MediaDefender Explains Itself 395
I Don't Believe in Imaginary Property writes "Wired has an interview with MediaDefender in which they try to explain why they attacked Revision3, which uses BitTorrent to host its own content. Somehow it eluded MediaDefender that they had injected fake content into Revision3's tracker, so when Revision3 changed configuration to forbid this injection, MediaDefender's systems saw it as a pirate tracker with lots of illegal content (which MediaDefender had put there) and attacked. In other words, everything they did was intentional except for the choice of target. Given that they have 9 Gbps of bandwidth dedicated to denial-of-service attacks against torrent trackers, all anyone needs to do is to trick them into attacking a hospital or government facility. MediaDefender has never been very competent, after all."
Mediadefender is the Punisher (Score:5, Insightful)
Now, really? (Score:5, Insightful)
Non-mainstream event (Score:5, Insightful)
Fry. (Score:5, Insightful)
So tell me why MediaDefender gets away with inserting fake data labeled as copyright-violating material into someone else's server and then going all vigilante on them. If you own the copyright you might be able to get away with it as its no longer in violation of copyrights since its yours, but since MediaDefender doesn't own them directly..
That on top of the damages they have caused this company, in either time, money, or business damages.
Re:Mediadefender is the Punisher (Score:5, Insightful)
Unauthorized access and Denial of Service attack.
I'm not quite sure of the details though, were they using a bug to plant the torrents or was the tracker just negligently configured?
The above matters for whether they were hacking(non-geek) or simply using it without authorization.
anyway, "bad boy!" to MediaDefender, surprise surprise.
But will the shit stick all the way to those truly responsible?
What the fuck? (Score:2, Insightful)
But they're not going to do that.
Seriously, every single employee @ Media Defender needs to be anally raped with razor wire.
Re:Fry. (Score:5, Insightful)
Assuming for a brief moment that copyright infringement is theft, just for the purpose of this analogy...
If I broke into your house and put someone else's stuff in your room, then phoned the police that you have stolen property in your room... how nice would that be?
I only have one question: how can we retaliate?
What I can't understand... (Score:5, Insightful)
Isn't DoSing also a Homeland Security issue? Shouldn't their ISP have cut them off when they started doing illegal things like automatically targeting innocent companies with illegal DoS Attacks?
If someone did to MediaDefender what they do to EVERYONE ELSE, they'd be screaming bloody murder!
Finally, what if they DID actually DoS a company that caused someone to be hurt or die. Would they be liable for pre-mediated murder?
Congress Will Act... (Score:4, Insightful)
Cheers!
Strat
I CONFESS!! IM GUILTY! Can I get off the hook now? (Score:5, Insightful)
Explain? (Score:5, Insightful)
Try to explain? The bottom line is MediaDefender attacked another commercial entity.
If someone throws a stink bomb through a brick & mortar storefront window, forcing the store to close, do you think the police would allow the offender to get off with saying, "oops"?
Re:Congress Will Act... (Score:3, Insightful)
You forget, theyre the "darlings" of congress. (Score:3, Insightful)
Second, theyre working for the **AA organizations, the darlings of congress, for whom no human rights violations are too great a cost, for whom ACTA is being negotiated to subvert those pesky public interest groups and constitutional protections present in every industrialized nation on earth, and for whom judges suspend several constitutional protections for due process.
In other words, they are above the law, and the public allows them to do so because filesharing = terrorism, after all bush said so.
Re:Non-mainstream event (Score:4, Insightful)
Re:The torrent community has more bandwidth than M (Score:1, Insightful)
Re:Mediadefender is the Punisher (Score:5, Insightful)
There are actually serious laws against this. If you or I did this, we'd spend quite some time in jail, and have to pay quite a large amount in fines. The criminal and civil penalties are not small. Not to mention the probability of losing (the "right" to) Internet access for some period of time (by court order). It's happened before (and been covered here).
But... how much you want to bet that MediaDefender gets off with less than a slap on the wrist?
With luck, at the very least, MediaDefender will lose the civil suit brought against them and pay that way.
Re:Now, really? (Score:5, Insightful)
Re:It's not illegal... (Score:3, Insightful)
Until then, denial of service & unauthorized access charges shouldn't have much trouble sticking.
The only reason Revision3 wouldn't take this all the way through trial is if MediaDefender offers them a pile of money greater than what R3 would win with a guilty verdict.
Re:I don't really understand what happened... (Score:3, Insightful)
Things I'm fairly sure of. Revision3 had a security hole. MediaDefender saw the security hole, and seeded it with fake files. Revision3 noticed these fake files and disconnected them. As a result, MediaDefender - either due to misconfigured servers or malice - DOSed Revision3.
Not sure if pirates were using the security hole. It would seem a bit pointless given that there are plenty of pretty open torrent sites.
