The DMCA takedown notice is what a copyright holder sends to a content host.
The e-mail from the content host to the user saying "we deleted your file because ______" is not a DMCA takedown notice, regardless of what the reason they give.
Content hosts are supposed to notify users whose content has been removed due to DMCA takedown notices so that the users have the opportunity to file counter-notices under the DMCA, but that correspondence is not itself a DMCA takedown notice.
True - not that it makes a whole lot of difference, though. "Lazy" delete is pretty common, so at what point do you want to say it was deleted? When they set the "deleted" bool on the database record for the file that's good enough to call it deleted from the user's point of view. Chances are they could get it back even if it really was deleted if they went down to undelete it at the filesystem level or if they did any sort of regular backups.
Maybe it did and the admin forgot to tick the non-default reason. Who knows... all that really matters is that it does appear to have been an honest mistake.
They didn't issue a DMCA takedown notice (which would have been perjury). They claimed that they had received one, which is either simply lying or an honest mistake.
Sending a fake DMCA takedown is illegal, yes, but an e-mail that says "we deleted your file due to DMCA takedown notice we received" isn't a DMCA takedown notice. And apparently that e-mail just went out automatically any time they banned a file from someone's account. Apparently it never occurred to whoever designed their system that a file might be removed for anything other than copyright violation... or maybe the admin just didn't select the correct reason when he banned it.
The DMCA was never invoked, because there was never an actual DMCA takedown notice, just a form e-mail that stated that his file had been deleted because of a DMCA takedown notice. There wasn't a DMCA takedown notice and his file wasn't deleted because of one - it was deleted for an entirely different reason - but apparently that same form e-mail was set to go out to anyone whose file was deleted by an admin for any reason at all.
A DMCA takedown notice is what a copyright holder would send to DropBox, not what DropBox would send to its user after deleting the file from their servers.
As far as spoofing an ACK, you could do it, yes, but you'd also have to spoof a bunch of other stuff, packet sequences, etc. All would have to direct back to your spoofed IP, which is not actually listening, and you wouldn't hear any of the responses from the server to guide you.
Basically, it would be trying to hold a conversation with someone who you can't hear, but saying all the right things so that they don't figure out that you can't hear them. Possible, yes, but very difficult.
TCP is pretty clearly defined. It wouldn't be all that hard if all you wanted to do was make it look like the target's IP address had requested the illegal material, and you don't care what happens to the connection after that. In fact AFAIK the authorities probably wouldn't actually transmit anything illegal back in response to it since just attempting to access the stuff is enough for them to log the IP and move on. Although they might assume it would help ensure that they'd find incriminating evidence once they seized the hardware.
it's not like you'd even be doing it to get CP without being caught. All this effort would be solely to frame someone else, and you're not even sure who they are, because all you have is an IP address.
We all know that it's easy enough for someone to find an unsecured wi-fi connection if they want to download stuff without getting caught; that's the real "cautionary tale" in this story. If someone was going to the effort of spoofing IP addresses to frame people, they'd probably be doing it on a very large scale simply to create havoc and show that the system is broken.
And if they're running a non-standard TCP stack that's even logging incomplete connections, they're going to end up with millions upon millions of connection attempts, port scans, and tons of internet noise to wade through on the off chance of finding the one connection that's being spoofed to try to frame someone for downloading CP
You can't change the context of the argument after you've made a point, in order to make that point correct. You apparently also don't know how debates work.
So? You can't limit the context of the argument to a carefully-crafted scenario that makes your point correct. This story was about P2P.
A TCP connection, as used by wget, requires a response in order to continue. Without getting the response from the server in the TCP handshake, no request for data will ever be made, because the connection hasn't been successfully made.
So you'd have to spoof an ACK and correctly guess the sequence number for the packet. Big deal. And you assume that the person on the other end is running a vanilla TCP stack that won't log anything until it makes a full connection.
If the pedo is a hacker: well that sucks for you, but even though authorities have a little more evidence against you they'll still find that all your porn is legit and whatever you are accused of doing is not from a mac address of a computer you own, and there are no records of the activities in your house.
What if the hacker/pedo knows how to spoof a MAC address and the police find a Live CD in your bookshelf?
What happens when the policeman ends up being your average thug who just wants to rape your wife and steal all your stuff? But I guess since he yelled "This is the police, get down on the floor" that makes it okay.
The ISP still knows which subscriber had the IP address assigned. In fact this guy's IP probably was dynamic, but all the authorities would need is a rubber-stamped subpoena to get his address from the ISP.
Um, no, the owner of the router was the wrong guy because he didn't commit the crime. That is exactly why the IP can't always be traced to the right person. Of course an IP address can be traced to "someone" but that doesn't mean that's who committed the crime.
In fact the only reason that they ever did get the "right" guy was because he had also downloaded the stuff from IP addresses that were able to be traced back to him. The dangerous and stupid raid they conducted on the wrong house didn't even help them find him.
