Slashdot Mirror
MediaDefender's BitTorrent-Based DOS Takes Down Revision3
Sandman1971 writes "Over the long Memorial Day weekend, Revision3 was the target of a malicious Denial Of Service Attack which brought R3 to its knees. After investigating the matter, it was discovered that the source of the attacks came from MediaDefender, the famed company hired by the MPAA and RIAA to try and stop the spread of illegal file sharing. The kicker? Revision3 was taken down for running a bittorent tracker to distribute its own legal content."
Looks to me like MediaDefender is in clear violation of at least two subsections of 18 USC 1030. Where is the federal criminal investigation?
I look forward to the indictment, conviction, and imprisonment of the executives of their operation.
Failure to achieve these things will not reflect well on the fitness of the rulers to rule.
ROFL... You must be new here. Allow me to welcome you to planet Earth. Expect no useful action against Media Defender. And again, welcome to our humble planet...
... you can hear is R3's lawyers leafing through the 2008 Mercedes catalog.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
>>Revision 3 should have just sued, and sued BIG. By discussing it so glibly, and in such detail, on their blog they're jeopardizing their case. A huge financial hit would hurt the RIAA's cronies a LOT more than a little negative publicity from a blogger
Except then RIAA could have just paid up and fixed their scripts and moved on.
The FBI investigation is going to turn up more dirt and likely will lead to lots of discovery. Imagine the connections between organizations proper discovery could come up with. Also imagine the work needed to comply. "Ok, RIAA turn over all correspondence you have had concerning enforcement for the last 3 years".
This does not mean Revision 3 can't sue for damages. But letting the FBI get the ball rolling is the first step. And if the FBI do lay charges then the money part gets a lot easier.
they'd risk further massive DDoS attacks in retaliation if they did file a lawsuit.
That would be the best thing that could happen. Judges have absolutely no sense of humor about people who pull shit like that.
Sure, R3 may disolve before it can file a civil suit, but I imagine the US goverment will hold together long enough to bring criminal charges against MediaDefender.
DOS attacks are a felony. People go to jail for committing felonies.
R3 can sue, in addition to the criminal charges brought forward by the state, in order to recoup any damages sustained by the attack, but even if they don't, MD still has to face the federal government for breaking the law.
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
Not to mention any discovery in this matter can and WILL be used by states who are currently investigating mediadefender for performing investigations without proper licensing.
They have a 9 gigabit connection dedicated to launching illegal DoS attacks. I wish I was joking.
Hard.
"Move it's own media files" means they were probably using it for jamming operations against other trackers. Meaning they hacked the server, went to other bittorent sites, said "hey, we've got tasty files here, but only 91% of complete garbage", used revision3 as their server so everyone thought it was kosher instead of, say, Media defenders IP range, and when revision3 kicked them off their servers decided to reconnect and DDOS'd them. Because the input bandwidth was intense for the fubar'd uploads and they had just been cut off of their primary source, they used all available bandwidth to reconnect and DDOS'd.
What's going to happen here is a combination between defamation of character suites and hacking lawsuits. Those are the kinds of suites that put people out of business and in jail.
The RIAA and MPAA just shot themselves in the head on this one and their shell company is going to go tits up due to it. That's going to have a concussive effect on the other shell companies which will have a bad effect on their anti-piracy campaign.
signed,
The Rest Of The Planet
Quo usque tandem abutere, Nimbus, patientia nostra?
The story is all over the place now. You can read about it at CNET at http://news.cnet.com/coops-corner/?tag=cnetfd.blogs
as well as Valleywag http://valleywag.com/393955/revision3-ceo-antipiracy-group-attacked-our-network
I was able to grab the blog post:
As many of you know, Revision3's servers were brought down over the Memorial Day weekend by a denial of service attack. It's an all too common occurrence these days. But this one wasn't your normal cybercrime - there's a chilling twist at the end. Here's what happened, and why we're even more concerned today, after it's over, than we were on Saturday when it started.
It all started with just a simple "hi". Now "hi" can be the sweetest word in the world, breathlessly whispered into your ear by a long-lost lover, or squealed out by your bouncy toddler at the end of the day. But taken to excess - like by a cranky 3-year old-it gets downright annoying. Now imagine a room full of hyperactive toddlers, hot off of a three hour Juicy-Juice bender, incessantly shrieking "hi" over and over again, and you begin to understand what our poor servers went through this past weekend.
On the internet, computers say hi with a special type of packet, called "SYN". A conversation between devices typically requires just one short SYN packet exchange, before moving on to larger messages containing real data. And most of the traffic cops on the internet - routers, firewalls and load balancers - are designed to mostly handle those larger messages. So a flood of SYN packets, just like a room full of hyperactive screaming toddlers, can cause all sorts of problems.
For adults, it's typically an inability to cope, followed either by quickly fleeing the room, or orchestrating a massive Teletubbies intervention. Since they lack both legs and a ready supply of plushies, internet devices usually just shut down.
