Slashdot Mirror
Are UK Police Hacking File-Sharers' Computers?
superglaze writes "Following its takedown earlier this week of the music blog RnBXclusive, the UK's Serious Organised Crime Agency (SOCA) has claimed that "a number of site users have deleted their download histories" in response. Given that the site didn't host copyright-infringing files itself, how do they know? We've asked, but SOCA refuses to discuss its methods. A security expert has pointed out that, if they were hacking using Trojans, the police would themselves have been breaking the law. Added fun fact: SOCA readily admits that the scare message it showed visitors to the taken-down site was written 'with input from industry.'"
Cool when you're watching nefarious plotting on Taggert or Law and Order: UK but not so funny when it's you. And the accusation is that you're depriving a Hollywood mogul .00000001 per cent of a payment on this third Mercedes.
"a number of site users have deleted their download histories" What does that even mean? Cleared their IE Browsing History? Deleted their Chome cache? Removed things from FireFox's "Recent Downloads" folder?
SOCA, How about a message from the people that pay you, "You are not above the law".
Never let the facts get in the way of good propaganda.
Shit just got serious!
UK's Serious Organised Crime Agency
The Internet is Serious Business
Anons need not reply. Questions end with a question mark.
These has been widespread suspicion that SOCA commits serious crimes. Whether it prevents them or captures the villains is also doubtful.
Perhaps they were using browser exploits to determine if people had cleared their history or cache. Most (all?) of the major browsers used to allow Javascript to detect if links had been visited, so it could check known pages on the site to see if they had been accessed. Similarly the server can tell if files are in the browser's cache because it doesn't re-download them.
Combine that information with IP address logs and you know... well, nothing actually, but if the message they posted on the site is anything to go by they either don't understand that or are just lying deliberately. My guess is that this claim is the latter.
If you look at the site now the threats have been removed, like someone told them to stop breaking the law themselves. The result of IPCC complaints probably.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Did you say "Corporate Police Force"? You know that's not much more than a rent-a-cop.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I did actually RTFA and my conclusion from the comments attributed to the police is that they are either full of shit or they just read some forum posts. Hacking never would have entered my mind.
If SOCA, Serious Organised Crime Agency dealing with serious organized crime is fighting copyright infringement, then what is the agency called that deals with such things as mobsters, thieves, assassinations and illegal prostitution gangs? Those organized crimes aren't serious enough for SOCA? They sure are causing a lot more harm to the tax-payers.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
Jesus.
These cretins ought to be dealing with people traffickers, gang crime and other actual Serious Organised Crime.
That they are taking down music sharing sites is ridiculous. The justification I heard recently was even more laughable. It was serious organised crime because it cost the record labels 15 million.
Ah, record label mathematics, even better than cop math!
I don't doubt that these sites are hives of illegal activity. What they are not is a serious threat to the British public, which SOCA should be concentrating on, not pissing into the wind trying to clamp down on piracy.
So write them a letter if you are not in the UK
http://www.soca.gov.uk/contact-soca/complaints
I personally linked the definition of terrorism ( http://www.merriam-webster.com/dictionary/terrorism ) in my e-mail and called them out on their terrorist actions
Sure, it's non-violent terrorism.. but it STILL IS terrorism....
In what parallel universe were the RnB exclusive blog activities Serious Organized Crime? Okay, modern RnB could be considered a crime, but still...
"I have downloaded hundreds and hundreds of records, why would I care if somebody downloads ours?" Robin Pecknold
Give the impression you're going to come into their homes & cut their dicks off.
This same country has parts of the population believing that your TV can be detected from a van outside your house. They're trying the same tactic with the internet... Nothing new.
Who do the site owners sue for libel? They published a written message on the web site claiming that the majority of music files made available from the web site were stolen from artists. They know that none of the files were "stolen" from artists. They may be illegal copies. But they were not stolen. Also, if the music files were not hosted on the site, were they really "available via this site"? If the whole "conspiracy to commit fraud" thing falls through, which is pretty likely, then I think the site owners have a good case for suing.
What judge granted the 15 million claim? You can't take down people's businesses just because someone claims they are costing them money in illegal damages. If that's the truly a fact, they could sue in court for the losses. Once the losses were validated by a Judge, they could first ask the losses to be paid. If those weren't paid, they could have the assets of the business confiscated. Maybe *then* you would have a case for taking down the website, but not before.
I was promised a flying car. Where is my flying car?
Luckily all the crimes I commit are completely disorganised. You'll never get me SOCA !
while (true != false) process_more_stupid_code();
What they did there was make a false allegation against him and anyone who downloaded music. He can't now get a fair trial because he's been accused of theft by the police publicly but they haven't brought a theft charge against him confirming it is a false claim.
They prejudiced his trial.