No... just no. Local IP addresses are assigned by DHCP on the router and are completely meaningless. If anything from the router's logs was useful, it would be the machine's MAC address, not the IP address. And that assumes he wasn't changing his MAC address periodically.
In reality, the router's logs didn't help them at all. The real perp was found by correctly interpreting the evidence that they ALREADY had, after they'd already conducted the raid on the wrong guy's house.
A perfect fifth is the range spanned between the first four notes of "Twinkle, Twinkle", transposed into any given key. So if you can hum that tune starting on any chosen note, you can sing the perfect fifth to that note. Congratulations.
GP's point was that any idiot could be taught to secure a router given equally-simple instructions.
However, if pistols were appropriate for the situation, rifles certainly were.
Rifles are long-range weapons. Pistols are close-range weapons. Someone who appears to know half a thing about weapons should know not to make such a ridiculous statement.
it would be horrible for them todo this, get into a gunfight with the owner (perfectly within his rights if he had no idea it was the cops)..and he got killed and subsequently was found innocent?
It wouldn't be the first time that's happened. IIRC it was something like "right house number, wrong street".
Say I spoof your IP address and (somehow) manage to start a wget of a boatload of porn. It starts heading toward your IP, but since you have no application waiting to receive this, the packets are not ACKed, and the transmission stops.
That's assuming that the sender wasn't really just logging all of the requests for law enforcement and not actually sending anything back.
On the other hand, WEP is trivially easy to break, and even WPA is crackable if the attacker is patient and persistent enough and the password isn't too strong. Good luck explaining how it wasn't you if your router had a "secure" password...
You can not spoof an ip address (and download any porn) beyond your own router. You may be able to send packets out, but you won't get any porn back.
You won't, but someone will.
What if that someone doesn't have an open wireless router to blame it on? What if the police can't find any illegal materials on his hard drive but they come across a Linux Live CD in his desk?
"I can't explain that. I don't understand all the physics involved, and to this point I don't know a ballistics expert who can explain that right now either," Jones said.
He's pretending to seriously try to figure out what sort of bizarre physics could cause a bullet fired from behind someone to loop all the way around their head so as to enter through the forehead... because obviously the guy couldn't have possibly been facing the shooter.
Slashdot Mirror
Sending a DMCA takedown notice which asserts that you are the owner of content which you don't actually own is, in fact, perjury.
His initials, more likely, but still an awesome coincidence.
There was never a DMCA takedown notice.
The DMCA takedown notice is what a copyright holder sends to a content host.
The e-mail from the content host to the user saying "we deleted your file because ______" is not a DMCA takedown notice, regardless of what the reason they give.
Content hosts are supposed to notify users whose content has been removed due to DMCA takedown notices so that the users have the opportunity to file counter-notices under the DMCA, but that correspondence is not itself a DMCA takedown notice.
True - not that it makes a whole lot of difference, though. "Lazy" delete is pretty common, so at what point do you want to say it was deleted? When they set the "deleted" bool on the database record for the file that's good enough to call it deleted from the user's point of view. Chances are they could get it back even if it really was deleted if they went down to undelete it at the filesystem level or if they did any sort of regular backups.
Maybe it did and the admin forgot to tick the non-default reason. Who knows... all that really matters is that it does appear to have been an honest mistake.
They didn't issue a DMCA takedown notice (which would have been perjury). They claimed that they had received one, which is either simply lying or an honest mistake.
Sending a fake DMCA takedown is illegal, yes, but an e-mail that says "we deleted your file due to DMCA takedown notice we received" isn't a DMCA takedown notice. And apparently that e-mail just went out automatically any time they banned a file from someone's account. Apparently it never occurred to whoever designed their system that a file might be removed for anything other than copyright violation... or maybe the admin just didn't select the correct reason when he banned it.
The DMCA was never invoked, because there was never an actual DMCA takedown notice, just a form e-mail that stated that his file had been deleted because of a DMCA takedown notice. There wasn't a DMCA takedown notice and his file wasn't deleted because of one - it was deleted for an entirely different reason - but apparently that same form e-mail was set to go out to anyone whose file was deleted by an admin for any reason at all.
A DMCA takedown notice is what a copyright holder would send to DropBox, not what DropBox would send to its user after deleting the file from their servers.
As far as spoofing an ACK, you could do it, yes, but you'd also have to spoof a bunch of other stuff, packet sequences, etc. All would have to direct back to your spoofed IP, which is not actually listening, and you wouldn't hear any of the responses from the server to guide you.
Basically, it would be trying to hold a conversation with someone who you can't hear, but saying all the right things so that they don't figure out that you can't hear them. Possible, yes, but very difficult.
TCP is pretty clearly defined. It wouldn't be all that hard if all you wanted to do was make it look like the target's IP address had requested the illegal material, and you don't care what happens to the connection after that. In fact AFAIK the authorities probably wouldn't actually transmit anything illegal back in response to it since just attempting to access the stuff is enough for them to log the IP and move on. Although they might assume it would help ensure that they'd find incriminating evidence once they seized the hardware.
it's not like you'd even be doing it to get CP without being caught. All this effort would be solely to frame someone else, and you're not even sure who they are, because all you have is an IP address.
