Slashdot Mirror
MediaDefender Explains Itself
I Don't Believe in Imaginary Property writes "Wired has an interview with MediaDefender in which they try to explain why they attacked Revision3, which uses BitTorrent to host its own content. Somehow it eluded MediaDefender that they had injected fake content into Revision3's tracker, so when Revision3 changed configuration to forbid this injection, MediaDefender's systems saw it as a pirate tracker with lots of illegal content (which MediaDefender had put there) and attacked. In other words, everything they did was intentional except for the choice of target. Given that they have 9 Gbps of bandwidth dedicated to denial-of-service attacks against torrent trackers, all anyone needs to do is to trick them into attacking a hospital or government facility. MediaDefender has never been very competent, after all."
How is any of this legal? Injecting content, false or otherwise? DOS'ing a server? They're fighting fire with fire.
--why?
Shouldn't admitting to a DOS attack in and of itself get people arrested? Who cares what the site they are attacking contains? They are committing acts of digital vandalism. Jail, please.
Even if this story makes it to the mainstream media, its not going to get much airtime. Especially since no Joe User knows what Revision3 is. There just wouldn't be enough outrage to make it a worthwile story anywhere except the geek community.
They've bought senators, how can it be illegal when they've got paid for law makers fighting on their side(!)
todo - The developer's equivalent of confession: "Forgive me Father, for I have sinned..."
If you distribute baking soda (sell/give away/etc) and tell people that its crack, you can be arrested and held to the same liabilities as if you had actually sold crack..in fact..some states have laws to where you'd get charged for selling it, but not possession. Some will tack on an extra charge on top of possession/sale.
So tell me why MediaDefender gets away with inserting fake data labeled as copyright-violating material into someone else's server and then going all vigilante on them. If you own the copyright you might be able to get away with it as its no longer in violation of copyrights since its yours, but since MediaDefender doesn't own them directly..
That on top of the damages they have caused this company, in either time, money, or business damages.
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
...that Air Traffic Control using BitTorrent to distribute approaches is quite possibly the worst analogy I've heard come out of this whole mess.
Seems like this is as least as destructive as 1 billion people "illegally" downloading digital media .
"Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
Both government facilities and hospitals both rely on BT for a number of things. The government's idea of a database file is many gigabytes in size. Moving those around is MUCH cheaper and easyer with BT. Hospitals that are affiliated with universities usually do some sort of medical research on-site and also send/receive data to the campus. BT is used a lot with sending around things like DNA maps and decoded genomes; that sort of thing.
BitTorrent is a legitimate method of distributing data, no matter what kind of data. It just happens to be a great way to send your entire mp3 collection to 12 friends in very little time and that's why people associate it with piracy and the like.
Isn't DoSing also a Homeland Security issue? Shouldn't their ISP have cut them off when they started doing illegal things like automatically targeting innocent companies with illegal DoS Attacks?
If someone did to MediaDefender what they do to EVERYONE ELSE, they'd be screaming bloody murder!
Finally, what if they DID actually DoS a company that caused someone to be hurt or die. Would they be liable for pre-mediated murder?
I can't prove it but I heard that The Planet was hosting an open tracker. We all heard what happened to them... http://tech.slashdot.org/article.pl?sid=08/06/01/1715247
Although the FBI *is* investigating, be on the lookout for a hastily-written and passed-by-voice-vote bill by Congress OK'ing this behavior by MD.
Cheers!
Strat
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
Dear Public, Media, and our friends Revision3: We are very, very sorry. Our servers did bad, bad things to Revision 3 and WE HAD NO CLUE!! Please, take mercy on us. Sure, our severs were snooping around their legitimate BitTorrent tracker seeding maliciously. BUT WE HAD NO CLUE! Sure, our servers recently assraped their severs into oblivion, BUT WE HAD NO CLUE!! This is all one big, misfortune event. Our Friends at revision3, we are really, really, REALLY sorry. Please, we plead ignorance. Our innocent servers honestly thought you were running an pirate operation. Please accept our appologies (Pretty please! with a cherry ontop :))) We PROMISE we will NEVER EVER NEVER do it again.
Sincerely,
MediaDefender
Try to explain? The bottom line is MediaDefender attacked another commercial entity.
If someone throws a stink bomb through a brick & mortar storefront window, forcing the store to close, do you think the police would allow the offender to get off with saying, "oops"?
First off, theyre a coroporation in the midst of one of the most corrupt adminstrations in the history of the united states.
Second, theyre working for the **AA organizations, the darlings of congress, for whom no human rights violations are too great a cost, for whom ACTA is being negotiated to subvert those pesky public interest groups and constitutional protections present in every industrialized nation on earth, and for whom judges suspend several constitutional protections for due process.
