Slashdot Mirror
MediaDefender Explains Itself
I Don't Believe in Imaginary Property writes "Wired has an interview with MediaDefender in which they try to explain why they attacked Revision3, which uses BitTorrent to host its own content. Somehow it eluded MediaDefender that they had injected fake content into Revision3's tracker, so when Revision3 changed configuration to forbid this injection, MediaDefender's systems saw it as a pirate tracker with lots of illegal content (which MediaDefender had put there) and attacked. In other words, everything they did was intentional except for the choice of target. Given that they have 9 Gbps of bandwidth dedicated to denial-of-service attacks against torrent trackers, all anyone needs to do is to trick them into attacking a hospital or government facility. MediaDefender has never been very competent, after all."
How is any of this legal? Injecting content, false or otherwise? DOS'ing a server? They're fighting fire with fire.
--why?
Shouldn't admitting to a DOS attack in and of itself get people arrested? Who cares what the site they are attacking contains? They are committing acts of digital vandalism. Jail, please.
Even if this story makes it to the mainstream media, its not going to get much airtime. Especially since no Joe User knows what Revision3 is. There just wouldn't be enough outrage to make it a worthwile story anywhere except the geek community.
They've bought senators, how can it be illegal when they've got paid for law makers fighting on their side(!)
todo - The developer's equivalent of confession: "Forgive me Father, for I have sinned..."
If you distribute baking soda (sell/give away/etc) and tell people that its crack, you can be arrested and held to the same liabilities as if you had actually sold crack..in fact..some states have laws to where you'd get charged for selling it, but not possession. Some will tack on an extra charge on top of possession/sale.
So tell me why MediaDefender gets away with inserting fake data labeled as copyright-violating material into someone else's server and then going all vigilante on them. If you own the copyright you might be able to get away with it as its no longer in violation of copyrights since its yours, but since MediaDefender doesn't own them directly..
That on top of the damages they have caused this company, in either time, money, or business damages.
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
...that Air Traffic Control using BitTorrent to distribute approaches is quite possibly the worst analogy I've heard come out of this whole mess.
From reading the article, it sounds like Revision3 hosts their own content and distributes it through Bittorrent, and they allowed other torrents to use their tracker, which included illicit torrents, and then they stopped letting other torrents use their tracker so MediaDefender DoS'd them? I'm very confused. ;-;
Creationist Textbook Stickers Declared Unconstitutional by CowboyNeal
Media Defender ought to pay Revision 3 an undisclosed sum of money for the financial damage it caused the company.
But they're not going to do that.
Seriously, every single employee @ Media Defender needs to be anally raped with razor wire.
it all begins with going to http://www.mediadefender.com/
I'd think bittorrent would be a great way to distribute manuals on which forms you need to fill out for which situation.
'Sensible' is a curse word.
Seems like this is as least as destructive as 1 billion people "illegally" downloading digital media .
"Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
Both government facilities and hospitals both rely on BT for a number of things. The government's idea of a database file is many gigabytes in size. Moving those around is MUCH cheaper and easyer with BT. Hospitals that are affiliated with universities usually do some sort of medical research on-site and also send/receive data to the campus. BT is used a lot with sending around things like DNA maps and decoded genomes; that sort of thing.
BitTorrent is a legitimate method of distributing data, no matter what kind of data. It just happens to be a great way to send your entire mp3 collection to 12 friends in very little time and that's why people associate it with piracy and the like.
If you read the article, you'll see that the FBI is investigating. This generally has to be done before they get prosecuted, so they know what exactly to prosecute them for.
If they law does not apply to MediaDefender then surely it can't apply to anyone else either!
If MediaDefender is allowed to
1. use Revision3's tracker in an unauthorized mannor
2. DOS them
Then I say we are free to ignore any laws we don't like with regaurd to MediaDefender. Dose anyone know where their offices are? Since they seem so fond of vandalism I say some local Slashdot'ers drop by and do a little painting.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
Isn't DoSing also a Homeland Security issue? Shouldn't their ISP have cut them off when they started doing illegal things like automatically targeting innocent companies with illegal DoS Attacks?
If someone did to MediaDefender what they do to EVERYONE ELSE, they'd be screaming bloody murder!
Finally, what if they DID actually DoS a company that caused someone to be hurt or die. Would they be liable for pre-mediated murder?
I can't prove it but I heard that The Planet was hosting an open tracker. We all heard what happened to them... http://tech.slashdot.org/article.pl?sid=08/06/01/1715247
Although the FBI *is* investigating, be on the lookout for a hastily-written and passed-by-voice-vote bill by Congress OK'ing this behavior by MD.
Cheers!
Strat
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
Dear Public, Media, and our friends Revision3: We are very, very sorry. Our servers did bad, bad things to Revision 3 and WE HAD NO CLUE!! Please, take mercy on us. Sure, our severs were snooping around their legitimate BitTorrent tracker seeding maliciously. BUT WE HAD NO CLUE! Sure, our servers recently assraped their severs into oblivion, BUT WE HAD NO CLUE!! This is all one big, misfortune event. Our Friends at revision3, we are really, really, REALLY sorry. Please, we plead ignorance. Our innocent servers honestly thought you were running an pirate operation. Please accept our appologies (Pretty please! with a cherry ontop :))) We PROMISE we will NEVER EVER NEVER do it again.
Sincerely,
MediaDefender
Try to explain? The bottom line is MediaDefender attacked another commercial entity.
If someone throws a stink bomb through a brick & mortar storefront window, forcing the store to close, do you think the police would allow the offender to get off with saying, "oops"?
First off, theyre a coroporation in the midst of one of the most corrupt adminstrations in the history of the united states.
Second, theyre working for the **AA organizations, the darlings of congress, for whom no human rights violations are too great a cost, for whom ACTA is being negotiated to subvert those pesky public interest groups and constitutional protections present in every industrialized nation on earth, and for whom judges suspend several constitutional protections for due process.
In other words, they are above the law, and the public allows them to do so because filesharing = terrorism, after all bush said so.
VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
How can they legally cause a DoS ?
---- Booth was a patriot ----
Someone, someday, will find a legitimate use for a torrent tracker in an hospital. But simply imagine an illegal tracker run by a rogue employee. MediaDefender uses it for its tactics. The sysadmin notices the tracker, and shuts it down. MediaDefender's Stalin organ goes amok and shuts down the entire hospital network.
Because of a BT tracker. Yeah, right.
In Revision3's case, there might have been illegal file sharing occuring - thats only a civil case if memory serves - and certainly MediaDefender's attack was criminal. In the hospital's case, MediaDefender would risk becoming downright murderers.
Ahhhhhh I get it now. The recent power outages wasn't due to the Chinese Cyber Militia. Someone at the plant must've been downloading the new Snoop Dogg album! Hence no power. That should teach those damned pirates....
...for tracker operators. "Umm...Not my files...They must have been put there by MediaDefender"
:)
I wonder if that now becomes a viable defense. If MD can get in to leave files, so could anyone else
Computer systems should be treated as pets, if they attack someone they should be put to sleep.
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
Wouldn't that be considered some sort of 'frame up'?
I mean if i'm hosing legal content, and they come along and inject fake/illegal content then sue me how the hell is that stand up in court?
---- Booth was a patriot ----
Because DDoS'ing is illegal, and there's no point suing them for that if they'll just be able to bite you back for doing the same thing.
Also, we made this cake. For you. Please, don't ask about the teeth marks.
"Our servers did it" definitely induced a head-scratch from me. Why on earth would they have their servers set up to automatically commit serious crimes just because a server was public and then restricted access? That doesn't make sense, even from their twisted viewpoint..
After browsing their site, I found this open dir: http://www.mediadefender.com/marketing/ . How is spreading an mp3 of Kanye West or Timbaland legal? Should they now DoS their own webserver?
Denial of service attacks are illegal in the US under 12 different statutes, including the Economic Espionage Act and the Computer Fraud and Abuse Act. So is MD above the law?
If anyone wants the old torrent of Media Defender emails, they are still up on PirateBay.
http://thepiratebay.org/tor/3806944/MediaDefender.Mail.200612.200709-MDD
Anyone got a list of the Media Defender IP block? It'd be nice to add to the firewall.
--
BMO
I doubt the FBI is investigating with any true intent of prosecuting. This isnt the first time MediaDefender has been found violating some federal or state law - with no repercussions.
And exactly how much more "investigating" does the FBI need to do when MediaDefender has already admitted their guilt? To file charges... none. To prosecute... maybe more.
They have publicly, irrefutably, admitted their guilt. Go beat someone up, let that person complain about it/you, then go brag about having done it (admitting to doing it) and give a lame reason that (a) doesnt make sense and (b) admits to you having violated other laws - and see how long you are "investigated" before the cops lock you up.
Revision3 (and their ISPs) have all the evidence needed... and MediaDefender has been nice enough to admit to all counts - and some additional ones - which in effect is admission to violating about a dozen federal and state laws.
My prediction: Revision3 will be lucky enough to get civil penalties out of them. The chance of something criminal even getting to court, much less being charged is nil. Too many precedents would be set... if they are charged, then numerous other companies and individuals (including ISPs who host the companies and individuals and thus also suffer damage to their network) could and would sue them for such behavior. If it goes to court, then either MediaDefender wins, setting a dangerous precedent saying "it's ok for them to break numerous laws" or MediaDefender loses (yeah, right) which would destroy their (and the **AA's) business model - which is something the current administration will not allow.
My opinions on the matter, yes... but history supports them (sadly).
StarTrekPhase2 - The Five Year Mission Continues!
You know, for a while I was kinda suspecting they'll play the "we're dumb, and it was an accident" card. You know, say that it was some poorly configured system that did the injecting, and it accidentally got stuck connecting in a loop instead of once a day. Present it as some bug they didn't even know about. Blame some techie. You know, anything _except_ say "yep, it was premeditated all along to break the law." Go for criminal negligence.
But that they have a big fat pipe dedicated to conducting DOS attacks? Jesus F. Christ, that's like saying that I have a car dedicated to running down pedestrians I don't like. If that's not a confession of premeditation, I don't know what is.
To put it in perspective, the western criminal system (as far as I understand it, and IANAL) tries, or theoretically should try, to establish the degree of intent (or "mens rea" = "guilty mind") in an act. So for example, if a shingle off my roof fell on the a passerby's head, although what happened is the same and the guy is just as dead, you can have very different punishments based on the nuance of being classified anywhere between "direct intention" (I actually intended to have shingles fall on him/someone) and "criminal negligence" (I had no flippin' clue that the roof is in that bad condition, though a reasonable person should have foreseen and inspected it regularly.) The worst you can do is not only go for "direct intention", but also basically say, "oh yeah, it wasn't a momentary act of rage, it was planned all along."
So these guys have basically been paying all along for a pipe _dedicated_ to breaking the law? They actually had a plan to break the law, and month after month paid the bill on the resources set aside for only that purpose? Geesh. I hope that a few executives land in state jail there.
A polar bear is a cartesian bear after a coordinate transform.
Can someone tag this with "MafiaDefender" please?
If you open yourself to the foo, You and foo become one.
I don't see any cake...
Because they have gotten away with it for near a decade, even though many have pointed out the illegality of it.
And they expect, once again, to get away with it.
And because, this will become even more fuel for them (and the **AA) towards pushing making P2P software entirely illegal, regardless of it's use. Does this last section make sense? No? So what? Do you really think it has to? Look at their other arguments for making P2P illegal - do they make sense? Didnt think so. ;-)
And of course, because it will help them push forward the pending legislation that would make their actions (whatever they are) legal - irrespective of current law.
So... I think it makes perfect sense - at least from their twisted viewpoint.
StarTrekPhase2 - The Five Year Mission Continues!
It depends on someone or some company, like me for example saying:
...Er wait, forget I said that!
"You're welcome to DoS attack my connection all you want"
Sheesh.
So if what MediaDefender is doing is legal, then because Apple is "not allowing me my fair use rights" when you download songs from iTunes that gives me a right to A) hack iTunes and put bogus songs on there that will spread a virus and kill iPods B) perform a massive DoS attack on Apple and C) tell iTunes to take down the "copyrighted" content that you have added in the first place and ask for a log of users to sue. Would that work if I did it? No, but it seems like the law doesn't apply to a corrupt congress and *AA.
Taxation is legalized theft, no more, no less.
I thought filesharing=communism.
There's even a poster.
Scientists now say the future will be far more futuristic than originally believed
Null routing MediaDefender? So much for Net Neutrality.
thegodmovie.com - watch it
Seems to me MD should be charged with Mischief Trespassing (If I open the door to my garage and you fill up my garbage cans with you garbage, its still tresspassing) Conspiracy to commit fraud for trying to frame R3? And any other cyber crime related to hacking,.hijacking computers, illegal distribution of copy righted content. I hope R3 doesn't just give up after a while. Its one thing to try to fight people who distribute your copy righted content but not if you use illegal methods and brake laws doing it.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
Is it me, or does having a powerful semi-automated DoS attack machine shooting away seem like the height of recklessness?
I mean, we could have a contest. Find the most sensitive servers you can to get MediaDefender to false positive. Banks, hospitals, schools, seems like under the right circumstances any these may be open to attack. After all, if it can happen by chance, there's more than likely some avenue to coordinate exploitation.