We all know that it's easy enough for someone to find an unsecured wi-fi connection if they want to download stuff without getting caught; that's the real "cautionary tale" in this story. If someone was going to the effort of spoofing IP addresses to frame people, they'd probably be doing it on a very large scale simply to create havoc and show that the system is broken.
And if they're running a non-standard TCP stack that's even logging incomplete connections, they're going to end up with millions upon millions of connection attempts, port scans, and tons of internet noise to wade through on the off chance of finding the one connection that's being spoofed to try to frame someone for downloading CP
Ok, that's true enough.
wget is not P2P, and does not use UDP.
You can't change the context of the argument after you've made a point, in order to make that point correct. You apparently also don't know how debates work.
So? You can't limit the context of the argument to a carefully-crafted scenario that makes your point correct. This story was about P2P.
A TCP connection, as used by wget, requires a response in order to continue. Without getting the response from the server in the TCP handshake, no request for data will ever be made, because the connection hasn't been successfully made.
So you'd have to spoof an ACK and correctly guess the sequence number for the packet. Big deal. And you assume that the person on the other end is running a vanilla TCP stack that won't log anything until it makes a full connection.
If the pedo is a hacker: well that sucks for you, but even though authorities have a little more evidence against you they'll still find that all your porn is legit and whatever you are accused of doing is not from a mac address of a computer you own, and there are no records of the activities in your house.
What if the hacker/pedo knows how to spoof a MAC address and the police find a Live CD in your bookshelf?
What happens when the policeman ends up being your average thug who just wants to rape your wife and steal all your stuff? But I guess since he yelled "This is the police, get down on the floor" that makes it okay.
The ISP still knows which subscriber had the IP address assigned. In fact this guy's IP probably was dynamic, but all the authorities would need is a rubber-stamped subpoena to get his address from the ISP.
Get sturdier doors for your house, so you have time to tell the SWAT team they have the wrong house.
Yeah, I bet they've never heard that one before...
Um, no, the owner of the router was the wrong guy because he didn't commit the crime. That is exactly why the IP can't always be traced to the right person. Of course an IP address can be traced to "someone" but that doesn't mean that's who committed the crime.
In fact the only reason that they ever did get the "right" guy was because he had also downloaded the stuff from IP addresses that were able to be traced back to him. The dangerous and stupid raid they conducted on the wrong house didn't even help them find him.
No... just no. Local IP addresses are assigned by DHCP on the router and are completely meaningless. If anything from the router's logs was useful, it would be the machine's MAC address, not the IP address. And that assumes he wasn't changing his MAC address periodically.
In reality, the router's logs didn't help them at all. The real perp was found by correctly interpreting the evidence that they ALREADY had, after they'd already conducted the raid on the wrong guy's house.
Luckily you have a magic hat that tells you whether they're guilty or not, since occasionally somebody does get falsely accused of that.
A perfect fifth is the range spanned between the first four notes of "Twinkle, Twinkle", transposed into any given key. So if you can hum that tune starting on any chosen note, you can sing the perfect fifth to that note. Congratulations.
GP's point was that any idiot could be taught to secure a router given equally-simple instructions.
However, if pistols were appropriate for the situation, rifles certainly were.
Rifles are long-range weapons. Pistols are close-range weapons. Someone who appears to know half a thing about weapons should know not to make such a ridiculous statement.
I wrote a TCP server/client in C, so I think I know the basics. And I don't think you really have any idea how file-sharing networks work (hint).
it would be horrible for them todo this, get into a gunfight with the owner (perfectly within his rights if he had no idea it was the cops)..and he got killed and subsequently was found innocent?
It wouldn't be the first time that's happened. IIRC it was something like "right house number, wrong street".
Say I spoof your IP address and (somehow) manage to start a wget of a boatload of porn. It starts heading toward your IP, but since you have no application waiting to receive this, the packets are not ACKed, and the transmission stops.
That's assuming that the sender wasn't really just logging all of the requests for law enforcement and not actually sending anything back.
On the other hand, WEP is trivially easy to break, and even WPA is crackable if the attacker is patient and persistent enough and the password isn't too strong. Good luck explaining how it wasn't you if your router had a "secure" password...
You can not spoof an ip address (and download any porn) beyond your own router. You may be able to send packets out, but you won't get any porn back.
You won't, but someone will.
What if that someone doesn't have an open wireless router to blame it on? What if the police can't find any illegal materials on his hard drive but they come across a Linux Live CD in his desk?
Even better, the one directly following it:
"I can't explain that. I don't understand all the physics involved, and to this point I don't know a ballistics expert who can explain that right now either," Jones said.
He's pretending to seriously try to figure out what sort of bizarre physics could cause a bullet fired from behind someone to loop all the way around their head so as to enter through the forehead... because obviously the guy couldn't have possibly been facing the shooter.