In other words, they are above the law, and the public allows them to do so because filesharing = terrorism, after all bush said so.
VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
Someone, someday, will find a legitimate use for a torrent tracker in an hospital. But simply imagine an illegal tracker run by a rogue employee. MediaDefender uses it for its tactics. The sysadmin notices the tracker, and shuts it down. MediaDefender's Stalin organ goes amok and shuts down the entire hospital network.
Because of a BT tracker. Yeah, right.
In Revision3's case, there might have been illegal file sharing occuring - thats only a civil case if memory serves - and certainly MediaDefender's attack was criminal. In the hospital's case, MediaDefender would risk becoming downright murderers.
...for tracker operators. "Umm...Not my files...They must have been put there by MediaDefender"
:)
I wonder if that now becomes a viable defense. If MD can get in to leave files, so could anyone else
No it wouldnt. That's one dollar.
Computer systems should be treated as pets, if they attack someone they should be put to sleep.
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
Also, we made this cake. For you. Please, don't ask about the teeth marks.
I'm as confused as you are. The complete absence of any sort of order of events makes things more confusing.
Things I'm fairly sure of. Revision3 had a security hole. MediaDefender saw the security hole, and seeded it with fake files. Revision3 noticed these fake files and disconnected them. As a result, MediaDefender - either due to misconfigured servers or malice - DOSed Revision3.
Not sure if pirates were using the security hole. It would seem a bit pointless given that there are plenty of pretty open torrent sites.
Also not quite sure how MediaDefender can defend their initial actions. This seems to be pretty clearly hacking. Exploiting a security hole in another machine to gain access is generally enough regardless of whether there was any further malicious intent.
"Our servers did it" definitely induced a head-scratch from me. Why on earth would they have their servers set up to automatically commit serious crimes just because a server was public and then restricted access? That doesn't make sense, even from their twisted viewpoint..
After browsing their site, I found this open dir: http://www.mediadefender.com/marketing/ . How is spreading an mp3 of Kanye West or Timbaland legal? Should they now DoS their own webserver?
This comment is fully compliant with RFC 527.
You know, for a while I was kinda suspecting they'll play the "we're dumb, and it was an accident" card. You know, say that it was some poorly configured system that did the injecting, and it accidentally got stuck connecting in a loop instead of once a day. Present it as some bug they didn't even know about. Blame some techie. You know, anything _except_ say "yep, it was premeditated all along to break the law." Go for criminal negligence.
But that they have a big fat pipe dedicated to conducting DOS attacks? Jesus F. Christ, that's like saying that I have a car dedicated to running down pedestrians I don't like. If that's not a confession of premeditation, I don't know what is.
To put it in perspective, the western criminal system (as far as I understand it, and IANAL) tries, or theoretically should try, to establish the degree of intent (or "mens rea" = "guilty mind") in an act. So for example, if a shingle off my roof fell on the a passerby's head, although what happened is the same and the guy is just as dead, you can have very different punishments based on the nuance of being classified anywhere between "direct intention" (I actually intended to have shingles fall on him/someone) and "criminal negligence" (I had no flippin' clue that the roof is in that bad condition, though a reasonable person should have foreseen and inspected it regularly.) The worst you can do is not only go for "direct intention", but also basically say, "oh yeah, it wasn't a momentary act of rage, it was planned all along."
So these guys have basically been paying all along for a pipe _dedicated_ to breaking the law? They actually had a plan to break the law, and month after month paid the bill on the resources set aside for only that purpose? Geesh. I hope that a few executives land in state jail there.
A polar bear is a cartesian bear after a coordinate transform.
Can someone tag this with "MafiaDefender" please?
If you open yourself to the foo, You and foo become one.
Because they have gotten away with it for near a decade, even though many have pointed out the illegality of it.
And they expect, once again, to get away with it.
And because, this will become even more fuel for them (and the **AA) towards pushing making P2P software entirely illegal, regardless of it's use. Does this last section make sense? No? So what? Do you really think it has to? Look at their other arguments for making P2P illegal - do they make sense? Didnt think so. ;-)
And of course, because it will help them push forward the pending legislation that would make their actions (whatever they are) legal - irrespective of current law.
So... I think it makes perfect sense - at least from their twisted viewpoint.
StarTrekPhase2 - The Five Year Mission Continues!
Sheesh.
I thought filesharing=communism.
There's even a poster.
Scientists now say the future will be far more futuristic than originally believed
"Denial of service attacks are illegal in the US under 12 different statutes, including the Economic Espionage Act and the Computer Fraud and Abuse Act. So is MD above the law?"
