Slashdot Mirror

← Back to Stories (view on slashdot.org)

MediaDefender Explains Itself

Posted by kdawson on from the smurfs-for-hire dept.

I Don't Believe in Imaginary Property writes "Wired has an interview with MediaDefender in which they try to explain why they attacked Revision3, which uses BitTorrent to host its own content. Somehow it eluded MediaDefender that they had injected fake content into Revision3's tracker, so when Revision3 changed configuration to forbid this injection, MediaDefender's systems saw it as a pirate tracker with lots of illegal content (which MediaDefender had put there) and attacked. In other words, everything they did was intentional except for the choice of target. Given that they have 9 Gbps of bandwidth dedicated to denial-of-service attacks against torrent trackers, all anyone needs to do is to trick them into attacking a hospital or government facility. MediaDefender has never been very competent, after all."

22 of 395 comments (clear)

  1. Mediadefender is the Punisher by flerchin · · Score: 5, Insightful

    How is any of this legal? Injecting content, false or otherwise? DOS'ing a server? They're fighting fire with fire.

    --
    --why?
    1. Re:Mediadefender is the Punisher by Xiph · · Score: 5, Insightful

      I fully agree, they admit two doing two things that are not legal.

      Unauthorized access and Denial of Service attack.

      I'm not quite sure of the details though, were they using a bug to plant the torrents or was the tracker just negligently configured?
      The above matters for whether they were hacking(non-geek) or simply using it without authorization.

      anyway, "bad boy!" to MediaDefender, surprise surprise.
      But will the shit stick all the way to those truly responsible?

      --
      Blah blah sig blah blah blah irony blah blah
    2. Re:Mediadefender is the Punisher by RobertM1968 · · Score: 5, Insightful

      There are actually serious laws against this. If you or I did this, we'd spend quite some time in jail, and have to pay quite a large amount in fines. The criminal and civil penalties are not small. Not to mention the probability of losing (the "right" to) Internet access for some period of time (by court order). It's happened before (and been covered here).

      But... how much you want to bet that MediaDefender gets off with less than a slap on the wrist?

      With luck, at the very least, MediaDefender will lose the civil suit brought against them and pay that way.

      --
      StarTrekPhase2 - The Five Year Mission Continues!
    3. Re:Mediadefender is the Punisher by Opportunist · · Score: 4, Insightful

      I wouldn't wait. It wouldn't be the first FBI investigation that turned up the result that is most politically favorable, do it would be a good thing to ensure the politically favorable result is the right one.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    4. Re:Mediadefender is the Punisher by billcopc · · Score: 5, Insightful

      If I were to do this against any arbitrary server and got caught, I'd be sued to oblivion.

      What do we have here ? We have evidence, a confession, and implicit admission of guilt (their system is designed to blast servers). What are we waiting for ? Jesus ain't coming back, so we're going to have to purge these bastards ourselves.

      --
      -Billco, Fnarg.com
    5. Re:Mediadefender is the Punisher by LrdDimwit · · Score: 5, Insightful

      More to the point, whether or not it was before, it became unauthorized access when Revision3 locked down the server. Then it got DoS'ed? I'm sorry, but I don't buy this explanation. If you see a lot of unauthorized activity from a tracker, then you take it thru the proper channels -- contact the admins, send proper DMCA takedown notices, etc. As much as everyone here hates the DMCA, if this kind of situation isn't what takedown notices are for, then they really are *totally* useless (and not just mostly useless). You don't simply assume it's a bad-guy tracker.

      And then there's the part where they openly admit to using DoS attacks against trackers. That part is really brilliant. I'd like to see what law they're looking at where that's a "grey area".

    6. Re:Mediadefender is the Punisher by SpaceLifeForm · · Score: 5, Insightful

      Just A DOS, not a DDOS. We have no proof that MediaDefender is in control of one or more botnets.

      --
      You are being MICROattacked, from various angles, in a SOFT manner.
    7. Re:Mediadefender is the Punisher by schon · · Score: 5, Insightful

      the "I didn't know the gun was loaded" excuse has a very bad track record. The thing is, this isn't even "I didn't know the gun was loaded." This is more like "I loaded the gun and pulled the trigger, but I didn't realize who I was pointing it at."
  2. Now, really? by Perseid · · Score: 5, Insightful

    Shouldn't admitting to a DOS attack in and of itself get people arrested? Who cares what the site they are attacking contains? They are committing acts of digital vandalism. Jail, please.

    1. Re:Now, really? by DarkOx · · Score: 4, Insightful

      Even if the FBI is investigating its still untter bullshit in terms of double standard. With this much evidence, and the seriousness other DOS attacks have been treated their should be imediate consequences. If Joe Slashdoter had done this s/he would get to wait in jail for up to 180 days while the FBI investigated her/him. Where are the responsible parties at Mediadefender tonight?

      --
      Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
  3. Non-mainstream event by eggman9713 · · Score: 5, Insightful

    Even if this story makes it to the mainstream media, its not going to get much airtime. Especially since no Joe User knows what Revision3 is. There just wouldn't be enough outrage to make it a worthwile story anywhere except the geek community.

  4. Fry. by Renraku · · Score: 5, Insightful

    If you distribute baking soda (sell/give away/etc) and tell people that its crack, you can be arrested and held to the same liabilities as if you had actually sold crack..in fact..some states have laws to where you'd get charged for selling it, but not possession. Some will tack on an extra charge on top of possession/sale.

    So tell me why MediaDefender gets away with inserting fake data labeled as copyright-violating material into someone else's server and then going all vigilante on them. If you own the copyright you might be able to get away with it as its no longer in violation of copyrights since its yours, but since MediaDefender doesn't own them directly..

    That on top of the damages they have caused this company, in either time, money, or business damages.

    --
    Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
    1. Re:Fry. by cp.tar · · Score: 4, Insightful

      Assuming for a brief moment that copyright infringement is theft, just for the purpose of this analogy...
      If I broke into your house and put someone else's stuff in your room, then phoned the police that you have stolen property in your room... how nice would that be?

      I only have one question: how can we retaliate?

      --
      Ignore this signature. By order.
    2. Re:Fry. by AVonGauss · · Score: 5, Insightful

      How can we retaliate?

      Retaliate is not the word I would choose, but things you can do...

      1) Be nice and professional, but write your congressmen, senators and governors and tell them how you feel about the issue.

      2) Write the transit providers that provide peering agreements with MediaDefenders service provider. Their service provider and the transit providers that peer with their service provider are supporting their actions indirectly. If their service provider refuses to continue service with Media Defender then they will be forced to move. If other transit providers refuse to peer with their / or a service provider that supports their actions, their service provider will be forced to change their business position or go out of business.

      3) MediaDefender is primarily funded by copyright holders, the irony being that the copyrighted works have absolutely no value if there is no demand. If XYZ studio, producer or artist employs the services of MediaDefender, do not purchase their products. Simple.

  5. What I can't understand... by Newer+Guy · · Score: 5, Insightful
    What I can't understand is how MediaDefender has been getting away with illegal DoS attacks for years, when ANY of us would be put in prison for doing it. Who have they paid off to be able to break the law with impunity?

    Isn't DoSing also a Homeland Security issue? Shouldn't their ISP have cut them off when they started doing illegal things like automatically targeting innocent companies with illegal DoS Attacks?

    If someone did to MediaDefender what they do to EVERYONE ELSE, they'd be screaming bloody murder!

    Finally, what if they DID actually DoS a company that caused someone to be hurt or die. Would they be liable for pre-mediated murder?

  6. I CONFESS!! IM GUILTY! Can I get off the hook now? by Bananatree3 · · Score: 5, Insightful

    Dear Public, Media, and our friends Revision3: We are very, very sorry. Our servers did bad, bad things to Revision 3 and WE HAD NO CLUE!! Please, take mercy on us. Sure, our severs were snooping around their legitimate BitTorrent tracker seeding maliciously. BUT WE HAD NO CLUE! Sure, our servers recently assraped their severs into oblivion, BUT WE HAD NO CLUE!! This is all one big, misfortune event. Our Friends at revision3, we are really, really, REALLY sorry. Please, we plead ignorance. Our innocent servers honestly thought you were running an pirate operation. Please accept our appologies (Pretty please! with a cherry ontop :))) We PROMISE we will NEVER EVER NEVER do it again. Sincerely, MediaDefender

  7. Explain? by QuietLagoon · · Score: 4, Insightful
    Wired has an interview with MediaDefender in which they try to explain why they attacked Revision3...

    Try to explain? The bottom line is MediaDefender attacked another commercial entity.

