Slashdot Mirror
MediaDefender Explains Itself
I Don't Believe in Imaginary Property writes "Wired has an interview with MediaDefender in which they try to explain why they attacked Revision3, which uses BitTorrent to host its own content. Somehow it eluded MediaDefender that they had injected fake content into Revision3's tracker, so when Revision3 changed configuration to forbid this injection, MediaDefender's systems saw it as a pirate tracker with lots of illegal content (which MediaDefender had put there) and attacked. In other words, everything they did was intentional except for the choice of target. Given that they have 9 Gbps of bandwidth dedicated to denial-of-service attacks against torrent trackers, all anyone needs to do is to trick them into attacking a hospital or government facility. MediaDefender has never been very competent, after all."
How is any of this legal? Injecting content, false or otherwise? DOS'ing a server? They're fighting fire with fire.
--why?
Shouldn't admitting to a DOS attack in and of itself get people arrested? Who cares what the site they are attacking contains? They are committing acts of digital vandalism. Jail, please.
Even if this story makes it to the mainstream media, its not going to get much airtime. Especially since no Joe User knows what Revision3 is. There just wouldn't be enough outrage to make it a worthwile story anywhere except the geek community.
If you distribute baking soda (sell/give away/etc) and tell people that its crack, you can be arrested and held to the same liabilities as if you had actually sold crack..in fact..some states have laws to where you'd get charged for selling it, but not possession. Some will tack on an extra charge on top of possession/sale.
So tell me why MediaDefender gets away with inserting fake data labeled as copyright-violating material into someone else's server and then going all vigilante on them. If you own the copyright you might be able to get away with it as its no longer in violation of copyrights since its yours, but since MediaDefender doesn't own them directly..
That on top of the damages they have caused this company, in either time, money, or business damages.
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
Media Defender ought to pay Revision 3 an undisclosed sum of money for the financial damage it caused the company.
But they're not going to do that.
Seriously, every single employee @ Media Defender needs to be anally raped with razor wire.
Isn't DoSing also a Homeland Security issue? Shouldn't their ISP have cut them off when they started doing illegal things like automatically targeting innocent companies with illegal DoS Attacks?
If someone did to MediaDefender what they do to EVERYONE ELSE, they'd be screaming bloody murder!
Finally, what if they DID actually DoS a company that caused someone to be hurt or die. Would they be liable for pre-mediated murder?
Although the FBI *is* investigating, be on the lookout for a hastily-written and passed-by-voice-vote bill by Congress OK'ing this behavior by MD.
Cheers!
Strat
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
Dear Public, Media, and our friends Revision3: We are very, very sorry. Our servers did bad, bad things to Revision 3 and WE HAD NO CLUE!! Please, take mercy on us. Sure, our severs were snooping around their legitimate BitTorrent tracker seeding maliciously. BUT WE HAD NO CLUE! Sure, our servers recently assraped their severs into oblivion, BUT WE HAD NO CLUE!! This is all one big, misfortune event. Our Friends at revision3, we are really, really, REALLY sorry. Please, we plead ignorance. Our innocent servers honestly thought you were running an pirate operation. Please accept our appologies (Pretty please! with a cherry ontop :))) We PROMISE we will NEVER EVER NEVER do it again.
Sincerely,
MediaDefender
Try to explain? The bottom line is MediaDefender attacked another commercial entity.
If someone throws a stink bomb through a brick & mortar storefront window, forcing the store to close, do you think the police would allow the offender to get off with saying, "oops"?
First off, theyre a coroporation in the midst of one of the most corrupt adminstrations in the history of the united states.
Second, theyre working for the **AA organizations, the darlings of congress, for whom no human rights violations are too great a cost, for whom ACTA is being negotiated to subvert those pesky public interest groups and constitutional protections present in every industrialized nation on earth, and for whom judges suspend several constitutional protections for due process.
In other words, they are above the law, and the public allows them to do so because filesharing = terrorism, after all bush said so.
VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
Because DDoS'ing is illegal, and there's no point suing them for that if they'll just be able to bite you back for doing the same thing.
Until then, denial of service & unauthorized access charges shouldn't have much trouble sticking.
The only reason Revision3 wouldn't take this all the way through trial is if MediaDefender offers them a pile of money greater than what R3 would win with a guilty verdict.
[Fuck Beta]
o0t!
I'm as confused as you are. The complete absence of any sort of order of events makes things more confusing.
Things I'm fairly sure of. Revision3 had a security hole. MediaDefender saw the security hole, and seeded it with fake files. Revision3 noticed these fake files and disconnected them. As a result, MediaDefender - either due to misconfigured servers or malice - DOSed Revision3.
Not sure if pirates were using the security hole. It would seem a bit pointless given that there are plenty of pretty open torrent sites.
Also not quite sure how MediaDefender can defend their initial actions. This seems to be pretty clearly hacking. Exploiting a security hole in another machine to gain access is generally enough regardless of whether there was any further malicious intent.
This comment is fully compliant with RFC 527.