This whole thing is sort of surreal. It's a frigging felony with collateral network damage, and they're more or less firing blindly into a crowd.
Traffic Shaping has been discussed to solve internet congestion problems all over the world.
Here's an easy solution: Kill...um...shape MediaDefender's upload bandwidth and split it to everyone else.
How to retaliate:
1. Develop software that LOOKS like an "illegal" tracker to MediaDefender.
2. Distribute that software to thousands of people.
3. MediaDefender consumes all their bandwidth trying to attack everyone.
I call it a Distributed Denial Of Service Defense (DDOSD).
There's no -1 for "I don't get it."
Given MediaDefender's own website brags about their cyber-terrorism, I think we'd all be failing in our duty of care to the global internet if we didn't take an axe to all their links. Physical address of their links, please?
Your comment is hilarious... Do you think that the Bush administration somehow controls the FBI and tells them that they can't prosecute a company for this? Do you honestly think the president of the united states is that powerful, that he has the power of a dictator? Even if he does have that power, would he use it so openly for this?
The FBI likely will investigate this matter, and the only way I could see media sentry getting out of criminal charges is by paying off Rev 3 enough that they drop all criminal charges against media sentry. Companies have been convicted of crimes before, and will be again. Sure the *AA has favor from congress, and the executive, but that doesn't exactly stretch over to the courts. At this point, I bet the *AA's first reaction will be (if they have any intelligence whatsoever) "i didn't know mediasentry did this", and back out of deals. The last thing they want is to be hit up with more lawsuits for hiring a criminal company.
The likely situation from all this is that media sentry is going to get hit, and hard. While you can make comments that you or I would already be arrested for this, it's only been a week, and a company the size of media sentry isn't exactly a flight risk. The hardest part of the case will be determining where exactly the guilt lies.
Phil
Does that mean we can start DDoSing MediaDefender's servers?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
If the Chinese government or the PLA did this kind of thing if would be denounced as industrial espionage or even terrorism.
That's actually the goddamn law as written. So I think everyone is going about this wrong. The way to go after the **AA is to prosecute them under Federal Terrorism Laws.
I am dead serious about this. How do you KNOW it isn't terrorism? Because they say so? I am unconvinced since intellectual property is a huge export industry for the US and some 'private' party inserting themselves into it in the name of 'protection' that often backfires?
entirely agreed. Media defender is violating federal computer security laws. The DOJ should sue them into submission.
They're using their grammar skills there.
Interesting. Your post made me think how there's a lot of documented "looking the other way" in cases of vigilantism. The courts seem to tolerate a little "excess" when someone's a sworn defender of another's "rights." From citizens lynching suspected rapists to Guantanamo, our legal system-- both the prosecutors and the courts-- seems to look the other way. And if the vigilantes also wear ties and cuff links, heck, they're even allowed to join the country club. MediaDefender are vigilanes, pure and simple. I don't believe much will come of this-- maybe some new paragraph in a regulation somewhere.
Everything I've ever learned the hard way was based on a statistically invalid sample.
I said history under the current administration supports my opinion.
Specifically, for this part "which is something the current administration will not allow." I refer to the various laws that this administration is considering and trying to push that help no one but the **AA and Media Sentry.
Hope that explains what I mean by what "the current administration" will allow (through inaction, or through passing laws that grant immunity or make such actions on the **AA/MediaSentry's part legal).
Or perhaps, even though it has been discussed ad-infinitum here and elsewhere, please refer me to one criminal proceeding that was seriously brought against the **AA or Media Defender by the government? There have been enough reasons for them. Yet I dont recall any such actions ever taking place. Perhaps I am forgetting a few, in which case I would appreciate enlightenment from you.
The only thing close is a class action lawsuit which was started by a citizen.
As a side note, when since does a company paying off another for their wrongdoing have anything to do with criminal charges? This situation should be a two-fold set of proceedings... the criminal one - and the civil one.
I am not sure what world you live in where you think that you can "pay off" criminal charges and investigations by paying off the ones you have hurt. Hopefully it isnt this one. But you may be right - which just supports my statement even more. Such should not be the case. If a law is broken by an entity, reparation and fines should be determined by a (civil and criminal) court case - not be used to prevent one.
As for the hardest part of this case being where guilt lies... I am not sure in what fashion you mean. A corporate entity is liable for their actions - how they pass that down to the individuals in their company is something unrelated. And of course, higher-ups in their company have already admitted their corporate guilt in a cavalier attitude indicating it is practice - not accident - that caused this - with their only defense being "gee, we just didnt mean for it to be Revision3"
Rob
StarTrekPhase2 - The Five Year Mission Continues!