Also not quite sure how MediaDefender can defend their initial actions. This seems to be pretty clearly hacking. Exploiting a security hole in another machine to gain access is generally enough regardless of whether there was any further malicious intent.
Re:I saw its time for a little civil disobediance (Score:4, Insightful)
Re:You forget, theyre the "darlings" of congress. (Score:5, Insightful)
I'm sorry what? When has the **AA ever violated human rights? Sure they're scumbags, but try to keep a little perspective. They're not exactly selling people into slavery.
The solution to the problem of them being "in" with congress is to give congress, and the government in general, less power. Power is abused. Always. This seems to be a pretty good example of that.
Reference?
Foot, meet mouth (Score:5, Insightful)
But that they have a big fat pipe dedicated to conducting DOS attacks? Jesus F. Christ, that's like saying that I have a car dedicated to running down pedestrians I don't like. If that's not a confession of premeditation, I don't know what is.
To put it in perspective, the western criminal system (as far as I understand it, and IANAL) tries, or theoretically should try, to establish the degree of intent (or "mens rea" = "guilty mind") in an act. So for example, if a shingle off my roof fell on the a passerby's head, although what happened is the same and the guy is just as dead, you can have very different punishments based on the nuance of being classified anywhere between "direct intention" (I actually intended to have shingles fall on him/someone) and "criminal negligence" (I had no flippin' clue that the roof is in that bad condition, though a reasonable person should have foreseen and inspected it regularly.) The worst you can do is not only go for "direct intention", but also basically say, "oh yeah, it wasn't a momentary act of rage, it was planned all along."
So these guys have basically been paying all along for a pipe _dedicated_ to breaking the law? They actually had a plan to break the law, and month after month paid the bill on the resources set aside for only that purpose? Geesh. I hope that a few executives land in state jail there.
Re:I CONFESS!! IM GUILTY! Can I get off the hook n (Score:5, Insightful)
Because they have gotten away with it for near a decade, even though many have pointed out the illegality of it.
And they expect, once again, to get away with it.
And because, this will become even more fuel for them (and the **AA) towards pushing making P2P software entirely illegal, regardless of it's use. Does this last section make sense? No? So what? Do you really think it has to? Look at their other arguments for making P2P illegal - do they make sense? Didnt think so. ;-)
And of course, because it will help them push forward the pending legislation that would make their actions (whatever they are) legal - irrespective of current law.
So... I think it makes perfect sense - at least from their twisted viewpoint.
Not only shamed, but pied as well (Score:5, Insightful)
Sheesh.
Re:I saw its time for a little civil disobediance (Score:3, Insightful)
Not nearly so despicable as a government that ignores the rule of law for those who curry its favor and provides no legal means for those wronged to secure justice. We'll see what happens with MediaDefender, but I severely doubt anyone will be held to any meaningful degree of responsibility over this.
Re:Not only shamed, but pied as well (Score:3, Insightful)
Though I'd compare a DOS more to a mugging than a pie in the face. That attack disrupted Revision 3 quite thoroughly for a while, and even knocked off their other servers.
But what I'm saying is: now imagine that, as a private person, John Doe goes to trial for something like that: John Doe was breaking into a house, the owner woke up and found him, and John promptly knocked him out. And it turns out that John Doe had bought a blackjack just for that: to whack anyone upside the head if they catch him red-handed. And carried it with him around daily. And made no secret as to why, and what it's for. He didn't just panic and punched the guy, but had planned all along what to do, and had the tool for it ready in advance.
I'm thinking you wouldn't find many judges sympathetic to John Doe in that case.
And at any rate, I'm saying it gives some insight into John's psychopathic little mind. He... doesn't exactly look like a likable guy there, to say the least.
Re:I saw its time for a little civil disobediance (Score:3, Insightful)
Re:You forget, theyre the "darlings" of congress. (Score:4, Insightful)
Not exactly, but threatening a lawsuit that will result in someone owing money to them for the rest of their life is a little too close to indentured servitude for my liking.
Re:above the law? (Score:3, Insightful)
Usually when that happens, it's because someone tried to save someone else's life or defend his own.
But since this is all about tort and not about saving life and limb, it's more likely for the judge to say to MD that "You don't do that in civilized society. That's what this courtroom is for."
--
BMO
Into a crowd (Score:1, Insightful)
I mean, we could have a contest. Find the most sensitive servers you can to get MediaDefender to false positive. Banks, hospitals, schools, seems like under the right circumstances any these may be open to attack. After all, if it can happen by chance, there's more than likely some avenue to coordinate exploitation.
This whole thing is sort of surreal. It's a frigging felony with collateral network damage, and they're more or less firing blindly into a crowd.