So what they need to do at this point is get back within the limits of the law, and stop propagandizing. The police have no place in society as a political campaign group.
Also they need to recognize that RIAA now represents less than 30% of music sold, and that 2011 was the biggest year for music sales on record. Copyright infringement is copyright infringement, it's dealt with by copyright laws, not theft laws. The only input they should be seeking on a take down notice is LEGAL input on the LAWS as they stand in the UK. Nothing else.
http://blog.nielsen.com/nielsenwire/consumer/cue-the-music-driven-by-digital-music-sales-up-in-2011/
What will happen now, is those false claims they made will be used in court as evidence of police misrepresentation of evidence.
is now Little US - corruption is now openly flaunted.
Its their "network" and your ip and usage is logged for a short time in some detail. Ip and billing data might be kept for many, many months, but if your quick :)
They know the site, the names of the files and have a time frame. The rest is UK wide database work.
This was done with very unique data from newsgroup posts. Take the data to the isp's and do a massive search seeking people who downloaded the file/s.
Domestic spying is now "Benign Information Gathering"
Does anybody else think this might be a trap to catch anonymous when they try to hit back at SOCA?
... it's legal, and you end up in jail
When you hack cops' computers, it's illegal, and you end up in jail
Head you lose, tail, you also lose
Muchas Gracias, Señor Edward Snowden !
Dear Chief Inspector Dimbleby, please taze those bros for us. By the way, we may have a position of Director of Law Enforcement Liason available up next quarter. No reason we mention that. How's your police pension looking? Love and cuddles, the IFPI.
If you were blocking sigs, you wouldn't have to read this.
Im still waiting SOCA announcement on joining The Royal Society of Very Seriously Organised Agencies.
Take this with as much salt as you think it needs.... but the easiest way I can think of to do this is actually quite possible with no hacking.
Step 1: Take over the site through legal means. .torrent file in the last month. There's a good chance the configuration for how much to keep in the way of logs won't have been nailed down to "almost nothing" because until recently, most of the sites that hosted nothing but .torrent files thought they were on fairly solid legal ground so didn't need to worry about that sort of thing. .torrent files over an insecure link (dead easy to find out because many ISPs operate transparent proxy servers for HTTP traffic) and subsequently used a lot of bandwidth, that may well be enough to get a court order to seize the customer's own computer equipment.
Step 2: Troll through the server logs, getting the IP addresses of everyone that's downloaded a
Step 3: Filter the list you got in step 2 for all IP addresses assigned to UK ISPs.
Step 4: Contact those ISPs with a court order requesting:
- Identity of who had IP address XX.XX.XX.XX at the appropriate date/time.
- What else those people had been downloading. You don't need DPI-type information; if a customer has also been downloading lots of other
You want a higher burden of evidence before getting a court order? Fine, limit it to IP addresses that have been visiting the site regularly and downloaded a lot. Yes, dynamic IP addresses do change but they don't typically change on an hourly basis. A single IP address that downloads a lot over the course of a couple of hours could easily be enough.
There. You've now got enough information to monitor the UK without having to plant a single trojan or do a single thing illegally.
It's bootleggers we need to worry about. Piracy is pretty much try-before-you-buy.
I dunno,
Firefox has this creepy new dashboard on New Tabs that shows parts of your history, and it's semi-permanent-sorta even if you delete parts of your history in the settings. I didn't do any exhaustive research, just that I noticed a top level partial history delete didn't work. All I'm saying is that stuff like the new Google data-merge is gonna intersect eventually with the cops/govt spreading their fear campaigns.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
As far as I am aware (being a UK person) copyright theft is a civil, not criminal matter, unless they can prove money changed hands and you where doing it for profit/commercial gain.
I am half minded to write to my MP, but then again, he is just a government jellyfish (ie no spine) who employs his wife as his PA (ie Morally dubious)
I think soon, there will be a revolution of types. The MPAA and their lot have to grasp the fact that there is no way back to the good old days of peddling of shiny silver disks for about £14/$20 a go.
Most of the stuff they've been coming out with is just bullshit pathetic attempts at intimidation. They have no idea what people have in their "download history". I did go to the site the day they put that warning up and checked the page source, they weren't trying the CSS history trick at all. (Which most browsers have fixed now, haven't they?)
Nah. The police are trying to intimidate with cheap threats, but they don't have anything to back it up with. Chancers. Fuck 'em.
At first it looked like some kind of prank?
Firefox has semi-permanent-sorta BUT NOT history items.
I didn't do ANY research, but I still decided to post some FUD to slashdot for the mod points.