    If someone throws a stink bomb through a brick & mortar storefront window, forcing the store to close, do you think the police would allow the offender to get off with saying, "oops"?

  8. Re:You forget, theyre the "darlings" of congress. by jlarocco · · Score: 4, Insightful

    Second, theyre working for the **AA organizations, the darlings of congress, for whom no human rights violations are too great a cost, for whom ACTA is being negotiated to subvert those pesky public interest groups and constitutional protections present in every industrialized nation on earth, and for whom judges suspend several constitutional protections for due process.

    I'm sorry what? When has the **AA ever violated human rights? Sure they're scumbags, but try to keep a little perspective. They're not exactly selling people into slavery.

    The solution to the problem of them being "in" with congress is to give congress, and the government in general, less power. Power is abused. Always. This seems to be a pretty good example of that.

    In other words, they are above the law, and the public allows them to do so because filesharing = terrorism, after all bush said so.

    Reference?

    --
    Maybe not
  9. Foot, meet mouth by Moraelin · · Score: 5, Insightful

    You know, for a while I was kinda suspecting they'll play the "we're dumb, and it was an accident" card. You know, say that it was some poorly configured system that did the injecting, and it accidentally got stuck connecting in a loop instead of once a day. Present it as some bug they didn't even know about. Blame some techie. You know, anything _except_ say "yep, it was premeditated all along to break the law." Go for criminal negligence.

    But that they have a big fat pipe dedicated to conducting DOS attacks? Jesus F. Christ, that's like saying that I have a car dedicated to running down pedestrians I don't like. If that's not a confession of premeditation, I don't know what is.

    To put it in perspective, the western criminal system (as far as I understand it, and IANAL) tries, or theoretically should try, to establish the degree of intent (or "mens rea" = "guilty mind") in an act. So for example, if a shingle off my roof fell on the a passerby's head, although what happened is the same and the guy is just as dead, you can have very different punishments based on the nuance of being classified anywhere between "direct intention" (I actually intended to have shingles fall on him/someone) and "criminal negligence" (I had no flippin' clue that the roof is in that bad condition, though a reasonable person should have foreseen and inspected it regularly.) The worst you can do is not only go for "direct intention", but also basically say, "oh yeah, it wasn't a momentary act of rage, it was planned all along."

    So these guys have basically been paying all along for a pipe _dedicated_ to breaking the law? They actually had a plan to break the law, and month after month paid the bill on the resources set aside for only that purpose? Geesh. I hope that a few executives land in state jail there.

    --
    A polar bear is a cartesian bear after a coordinate transform.
  10. Re:I CONFESS!! IM GUILTY! Can I get off the hook n by RobertM1968 · · Score: 5, Insightful

    "Our servers did it" definitely induced a head-scratch from me. Why on earth would they have their servers set up to automatically commit serious crimes just because a server was public and then restricted access? That doesn't make sense, even from their twisted viewpoint..

    Because they have gotten away with it for near a decade, even though many have pointed out the illegality of it.

    And they expect, once again, to get away with it.

    And because, this will become even more fuel for them (and the **AA) towards pushing making P2P software entirely illegal, regardless of it's use. Does this last section make sense? No? So what? Do you really think it has to? Look at their other arguments for making P2P illegal - do they make sense? Didnt think so. ;-)

    And of course, because it will help them push forward the pending legislation that would make their actions (whatever they are) legal - irrespective of current law.

    So... I think it makes perfect sense - at least from their twisted viewpoint.

    :-(

    --
    StarTrekPhase2 - The Five Year Mission Continues!
  11. Not only shamed, but pied as well by Bananatree3 · · Score: 5, Insightful
    the "one two punch" MediaDefender did was not only reckless but dumb. They stealing bandwidth and poisoning the Revision3 tracker. Revision3 probably wasn't exactly running a Honeypot operation on their BitTorrent tracker, trying to attract pirate scum. Comes along MediaDefender and their server, finds an exploit and utilizes that. That, in of itself, should be illegal (and probably is). When Revision3 finds their blindspot and patches it, MediaDefender turns around and pies them in the face for finding the hole. What a way to say "thanks".

    Sheesh.

  12. Re:You forget, theyre the "darlings" of congress. by 91degrees · · Score: 4, Insightful

    They're not exactly selling people into slavery.

    Not exactly, but threatening a lawsuit that will result in someone owing money to them for the rest of their life is a little too close to indentured servitude for my liking.