtailing "piracy", they need to convince a large percentage of the public of 2 things - 1) that they are in a morally superior position compared to those sharing files, and 2) that bad things happen to those who share files.

R3 is taking this opportunity to show that 1) the RIAA is a morally bankrupt group of thugs in 3-piece suits, and 2) the RIAA makes bad things happen to good and bad people indiscriminately.

I'd be surprised if a whopping big lawsuit didn't follow this, but I haven't been able to RTFA.

Re:god save their souls

[scubamage]

Its doubtful that anyone will hack into any of those closed systems for the most part. However, I wouldn't be surprised to see mediadefender start getting nailed VERY hard bandwidth wise. I wonder how many syn packets or christmas tree packets it takes to fill up a 9gbps pipe?

Re:Where did they get the firepower?

[DragonWriter]

They have a 9 gigabit connection dedicated to launching illegal DoS attacks.

Its going to be hard to blame that on a rogue employee.

A deliberate decision to acquire the instrumentality of a crime is frequently fairly convincing evidence of intent.

Good point.

[jd]

Although not a similar case, Clive Sinclair structured his company with an eye to surviving collapse. He split it into "Sinclair" (which carried all of the losses) and "Sinclair Research" (which carried all of the profits, intellectual property, et al). After the Sinclair C5 fiasco, "Sinclair" was sold to Amstrad for a small fortune (ie: he sold off the debt) and "Sinclair Research" (which had all the useful stuff and was now considerably richer) remained in his hands.

The idea MediaDefender is nothing more than a disposable front-end, therefore, is entirely possible and would make a lot of sense.

Re:Good point.

[mollymoo]

That wasn't the greatest deal ever. Alan Sugar[1] sold Sinclair's existing stock of Spectrums for more than he paid for the company. Clive Sinclair hasn't made billions since then, I'm not sure if he even made millions, but Alan Sugar has made billions[3] - though not all of the back of that purchase.

[1] Who happens to be the boss in the UK version of The Apprentice - the UK's Donald Trump[2], in that sense.
[2] When initially writing this post I couldn't remember his name, so it originally read "that guy with the tall buildings and bad hair".
[3] In US dollars at least. His net worth was a bit shy of a billion quid last time I looked.

Re:Good point.

[Tycho]

W.R. Grace and Company is the company responsible for 90% of the world's production of Vermiculite until the early 1990's. All of the vermiculite that W.R. Grace mined was mined from open pit mines located near Libby, Montana. All of the vermiculite from Libby had tremolite asbestos present in sufficient quantities to be carcinogenic to those who handled it. However, not all deposits of vermiculite have tremolite asbestos present. Unfortunately, the tremolite asbestos present in the vermiculite cannot be separated out. The dangerous types of asbestos are reasonably benign and of no immediate danger unless handled or disturbed in some way. Handling materials with asbestos will release asbestos fibers, which is surprisingly dangerous. Unless you are trained and have the proper equipment handling asbestos contaminated materials is a bad idea. Besides government standards allow for a reasonably high acceptable concentration of asbestos fibers in air. The asbestos fibers are released during natural weathering processes of natural rocks and soil and the fiber concentrations in the air should not normally be considered an issue.

Anyway, back to W.R. Grace and Company. The executives at W.R. Grace appear to have known about the toxicity of their vermiculite product since at least the 1970's and ignored the warnings. Additionally the executives appear to have covered up the information about the toxicity of their product as well. In 2000, W.R. Grace transfered assets worth about 4 to 5 billion dollars to spin-off companies. Shortly there after W.R. Grace filed for bankruptcy. This move appears to have been done to shelter assets from ongoing liability lawsuits brought against W.R. Grace from the sale and manufacture of asbestos contaminated vermiculite. Filing for bankruptcy could have ended any ongoing or new lawsuits for W.R. Grace. However the asset transfer scheme was discovered and now the current executives from W.R. Grace are now in even more trouble. This new trouble for the executives of W.R. Grace is of the criminal law type.

I think that in the case of W.R. Grace, the events seem to show that not all schemes of this type work.