That's what happened to us. Another device on the internet flooded one of our servers with an overdose of SYN packets, and it shut down - bringing the rest of Revision3 with it. In webspeak it's called a Denial of Service attack - aka DoS - and it happens when one machine overwhelms another with too many packets, or messages, too quickly. The receiving machine attempts to deal with all that traffic, but in the end just gives up. (Note the photo of our server equipment responding to the DoS Attack)
In its coverage Tuesday CNet asked the question, "Now who would want to attack Revision3?" Who indeed? So we set out to find out. Internet attacks leave lots of evidence. In this case it was pretty easy to see exactly what our shadowy attacker was so upset about. It turns out that those zillions of SYN packets were addressed to one particular port, or doorway, on one of our web servers: 20000. Interestingly enough, that's the port we use for our Bittorrent tracking server. It seems that someone was trying to destroy our bittorrent distribution network.
Let me take a step back and describe how Revision3 uses Bittorrent, aka BT. The BT protocol is a peer to peer scheme for sharing large files like music, programs and video. By harnessing the peer power of many computers, we can easily and cheaply distribute our huge HD-quality video shows for a lot less money. To get started, the person sharing that large file first creates a small file called a "torrent", which contains metadata, along with which server will act as the conductor, coordinating the sharing. That server is called the tracking server, or "tracker". You can read much more about Bittorrent at Wikipedia, if you really want to understand how it works.
Revision3 runs a tracker expressly designed to coordinate the sharing and downloading of our shows. It's a completely legitimate business practice, similar to how ESPN puts out a guide that tells viewers how to tune into its network on DirecTV, Dish, Comcast and Time Warner, or a mall might publish a map of its stores.
But someone, or some company, apparently took offense to Revision3 using Bittorrent to distribute its own slate of shows. Who could that be?
Along with where it's bound, every internet packet has a return address. Often, particularly in cases like this, it's forged - or spoofed. But interestingly enough, whoev
Its doubtful that anyone will hack into any of those closed systems for the most part. However, I wouldn't be surprised to see mediadefender start getting nailed VERY hard bandwidth wise. I wonder how many syn packets or christmas tree packets it takes to fill up a 9gbps pipe?
According to CNET article http://news.cnet.com/coops-corner/?tag=cnetfd.blogs "At this point, Revision3 says it's not planning to file a lawsuit. Not because it doesn't have a case but pursuing a court remedy would likely cost a lot of money."
In theory, there's no difference between theory and practice; in practice there is.
Sounds like MediaDefender wants to take down *any* competition to their clients, illegal or otherwise.
"(Mirrordot seems to have died and the wayback machine doesn't have it.)"
The wayback machine doesn't have it? You mean this is fresh news!?!?
I'm waiting for a "-1 somepeoplejustshouldn'tgetmodprivileges" meta-moderation.
That reminds me of the classic joke:
Farmer Joe decided his injuries from the accident were serious enough to take the trucking company (responsible for the accident) to court. In court the trucking company's fancy lawyer was questioning farmer Joe.
"Didn't you say, at the scene of the accident, 'I'm fine'?" said the lawyer.
Farmer Joe responded, "Well I'll tell you what happened. I had just loaded my favorite mule Bessie into the...."
"I didn't ask for any details," the lawyer interrupted, "just answer the question." "Did you not say, at the scene of the accident, 'I'm fine'!"
Farmer Joe said, "Well I had just got Bessie into the trailer and I was driving down the road...."
The lawyer interrupted again and said, "Judge, I am trying to establish the fact that, at the scene of the accident, this man told the Highway Patrolman on the scene that he was just fine. Now several weeks after the accident he is trying to sue my client. I believe he is a fraud. Please tell him to simply answer the question."
By this time the Judge was fairly interested in Farmer Joe's answer and said to the lawyer, "I'd like to hear what he has to say about his favoritE mule Bessie."
Joe thanked the Judge and proceeded, "Well as I was saying, I had just loaded Bessie, my favorite mule, into the trailer and was driving her down the highway when this huge semi-truck and trailer ran the stop sign and smacked my truck right in the side.
I was thrown into one ditch and Bessie was thrown into the other. I was hurting real bad and didn't want to move. However, I could hear ole Bessie moaning and groaning. I knew she was in terrible shape just by her groans.
Shortly after the accident a Highway Patrolman came on the scene. He could hear Bessie moaning and groaning so he went over to her. After he looked at her, he took out his gun and shot her between the eyes. Then the Patrolman came across the road with his gun in his hand and looked at me.
He said, "Your mule was in such bad shape I had to shoot her. How are you feeling?"
That wasn't the greatest deal ever. Alan Sugar[1] sold Sinclair's existing stock of Spectrums for more than he paid for the company. Clive Sinclair hasn't made billions since then, I'm not sure if he even made millions, but Alan Sugar has made billions[3] - though not all of the back of that purchase.
[1] Who happens to be the boss in the UK version of The Apprentice - the UK's Donald Trump[2], in that sense.
[2] When initially writing this post I couldn't remember his name, so it originally read "that guy with the tall buildings and bad hair".
[3] In US dollars at least. His net worth was a bit shy of a billion quid last time I looked.
Chernobyl 'not a wildlife haven' - BBC News
Even with free lawyers from the EFF, the costs and risks of civil litigation could be substantial for what looks like a fairly small company. The alternative of focusing on maximising the free publicity and then keeping 100% of your effort on providing a great service might be a better business strategy. I'm just guessing, but if I was in Revision3's shoes I'd think long and hard before starting law suits that could easily tie up scarce resources. The upside could be big I suppose but it would be a gamble and also any payoff would surely be a long way in the future.
In theory, there's no difference between theory and practice; in practice there is.