The attack was launched with source addresses in AS 11393. Not that source addresses mean anything in a synflood. FiberConnexion is a suspected front for MD (and if they aren't they need to drop these shlubs realquicklike).
http://www.cidr-report.org/cgi-bin/as-report?as=AS11393
/. -- the Free Republic of technology.
++ Say to Elrond "Hello.".
Elrond says "No.". Elrond gives you some lunch.
It bloody figures that SkyNet spawned from the evil **AA entities :P
I suggest to rename it.
Currently working for large governemt department. We are assessing bittorrent as a method of distributing large read only databases to multiple servers as a way to reduce load on individual servers and speed up average deployment times. Having said that, the likelyhood of MediaDefender seeing our tracker would be very low as this would be on an intranet with very low exposure to the rest of the net.
This does highlight one important point for us. How do we protect our trackers form hosting any old thing?
A sig is placed here
To display how futile
English Haiku is
guns, knives, or whatever you can get your hands on?
First, there are criminal acts (that are not civil charges) that requires someone to press charges for them to go through. I don't know the circumstances with these particular computer crimes, but they might require that the victim party presses charges for anyone to be punished. I don't see why someone couldn't make a civil agreement whereby one party agrees not to press criminal charges against another. I think this happens in lawsuits often enough where a party was harmed by another, and they agree to drop civil and criminal charges in response to payment. It's pretty clear cut when a criminal action is perpetrated directly against one or entity. Again, i'm not a lawyer or anything, but I'm pretty sure this sort of stuff is legal.
When I mean where the guilt lies, I mean where in the corporation, and how the charges should be filed. Just because we know a company did XYZ, we don't know where the orders came from, and who did what, and why.
Phil
Great bandwidth. Everyone knows Wookiees use BitTorrent.
You are being MICROattacked, from various angles, in a SOFT manner.
Why do I have the hunch that they're not looking for clues why they're guilty but rather for some excuse why they're not?
What do you need to investigate for? They already pleaded guilty to willful disruption of online operations (aka DDoSing), and "apologize" for hitting the "wrong" target. It's a bit like a hitman saying he's sorry he didn't kill the serial rapist he was ordered to kill by a relative of a victim but instead he hit some innocent bystander. Is he less guilty because of that? Killing anyone is illegal unless you are part of the government's mandated powers that may do so. And even those have to apply due process and usually have pretty strict guidelines before they may pull that trigger.
The US government should be aware that this is about the worst that can happen to a government: Someone challenging their monopoly of power. I don't know any government that takes things like this lightly.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Or you know...HTTP/FTP, which would be better suited for small files.
I just read Slashdot for the articles.
That's great, but these BitTorrent servers should not be open to the public if their correct operation is "mission critical".
Basic security protocol: the internet is an untrusted network and full of potential adversaries, enemies, attackers, etc.
There are far more potential attackers than MediaDefender.
Exposing any type of critical infrastructure to the internet let-alone relying on the internet's proper operation is a highly negligent and irresponsible security design.
In the future bittorrent-like protocols might be utilized to distribute materials to the general public, but that is yet to be seen.
Have you seen those manuals?
'Sensible' is a curse word.
sales@mediadefender.com
info@mediadefender.com
jobs@mediadefender.com
president: try herrera@mediadefender.com, oh@mediadefender.com,
ceo: try randy@mediadefender.com (personal), saaf@mediadefender.com or rsaaf@mediadefender.com
controller: try: rr@mediadefender.com, rousselet@mediadefender.com
parent company: artistdirect (stock ticker: ARTD)
Investor relations: ir@artistdirect.com
Chairman: diamond@artistdirect.com
CEO: try villard@artistdirect.com, dv@artistdirect.com
Auditors: Gumbiner, Savett, Finkel, Fingleson & Rose, Inc
rgreene@gscpa.com (Ronald Greene) http://marketcenter.findlaw.com/scripts/display_profile.pl?id=173844
Have fun.
We have established MULTIPLE times that the actions of Media Defender were illegal. That was was established, and discussed fully about 30 posts in (with me browsing at +5).
I know the kneejerk reaction is to mod up anyone dissing media offender, but PLEASE mods, don't be afraid of the "redundant" tag. I for one am having trouble gleaning any new information from the pile of +5 "HURR DOS HURRR THATS BAD" posts.
MediaDefender's ISP. That's who should be gone after. 9gbps of bandwidth for BREAKING THE LAW can't be easy to get or cheap.