If anyone fancies protesting outside their office, it is around the corner from MI6 on Tinworth Street in Vauxhall, London. There's no signage to identify them except "Spring Gardens".
https://maps.google.co.uk/maps?q=Spring+Gardens,+Tinworth+Street,+London&hl=en&ll=51.48959,-0.121004&spn=0.001102,0.002953&sll=51.489433,-0.121085&layer=c&cbp=13,26.7,,0,-7.43&cbll=51.48959,-0.121004&hnear=Spring+Gardens,+Tinworth+St,+London+SE11+5EH,+United+Kingdom&t=m&z=19&panoid=GFzwFoPRllC2mkNg2Xo-9g
- see http://cryptome.org/eyeball/uk-soca/uk-soca.htm
Cops and criminals generally have the same psychological profile. Takes one to know one.
Pretty sure there's been rebellions over that type of stuff. But my history might be a bit rusty....
There's a reason EFG (epic FAIL guy) wears a Guy Fawkes mask...
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Here's what I sent them. If I had been wider awake, I would have skipped the last paragraph. I enjoyed writing it, but sarcasm is almost always counterproductive.
Dear SOCA,
When I saw the takedown notice at RnBXclusive, I was sure that it was a spoof. The bald statements about the guilt of "the individuals behind this website," apparently unproved in court, the threats of prosecution to myself, and the speculative claims about the "future of the music industry," seemed too absurd to be written by a serious law enforcement agency. Then, the advertisement for pro-music.org at the end made it clear that this was either a spoof by pro-music, or more likely by an opponent trying to embarrass pro-music.
I was astonished to find acknowledgment on your own web site that this absurd text was indeed your own.
I never heard of RnBXclusive before, and have no opinion whatsoever regarding the legality of the behavior of "the individuals behind" that website, nor your takedown of the site and reported arrest of the "individuals." But I hope that you will be more careful in the future to post only relevant and sensible notices that stay well within the scope of your legal mission.
I recommend to you the Electronic Frontier Foundation (www.eff.org) as a source of careful analysis of online behavior by individuals, corporations, governments, and law enforcement agencies. They do not appear to have posted any specific comments about RnBXclusive, SOCA, or your recent arrest and DNS takeover, but they can provide some of the best advice available when consulted.
If you must advertise legal sources of music downloads, let me recommend my favorite, magnatune.com, which is not represented by those "behind" the pro-music.org website, and which will perhaps suffer competitively from your public endorsement of pro-music.org.
Sincerely Yours,
Michael J. O'Donnell
The University of Chicago
Mike O'Donnell http://people.cs.uchicago.edu/~odonnell/
I play several games now that distribute updates through peer to peer style "sharing". Does that mean I'm guilty of file sharing? Even though the company mad e the software function this way?
Consider this, from the SOCA article on the matter:
"A number of site users have deleted their download histories. Commentary on Twitter and other social media has been global."
(http://www.soca.gov.uk/news/401-music-website-takedown-latest)
Those two lines together hint at a rather more obvious manner SOCA might know people are deleting their histories - they've 'monitored the response' on Twitter and Facebook, probably just tracking a few keywords. People were spooked by the warning and talked to each other about deleting download histories. Of course, people are stupid enough to talk about it publically
See this primitive reenactment link: https://twitter.com/#!/search/SOCA%20my%20history
UK law enforcement are known to monitor social media. A lot of what happened during the London riots revealed that they pay especially close attention to Twitter and Facebook for information.
SOCA is likely the same as all of our new, supposedly anti-terrorism agencies in the US; a domestic spy agency. The war on terror has nothing to do with terror, for sure, but everything to do with controling the population.
Let's all go out and register a company, for which there is 1 person employed, who's salary is $1 per year, and of which the company makes a loss per year. Even better, make it a non-for-profit organisation.
The company buys the computer.
The company pays for the internet service.
The company pays for any VPN or other services used.
If you get sued or arrested then you point to the company and say 'I am but an employee' of company X. You will need to sue my company.
When they start legal proceedings against the company you shut down the company.. and the trail goes cold.
After all, isn't this what companies effectively do right now?
You have a sick, twisted mind. Please subscribe me to your newsletter.
It's kind of scary how they're escalating a petty offense into a 'serious crime'...
First they repeat the gross misnomer that illegal file sharing is theft - it's not, neither semantically nor legally.
Then they hunt pirates using an agency with the equally grossly misname "Serious Organized Crime Agency". File sharing was never organized, nor was it a crime. Theft barely is, and only if the stuff you're stealing is valuable enough, and as we just said - file sharing is not even theft.
WAKE UP!
File sharing does not become theft, or even a crime, no matter how many times you repeat it!
And the organized thing - the only relevance is from the indictment against MegaUpload where the US law enforcement entities actually introduced "The Mega Conspiracy" in order to activate enough judicial power to reach across borders through the activation of Interpol! - It's pure bullshit of course but they wanted someone to prosecute and MegaUpload became it.
"For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --