How To Frame a Printer For Copyright Infringement

An anonymous reader writes "Have you ever wondered what it takes to get 'caught' for copyright infringement on the Internet? Surprisingly, actual infringement is not required. The New York Times reports that researchers from the computer science department at the University of Washington have just released a study that examines how enforcement agencies monitor P2P networks and what it takes to receive a complaint today. Without downloading or sharing a single file, their study attracted more than 400 copyright infringement complaints. Even more disturbing is their discovery that illegal P2P participation can be easily spoofed; the researchers managed to frame innocent desktop machines and even several university printers, all of which received bogus complaints."

Re:Glad it's in a reputable media source

[Hyppy]

Somewhat offtopic, but related to your post. The EFF maintains a mailing list for technologists who would be willing to assist as witnesses or in other ways for cases such as this. When an attorney needs an expert witness for, say, a defense case against the RIAA, the EFF happily forwards it to this list. http://www.eff.org/about/opportunities/volunteer

Re:PC LOAD MUSIC

From God^H^H^HWikipedia:

The term was popularized by the comedy cult film Office Space. Michael Bolton (David Herman), one of the three main characters, reads the error message from the LCD status display on a fax machine, after which he asks, "'PC Load Letter'? What the fuck does that mean?"

Re:Sweet!

[mysidia]

Sorry, I have to debunk the theory that it is only technically possible to spoof a source address on your local subnet, it's just not true.

First of all, you can send people in your local subnet messages with any fake outside source IP you want, and there are various techniques to convince your local subnet's router to send _you_ the response traffic instead of the rightful recipient, so you can have full socket connectivity in both directions.

(I.E. ICMP redirect packets sent to the default gateway, static routes, etc)

Also, there are methods to spoof source IPs outside your subnet, even when sending to destinations outside your subnet, unless your provider is specifically using techniques to block spoofed traffic (which possibly, some are now).

If you can guess the right sequence numbers and port numbers (very hard), then you can even inject data into someone else's live TCP connection, or just force that connection to close (by sending a RST)

Use of technologies such as SSL or TLS protect against sending unauthorized commands or allowing corrupt data to be transmitted, but don't protect against a third party forcibly closing the connection.

Spoofing outside the subnet is just extremely difficult, and fairly improbable for targets utilizing modern TCP stacks -- but theoretically possible; IRC networks used to have problems with script kiddies generating spoofed clone floods.

(This tactic was thwarted by taking advantage of the fact that spoofed users could effectively SEND spoofed traffic but not RECEIVE messages, so a CAPTCHA-style feature called "nospoof" was introduced into the connection process.)

Receiving traffic in both directions over a spoofed connection is also possible, but hard, I.E. requires hijacking the legitimate equipment's IP, and fooling network equipment into sending traffic to the wrong place (the spoofer's computer).

I'm not saying it's easy, safe, invisible, non-destructive, or you won't easily get caught, but I must say that such spoofing is 100% possible.