Cut off MediaDefender's pipe to the internet and let them die that way.
The opinions in this post are ficticious. Any similarity to actual opinions, real or imagined, is purely coincidental.
Ah, I understand now... as for the criminal acts part... IIRC, there are new "Terror" Laws which apply to such things, which do not require someone to press charges - just as no one needs to press charges for murder. The "someone" is the state or federal government - which a similar situation is being implied here since the FBI is investigating it to determine if they should "press charges". At least, that's my take on it.
As for where the guilt lies, it is not necessary to determine that to press civil or criminal charges against a company. Otherwise, there isnt a corporate lawsuit that would get anywhere.
StarTrekPhase2 - The Five Year Mission Continues!
Do you think that the Bush administration somehow controls the FBI and tells them that they can't prosecute a company for this?
Well, yes, I do. Both directly, in that the FBI reports to the Department of Justice, which is part of the executive branch, which reports to the president, and indirectly, in that the FBI's resources are currently targeted to the Meaningless War On Terror, which has dramatically reduced resources available for investigating actual Real Crimes Against Americans (tm).
I'd love to think that Media Sentry is going to get spanked and that the FBI is going to be the paddle, but I think it's unlikely.
I was taught to respect my elders. The trouble is, it's getting harder and harder to find some.
MediaDefender's computer trespass and DoS attacks were directed at the "BAD" BitTorrent providers. Had they hit their intended target, they would obviously have committed computer trespass and DoS offenses. Just because they hit the wrong target won't excuse them. It's called transferred intent. In other words, if I mean to shoot and murder you and in the course of meaning to shoot you I shoot your brother instead, then my intent to shoot you will be transferred to my shooting of your brother. This is pretty basic (although criminals often don't get it).
So, has anybody figured out how to do a DDoS on MediaDefender by somehow enticing them to try and DoS a bittorrent provider, but then somehow get them to try and automagically shutdown several at the same time, and keep MediaDefender doing this on a more or less constant basis by rotating honeypot servers for MediaDefender to "attack"?
At the very least, if MediaDefender was having to pay for a saturated 9Gbps data feed 24/7...
Use their weight, momentum, bad breath and body odor against them.
I understand Revision3's argument, and I believe MediaDefender should be severely penalized for their activity.
However, I really wish Revision3 would stop making dumb arguments like "What if this was an airport distributing approaches via Bittorrent?" I mean, come on. That's the most ridiculous argument in the world. I do some work for a major Boston airport that rhymes with "Hogan." Their security and operations network is not connected to the Internet. They use an extremely secure, port-based 802.x certificate-based system that not only requires the right MAC and certificates to connect to your designated port, it also firewalls each port to just the bare necessities. Many Airports across the country are, or will soon, take the same approach. Never will there be an Internet connected, torrent based system for any sort of critical data.
It makes their argument sound alarmist, and is bound to turn some people away.
- It's not the Macs I hate. It's Digg users. -
Because Ewoks look a bit like midget Wookies, and Chewie's fed up with Han never putting out since he got interested that Leia chick...
'Don't worry' said the trees when they saw the axe coming, 'The handle is one of us.'
If you abandon all attempts at logic and what we the
1. Bittorrent is only used for distributing illegal content. (Whoopsie, that's not always true)
2. Anyone who's running a bittorrent tracker is therefore distributing illegal content. (Only true if 1. above is. And if the entire world has identical copyright laws.)
3. We can determine who's using this tracker by persuading it to track the details of specific files and then subpoena the IP address of anyone who connects to us to download them. (Whoopsie! We can identify an IP address but it turns out that turning that into a guaranteed-correct person's name is actually quite difficult)
4. If they attempt to defend themselves (eg. by blocking the fake files injected in step 3 above), then they're as good as admitting guilt and also they're making it impossible for us to subpoena anything. Therefore, the correct course of action is to take their system off the Internet. (Whoopsie! Except that almost any country with even vaguely up to date laws would consider this highly illegal - and if our target is a legitimate tracker, it may get investigated).
Makes some sense if you're selling a service which claims to stop p2p.
The access is only authorised by court mandate or government. Media Defender is neither. Even if they do it on a site that has illegal torrents, their actions are still illegal. Im not allowed to smack someone in the mouth for littering, despite littering being as illegal as minor assault.
And DoS is illegal even for government. Courts will never issue a warrant to enact Dos. Doesn't matter if the target is hosting government secrets or kiddie porn.
You an idiot? Recent case here on slashdot is a court censuring the RIAA cases because they get the name of the Does by issuing a criminal case vs Jon Doe then drop the criminal case when they have the name.