You know, for a while I was kinda suspecting they'll play the "we're dumb, and it was an accident" card. You know, say that it was some poorly configured system that did the injecting, and it accidentally got stuck connecting in a loop instead of once a day. Present it as some bug they didn't even know about. Blame some techie. You know, anything _except_ say "yep, it was premeditated all along to break the law." Go for criminal negligence.
But that they have a big fat pipe dedicated to conducting DOS attacks? Jesus F. Christ, that's like saying that I have a car dedicated to running down pedestrians I don't like. If that's not a confession of premeditation, I don't know what is.
To put it in perspective, the western criminal system (as far as I understand it, and IANAL) tries, or theoretically should try, to establish the degree of intent (or "mens rea" = "guilty mind") in an act. So for example, if a shingle off my roof fell on the a passerby's head, although what happened is the same and the guy is just as dead, you can have very different punishments based on the nuance of being classified anywhere between "direct intention" (I actually intended to have shingles fall on him/someone) and "criminal negligence" (I had no flippin' clue that the roof is in that bad condition, though a reasonable person should have foreseen and inspected it regularly.) The worst you can do is not only go for "direct intention", but also basically say, "oh yeah, it wasn't a momentary act of rage, it was planned all along."
So these guys have basically been paying all along for a pipe _dedicated_ to breaking the law? They actually had a plan to break the law, and month after month paid the bill on the resources set aside for only that purpose? Geesh. I hope that a few executives land in state jail there.
A polar bear is a cartesian bear after a coordinate transform.
Because they have gotten away with it for near a decade, even though many have pointed out the illegality of it.
And they expect, once again, to get away with it.
And because, this will become even more fuel for them (and the **AA) towards pushing making P2P software entirely illegal, regardless of it's use. Does this last section make sense? No? So what? Do you really think it has to? Look at their other arguments for making P2P illegal - do they make sense? Didnt think so. ;-)
And of course, because it will help them push forward the pending legislation that would make their actions (whatever they are) legal - irrespective of current law.
So... I think it makes perfect sense - at least from their twisted viewpoint.
StarTrekPhase2 - The Five Year Mission Continues!
Sheesh.
Generally speaking, it is a despicable practice.
Not nearly so despicable as a government that ignores the rule of law for those who curry its favor and provides no legal means for those wronged to secure justice. We'll see what happens with MediaDefender, but I severely doubt anyone will be held to any meaningful degree of responsibility over this.
Please stand clear of the doors, por favor mantenganse alejado de las puertas
This comment is fully compliant with RFC 527.
"No, but it sure can add reason. Judges are human too (though sometimes it seems they aren't often enough and other times they are human too often), and if someone can give a good enough reason why they thought they needed to break the law, a judge could acquit them because of the reason."
Usually when that happens, it's because someone tried to save someone else's life or defend his own.
But since this is all about tort and not about saving life and limb, it's more likely for the judge to say to MD that "You don't do that in civilized society. That's what this courtroom is for."
--
BMO
Is it me, or does having a powerful semi-automated DoS attack machine shooting away seem like the height of recklessness?
I mean, we could have a contest. Find the most sensitive servers you can to get MediaDefender to false positive. Banks, hospitals, schools, seems like under the right circumstances any these may be open to attack. After all, if it can happen by chance, there's more than likely some avenue to coordinate exploitation.
This whole thing is sort of surreal. It's a frigging felony with collateral network damage, and they're more or less firing blindly into a crowd.
I can't remember the name of the doctrine, maybe something with 'lesser evil'? It's an affirmative defense where you admit to committing a lesser crime in order to stop or prevent a greater evil.
In practice, this situation didn't come up much and I think most states have dropped it. They leave it to the prosecution's discretion in dropping those charges.
BTW the canonical example is probably assaulting somebody in order to stop/prevent a rape. This might sound like a no-brainer, but what if the would-be rescuer misread the situation? This has happened and it's always messy.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
The access is only authorised by court mandate or government. Media Defender is neither. Even if they do it on a site that has illegal torrents, their actions are still illegal. Im not allowed to smack someone in the mouth for littering, despite littering being as illegal as minor assault.
And DoS is illegal even for government. Courts will never issue a warrant to enact Dos. Doesn't matter if the target is hosting government secrets or kiddie porn.
You an idiot? Recent case here on slashdot is a court censuring the RIAA cases because they get the name of the Does by issuing a criminal case vs Jon Doe then drop the criminal case when they have the name.
They then use the name in a civil case.
At best your statement is a half-truth. Which is still half-lie.
In other words, never attribute to malice that which is adequately explained by stupidity.
:)
The same can be said for much of what a government does. They're not out to get you...they're just morons
120 characters for a sig? That's bloody useless.
Media Defender Explains Itself: Uhm, yeah. The FBI turned down our applications because we didn't meet the psych profiles, the state police said we weren't in good enough shape, the local police said we were kinda goofy lookin, and the local private security companies said we were just plain losers. So we made our own company where we pretend to be law enforcement and the record companies pay us obscene amounts to make stuff up to help their bogus cases.