Re:Fry. (Score:1, Insightful)
If I broke into your house and put worthless objects labeled as being someone else's stuff in your room, then waited until you came home and then smashed all your car windows with baseball bat while screaming "theif" and your stood by in confused amazement, and then after I got done with that called the cops on you about the stolen property in your room... how nice would that be?
Re:Mediadefender is the Punisher (Score:5, Insightful)
Re:Mediadefender is the Punisher (Score:5, Insightful)
What do we have here ? We have evidence, a confession, and implicit admission of guilt (their system is designed to blast servers). What are we waiting for ? Jesus ain't coming back, so we're going to have to purge these bastards ourselves.
Re:Mediadefender is the Punisher (Score:5, Insightful)
And then there's the part where they openly admit to using DoS attacks against trackers. That part is really brilliant. I'd like to see what law they're looking at where that's a "grey area".
Re:You forget, theyre the "darlings" of congress. (Score:4, Insightful)
Nobody in the US has ever been arrested for downloading music.
Copyright infringement is a civil matter, and so far the **AA has always correctly handled it through the courts.
How is the **AA violating anybody's privacy? My understanding was they put fake listings on tracker sites, and sued for copyright infringement when people attempted to download from them. It's a bit of a leap to assume an IP identifies a single person, but it's usually correct. I'd almost agree with you if they were actively infiltrating Tor networks or using man in the middle attacks against SSL connections, but convincing idiots to download and share files with them isn't a privacy violation in my book.
Besides that, the internet in general is public. traceroute shows 12 machines between me and slashdot, and any one of them can monitor, log, or otherwise view my traffic at their whim. For better or worse, anonymity on the internet usually assumes the other person isn't trying very hard to find out who you are.
Re:Fry. (Score:5, Insightful)
Retaliate is not the word I would choose, but things you can do...
1) Be nice and professional, but write your congressmen, senators and governors and tell them how you feel about the issue.
2) Write the transit providers that provide peering agreements with MediaDefenders service provider. Their service provider and the transit providers that peer with their service provider are supporting their actions indirectly. If their service provider refuses to continue service with Media Defender then they will be forced to move. If other transit providers refuse to peer with their / or a service provider that supports their actions, their service provider will be forced to change their business position or go out of business.
3) MediaDefender is primarily funded by copyright holders, the irony being that the copyrighted works have absolutely no value if there is no demand. If XYZ studio, producer or artist employs the services of MediaDefender, do not purchase their products. Simple.
Re:Mediadefender is the Punisher (Score:5, Insightful)
Re:above the law? (Score:3, Insightful)
In practice, this situation didn't come up much and I think most states have dropped it. They leave it to the prosecution's discretion in dropping those charges.
BTW the canonical example is probably assaulting somebody in order to stop/prevent a rape. This might sound like a no-brainer, but what if the would-be rescuer misread the situation? This has happened and it's always messy.
Re:Mediadefender is the Punisher (Score:5, Insightful)
Re:You forget, theyre the "darlings" of congress. (Score:3, Insightful)
Of the tens of thousands of lawsuits the RIAA has filed, the vast majority have settled because the defendants were guilty. You don't hear about those cases because they're not very interesting, don't make the RIAA look bad, and they go against the group think on sites like Slashdot, Digg and Reddit.
Making a few mistakes doesn't mean they lose the right to defend their copyright.
Re:Mediadefender is the Punisher (Score:3, Insightful)
Or you'd have the police come and take you away.
The access and the DoS are illegal (Score:2, Insightful)
And DoS is illegal even for government. Courts will never issue a warrant to enact Dos. Doesn't matter if the target is hosting government secrets or kiddie porn.
Jon Doe fishing (Score:1, Insightful)
They then use the name in a civil case.
At best your statement is a half-truth. Which is still half-lie.
Re:Mediadefender is the Punisher (Score:3, Insightful)
Ok - read your post.
The solution is to get Mediadefender's provider(s) to block the packets at source or, as I suggested further up, to deploy a few ounces of Semtex (or C4 if you're that primitive) on the fibre from each of MD's colocation sites.
Realistically, if I was running a co-lo site and someone complained about a DOS attack, I'd block all outbound traffic from the relevant servers as a matter of courtesy until the owners explained themselves.
Re:You forget, theyre the "darlings" of congress. (Score:2, Insightful)
Re:You forget, theyre the "darlings" of congress. (Score:3, Insightful)
People don't "settle because they're guilty". They settle because
it's far cheaper to settle than to defend. We see this bullshit with
patents all the time. We have obvious and clear examples of why your
principle is clearly wrong.
So why do you choose to apply it to individuals where it is obviously
bogus for corporations?
Another citizen vs. corp double standard?
Re:I CONFESS!! IM GUILTY! Can I get off the hook n (Score:3, Insightful)
The same can be said for much of what a government does. They're not out to get you...they're just morons
Coming in Late, but... (Score:2, Insightful)