They then use the name in a civil case.
At best your statement is a half-truth. Which is still half-lie.
Well, I'm all for wielding the RICO stick against those who paid them. After all, that's exactly what RICO and similar laws in other countries are for.
But "terrorism" sounds a bit extreme IMHO, and, well, two wrongs don't make a right. It's wrong and should be punished, yes, but setting one more precedent of abusing a law to punish someone you don't like... well, it's not something that I'd be looking forward to. The rule of the law means, among other things, that you can know exactly what you're allowed to do and what you aren't, and that the law is applied uniformly and equally, regardless of whether you're the King's best buddy or that creepy guy that all the neighbours dislike. Humanity fought hard to move from an arbitrary system to rule of the law, and it involved some pretty bloody revolts along the way too, so let's not actually ask that a step is made right back towards arbitrary power.
A polar bear is a cartesian bear after a coordinate transform.
-[d]-
Rtfa, the only content that prompted the attacks was fake illegal content that MD themselves placed on R3 servers. There never was ANY illegal content involved in this situation. They only attacked when R3 cut off MD's access.
By all means tho, don't let the facts get in the way of your ideas.
Overclockers
Seriously, where is the FBI and DOJ. Why has nobody been charged for these outright criminal acts? Where are the press releases by our government about how they are going to prosecute this?
First, anybody know of any patently identical incidents where this happened? If so, it debunks the folloing point.
I'm not taking their side, but the way I read this, the explination "our servers did it" indicates that they had things configured in such a way that they never made the connection between the two incidents. They tapped Rev. 3 to seed false torrents. Separately, they set up DoS attacks on servers hosting lots of torrents, but never made the connection as to what happens when their seeding loophole gets closed up.
Everyone on here acts like these guys are sitting in leather executive tall-back chairs with twisting their handlebar mustaches and wringing their hands menacingly while conjuring up new ways to unleash chaos on all things internet. I completely disagree with what they're doing, but a glaring lack of foresight resulting from stupidity is not the same thing as digital terrorism. I hope that Rev. 3 busts their balls and they end up in a solid set of legal crosshairs, but I find it a stretch to think that these kind of mistakes are premeditated. I understand "our servers did it" very well.
The FBI likely will investigate this matter, and the only way I could see media sentry getting out of criminal charges is by paying off Rev 3 enough that they drop all criminal charges against media sentry.
If there is a criminal prosecution, Revision3 doesn't have any say over whether it goes forward or not. That's up to the Federal or state prosecutors involved. Revision3 could reach a settlement with MediaDefender in lieu of a pursuing a civil case against the latter, but even if they reached such an agreement, a Federal or state prosecutor could still pursue a criminal case against MediaDefender.
Because Ewoks are tasty?
Of course if you truly want your servers to be safe, and who wouldn't, we are introducing a revolutionary new service. As long as you make regular payments, we will be able to verify your site as copyright violation-free, and you will be protected from further DOS attacks.
In other words, never attribute to malice that which is adequately explained by stupidity.
:)
The same can be said for much of what a government does. They're not out to get you...they're just morons
120 characters for a sig? That's bloody useless.
And it explains why it wants to wipe out the human race. You would too, if the **AA were your main sample...
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
How do I reeech these keeeeds?!?!
This is PURE EAU DE TROLLETTE
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Media Defender Explains Itself: Uhm, yeah. The FBI turned down our applications because we didn't meet the psych profiles, the state police said we weren't in good enough shape, the local police said we were kinda goofy lookin, and the local private security companies said we were just plain losers. So we made our own company where we pretend to be law enforcement and the record companies pay us obscene amounts to make stuff up to help their bogus cases.
You obviously have no idea how twisted their viewpoint actually is.
Here's a hint: someone legally pays you legal money to protect their legal rights against bad guys. Everyone violating those rights is a bad guy. No one has a responsibility to be nice to bad guys. So you take your fat check, do what they ask, and assume everything's fine.
And they expect, once again, to get away with it.
And they will, because no corporation suffers from the law unless a rich powerful man is inconvienienced by the corporation's illegal acts.
And because, this will become even more fuel for them (and the **AA) towards pushing making P2P software entirely illegal, regardless of it's use
They want P2P illegal because of its legal use, which is to allow the sharing of material the copyright holder (independant musicians) wants shared. Why should they care about stuff you can hear on the radio being shared? They want to kill their competetion, the indies, who are increasingly showing the world that the media moguls are no longer needed by anyone.