Nope.
And anyone who wants to look at the "howto" for this stuff, go HERE:
http://www.usdoj.gov/criminal/cybercrime/ccmanual/01ccma.html#F.
That's the applicable one.
Since Revision 3 is also in California, they have an open-and-shut case against Media Defender for civil damages.
Please note that vigilantism is _not_ something that justifies breaking US federal or state law. From the POV of Media Defender, the best they can get away with is pleading guilty to conspiracy, especially since they admitted in public that they're engaged in vigilante "net justice"
--
BMO - For Great Justice
thegodmovie.com - watch it
++ Say to Elrond "Hello.".
Elrond says "No.". Elrond gives you some lunch.
It bloody figures that SkyNet spawned from the evil **AA entities :P
I dunno, MediaDefender seem to want it both ways. I wouldn't be surprised if they simultaneously posted fake stuff to a tracker to disrupt traffic, and also to accuse the tracker owners of violating copyright. After all, that's pretty much what happened here. The site got DoS'ed because they closed the backdoor in their tracker, and Mediadefender had been using it to inject fake content. In any case, it's probably a mistake to "think the best" of MediaDefender's intentions.... they have consistently shown themselves to be more than reprehensible and two-faced.
... and then they built the supercollider.
That doesn't answer the question, though.
You can see here, the Router orbiting the forest moon of Endor. Although the download systems on this Router are not yet operational, the Router does have a strong defense mechanism. It is protected by a firewall which is generated from the nearby forest moon of Endor.
The firewall must be deactivated, if any torrent is to be downloaded.
Once the firewall is down, our servers will create a tracker, while our admins hack into the system and attempt to inject the fake contact.
++ Say to Elrond "Hello.".
Elrond says "No.". Elrond gives you some lunch.
sales@mediadefender.com
info@mediadefender.com
jobs@mediadefender.com
president: try herrera@mediadefender.com, oh@mediadefender.com,
ceo: try randy@mediadefender.com (personal), saaf@mediadefender.com or rsaaf@mediadefender.com
controller: try: rr@mediadefender.com, rousselet@mediadefender.com
parent company: artistdirect (stock ticker: ARTD)
Investor relations: ir@artistdirect.com
Chairman: diamond@artistdirect.com
CEO: try villard@artistdirect.com, dv@artistdirect.com
Auditors: Gumbiner, Savett, Finkel, Fingleson & Rose, Inc
rgreene@gscpa.com (Ronald Greene) http://marketcenter.findlaw.com/scripts/display_profile.pl?id=173844
Have fun.
If you abandon all attempts at logic and what we the
1. Bittorrent is only used for distributing illegal content. (Whoopsie, that's not always true)
2. Anyone who's running a bittorrent tracker is therefore distributing illegal content. (Only true if 1. above is. And if the entire world has identical copyright laws.)
3. We can determine who's using this tracker by persuading it to track the details of specific files and then subpoena the IP address of anyone who connects to us to download them. (Whoopsie! We can identify an IP address but it turns out that turning that into a guaranteed-correct person's name is actually quite difficult)
4. If they attempt to defend themselves (eg. by blocking the fake files injected in step 3 above), then they're as good as admitting guilt and also they're making it impossible for us to subpoena anything. Therefore, the correct course of action is to take their system off the Internet. (Whoopsie! Except that almost any country with even vaguely up to date laws would consider this highly illegal - and if our target is a legitimate tracker, it may get investigated).
Makes some sense if you're selling a service which claims to stop p2p.
First, anybody know of any patently identical incidents where this happened? If so, it debunks the folloing point.
I'm not taking their side, but the way I read this, the explination "our servers did it" indicates that they had things configured in such a way that they never made the connection between the two incidents. They tapped Rev. 3 to seed false torrents. Separately, they set up DoS attacks on servers hosting lots of torrents, but never made the connection as to what happens when their seeding loophole gets closed up.
Everyone on here acts like these guys are sitting in leather executive tall-back chairs with twisting their handlebar mustaches and wringing their hands menacingly while conjuring up new ways to unleash chaos on all things internet. I completely disagree with what they're doing, but a glaring lack of foresight resulting from stupidity is not the same thing as digital terrorism. I hope that Rev. 3 busts their balls and they end up in a solid set of legal crosshairs, but I find it a stretch to think that these kind of mistakes are premeditated. I understand "our servers did it" very well.
Of course if you truly want your servers to be safe, and who wouldn't, we are introducing a revolutionary new service. As long as you make regular payments, we will be able to verify your site as copyright violation-free, and you will be protected from further DOS attacks.