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
But, of course, should some single mother plead that she had no clue, then it's "no excuses, pay up!!!".
It is just about time for the entire internet, or at least loving server operators everywhere, to add TARPIT or at least DROP rules to their firewalls for every address range that can be traced to Media Defender.
Remember, in shunning an internet wrongdoer, the TARPIT is the better option. You can configure your server to feel almost no impact, and their server gets actual resources pinned down and "used up" for nontrivial periods of time.
I would think that any ISP who doesn't want to cary the _burden_ of forwarding 9Gbps of DOS for this company would want to do the same.
Does anybody know the IP addresses that Media Defender uses to do these DOS attacks?
And if you are shunning, you should include the corporate addresses and false torrent seeder addresses as well.
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
As a completely non-aggressive response, our servers should engage in an "internet shunning" of MediaDefender.
Every Linux admin on the planet should put TARPIT (or at least DROP) rules in their firewalls for any address range that comes from MediaDefender.
I'm surprised that most carriers (Sprint Net, AT&T, Comcast etc) don't do this just to protect themselves from those 9Gbps DOS attacks that come down that link.
TARPIT rules are the ultimate "you are not welcome here". They don't have to come to my site, and if they do my site will put them on hold.
It wouldn't stop a SYN flood, but it would stop them from being able to poison your trackers in the first place.
DROPS are second best, of course, but better to put someone on indefinite-hold than hang up on them, especially when both have the same cost for you.
Does anybody have the MediaDefender IP address range available to post?
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
Thanks for filling in the details/reasons... I would surmise those reasons do indeed play some part in it...
:-)
They want to kill their competetion, the indies, who are increasingly showing the world that the media moguls are no longer needed by anyone.That statement is mostly accurate. It should read "They want to either kill their competition or be able to make money off their competition in a manner where they control all online distribution rights and profit off the same (ie: SoundXchange and their various other attempts to control all online music distribution)".
Sadly, BitTorrent prevents either scheme... and thus must be done away with.
Other than that, well said!!!
StarTrekPhase2 - The Five Year Mission Continues!
Distributing high-resolution imagery to multiple research institutions as part of clinical trials perhaps?
It would be protected and encrypted traffic of course (one would hope).
- Michael T. Babcock (Yes, I blog)
First, anybody know of any patently identical incidents where this happened?
Irrelevant. You don't have to be a serial killer to get arrested for murder.
a glaring lack of foresight resulting from stupidity is not the same thing as digital terrorism.
How many settlements has the RIAA collected from people whose worst crime was being stupid?
If the end result meets the definition, then it is the same thing. Proving motive is optional. If stupidity were a valid defense, the prisons would be empty.
The RIAA has taken the position that MediaDefender's methods are flawless. Out of all the thousands of cases, we only hear about the handful in which the accused suggests that an error may have been made, which results in a legal juggernaut being brought down upon them that the RIAA will fight "until the end of time."
MediaDefender's software assumes that a) any site with a bittorrent file belongs to pirates and b) they are never, ever wrong. Programming a calculated, automatic response that goes beyond what the law allows seems to more than accurately fit the definition of premeditated.
I understand "our servers did it" very well.
It means "our servers did exactly what we programmed them to do."
... and if we don't we can buy some more!
"Separately, they set up DoS attacks ..."
the 'set up DoS attacks' part is where THEY ARE BREAKING THE LAW!.
But what difference does it make? They intentionally broke the law both by planting the false torrents and by the DoS attacks. It is completely irrelevant whether they knew the two things were connected. Just because they're stupid doesn't mean they're not also malicious.
...if they go down they can take a lot of others with them. If anyone were actually being prosecuted in the US (or anywhere for that matter) for malicious network behaviour, then sure, crucify MediaDefender. But they are certainly not the only people who "defend" their networks and Imaginary Property in this perverse manner.
"Please describe the scientific nature of the 'whammy'" - Agent Scully
These guys are the modern equivalent of the Pinkertons in the 19th century.
They're getting an easy ride from law enforcement because they were in discussion with at least one Attorney General where they basically offered to do what would quite likely be entrapment if the FBI did it (OK, that's debatable) but even aside from that, they have expertise that many law-enforcement agencies lack.
The plural form of "anecdote" is "anecdotes", not "evidence".
And was it violated by the culprit at hand?
Or, we could alter some important piece of information in their programing evolution add a set of wheels, build a backup system and restore the later backups and watch the ultimate autonomous robot wars take place.
Maybe we could plant a couple of Nukes in there hiding around the power source so if they decide to collaborate together, poof.